last executing test programs:

18.905688483s ago: executing program 1 (id=242):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = syz_mount_image$fuse(&(0x7f0000002340), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000022c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000002140)={0x50, 0x0, r2, {0x7, 0x27, 0x0, 0x14a4014}}, 0x50)
read$FUSE(r0, &(0x7f000000b040)={0x2020, 0x0, <r3=>0x0}, 0x205b)
write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r3}, 0x10)
open_by_handle_at(r1, &(0x7f00000021c0)=ANY=[@ANYBLOB="1c0000008100000000000000"], 0x0)

18.643026173s ago: executing program 1 (id=243):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)={0x1, 0x0, [{0x4000ff00, 0x3e158d1e, 0x688, 0xfffffff8, 0x7}]})
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000200)={"db859069e7fba20fded01f97770378c53d96b3a044b654ad95c460fc1b236cc0a4e55e0398f25518b9f780fcf692f8621ed7fe3d33ffeb12febd0a65a20885441c9e1398fa87f317b6ace1676074e5c1a16b4ef14c5d1a561d817e93cbdb9b3de83ecc26e294938d93bd9008bf03c38ab1bb186951b492c2327266d8ec841b6ec85894dd6733b6f71bea1ad187815e952d93192a724c7eab971bcbb1a3d2f6afec51168987cea8c844b6973527a2e5425e5c2f8a05b00ada56db6017888aa558648dc221d34d9373e78717dded3370ce4f43cb8fc083b92f289e73763e1aab1a790a4f7cc32ca3a31c5669e160c2fabecbc4a2aa5735f456ff1385e7728ef0b85bd1f0787ef1b5369509ffda5b5e70dc063e728d5f550bcd9d96549c25a251c704eaa92cf980d36e4126b5b1839b7726a8cb382ccf905ddb4497f8d027d151412af35cd977a38ff8c42185ae734886914c532e64b78a09203972966023b6b439ed59e5b92e0b879801c3686c7d7dc59e5617ceed6a3907486d78414bb1a5e9894951f5f21c30554171a60e9756aa5eb4379b72e5541c463818c1af308e80c1d721e28a5098bee539ab31dc5bb9a54afa264cea80dbe17a0ad3108dfa1fea6bbe3ce7bf41d58e1c01904110d75f5488d9b5119543fe33a00b2f01c4343df4e9708ecdb25f19fb7ae9b7af57f1054992d71bc38f6d3f29e490e2b88ce712536804a1897073a55e941dece2fae6b326405e10e21d94a7cd15dc5ccda426eedf06fc565343dadaa76def89e7de13806a672887db4c1211edf00af28a8a06dac5425ff6c51bc9451154e0a94d003ac97770c3e6cbe88db21d6096214e665aa124a66216ddbc15605999e8f0580a0d649b7cf1cfa0f92a6f82b81d5d62bf8390e93e6984b51b66e0c051c13fed7437dda9070860478e28f1084253fe7c0bb1a0dbee7b524b346d6c4733fde5f92910a47341624270d4d6adb21503ba2ac4a73754e23239f372cd156e6e0ec864184dfee3751d79555110f567504f74f619fd5b7ac351314aeefc77b42abbf649d34cb69b8a1603a7f825ab98a712048361fbc3fcf87e29314d163ce7f229467aeeb48af895c660d1137524b038eaf84cf98271597ea5ecd203f0e13a40fc6373aa92595fae553f21e2035e94d6968efc5e1d2e2b85e132d657103eb4910d615b6cebc8d5830e23996f73fe396754f42f3572c9b930cb95d643677f6853f69f2129c1b81201ada0886b1b6b6b27377f45f52fb0b56380dc79ccf2ab43f1f9431214421e0810e634bde1ebf73e9c965837be9b092fea31fcbd2106cc81000775832a7ff9266c3bce81b0ebf776676c707b5a4cc758ad2fbb282903e1354b17c623974224fcf3394a08e0dd071cb6db860ab0c9f2e76cbe6e6f476e414ba9c2f5828e6fa7ba2ffaeda42f4219beed437da67961cc7772ac"})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x8e, 0x88, 0x5, 0x20, 0x8086, 0x9500, 0xb6d8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0x15, 0xcc, 0x1c}}]}}]}}, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000380)={&(0x7f0000000100)})
pwritev2(r4, &(0x7f00000001c0), 0x0, 0x8, 0x4000000, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x4a7a, 0x75ea, 0x2, 0xffffffffffffffff})

14.178236655s ago: executing program 1 (id=254):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
socket$inet(0x2, 0x801, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
flistxattr(0xffffffffffffffff, &(0x7f0000000140)=""/36, 0x24)
syz_emit_vhci(0x0, 0x7)
syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @random, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @multicast1}, @timestamp={0xd, 0x0, 0x0, 0x4, 0x1, 0x4, 0xbb, 0x8}}}}}, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
preadv(r1, &(0x7f0000000500)=[{&(0x7f00000000c0)=""/59, 0x3b}, {&(0x7f0000000280)=""/146, 0x92}, {0x0}], 0x3, 0x5, 0x4)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04ff8b38ec32c4dc186aad8814a428cf1918be2864364dcbaad5617ce9f6c8fc223cbecb2fb73fa53447826afed3c185569bc1dab7bf13cad0174138094cc9"], 0x8e)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
r4 = gettid()
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r5, 0x0, 0xc, 0x0, 0x0)
sendmsg$unix(r3, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@cred={{0x1c, 0x1, 0x2, {r4, 0xee01, 0xee00}}}, @rights={{0x14, 0x1, 0x1, [r3]}}], 0x38, 0x800}, 0x40800)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000200)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000140, 0x0, 0xfeffff07, 0x200000000170, 0x2000000001a0], 0x0, 0x0, &(0x7f0000000140)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)

11.538919152s ago: executing program 1 (id=257):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000280)='./file0\x00', 0x2008412, &(0x7f0000000500)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRESDEC], 0x1, 0x553b, &(0x7f00000024c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00')
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$MRT_INIT(0xffffffffffffffff, 0x0, 0xc8, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
getpid()
sched_setscheduler(0xffffffffffffffff, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r2, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0xb4, @dev={0xfe, 0x80, '\x00', 0x36}, 0x9}, 0x1c)
listen(r2, 0x100101)
setsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f0000000000)=@srh={0x62, 0x0, 0x4, 0x0, 0xf9, 0x28, 0x401}, 0x8)
accept4(r2, 0x0, 0x0, 0x80800)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="180000001600010a000000e65d"], 0x78}}, 0x0)
recvmmsg$unix(r3, 0x0, 0x0, 0x2, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000040)='./bus\x00', 0x3a21820, 0x0, 0x0, 0x0, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000e00)='.\x00', 0x0, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
r5 = syz_usb_connect$hid(0x1, 0x1f, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_ep_write(r5, 0x81, 0x0, 0x0)
bind$alg(r4, 0x0, 0x0)
socket$inet6(0xa, 0x80002, 0x0)

9.637009341s ago: executing program 3 (id=261):
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="400000000c06010100000000000000000500000205000100070000000900020073797a3200000000050001"], 0x40}, 0x1, 0x0, 0x0, 0x10040}, 0x2) (async, rerun: 64)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4800007) (async, rerun: 64)
ioctl$sock_kcm_SIOCKCMUNATTACH(0xffffffffffffffff, 0x89e1, &(0x7f0000000340))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x5, 0xe4340000, 0x0, {0x2}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 64)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x60, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10000042}, 0x90) (rerun: 64)
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, @none}, 0xa) (async)
getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, &(0x7f0000000300))
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810) (async)
syz_usb_connect(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100004106cd40cd060f011bd5000000010902"], 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0) (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

9.442921927s ago: executing program 3 (id=262):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) (async)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$FUSE(r1, 0x0, 0x64) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0xfffffffffffffbfe, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
syz_open_pts(0xffffffffffffffff, 0x141601) (async)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
r7 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r7, &(0x7f0000000000)={0x1d, r6}, 0x10)
setsockopt$CAN_RAW_FILTER(r7, 0x65, 0x1, 0x0, 0x0) (async, rerun: 32)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), r8) (async)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x3}, {0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8041}, 0x40044) (async)
ioctl$NS_GET_USERNS(r4, 0xb701, 0x0) (async, rerun: 32)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0) (rerun: 32)
r10 = dup(r9)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) (async)
write$tun(r0, &(0x7f00000003c0)=ANY=[@ANYRESHEX=r4, @ANYRESHEX=r0, @ANYBLOB="b90a2fe6573ffbe830d107f8a6bd86a08cb9684557703d0616f9e77a00df4b6ecd17fb07ba3c8550bfa41b4e7afe674775392b21a4d5d7b0ff783b17d1c8ccde2a938bb9733e640b85d3e4ac2d9bd2675beee46c66568a4c40d4b8c7fb2db58548b619090552185ac98ac2606f6119e739e9c1a0550ea9b2bd73fc", @ANYRESOCT=r0, @ANYRES32=0x0], 0x16) (async)
socket$inet6_sctp(0xa, 0x5, 0x84)

8.839441654s ago: executing program 3 (id=264):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x16, 0x8, &(0x7f0000000380)=ANY=[@ANYRESDEC=r0, @ANYRESOCT=r0, @ANYRESHEX], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x54, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x89}, 0x0)
io_getevents(0x0, 0x3, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000000301010400000000000000000200000024000180140001"], 0x38}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000500)=@abs, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000580)=""/9, 0x9}, {&(0x7f00000005c0)=""/57, 0x39}], 0x2, &(0x7f0000000740)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x128}, 0x10000)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000440)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000e40)=[{{&(0x7f0000000880)=@file={0x1, './file0/file1\x00'}, 0x6e, &(0x7f0000000980)=[{&(0x7f0000000a00)="6be39cda0d41310b66d51eac643d042afb7ebdf3e4ea98f79f8395e16ac3ce169fbe854a3f0ea43faa7d0696c6af8028063169fe1a5b0d0b8f4f727e10d01d87a129f5dca18481794e3abe064d78eb25b34b3859946a2c28470595fefb3949276c76480b8527845bce1dcfd20a9f10e30f5e3e607a6461a0b368debeb2d3810a813afb325686f12e454bb19f53e5c65700416164891fafec6862c8eb1a35b597ffa2efe08e760cd2b09d17c8acf9c17def9e1487046e7932e3064a609c6a77ce808dc978ecb6fa30dc70c05e07d5e58829010a9ae4876a38bc75adc4ce48406fd6068afc21adb0652baf25b06e1620d61a2c", 0xf2}, {&(0x7f0000000940)="454b159449ec55088e729e3ce321824b22df77a599737638c1f5eb707020bc45ebd958041931207a057e343516b25f4f8ef611ae2469c6b5c48a", 0x3a}, {&(0x7f0000000b00)="57b13feb85a31da54b6ac86be031ff4eeba4a5d2dcaedaf9aef199e4314954771e19d9184450712db3bb21eab47ac0e2fd237a4fc35cfac7b0fd7cb038c19271990ac88a7e8ad894a8a36751d709a767a605c0c6e75554ce3c94fa414bfe2cc739792b09d8c15723d0839e3072c18fdf51b6199994e0b6b7cd9fadef074d250c4e4444e82f4c69d1eab2c52798ce6ce55b291cfcacda5d9cd4f0", 0x9a}], 0x3, &(0x7f0000000d00), 0x0, 0x20049000}}], 0x1, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f0000070000"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000c00)='jbd2_checkpoint\x00', r7}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r6, <r8=>0xffffffffffffffff}, &(0x7f0000000280), &(0x7f0000000300)=r7}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r8}, 0x0, &(0x7f0000000080)=r7}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
unshare(0x60400)
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file0/file1\x00', 0x4068, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000004c0)='./file0/file1\x00', 0x0, 0x0, 0x1, 0x0, 0x0)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x121542, 0x60)
fsync(r9)
utimes(&(0x7f00000001c0)='./file0\x00', &(0x7f00000003c0)={{0x77359400}})

7.227132131s ago: executing program 2 (id=268):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x22b, 0x19, 0x1, 0xfffffffc, 0x10, {{@in=@broadcast, @in=@remote, 0x0, 0x0, 0xffff, 0x2000, 0xa, 0x80}, {0x0, 0x0, 0x0, 0x9, 0x8, 0x0, 0x7fff, 0xfffffffffffffffd}, {0x1, 0x9, 0x80}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3}, [@tmpl={0x184, 0x5, [{{@in6=@loopback, 0x4d4, 0x32}, 0x0, @in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x0, 0x0, 0x12}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x33}, 0x0, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x7}, {{@in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x4d3, 0x32}, 0x0, @in=@broadcast, 0x800000, 0x3, 0x0, 0x0, 0x0, 0xcff3}, {{@in6=@rand_addr=' \x01\x00', 0x0, 0x3c}, 0xa, @in=@private=0xa010101, 0x3504, 0x2, 0x0, 0x1, 0x6, 0xabf}, {{@in=@broadcast, 0x4d4, 0x2b}, 0x0, @in=@loopback, 0x3505, 0x0, 0x0, 0x80}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x2b}, 0x2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffffe, 0x4, 0x0, 0xfc, 0x1}]}]}, 0x23c}}, 0x0)

7.184281295s ago: executing program 3 (id=269):
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaf4, &(0x7f0000000e00)="$eJzs3V2IXFcBAOAzszv7k6RmUhO7prFNrLb1p5tmd40/wSYlQTA0RXwpBF9CmtZgjGAFtRRM8uSbLSWCT1bxqS+limBfJPTJl4INFKH4UH3wwRCxIKLRZMrOnjM7czKTO7M7O7O7831w59x7z7n3nHvnzp37e04ARla5/rmwMFMK4fIbLx/7+4N/m14cc7iRolr/HG8aqoQQSnF4PJvfe2NL4c33XzjdLiyFufpnGg5PXm9MuzWEcCHsDVdCNey+fPWlt+aeOHHx+KV9b7966NraLD0AAIyWr105tLDrL3+8d8eN1+47EibT6MWe+vF5NY7YFo/7j8QD/3T8X45haXJ5nqWm+GQitE43HrvydGu6sTbpmvOpZOnGs/Qp74ks/0qHdJPhzvmPNY1rt9ywkaXtuBpK5dmW4XJ5dnbpnDzUz+snSrPnz5575rkhFRTou3/dH0LY29QdvdQ6vN66wyuetrRWZaofW3SRrjbsdbdRuyODy+tGbcnQl3lAXW37sPdAAEvy+4W3uZBfWVidxtzGu8v/+uPl9tNDHwx6++8p/4kh5x9GPP/8YiWs0mb9/0rLlX5H2+Jwfh8hf36p8++vnM25dWx+P6LSZTk73UfYKPcXOpVzbMDlWKlO5c+3i83qyzFM6+GxLL7595N/pxvlOwba+09+/V+n061ZV+nHfELLcGU186oNef8DrF/5c3O1dH80yp/ry+MnC+KnCuKnC+K3FMRvLYiHUfab7/0kvFhaPs/Pz+l7vR6errPdFcMP9Vie/Hpkr/nnz/32arX5u0TPRvK7U0+d+cLTJ68uPf9famz/t+L2nk43qvG3dSUmSNcL8+vqjWf/q635lDukuzsrz11t0tf7d7amK+1cnk9o2s/cVo6Z1um2d0q3pzVdNUs3HbuprLz58cmWbLp0/JH2q2l9jWfLW8mWYyIrR9qv7IhhXg5YibQ9dnr+P22fM6FSeubsuTOPxuG0nf5hrDK5OP7AgMsNrF637//MhNb3f7Y1xlfKzfuF7cvjS0v7hdfj/FrHzzXyaR0/H4fT/9w3x6br42dPf+fc0/1ffBhpz/3w+W+dOnfuzHd77Fk8Hu19qjv1zE+H0NcZDqznK+WwHorRS086bVkv5dGz7nqGvGMC1tz+Hy0dBDxy9tunnj3z7Jnz8wcPzs/NHfzi/ML++nH9/uaj+2YXhlBaoJ+W//SHXRIAAAAAAAAAAACgW98/fuzqO29+/t2l9/+X3/9L7/+nJ3/T+/8/zt7/z9+TT+/Bp/cAd7SJr6fJKlidyNJVYvfhrLw7s3x2ZdN9JIaNdvzi+/8pu7xe11See7LxlQ6DWXUCt9WXMpHVQZK3F/jxGF6K4S8DDFFpuv3oGBbVb5229VQ/RVO9FDX1A28c6XtLW0OqxyS9/922XqemL3vHAMpI/w3idcJhLyPQ3j9Gqv7vfy4v+NDLouvcjaf+6kDy+9nobhO1jkfp3bZgA9Afw27/M133TOH53391arFLya4/3rq/zOsvhV786Z3W4XXd/uQA8s/b7Rt0/sNY/qke8v/Vxf7m32j/Ltv//TmOvn3/19JiXvuLx13478+vvduUbdjd7f43X/5UD/TO3vK/EfNPS/NQ6C7/2i+y/PMbQl36X5b/li7zv23596ws///H/NNqe/iBbvOvl3gylFvLkV83Tvf/8uvGyc1s+VPdnnfI/+vPt1v+FTbUeCvmD6Nso7Qz26vsOKJx0L7y9n+jC/1t/7dR2Gy3lj+H8bk4nHbE6TmHvL2TXsufnq9I/wO7svmXCv7ftP+7sX0phkW/h9T+b9oeq/Evv2m4vi7TcKXNut2s+xrYqN5b6/t/8/+u1dbBfY6+dSfXPI+poS/juu+OrHoerzzWt/LUxlYwXaOduCGvy1qttrYX1AoMNXOGvv6HfZ4w7PyHvf6L5O3/5sfwefu/eXze/m8en7f/m8dPx2+oU3ze/m++PvP2f/P4e7L55u0DzxTEf7Qgfnf7+MZp+70F0+8piP9YQfy+RvzhlhQp/r6C6e8viL+7IP6BgvhPFMR/siD+wYL4h5vim9uATvGfKph+s0vvo4zq8sMoy9/P8/uH0VG//9PUaH3++0/3hewfYPP56WsHjp789TeqS+//TzSuh6T7eEficCWeP/0gDuf3vUPT8GLcm3H4r1n8er/eAaMkrz8j/39/qCAe2LjSc15+3zCCSlPtR8ewqN6qTsf5bCyfjuFnYvjZGD4Sw9kY7o/hgRjODah8rI2jr//20Iul5fP97Vl8t8+Tl7L3gVrqiQohzHdZnvz6QK/Ps+f1+PVqtfmv8HUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAoSnXPxcWZkohXH7j5WNPnTi7f3HM4UaKav1zvGmo0pguhEdjOBbDV2LPzfdfON0c3ophKcyFUig1xocnrzdy2hpCuBD2hiuhGnZfvvrSW3NPnLh4/NK+t189dG3t1gAAAABsfh8EAAD//9SuCeg=")
r0 = syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='rpcgss_upcall_result\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000000100)=ANY=[], 0x1, 0x2fa, &(0x7f0000001900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOl0hpbpQClUivD9JGQOc+5p7+2U5Nymw9ad148LOUvL6RUJxpQERES2RUYkKK6AcwzacVRavZCLg98+/n/r7r0b6UxmckapqfTspZRSanj03ZNncWfY+oBsjjzY+pr6svn35r9bP2cf5S2Vt1SxVFG6mit9ruhzpqEW8lZBU2raNHTLUPmiZZQb+VIjnzNLi4tVpRcXhhKLZcOylF6sqoJRVZWSqpSrKvRQzxeVpmlqKCHoJLsyM6OnD1k83+PJ4Dcpl9N6SETibZnsSl8mBAAA+srb/wdF9bL/Xz23URm8vTbs9P/rUb/+//KnxmMZSpr9f0xEfPt/9/l9+3+9u/6/vSM6W47U/+NkGI22nQo0w3qynNYTzt+v7eX91TE7oP8HAAAAAAAAAAAAAAAAAAAAAOBPsF2rJWu1WtI9uj/1XExEWn/3CInI1eOfMXppr+s/0Pn64xRo3rgXHhYxXy1ll7KNozNgQ0RMMWRMkvLDfj846rF755GqG5H35rJTv7yUDdmZdE7ydv24JCPira/Vpq5nJsdVw+76iCRa61OSlL/861O+9VG5cL6lXpOkfJiXkpiyYM+jWf98XKlrNzOe+rg9DgAAAACA00BTO3z375q2V75Rv7O/9n4+EGrur8d89+dh+S/c37UDAAAAAHBWWNWnBd00jfI+QVw6j2kEkQOM8QbhbgZ3Ebgr9KQGRPyX436XocfTOFjgPvmuVMw52fOXJdD+snQbBOUwVaP11aijrsL92GivMTI9cfxX0A7+efP2e+8e8MparMNKDx+E9n8DRJyvfwEAAAA4RZpNv3tmor8TAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDDqO/47W7zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8WvAAAA//9QvQLH")
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x24c, &(0x7f0000000840)={0x0, 0xaee7, 0x400, 0x3, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x1, 0x0, 0x34, 0x1, 0x0, 0x6, 0x0, 0x0, {0x2}})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000440)=@nat={'nat\x00', 0x670, 0x5, 0x360, 0x1c0, 0x310, 0xffffffff, 0x268, 0x268, 0x310, 0x310, 0xffffffff, 0x310, 0x310, 0x5, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8, 0x48}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1, @rand_addr=0x64010100, @remote, @icmp_id=0x65, @port=0x4e24}}}}, {{@uncond, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@addrtype={{0x30}, {0x96, 0x0, 0x1}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x7d4, 0x4, 0x2939, 0x2}}}, {{@uncond, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x8, @multicast2, @multicast2, @gre_key=0x4, @port=0x4e20}}}}, {{@ip={@remote, @local, 0xffffff00, 0x0, 'veth0_to_team\x00', 'batadv0\x00', {}, {0xff}, 0x62, 0x3, 0x8}, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x1, @empty, @empty, @icmp_id=0x64, @gre_key=0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000bc0)={{{@in=@loopback, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x2, 0xfffffffffffffffb, 0x8, 0x8, 0x4}, {0x4, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x3f}, 0x80, 0x32}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x8}}, 0xe8)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, 0x0, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
r8 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r8, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)

5.046988553s ago: executing program 1 (id=271):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
syz_usb_connect$cdc_ecm(0x2, 0x5a, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000102505a1a440000000010109024800010106000009040000ff02020000052406800005240002000d24"], 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x1, 0x90c1], 0x0, 0x0, 0x2}}, 0x40)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000580)=ANY=[@ANYBLOB="1801000021000000000000002b810000850000006d000000850000000500000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d80)={&(0x7f0000000d40)='mmap_lock_acquire_returned\x00', r2}, 0x10)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x195})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x1})

4.672801562s ago: executing program 2 (id=272):
syz_mount_image$reiserfs(&(0x7f0000001100), &(0x7f0000000040)='./bus\x00', 0x2, &(0x7f00000000c0)={[{@jqfmt_vfsold}, {@usrjquota_file, 0x4}, {@acl}, {@data_journal}, {@usrjquota, 0x3d}]}, 0x2, 0x110f, &(0x7f0000001140)="$eJzs2LFqFEEYB/D/7B2Y7mTTL4IWFhISzs4qRYRrrW0kpDJVrooI4rv4OJLKPuQBLAKWwshusp5IIGAuhoPfD2Z3+OabmW/KmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCVV/1nu0naMdIkKUnXnS0uknRj/PHXSZOSN0eL5cHJ/PUyyWRIL33rZ/XT0u493Wrn7bzda19u7z9rl6cf3r87Pj46uV6mpMv55foPUq7rudHW+vcDAACATVHvbPb3ktP/uz8AAABwm7U+JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8gzpb9dskP2utaZKUpOvOFhdJuocsEAAAALizkiZvZzfFMzwDrLzIt1kZ4mP7Ufqc3XwZ5j9apR429184AAAAbJTprRnlj/v480xTa/00jj3JNDs7V/3+1w98308mpwfZ/X0n/zx8zy8/Ho6t1Mk9nQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXO3BAAgAAACDo/+t2BAoAAAAAAAAAAAAAAAAAAAAAAB8FAAD//6zC3aE=")
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3854052, 0x0, 0x0, 0x0, &(0x7f00000000c0))
syz_open_dev$ttys(0xc, 0x2, 0x0)
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, 0x0, 0x24000000)
io_setup(0xce, &(0x7f00000001c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{0x0, 0x11}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x172)
mkdir(&(0x7f0000000040)='./file0\x00', 0xae)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2)
mkdir(&(0x7f0000000180)='./file1\x00', 0x9b)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)

2.977670085s ago: executing program 3 (id=274):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000005c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x4}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000240)={0x1f, 0x0, @any, 0x4, 0x2}, 0xe)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000600)={0x0, 0x0, {}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})

2.761936233s ago: executing program 2 (id=275):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20040040) (async)
socket$alg(0x26, 0x5, 0x0) (async)
r0 = socket$inet6(0xa, 0x3, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @mcast2, 0x4}, 0x1c) (async)
setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f00000008c0)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x14) (async)
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000040)='./file4\x00', 0xa18c14, &(0x7f0000001140)=ANY=[@ANYBLOB='shortname=lower,shortname=mixed,shortname=win95,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c757466383d302c636865636b3d7374726963742c73686f72746e616d653d71696e39352c756e695f786c6174653d312c73686f72746e616d653d6d697865642c756e695f786c6174653d312c756e695f786cff74653d302c646d61736b3d30303030303030303030303030303030303030303030342c696f370b00007365743d69736f383835392d31342c00"], 0x89, 0x29b, &(0x7f0000000580)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==") (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SET_PDEATHSIG(0x1, 0xcaa)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB="600000001000391e000000000000000000000000fd3d48f49a6848a35d568b23952837cb1fb80e8fc509e8b442ee2ee07bde9aa7effb9d07130e009cef7de87c4da86be623ac01cd58f083737c246eb46a3284123c09db462e5d11384d3b30b6599c9395ec065ae9", @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800b000100697036746e6c00003000028014000200fc020000000000000000000000000000040013001400030020010000000000000000000000000001"], 0x60}}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_sctp(0x2, 0x1, 0x84) (async)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x33, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e28, 0x3, 'dh\x00', 0xa, 0x2, 0x69}, 0x2c)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4004)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f0000000540)='./bus\x00', &(0x7f0000000680), 0x0, &(0x7f00000006c0)={[{@uuid_on}, {@verity_require}]})

2.719922656s ago: executing program 0 (id=276):
r0 = socket$inet(0x2, 0x3, 0x5)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00', 0x7, 0x4, 0x3c0, 0x1f0, 0x1f0, 0x2d8, 0x2d8, 0x2d8, 0x2d8, 0x4, 0x0, {[{{@arp={@multicast2, @empty, 0x0, 0x0, 0x3, 0xe, {@empty, {[0xff, 0x0, 0x0, 0xff, 0xff, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0x0, 0xff]}}, 0x4, 0x5, 0xfff8, 0x91fe, 0x3, 0x0, 'bridge0\x00', 'veth1_to_bond\x00', {}, {0xff}, 0x0, 0x80}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x0, 0x81, {0x9}}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0xff00000000000000}}, @unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x1, {0x82, 0xfffa}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3ae)

2.483184174s ago: executing program 0 (id=277):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x5c}, [@ldst={0x5, 0x3, 0x0, 0xa}]}, 0x0, 0x5}, 0x94)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x20, 0x81, 0xffffffff})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079102800000000007b0a00ff000000009500740000000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport}, 0x21)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f6465636f6d706f73652c756d61736b3d30303030303030303030303030303030303030303031302c63726561746f723d917ff2342c666f7263652c6e6c733d6b6f69382d752c63726561746f723dab9643f32c6465636f6d706f73652c666f7263652c6465636f6d706f73652c00f269cce791d4f7eac9d5176d"], 0x2, 0x6a7, &(0x7f0000000f00)="$eJzs3U1oHOf9B/DvrNcrrf/gKInj+F8KETGENqa25CW1C4W4pRQfTDHtJVdhy7Hw2gmyUpxQ6nVfoaeeSg49pBT3kFMppZCeStNzodBLT74beuvBh7YqMzu7Wq3WsuS3VZLPB0bzPPvM8zy/+Wledkc2G+Az6+wb2d9LkbPHzt0o63dud7p3bneuDspJZpI0kmZ/laKdFB8nZ9Jf8v/li/Vwxf3mee3uR0Xz/Q87/VqzXqrtG9v122Lilr1kdljZl2S+X/z3jofdMl61VONc2BjvIRXDuMuEHR0kDqZtfYveRmPjgd13ft4Ce9bN/n1zi7nkQPp31/J9QOqrw4OvDNO37bWp9/TiAAAAgCdl4mf5Uc/cy73cyMGnEw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8OhT97wws6qUxKM+nGHz/f2vkO/VbUw73EezfKH77mWkGAgAAAAAAAACP7KV7uZcbOTiorxfV3/xfriqHqp//l3dyPctZzfHcyFLWspbVLCaZGxmodWNpbW11cWvPX6Tsub6+frPueXJiz5Ob4+qNBzrpXxps2QgAAAAAAAAAPrN+kLMbf/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC9oEj29VfVcmhQnkujmWQ2SauYH27emmqwj8Gfph0AAAAAPHnten2w+G+/sF5Un/kPV5/7Z/NOrmUtK1lLN8u5WD0L6H/qb/yt1+neud25Wi5bB/7aP3cVRzVi+s8eJs+8UG3xwrDH2Xwz38mxzOd8VrOS72Ypa1nOfL5RlZZSZK5+ejF353Y7g1i3xntmU+38eGwvjZTL+I5UkbRzKStVbMdzoTUIvVFvd2Rktj+0krEZb5XZKV6v7TBHF+t1uUc/r9d7w1y15/uHGVmoc19m49nRvI/lvmgmuztOxmdaTGP4DOrQxixldfy3/FA5PzCINMlPnmzOd/kobXMmej8ra4Oj7/A2Oa988e9/Pn+5ce3K5UvXj+2dw+ghjR8TnZFMvLijTHTLTPQeIROzjxL/49Oqs9G/iu7uavly1fdgVvKtvJWLWc6pLGQxp7OQr+RkOjk5ktcXts9rda41dneuHf1CXSjvST8duTc9NTP3ayjz+myV15ktV7q5qm30lY0sPbeDLBWtTM7SPyaG0vxcXSjn+OHIHWf6xjOxOJKJ57fPxK/+s57kevfaldXLS2/vcL5X6nV52v5487X5149lh3av3t3yeHmu/GWlf9sYPTrKtucHbWP5atV/cWnWg21qa6U6n/ttDzpTy5EO35o0Ur/txYmzdKq2IyNtm97l5K10h+9CANjDDrx6oNW+2/5r+4P2j9qX2+dmvz5zeubzrez/S/OP+37b+E3jq8Wr+SDfz8FpRwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8G199978pSt7u8ugcLaTzmAW9NbBqkov9Ka2/s+ye1MLPdEfW7JNt0b00j5naSPZG6NJ/CXDOZ0HRu+Eo7aQzjSXJlj3zBHfAknFi7+vaJ6+++96WVq0tvLr+5fO3k6VOvn+p8efHmiUsr3eWF/s9pRwk8CRtvA6YdCQAAAAAAAAAAALBTT+O/N0yYtuhNYV8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAT6azb2S2lyKLC8cXyvqd251uuQzKG1s2kzSSFN9Lio+TM+kvmRsZrrjfPK/d/eiXr7z/YWdjrOZg+8ZYv9//a319l3vRq5fMJ9lXrx9sZkfjXRgZr7fLwPqK4R6WCTs6SBxM2/8CAAD//wWeBrY=")
mkdir(&(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x24)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x200, 0x180)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100030a0000000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x200c405a)

2.197065067s ago: executing program 0 (id=278):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0x5c}, [@ldst={0x5, 0x3, 0x0, 0xa}]}, 0x0, 0x5}, 0x94)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100030a0020000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x200c405a)

1.940741107s ago: executing program 0 (id=279):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000001400110200000000fedbdf25ffffffff000000000000000000000000fc0000000000000000000000000000010000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="c06b6e000000000008001f00000000000c001500"], 0x64}}, 0x0)
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x1, 'dvmrp0\x00', {}, 0xfa70})

1.40305708s ago: executing program 1 (id=280):
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x58, &(0x7f0000000980)={[{@inode_readahead_blks}, {@grpquota}, {@nomblk_io_submit}, {@stripe={'stripe', 0x3d, 0x4ffff}}, {@norecovery}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x814}}]}, 0xfe, 0x799, &(0x7f00000001c0)="$eJzs3c1rHGUYAPBnNp+m1UYQbL00Jy2UbtoaWwWh8SSChYKebcNmG2I22ZLdlCbkYBFBEEGLB0Evnv2oN28ievZv8CIiLVXTYsWDrMx+JJtukm7TTdI2vx9M8r4zs/PMs7Pzvu/uDLsB7FpD6Z9MxIGI+CiJ2Fefn0RET7XUHTFaW+/20mIunZKoVN74M6muc2tpMRdNj0ntqVf2R8SP70UczrTGLc0vTI0VCvnZen24PH1huDS/cGRyemwiP5GfOXFsZOT4yRdOnuhcrn//vLD3+sevPvfN6L/vPn31w5+SGI299WXNeXTKUAzVn5Oe9Cms+b7TUR4MyU7vAJuSnppdtbM8DsS+6KqWAIBHWdr/VwCAXSbR/wPALtP4HODW0mKuMe3sJxLb68YrEdFfy79xfbO2pLt+za6/eh104Fay6spIEhGDHYi/PyI+/+6tr9Iptug6JMBa3rkcEecGh1rb/2TlnoVNOtrGOkN31LV/sH1+SMc/L641/sssj39ijfFP3xrn7mYMRfTWN1fVev5nrq0K2nCqA8Hr47+Xa/e2pYk2jf+Wb1ob7KrXHk8rByNispBP27YnIuJQ9PSdnyzkj20Q49DN/26ut2yoafz315W3v0zjp/9X1shc6+5b/ZjxsfLY/eTc7MbliGe6V+7tu93S/jeOeuv498xGGz64Unztpfc/W2+1NP8038bUmv/WqnwR8WysnX9DsuH9icPp4T9a+7t2jG9//XRgvfjNxz+d0viN9wLbIT3+AxvnP5g0369Z6mz8u+e//Ppf3qH09d+bvFkt99bnXRorl2ePRfQmr7fOP76ytUa9sX6af23Di72xKv+V9i9Zo/1L3xOeazPH7ut/fL35/LdWmv/4PR3/ey9cvT3VtV789o7/SLV0qD6nnfav3R28n+cOAAAAAAAAAAAAAAAAAAAAAAAAANqViYi9kWSyy+VMJput/Yb3UzGQKRRL5cPni3Mz41H9rezB6Mk0vupyX62eNL7/dLCpfvyO+vMR8WREfNL3WLWezRUL4zudPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7Vnn9/9Tv/ft9N4BAFumv2VOpVKpNNdv5jdcDAA8dFr7fwDgUaf/B4DdR/8PALuP/h8Adh/9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvszOnT6VT5Z2kxl9bHL87PTRUvHhnPl6ay03O5bK44eyE7USxOFPLZXHH6btsrFIsXRmJm7tJwOV8qD5fmF85OF+dmymcnp8dOxdl8z7ZkBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3pjS/MDVWKORnH4nCBxHxAOyGQmcLvx35Zf9G61y5y8t4tI1Y/fUT4gFJeecLO9wwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwk/g8AAP//Ez0kyA==")
mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', 0x0, 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x0, 0x887008, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="18000040f319ea3900000000000000000000000000950000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r5 = dup(r4)
ioctl$MON_IOCQ_RING_SIZE(r5, 0x9205)
syz_mount_image$vfat(&(0x7f00000004c0), &(0x7f00000000c0)='./bus\x00', 0x24660, 0x0, 0x4, 0x0, &(0x7f0000000500))

1.402812369s ago: executing program 2 (id=281):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000039000900000000000000400001000000040000000c0001807eff00000547000008000200", @ANYRES32, @ANYBLOB], 0x34}}, 0x0)

1.313455836s ago: executing program 0 (id=282):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = dup(r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x1a, 0x0, &(0x7f0000000080))
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, 0x0, 0x607, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20004080}, 0x24044884)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, 0x0, 0xa000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020032000b35d25a806f8c6394f90424fc602f0009000a740200053582c137153e370248018000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = add_key$user(&(0x7f00000001c0), &(0x7f0000002f40)={'syz', 0x2}, &(0x7f0000000040)='\n', 0x1, 0xfffffffffffffffd)
r9 = add_key$user(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000080)="7f552b84e40eb0d1e0c60392d34009a8d15935f66db347340898c2e0f212f85cad7ac3f784dfae9e2c53707f5981b94efba342bf6ea89c2fe35ff39a38881be90a1e482e8d0fdf58964318951543a417277a0e3a0adb9989076d5c1b9941a2b8f139cca669b9fc683015ab1adb8a060778a9f41e527ecff8fcc5afee883d0c918620145dcdc9103a900628b4581ba106c5d4d7e42f07e2b7a352feab745e52fea48d92fab11fa01ac963d54a1d2152def9dd63ff551d815e8cdb5b15ee48d92293869402490261b96b0184533372867504187bad69376189fff04e78214d6788cbf381cc22912f3dcb50141b917127550140786f6587d4f6e1", 0xf9, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000001080)={r8, r9, r8}, &(0x7f00000010c0)=""/48, 0x30, &(0x7f0000001180)={&(0x7f0000001100)={'sha512-ssse3\x00'}})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)

328.705944ms ago: executing program 2 (id=283):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r1=>0x0})
pipe2(&(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r3, 0x407, 0x0)
connect$unix(r3, &(0x7f0000000080)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
pread64(r0, &(0x7f0000000340)=""/24, 0x18, 0x7fffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000010029bd7200fddbdf2500000000", @ANYRES32=<r5=>r1, @ANYBLOB="184104008f08000038001280110001006272696467655f736c617665000000002000058004001800050009000100000005001b000100000005001c"], 0x58}, 0x1, 0x0, 0x0, 0x891}, 0x4000000)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000400000003"], 0x50)
socketpair(0x21, 0x2, 0x3, 0x0)
r6 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x206)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES8=r5, @ANYRES32=r4, @ANYRESOCT=r5, @ANYRES16=r6, @ANYBLOB="bfe04aec1a2bf59e74a15815d5733e56326e93b18592567626118156169e7ba301eab16b8a79dcaadb71ee31962d312db25dcb8a2fe19cddc156b8c599a44eab98b1"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r7}, &(0x7f0000000740), &(0x7f0000000000)='%pI4   \x00'}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x70, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000840)={r8}, 0xc)
ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0)
r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000180), r2)
sendmsg$FOU_CMD_GET(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0xc1041000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="000429bd7000ff0000060001004e23000008000600ac1414aa00"/38], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x20000010)

297.034316ms ago: executing program 0 (id=284):
r0 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x8d5f, 0x1046, 0x0, 0x264})
pselect6(0x40, &(0x7f0000000340)={0xd, 0xa3cd, 0x6, 0x7, 0x9, 0x3, 0x5, 0x1}, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r0, 0xb, &(0x7f00000000c0), 0x0)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)
r1 = creat(&(0x7f0000000200)='./file0\x00', 0x100)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000250001"], 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x10)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
socket$can_bcm(0x1d, 0x2, 0x2)
r3 = socket(0x2b, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x8000000, 0x0, 0xff, 0x1}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000780)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000080000000000000004850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r8}, 0x10)
keyctl$join(0x1, &(0x7f0000000040)={'syz', 0x1})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0xff, 0x0, 0x4}, 0x20)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r9, 0xffffffffffffffff, 0x0)

179.063096ms ago: executing program 3 (id=285):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x80a02, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x2)
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000080), 0xfd, 0x1104, &(0x7f0000003340)="$eJzs2bGK1FAUBuD/JqtulyXbp9HCQpZdxhfYQmFaW21EtnKrnUrxcXwMH0G3shSW6bUYsI9EE0dkRHBGheX7ILmHk5xzc8t7EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjsJR9L9g+rpJ1yVZKSdN3lfJmkm/IHb+sqJY/O5osHF7OHiyT119fL46QMVUNZ2pPb++2snbUn7f3D0zvvFi9ePn96fn52MbYp6XK12u0y6nHuerdtAQAA4Frot9b85/kBAACA39nZQQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+qbddxOQZWkJF13OV8m6TbU3fhH3wcAAABsr6TKk2ZT/tsxwNq9vG/K9/wwfi5DfJzXG+oBAACAX+pvjcGP/9fLzfV+/G72pn35hzfj86OjcRxuB8mn06ROcvxT86vVq2fTVfr6b68FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOALO3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAD2CgAA//939dhd")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000040)='./file1\x00', 0x1001bfc)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x0, 0x0)
fchown(r2, 0x0, 0xee01)
r3 = syz_open_procfs(0x0, 0x0)
socket(0x10, 0x803, 0x0)
cachestat(r3, &(0x7f00000001c0)={0x6, 0x4}, &(0x7f0000000300), 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1)
r4 = creat(&(0x7f0000000580)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000140)='./file1\x00', 0x10000, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r0, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000100)=[0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x3, 0x2, &(0x7f0000000180)=[0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0], <r7=>0x0, 0xda, &(0x7f0000000340)=[{}], 0x8, 0x10, &(0x7f00000003c0), &(0x7f0000000400), 0x8, 0x73, 0x8, 0x8, &(0x7f0000000440)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x79eee765d6afde27, 0x4, &(0x7f0000000200)=ANY=[@ANYRES32], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x31, '\x00', r6, @fallback=0x2c, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./bus\x00', 0x808008, &(0x7f0000000380)=ANY=[@ANYBLOB="636f6465706167653d757466382c66696c655f756d61736b3d30303030303030303030303030303030303030303030332c696f636861727365743d63703737352c71756965742c008f7881d185c35a6a28ef06c5b85628f12a02248de249c2a338d049166371583781680d171f47"], 0x1, 0x2df, &(0x7f0000000400)="$eJzs3T9v004cx/HPOUmb/lF//rVFSCygQiVYKgoMiCUIZWVnQkCTShVREW2RgIWCGBEPgJ2nwINgAfEEYGLiAXQzuvPZdVLHaaCJ2/J+SYmc893569oX39dSagH4Z91pfv94/ad9GamiiqRbUiCpLlUlndHZ+rPNnY2dTrtV1FHFtbAvo7ilOVBnbbOd19S2cy280H6qajZbhtGIouj2j7KDQOnc6M8RSJN+HLr19THHNSq70vmyYxi37AE2e9rTc82VGA4A4Bjw1//AXyZmXZFREEjL/rJ/qq7/e2UHcLRudA4URYUNMtd/N7uLjD2+/7lV+/meS+Hs+iDJEg8TTK3n84TiM6trgmkGZZUulmBqfaOqlbXXagV6o4aXqbbo3lvxqZsYEO1STm5aoH9vNd2djvfGzSh7JSGtb3Tak3YhJ/6F4bb498xn89XcN6E+qJXO/6qRsYfJHamw50gFNRv/1f49zrhWtpZ82t9oNIKuKv+7jZzzW/AG7GU9PyPJ9pncINhNIyiK0217Xt23FeK9Wx3QaiGvVZh+6tNqsatVxZ8JK2tPOoW3UkYj2UXz3twzS/qlT2pm5v+BjW9ZmZFZ9FVvXE1/ZsT7M5FfM/3b9HS3P1wu9NacHGq/4A13t+ydHumm5rZfvHxc6XTaW3bhYc7C09kt40tqb6XcOqNfqKigjnb3SyLrVRQdtudolMFfOdIO7fdHWmKHT15lO8rSkmDch+nULdiRkrOq+UVFJ+TJWYgiqc+qUX1N4TjZNslB9wVTJQeEcbPzLhPnf24m72d1LkWyb2HBPL04yVRXj6tpBtc9FZx379NDZXAz/TO4zBav9ckZXc518bJ0KVNoVLjF0Md5SpimvukB9/8BAAAAAAAAAAAAAAAAAABOmiP8OUHyS8YDq0reRQAAAAAAAAAAAAAAAAAAAAAATrw/ev5v3v+Id8//Dcf1/N/iJwMBOJTfAQAA//+YznN8")
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0/../file0/file0/file0\x00', 0x441, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 2 (id=286):
socket$tipc(0x1e, 0x5, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
unshare(0x20000400)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x8000000000001, 0x7fb, 0x8, 0x100200}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x3000000}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.24' (ED25519) to the list of known hosts.
[   57.709565][ T5746] cgroup: Unknown subsys name 'net'
[   57.841290][ T5746] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.305644][ T5746] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   60.713664][ T5759] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   60.722312][ T5759] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   60.735242][ T5759] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   60.765472][ T5759] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   60.773331][ T5759] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   60.780738][ T5759] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   60.835177][ T5759] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   60.843397][ T5759] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   60.851560][ T5759] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   60.859810][ T5759] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   60.867736][ T5759] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   60.875605][ T5759] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   60.902809][ T5759] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   60.911089][ T5759] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   60.923125][ T5759] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   60.931805][ T5759] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   60.939708][ T5759] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   60.947247][ T5759] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   60.960458][ T5759] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   60.971222][ T5759] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   60.988177][ T5766] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   61.007886][ T5766] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   61.031265][ T5766] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   61.043504][ T5766] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   61.210050][ T5757] chnl_net:caif_netlink_parms(): no params data found
[   61.316508][ T5757] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.323723][ T5757] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.331482][ T5757] bridge_slave_0: entered allmulticast mode
[   61.338523][ T5757] bridge_slave_0: entered promiscuous mode
[   61.348171][ T5757] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.355359][ T5757] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.362508][ T5757] bridge_slave_1: entered allmulticast mode
[   61.369698][ T5757] bridge_slave_1: entered promiscuous mode
[   61.419601][ T5757] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   61.456507][ T5757] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   61.530070][ T5757] team0: Port device team_slave_0 added
[   61.541839][ T5757] team0: Port device team_slave_1 added
[   61.629245][ T5757] batman_adv: batadv0: Adding interface: batadv_slave_0
[   61.636633][ T5757] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.662578][ T5757] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   61.678729][ T5757] batman_adv: batadv0: Adding interface: batadv_slave_1
[   61.685728][ T5757] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   61.711882][ T5757] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   61.737442][ T5762] chnl_net:caif_netlink_parms(): no params data found
[   61.769184][ T5760] chnl_net:caif_netlink_parms(): no params data found
[   61.897640][ T5764] chnl_net:caif_netlink_parms(): no params data found
[   61.932461][ T5757] hsr_slave_0: entered promiscuous mode
[   61.938969][ T5757] hsr_slave_1: entered promiscuous mode
[   61.966056][ T5760] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.973246][ T5760] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.980566][ T5760] bridge_slave_0: entered allmulticast mode
[   61.987371][ T5760] bridge_slave_0: entered promiscuous mode
[   61.994957][ T5760] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.002118][ T5760] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.009919][ T5760] bridge_slave_1: entered allmulticast mode
[   62.017352][ T5760] bridge_slave_1: entered promiscuous mode
[   62.048509][ T5762] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.055809][ T5762] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.062989][ T5762] bridge_slave_0: entered allmulticast mode
[   62.070598][ T5762] bridge_slave_0: entered promiscuous mode
[   62.097955][ T5762] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.105655][ T5762] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.112820][ T5762] bridge_slave_1: entered allmulticast mode
[   62.120021][ T5762] bridge_slave_1: entered promiscuous mode
[   62.141127][ T5760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.181811][ T5760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.252837][ T5762] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.280886][ T5760] team0: Port device team_slave_0 added
[   62.287125][ T5764] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.294236][ T5764] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.301830][ T5764] bridge_slave_0: entered allmulticast mode
[   62.308744][ T5764] bridge_slave_0: entered promiscuous mode
[   62.317576][ T5762] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.344557][ T5760] team0: Port device team_slave_1 added
[   62.355649][ T5764] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.362847][ T5764] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.371124][ T5764] bridge_slave_1: entered allmulticast mode
[   62.377962][ T5764] bridge_slave_1: entered promiscuous mode
[   62.446528][ T5762] team0: Port device team_slave_0 added
[   62.454535][ T5762] team0: Port device team_slave_1 added
[   62.467794][ T5760] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.475066][ T5760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.501150][ T5760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.512984][ T5760] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.520136][ T5760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.546254][ T5760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.570676][ T5764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.604838][ T5762] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.611819][ T5762] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.637897][ T5762] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.653999][ T5762] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.661518][ T5762] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.687857][ T5762] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.701915][ T5764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.764393][ T5764] team0: Port device team_slave_0 added
[   62.784768][ T5760] hsr_slave_0: entered promiscuous mode
[   62.791123][ T5760] hsr_slave_1: entered promiscuous mode
[   62.797605][ T5760] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.805695][ T5760] Cannot create hsr debugfs directory
[   62.823452][ T5764] team0: Port device team_slave_1 added
[   62.839227][   T51] Bluetooth: hci0: command tx timeout
[   62.863678][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.870836][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.898345][ T5764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.909102][   T51] Bluetooth: hci1: command tx timeout
[   62.941616][ T5764] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.948706][ T5764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.976140][ T5764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.001778][ T5762] hsr_slave_0: entered promiscuous mode
[   63.008242][ T5762] hsr_slave_1: entered promiscuous mode
[   63.014259][ T5762] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.021943][ T5762] Cannot create hsr debugfs directory
[   63.064906][   T51] Bluetooth: hci3: command tx timeout
[   63.064926][ T5766] Bluetooth: hci2: command tx timeout
[   63.138483][ T5764] hsr_slave_0: entered promiscuous mode
[   63.145792][ T5764] hsr_slave_1: entered promiscuous mode
[   63.152453][ T5764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.160257][ T5764] Cannot create hsr debugfs directory
[   63.166185][ T5757] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   63.177958][ T5757] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   63.201288][ T5757] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   63.211237][ T5757] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   63.450884][ T5760] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   63.462280][ T5760] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   63.482078][ T5760] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   63.507606][ T5760] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   63.551665][ T5762] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   63.578493][ T5762] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   63.588018][ T5762] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   63.627991][ T5762] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   63.676417][ T5764] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   63.690675][ T5764] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   63.701933][ T5764] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   63.724443][ T5764] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   63.755907][ T5757] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.821041][ T5757] 8021q: adding VLAN 0 to HW filter on device team0
[   63.842026][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.849401][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.878029][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.885200][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.954484][ T5760] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.008392][ T5760] 8021q: adding VLAN 0 to HW filter on device team0
[   64.029769][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.036965][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.068081][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.075364][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.097757][ T5762] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.118323][ T5764] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.175549][ T5762] 8021q: adding VLAN 0 to HW filter on device team0
[   64.198478][ T5764] 8021q: adding VLAN 0 to HW filter on device team0
[   64.213286][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.220482][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.234365][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.241591][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.279591][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.286814][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.333436][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.340665][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.438113][ T5757] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.559762][ T5757] veth0_vlan: entered promiscuous mode
[   64.597302][ T5757] veth1_vlan: entered promiscuous mode
[   64.677437][ T5757] veth0_macvtap: entered promiscuous mode
[   64.702133][ T5757] veth1_macvtap: entered promiscuous mode
[   64.764585][ T5760] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.786056][ T5757] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.823140][ T5757] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.851111][ T5757] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.861157][ T5757] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.870724][ T5757] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.880041][ T5757] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.905959][   T51] Bluetooth: hci0: command tx timeout
[   64.942322][ T5764] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.962690][ T5762] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.985231][   T51] Bluetooth: hci1: command tx timeout
[   65.019814][ T5760] veth0_vlan: entered promiscuous mode
[   65.060785][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.071853][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.084012][ T5760] veth1_vlan: entered promiscuous mode
[   65.130077][ T5764] veth0_vlan: entered promiscuous mode
[   65.145599][ T5766] Bluetooth: hci2: command tx timeout
[   65.151640][   T51] Bluetooth: hci3: command tx timeout
[   65.169575][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.177862][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.181477][ T5762] veth0_vlan: entered promiscuous mode
[   65.209233][ T5764] veth1_vlan: entered promiscuous mode
[   65.224145][ T5762] veth1_vlan: entered promiscuous mode
[   65.286592][ T5760] veth0_macvtap: entered promiscuous mode
[   65.318352][ T5760] veth1_macvtap: entered promiscuous mode
[   65.363657][ T5764] veth0_macvtap: entered promiscuous mode
[   65.380017][ T5762] veth0_macvtap: entered promiscuous mode
[   65.392084][ T5837] syz.0.1[5837]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   65.399575][ T5760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.412769][ T5760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.427180][ T5760] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.451757][ T5760] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   65.463140][ T5760] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.470390][ T5837] loop0: detected capacity change from 0 to 4096
[   65.482641][ T5760] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.502450][ T5762] veth1_macvtap: entered promiscuous mode
[   65.524234][ T5764] veth1_macvtap: entered promiscuous mode
[   65.540181][ T5838] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   65.542880][ T5760] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.594122][ T5760] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.603194][   T28] audit: type=1800 audit(1765570911.209:2): pid=5837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1" name="file2" dev="loop0" ino=16 res=0 errno=0
[   65.603916][ T5837] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   65.642234][ T5760] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.652349][ T5760] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.738212][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.768504][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.795745][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.818420][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.830098][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.846982][ T5762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.860697][ T5762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.872289][ T5762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.884090][ T5762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.894248][ T5762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.905346][ T5762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.924312][ T5762] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.018407][ T5762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.036204][ T5837] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1'.
[   66.048641][ T5762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.059311][ T5762] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.074047][ T5762] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.113106][ T5762] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.129677][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.153677][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.169587][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.180170][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.194803][ T5764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.205398][ T5764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.220135][ T5764] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.247803][ T5762] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.256897][ T5762] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.267958][ T5762] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.276944][ T5762] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.296601][ T5764] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.305620][ T5764] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.314371][ T5764] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.324674][ T5764] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.399064][ T5757] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[   66.414388][ T5757] Remounting filesystem read-only
[   66.421798][ T5757] NILFS error (device loop0): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[   66.433175][ T5757] NILFS error (device loop0): nilfs_readdir: bad page in #12
[   66.551239][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.562576][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.602519][ T5846] =======================================================
[   66.602519][ T5846] WARNING: The mand mount option has been deprecated and
[   66.602519][ T5846]          and is ignored by this kernel. Remove the mand
[   66.602519][ T5846]          option from the mount to silence this warning.
[   66.602519][ T5846] =======================================================
[   66.654242][ T2893] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.657274][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.682676][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.682976][ T2893] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.693947][ T5846] 9pnet_fd: Insufficient options for proto=fd
[   66.816893][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.847488][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.887083][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.910320][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.927879][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.949687][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.995559][   T51] Bluetooth: hci0: command tx timeout
[   67.075691][   T51] Bluetooth: hci1: command tx timeout
[   67.234716][   T51] Bluetooth: hci3: command tx timeout
[   67.235930][ T5766] Bluetooth: hci2: command tx timeout
[   67.566429][ T5848] loop2: detected capacity change from 0 to 32768
[   67.589647][ T5848] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.3 (5848)
[   67.608250][ T5850] loop1: detected capacity change from 0 to 32768
[   67.665979][ T5850] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by syz.1.2 (5850)
[   67.698795][ T5848] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   67.758893][ T5848] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[   67.776108][ T5848] BTRFS info (device loop2): using free space tree
[   67.875742][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.895552][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.904144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.912836][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.936649][ T5864] binder: 5849:5864 ioctl 40182103 0 returned -22
[   67.950914][ T5864] binder_alloc: 5849: binder_alloc_buf, no vma
[   68.167239][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   68.175999][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   68.328326][ T5750] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by udevd (5750)
[   68.472904][ T5852] loop3: detected capacity change from 0 to 32768
[   68.555272][ T5852] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by syz.3.4 (5852)
[   68.656007][ T5848] BTRFS info (device loop2): enabling ssd optimizations
[   68.672547][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   68.681741][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   68.692106][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   68.729783][ T5848] BTRFS info (device loop2): auto enabling async discard
[   68.781194][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   68.804500][ T5882] binder: 5851:5882 ioctl 40182103 0 returned -22
[   69.065596][ T5766] Bluetooth: hci0: command tx timeout
[   69.131521][ T5855] BTRFS warning: duplicate device /dev/loop3 devid 1 generation 8 scanned by udevd (5855)
[   69.151937][ T5766] Bluetooth: hci1: command tx timeout
[   69.304869][ T5766] Bluetooth: hci3: command tx timeout
[   69.305486][   T51] Bluetooth: hci2: command tx timeout
[   69.464169][ T5886] binder: 5847:5886 ioctl 40182103 0 returned -22
[   70.049609][ T5883] loop0: detected capacity change from 0 to 32768
[   70.173151][ T5760] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   70.938687][ T5881] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[   71.026205][ T5884] loop1: detected capacity change from 0 to 32768
[   71.100722][ T5884] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.8 (5884)
[   71.173838][ T5884] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   71.229943][ T5884] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[   71.281400][ T5884] BTRFS info (device loop1): using free space tree
[   71.384882][ T5915] syzkaller1: entered promiscuous mode
[   71.390810][ T5915] syzkaller1: entered allmulticast mode
[   71.642626][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[   71.651139][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[   71.690395][ T5884] BTRFS info (device loop1): enabling ssd optimizations
[   71.747132][ T5884] BTRFS info (device loop1): auto enabling async discard
[   72.100134][ T5762] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   72.612888][ T5900] loop2: detected capacity change from 0 to 32768
[   72.639649][ T5900] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.10 (5900)
[   72.703227][ T5900] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   72.715931][ T5842] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   72.725401][ T5900] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[   72.746291][ T5900] BTRFS info (device loop2): using free space tree
[   72.912789][ T5900] BTRFS info (device loop2): enabling ssd optimizations
[   72.955002][ T5842] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   72.974677][ T5900] BTRFS info (device loop2): auto enabling async discard
[   72.993266][ T5842] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   73.014806][ T5842] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   73.071201][ T5842] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   73.084689][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.112642][ T5842] usb 2-1: Product: syz
[   73.127867][ T5842] usb 2-1: Manufacturer: syz
[   73.132524][ T5842] usb 2-1: SerialNumber: syz
[   73.257445][ T5951] binder: 5899:5951 ioctl 40182103 0 returned -22
[   73.268439][ T5951] binder_alloc: 5899: binder_alloc_buf, no vma
[   73.636307][ T5842] hub 2-1:1.0: bad descriptor, ignoring hub
[   73.642444][ T5842] hub: probe of 2-1:1.0 failed with error -5
[   73.820672][ T5932] loop0: detected capacity change from 0 to 32768
[   73.843764][ T5842] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   73.854999][ T5932] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.12 (5932)
[   73.899757][ T5760] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   74.071806][ T5954] binder: 5931:5954 ioctl 40182103 0 returned -22
[   74.765584][ T5910] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by udevd (5910)
[   77.149130][ T5958] loop3: detected capacity change from 0 to 32768
[   77.585503][ T5970] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[   77.605851][ T5970] syz.0.16 (5970) used greatest stack depth: 20584 bytes left
[   77.635834][ T5958] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   77.684936][ T5958] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[   77.765044][ T5842] usb 2-1: USB disconnect, device number 2
[   77.775604][ T5958] BTRFS info (device loop3): using free space tree
[   77.808990][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[   77.810580][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[   77.839905][ T5842] usblp0: removed
[   77.866704][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[   77.875270][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[   77.965633][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[   78.015905][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[   78.145087][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[   78.154522][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[   78.232560][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[   78.268075][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[   78.305584][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[   78.345682][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[   78.384260][ T5958] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[   78.467918][ T5958] BTRFS error (device loop3): open_ctree failed: -12
[   78.794465][ T5855] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by udevd (5855)
[   78.833547][ T6005] netlink: 'syz.2.21': attribute type 9 has an invalid length.
[   78.842006][ T6005] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.21'.
[   78.901466][ T6005] bridge0: entered promiscuous mode
[   78.907430][ T6005] macvlan2: entered promiscuous mode
[   79.284677][ T5842] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   79.549122][ T6010] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'.
[   79.615006][ T5842] usb 2-1: Using ep0 maxpacket: 32
[   79.641577][ T5842] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[   79.661039][ T5842] usb 2-1: config 0 has no interface number 0
[   79.688159][ T5842] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   79.724001][ T5842] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[   79.739226][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.774688][ T5842] usb 2-1: Product: syz
[   79.789132][ T5842] usb 2-1: Manufacturer: syz
[   79.793782][ T5842] usb 2-1: SerialNumber: syz
[   79.848066][ T5842] usb 2-1: config 0 descriptor??
[   79.877726][ T5842] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[   79.908132][ T5842] em28xx 2-1:0.132: Video interface 132 found:
[   79.968807][ T6013] loop2: detected capacity change from 0 to 7
[   80.011944][ T6018] loop3: detected capacity change from 0 to 2048
[   80.035877][ T6013] Dev loop2: unable to read RDB block 7
[   80.094840][ T6013]  loop2: AHDI p1 p2 p3
[   80.175118][ T6008] netlink: 16 bytes leftover after parsing attributes in process `syz.3.22'.
[   80.182677][ T6013] loop2: partition table partially beyond EOD, truncated
[   80.213319][ T6013] loop2: p1 start 1601398130 is beyond EOD, truncated
[   80.268500][ T6013] loop2: p2 start 1702059890 is beyond EOD, truncated
[   80.482771][ T5991] loop1: detected capacity change from 0 to 4096
[   81.888091][ T5842] em28xx 2-1:0.132: unknown em28xx chip ID (0)
[   81.899728][  T171] cfg80211: failed to load regulatory.db
[   82.261778][ T5842] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[   82.274740][ T5842] em28xx 2-1:0.132: board has no eeprom
[   83.063584][ T5842] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[   83.104208][ T5842] em28xx 2-1:0.132: analog set to bulk mode.
[   83.145809][ T6029] capability: warning: `syz.1.28' uses deprecated v2 capabilities in a way that may be insecure
[   83.162143][ T5798] em28xx 2-1:0.132: Registering V4L2 extension
[   83.222621][ T5842] usb 2-1: USB disconnect, device number 3
[   83.257463][ T5842] em28xx 2-1:0.132: Disconnecting em28xx
[   84.634787][  T967] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   84.871332][ T5798] em28xx 2-1:0.132: Config register raw data: 0xffffffed
[   84.872391][  T967] usb 4-1: unable to get BOS descriptor or descriptor too short
[   84.888316][  T967] usb 4-1: config 14 has an invalid interface number: 21 but max is 0
[   84.900194][  T967] usb 4-1: config 14 has no interface number 0
[   84.906580][  T967] usb 4-1: config 14 interface 21 has no altsetting 0
[   84.926434][  T967] usb 4-1: New USB device found, idVendor=c880, idProduct=760e, bcdDevice=35.fc
[   84.944675][  T967] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.954666][ T5798] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[   84.962361][ T5798] em28xx 2-1:0.132: No AC97 audio processor
[   84.973219][  T967] usb 4-1: Product: syz
[   84.997696][  T967] usb 4-1: Manufacturer: syz
[   84.999424][ T5798] usb 2-1: Decoder not found
[   85.002326][  T967] usb 4-1: SerialNumber: syz
[   85.024674][ T5798] em28xx 2-1:0.132: failed to create media graph
[   85.032078][ T5798] em28xx 2-1:0.132: V4L2 device video103 deregistered
[   85.064137][ T5798] em28xx 2-1:0.132: Remote control support is not available for this card.
[   85.109738][ T5842] em28xx 2-1:0.132: Closing input extension
[   85.166014][ T5842] em28xx 2-1:0.132: Freeing device
[   85.229407][ T6029] mmap: syz.1.28 (6029) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   86.517053][ T6044] loop1: detected capacity change from 0 to 32768
[   86.618266][ T6044] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   86.665700][ T6044] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[   86.724395][ T6044] BTRFS info (device loop1): using free space tree
[   86.862881][ T6065] loop2: detected capacity change from 0 to 256
[   86.959952][ T6065] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   86.971003][ T6065] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[   87.032173][ T6065] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   87.124865][ T5845] IPVS: starting estimator thread 0...
[   87.145586][ T6044] BTRFS info (device loop1): enabling ssd optimizations
[   87.193120][ T6044] BTRFS info (device loop1): auto enabling async discard
[   87.244944][ T6073] IPVS: using max 24 ests per chain, 57600 per kthread
[   87.456931][ T6077] binder: 6042:6077 ioctl 40182103 0 returned -22
[   87.910283][ T5762] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   88.044375][ T6080] loop2: detected capacity change from 0 to 1024
[   88.131960][ T6080] hfsplus: unable to parse mount options
[   88.138555][   T28] audit: type=1326 audit(1765570933.729:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.3.35" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8749d8f749 code=0x0
[   88.400273][  T967] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[   88.408181][  T967] usb 4-1: MIDIStreaming interface descriptor not found
[   88.529364][ T6086] netlink: 'syz.1.36': attribute type 9 has an invalid length.
[   88.537116][ T6086] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.36'.
[   88.590977][ T6086] bridge0: entered promiscuous mode
[   88.596658][ T6086] macvlan2: entered promiscuous mode
[   89.183942][  T967] usb 4-1: USB disconnect, device number 2
[   89.292014][ T6092] process 'syz.1.38' launched './file0' with NULL argv: empty string added
[   89.412994][ T5903] udevd[5903]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:14.21/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   91.680077][ T6107] netlink: 24 bytes leftover after parsing attributes in process `syz.2.42'.
[   93.427178][ T6116] loop0: detected capacity change from 0 to 1024
[   93.692638][ T6122] netlink: 'syz.2.46': attribute type 9 has an invalid length.
[   93.700334][ T6122] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.46'.
[   93.753299][ T6122] macvlan3: entered promiscuous mode
[   94.484323][ T6116] hfsplus: failed to load root directory
[   94.597111][ T6126] syzkaller0: entered promiscuous mode
[   94.609202][ T6126] syzkaller0: entered allmulticast mode
[   94.823183][ T6118] loop3: detected capacity change from 0 to 32768
[   94.850652][ T6118] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.45 (6118)
[   94.873048][ T6118] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   96.124747][  T967] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   96.194757][ T6118] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[   96.225026][ T6118] BTRFS info (device loop3): using free space tree
[   96.315175][  T967] usb 3-1: Using ep0 maxpacket: 32
[   96.340378][  T967] usb 3-1: config index 0 descriptor too short (expected 548, got 36)
[   96.357765][  T967] usb 3-1: config 127 has too many interfaces: 193, using maximum allowed: 32
[   96.362307][ T6118] BTRFS info (device loop3): enabling ssd optimizations
[   96.376405][  T967] usb 3-1: config 127 contains an unexpected descriptor of type 0x2, skipping
[   96.388098][ T6118] BTRFS info (device loop3): auto enabling async discard
[   96.394760][  T967] usb 3-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config
[   96.427545][  T967] usb 3-1: config 127 has 0 interfaces, different from the descriptor's value: 193
[   96.462613][  T967] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[   96.485001][  T967] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.495210][ T5764] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   96.504352][  T967] usb 3-1: Product: syz
[   96.515038][  T967] usb 3-1: Manufacturer: syz
[   96.519751][  T967] usb 3-1: SerialNumber: syz
[   96.766973][  T967] usb 3-1: USB disconnect, device number 2
[   97.076138][ T6159] loop1: detected capacity change from 0 to 2048
[   97.132013][ T6159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.197021][ T6159] EXT4-fs (loop1): shut down requested (2)
[   97.220499][ T6159] netlink: 64 bytes leftover after parsing attributes in process `syz.1.52'.
[   97.539373][ T6166] netlink: 'syz.0.53': attribute type 9 has an invalid length.
[   97.547083][ T6166] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.53'.
[   97.565388][ T6166] bridge0: entered promiscuous mode
[   97.570707][ T6166] macvlan2: entered promiscuous mode
[   97.869842][ T6157] loop3: detected capacity change from 0 to 32768
[   98.185778][ T6176] netlink: 'syz.2.55': attribute type 9 has an invalid length.
[   98.193447][ T6176] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.55'.
[   98.242165][ T6176] macvlan4: entered promiscuous mode
[   98.641722][ T6157] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   98.900452][ T6157] XFS (loop3): Ending clean mount
[   98.938854][ T5762] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.951931][ T6157] XFS (loop3): Quotacheck needed: Please wait.
[   99.214161][ T6157] XFS (loop3): Quotacheck: Done.
[  101.623853][ T5764] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  102.000262][ T6189] loop0: detected capacity change from 0 to 32768
[  102.043295][ T6189] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.59 (6189)
[  102.104927][ T6189] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  102.135173][ T6189] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  102.170595][ T6189] BTRFS info (device loop0): using free space tree
[  102.197932][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  102.198585][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  102.245352][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  102.265285][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  102.305531][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  102.365438][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  102.386540][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  102.415398][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  102.445394][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  102.467804][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  102.519964][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  102.563849][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  102.588548][ T6189] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  102.606887][ T6189] BTRFS error (device loop0): open_ctree failed: -12
[  102.689106][ T6223] netlink: 'syz.3.64': attribute type 9 has an invalid length.
[  102.696934][ T6223] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.64'.
[  102.714369][ T6223] bridge0: entered promiscuous mode
[  102.719757][ T6223] macvlan2: entered promiscuous mode
[  103.303929][ T5855] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by udevd (5855)
[  103.757824][ T6236] netlink: 'syz.0.65': attribute type 9 has an invalid length.
[  103.765695][ T6236] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.65'.
[  103.814498][ T6236] macvlan3: entered promiscuous mode
[  104.264554][ T6240] 9pnet_fd: Insufficient options for proto=fd
[  104.592401][ T6248] loop1: detected capacity change from 0 to 2048
[  104.620991][ T6248] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  107.132820][ T6259] loop3: detected capacity change from 0 to 32768
[  107.230185][ T6259] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  107.438626][ T6259] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  107.460180][   T28] audit: type=1326 audit(1765570953.069:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6270 comm="syz.2.75" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f788658f749 code=0x0
[  107.540606][ T6259] XFS (loop3): Starting recovery (logdev: internal)
[  107.622325][ T6259] XFS (loop3): Ending recovery (logdev: internal)
[  107.654050][ T6259] XFS (loop3): AG 0: Corrupt btree 5 pointer at level 1 index 0.
[  107.675518][ T6259] XFS (loop3): Failed to initialize disk quotas.
[  107.843679][ T6269] loop0: detected capacity change from 0 to 32768
[  107.885223][ T6259] XFS (loop3): AG 0: Corrupt btree 5 pointer at level 1 index 0.
[  107.889663][ T6269] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  107.962102][ T6269] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  108.095942][ T6269] BTRFS info (device loop0): using free space tree
[  108.156953][ T6284] netlink: 'syz.1.74': attribute type 9 has an invalid length.
[  108.164582][ T6284] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.74'.
[  108.180029][ T6284] macvlan3: entered promiscuous mode
[  108.478904][ T6269] BTRFS info (device loop0): enabling ssd optimizations
[  108.734833][ T6269] BTRFS info (device loop0): auto enabling async discard
[  108.951860][ T5818] kernel write not supported for file /vcsu (pid: 5818 comm: kworker/1:3)
[  109.024079][ T6269] binder: BINDER_SET_CONTEXT_MGR already set
[  109.076158][ T6269] binder: 6268:6269 ioctl 4018620d 200000000040 returned -16
[  109.456065][ T6302] netlink: 'syz.1.76': attribute type 4 has an invalid length.
[  109.475971][ T5764] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  109.641574][ T6302] netlink: 17 bytes leftover after parsing attributes in process `syz.1.76'.
[  109.733194][ T5757] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  110.158663][ T6318] netlink: 8 bytes leftover after parsing attributes in process `syz.2.79'.
[  110.250229][ T6320] netlink: 'syz.3.78': attribute type 9 has an invalid length.
[  110.258512][ T6320] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.78'.
[  110.962721][ T6320] macvlan3: entered promiscuous mode
[  111.425563][ T6326] tipc: Started in network mode
[  111.430641][ T6326] tipc: Node identity ac14140f, cluster identity 4711
[  112.785441][ T6326] tipc: New replicast peer: 255.255.255.255
[  112.792039][ T6326] tipc: Enabled bearer <udp:syz2>, priority 10
[  113.515308][ T6333] loop0: detected capacity change from 0 to 32768
[  113.563658][ T6333] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.82 (6333)
[  113.615750][ T6333] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  113.640646][ T6333] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  113.662683][ T6340] syzkaller0: entered promiscuous mode
[  113.675740][ T6333] BTRFS info (device loop0): using free space tree
[  113.694979][ T6340] syzkaller0: entered allmulticast mode
[  113.820801][ T6333] BTRFS info (device loop0): enabling ssd optimizations
[  113.862012][ T6333] BTRFS info (device loop0): auto enabling async discard
[  113.906716][  T967] tipc: Node number set to 2886997007
[  114.159554][ T6358] binder: 6332:6358 ioctl 40182103 0 returned -22
[  114.734220][ T5757] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  114.769313][ T6364] netlink: 'syz.1.84': attribute type 9 has an invalid length.
[  114.778878][ T6364] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.84'.
[  114.797337][ T6364] macvlan4: entered promiscuous mode
[  114.838288][ T6339] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  114.859429][ T6339] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  115.069316][ T6370] netlink: 4 bytes leftover after parsing attributes in process `syz.3.90'.
[  115.313882][ T6371] netlink: 'syz.2.89': attribute type 9 has an invalid length.
[  115.321779][ T6371] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.89'.
[  115.421042][ T6371] macvlan5: entered promiscuous mode
[  115.981367][ T6384] usb usb8: usbfs: process 6384 (syz.0.101) did not claim interface 0 before use
[  116.064147][ T6388] loop3: detected capacity change from 0 to 8
[  116.113629][ T6388] SQUASHFS error: lzo decompression failed, data probably corrupt
[  116.184816][ T6388] SQUASHFS error: Failed to read block 0x91: -5
[  116.211462][ T6388] SQUASHFS error: Unable to read metadata cache entry [8f]
[  116.240129][ T6388] SQUASHFS error: Unable to read inode 0x7
[  116.327182][ T6393] syzkaller0: entered promiscuous mode
[  116.345878][ T6393] syzkaller0: entered allmulticast mode
[  117.820254][ T6405] loop2: detected capacity change from 0 to 512
[  117.834489][ T6405] EXT4-fs: Ignoring removed nomblk_io_submit option
[  118.296665][ T6405] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.322487][ T6405] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  118.330785][ T6405] EXT4-fs (loop2): orphan cleanup on readonly fs
[  118.350298][ T6405] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[  118.361646][ T6405] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  118.371107][ T6405] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.97: Failed to acquire dquot type 1
[  118.453309][ T6405] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm syz.2.97: bg 0: block 40: padding at end of block bitmap is not set
[  118.485028][ T6405] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  118.495266][ T6405] EXT4-fs (loop2): 1 truncate cleaned up
[  118.501837][ T6405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.626997][ T5760] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.961829][ T6412] netlink: 'syz.0.99': attribute type 9 has an invalid length.
[  118.969509][ T6412] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.99'.
[  118.993880][ T6412] macvlan4: entered promiscuous mode
[  120.232350][ T6422] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  120.824955][ T6422] loop0: detected capacity change from 0 to 512
[  120.831835][ T6422] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.894404][ T6422] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  120.927817][ T6422] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  120.936519][ T6422] EXT4-fs (loop0): orphan cleanup on readonly fs
[  120.945104][ T6422] Quota error (device loop0): find_block_dqentry: Quota for id 0 referenced but not present
[  120.955285][ T6422] Quota error (device loop0): qtree_read_dquot: Can't read quota structure for id 0
[  120.964710][ T6422] EXT4-fs error (device loop0): ext4_acquire_dquot:6933: comm syz.0.103: Failed to acquire dquot type 1
[  120.977727][ T6422] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.103: bg 0: block 40: padding at end of block bitmap is not set
[  120.993709][ T6422] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  121.008793][ T6422] EXT4-fs (loop0): 1 truncate cleaned up
[  121.015325][ T6422] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  121.217889][ T5757] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.310780][ T6432] netlink: 'syz.2.100': attribute type 9 has an invalid length.
[  121.319345][ T6432] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.100'.
[  121.368194][ T6432] macvlan6: entered promiscuous mode
[  122.512106][ T5818] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  123.382886][ T5818] usb 3-1: device descriptor read/64, error -71
[  123.654974][ T5818] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  123.719905][ T6460] loop0: detected capacity change from 0 to 2048
[  123.763206][ T6460] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  123.785156][ T6460] NILFS (loop0): unrecognized mount option "0xffffffffffffffffÿÿÿÿÿÿ"
[  123.799513][ T5855] udevd[5855]: incorrect nilfs2 checksum on /dev/loop0
[  123.855137][ T5818] usb 3-1: device descriptor read/64, error -71
[  123.917931][ T6460] loop0: detected capacity change from 0 to 2048
[  123.942656][ T6460] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  123.963285][ T6460] NILFS (loop0): unrecognized mount option "0xffffffffffffffffÿÿÿÿÿÿ"
[  123.978262][ T6455] loop3: detected capacity change from 0 to 32768
[  124.000560][ T6455] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop3 scanned by syz.3.111 (6455)
[  124.129921][ T5855] udevd[5855]: incorrect nilfs2 checksum on /dev/loop0
[  124.135128][ T5818] usb usb3-port1: attempt power cycle
[  124.139999][ T6455] BTRFS info (device loop3): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  124.166662][ T6455] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  124.196622][ T6455] BTRFS info (device loop3): using free space tree
[  124.273351][ T6467] netlink: 'syz.1.114': attribute type 9 has an invalid length.
[  124.281149][ T6467] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.114'.
[  124.325337][ T6467] macvlan5: entered promiscuous mode
[  124.884519][ T6455] BTRFS info (device loop3): enabling ssd optimizations
[  124.940926][ T6455] BTRFS info (device loop3): auto enabling async discard
[  125.110348][ T6486] netlink: 48 bytes leftover after parsing attributes in process `syz.2.117'.
[  125.167849][ T6487] netlink: 'syz.1.115': attribute type 1 has an invalid length.
[  125.359331][ T6455] binder: BINDER_SET_CONTEXT_MGR already set
[  125.378485][ T6455] binder: 6453:6455 ioctl 4018620d 200000000040 returned -16
[  125.481050][ T6487] 8021q: adding VLAN 0 to HW filter on device bond2
[  125.536170][ T6487] bond1: (slave bond2): making interface the new active one
[  125.579779][ T6496] loop2: detected capacity change from 0 to 1024
[  125.611065][ T6487] bond1: (slave bond2): Enslaving as an active interface with an up link
[  125.653999][ T6496] EXT4-fs: Ignoring removed bh option
[  125.688388][ T6488] tipc: Started in network mode
[  125.750747][ T6496] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  125.788113][ T6488] tipc: Node identity 861a8cc08dcb, cluster identity 4711
[  125.872258][ T6488] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  125.922449][ T6493] netlink: 28 bytes leftover after parsing attributes in process `syz.1.115'.
[  125.932388][ T6493] bond1: entered promiscuous mode
[  125.937628][ T6493] bond2: entered promiscuous mode
[  125.942870][ T6493] bond1: entered allmulticast mode
[  125.948471][ T6493] bond2: entered allmulticast mode
[  125.954887][ T6493] 8021q: adding VLAN 0 to HW filter on device bond1
[  125.962757][ T6494] syzkaller0: entered promiscuous mode
[  125.979317][ T6494] syzkaller0: entered allmulticast mode
[  126.012575][ T6496] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.088914][ T6488] tipc: Resetting bearer <eth:syzkaller0>
[  126.136657][ T5764] BTRFS info (device loop3): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  126.157311][ T6496] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  126.312400][ T5760] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.433961][ T6483] tipc: Resetting bearer <eth:syzkaller0>
[  126.518374][ T6483] tipc: Disabling bearer <eth:syzkaller0>
[  128.317075][ T6519] loop1: detected capacity change from 0 to 32768
[  128.503414][ T6519] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  128.568686][ T6519] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  129.031739][ T6519] XFS (loop1): Ending clean mount
[  129.044868][ T6519] XFS (loop1): Quotacheck needed: Please wait.
[  129.250171][ T6537] netlink: 'syz.2.123': attribute type 9 has an invalid length.
[  129.257980][ T6537] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.123'.
[  129.300811][ T6537] macvlan7: entered promiscuous mode
[  129.907783][ T6519] XFS (loop1): Quotacheck: Done.
[  130.064850][ T5762] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  130.309045][ T6543] program syz.3.124 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  130.557942][ T6539] loop2: detected capacity change from 0 to 32768
[  130.606470][ T6539] 
[  130.606470][ T6539]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  130.606470][ T6539] 
[  130.822003][ T6539] 
[  130.822003][ T6539]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  130.822003][ T6539] 
[  130.984892][ T6539] 
[  130.984892][ T6539]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  130.984892][ T6539] 
[  131.083806][ T6550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.128'.
[  131.104085][ T6539] 
[  131.104085][ T6539]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  131.104085][ T6539] 
[  131.155934][ T6553] netlink: 8 bytes leftover after parsing attributes in process `syz.0.126'.
[  131.327164][ T6539] 
[  131.327164][ T6539]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  131.327164][ T6539] 
[  131.413308][  T112] 
[  131.413308][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  131.413308][  T112] 
[  131.519688][ T6545] loop1: detected capacity change from 0 to 32768
[  131.554960][ T6545] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.127 (6545)
[  131.643231][ T6545] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  131.674772][ T6545] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  131.714843][ T6545] BTRFS info (device loop1): using free space tree
[  131.922915][ T6545] BTRFS info (device loop1): enabling ssd optimizations
[  131.973672][ T6545] BTRFS info (device loop1): auto enabling async discard
[  132.328358][ T6572] binder: 6544:6572 ioctl 40182103 0 returned -22
[  132.856940][ T5762] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  133.095382][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  133.103548][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  133.374253][ T6575] loop0: detected capacity change from 0 to 16
[  133.415559][ T6575] erofs: Unknown parameter ''
[  133.714258][ T5752] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  133.933619][ T5760] 
[  133.933619][ T5760]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  133.933619][ T5760] 
[  133.985110][ T5760] 
[  133.985110][ T5760]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  133.985110][ T5760] 
[  134.570955][ T6587] netlink: 'syz.0.133': attribute type 9 has an invalid length.
[  134.578758][ T6587] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.133'.
[  134.619300][ T6587] macvlan5: entered promiscuous mode
[  135.361807][ T6589] loop0: detected capacity change from 0 to 512
[  135.495604][ T6589] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.744835][ T6589] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.892630][ T6602] loop1: detected capacity change from 0 to 4096
[  136.982429][ T6602] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing.
[  137.025431][ T6602] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  137.078673][ T6602] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  137.146762][ T6602] ntfs: volume version 3.1.
[  137.156913][ T5757] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.221339][ T6602] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  137.274687][ T6602] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  137.324719][ T6602] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Mounting read-only.  Run chkdsk.
[  137.373164][ T6602] ntfs: (device loop1): ntfs_read_locked_inode(): Index block size (462848) is not a power of two.
[  137.443906][ T6602] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xb as bad.  Run chkdsk.
[  137.463505][ T6602] ntfs: (device loop1): load_system_files(): Failed to load $Extend.
[  137.472295][ T6602] ntfs: (device loop1): ntfs_fill_super(): Failed to load system files.
[  137.573046][ T6610] loop0: detected capacity change from 0 to 1024
[  137.580058][ T6610] EXT4-fs: Ignoring removed i_version option
[  137.586134][ T6610] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.613057][ T6610] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  137.682793][ T6608] loop3: detected capacity change from 0 to 4096
[  137.711161][ T6610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.730365][ T6610] netlink: 48 bytes leftover after parsing attributes in process `syz.0.138'.
[  138.328763][ T6621] "syz.2.137" (6621) uses obsolete ecb(arc4) skcipher
[  139.310379][ T5757] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.690215][ T6635] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  139.768288][ T6637] netlink: 'syz.0.143': attribute type 9 has an invalid length.
[  139.776164][ T6637] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.143'.
[  139.830807][ T6637] macvlan6: entered promiscuous mode
[  140.555275][ T6642] loop0: detected capacity change from 0 to 8
[  140.567754][ T6642] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  140.626430][ T5855] udevd[5855]: incorrect cramfs checksum on /dev/loop0
[  140.661159][ T5855] udevd[5855]: incorrect cramfs checksum on /dev/loop0
[  143.077783][ T6654] loop0: detected capacity change from 0 to 32768
[  143.163587][ T6654] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  143.237343][ T6654] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  145.826504][ T6671] loop1: detected capacity change from 0 to 16
[  145.875588][ T5757] ocfs2: Unmounting device (7,0) on (node local)
[  146.867755][ T6677] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  148.049800][ T6689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.085121][ T6689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.499990][ T6703] netlink: 'syz.3.153': attribute type 9 has an invalid length.
[  148.507853][ T6703] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.153'.
[  148.551725][ T6703] macvlan4: entered promiscuous mode
[  149.792418][ T6699] loop0: detected capacity change from 0 to 32768
[  149.824900][ T6699] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.155 (6699)
[  149.885868][ T6699] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  149.939712][ T6699] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  149.969354][ T6699] BTRFS info (device loop0): using free space tree
[  150.044246][ T6708] loop2: detected capacity change from 0 to 32768
[  150.096593][ T6708] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.159 (6708)
[  150.193748][ T6708] binder: BINDER_SET_CONTEXT_MGR already set
[  150.237363][ T6708] binder: 6707:6708 ioctl 4018620d 200000000040 returned -16
[  150.272959][ T6699] BTRFS info (device loop0): enabling ssd optimizations
[  150.308948][ T6699] BTRFS info (device loop0): auto enabling async discard
[  150.647802][ T5752] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (5752)
[  150.698943][ T6699] binder: BINDER_SET_CONTEXT_MGR already set
[  150.754790][ T6699] binder: 6697:6699 ioctl 4018620d 200000000040 returned -16
[  150.946684][ T6737] binder: 6697:6737 ioctl 40182103 0 returned -22
[  151.438606][ T6712] loop3: detected capacity change from 0 to 32768
[  151.488844][ T6712] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  151.541814][ T6712] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  152.480791][ T6750] netlink: 24 bytes leftover after parsing attributes in process `syz.3.160'.
[  152.625559][ T5757] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  152.721953][ T5764] ocfs2: Unmounting device (7,3) on (node local)
[  153.411569][ T6744] loop1: detected capacity change from 0 to 32768
[  153.443579][ T6744] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.548267][ T6744] XFS (loop1): Ending clean mount
[  153.869512][ T6770] netlink: 'syz.2.166': attribute type 9 has an invalid length.
[  153.878104][ T6770] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.166'.
[  153.922166][ T6770] macvlan8: entered promiscuous mode
[  154.753761][ T5762] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.954453][ T6780] "syz.0.169" (6780) uses obsolete ecb(arc4) skcipher
[  156.277005][ T6777] loop2: detected capacity change from 0 to 32768
[  156.314149][ T6777] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.170 (6777)
[  156.352719][ T6777] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  156.392302][ T6777] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  157.564840][ T6777] BTRFS info (device loop2): using free space tree
[  157.687481][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  157.688205][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  157.698116][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  157.709184][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  157.719157][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  157.729365][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  157.739571][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  157.749963][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  157.761064][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  157.773476][ T6777] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  157.799727][ T6804] lo: entered allmulticast mode
[  157.821436][ T6777] BTRFS error (device loop2): open_ctree failed: -12
[  157.866417][ T5752] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by udevd (5752)
[  158.131256][ T6812] netlink: 'syz.2.177': attribute type 1 has an invalid length.
[  158.187221][ T6812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.177'.
[  158.569794][ T6796] lo: left allmulticast mode
[  158.748971][ T6818] netlink: 'syz.2.178': attribute type 9 has an invalid length.
[  158.756810][ T6818] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.178'.
[  158.800419][ T6818] macvlan9: entered promiscuous mode
[  159.486107][ T6820] xt_connbytes: Forcing CT accounting to be enabled
[  159.492835][ T6820] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  159.504937][ T6820] xt_bpf: check failed: parse error
[  160.818599][ T6824] syz.0.187: attempt to access beyond end of device
[  160.818599][ T6824] nbd0: rw=0, sector=0, nr_sectors = 8 limit=0
[  160.866223][ T6824] F2FS-fs (nbd0): Unable to read 1th superblock
[  160.888832][ T6824] syz.0.187: attempt to access beyond end of device
[  160.888832][ T6824] nbd0: rw=0, sector=8, nr_sectors = 8 limit=0
[  160.944682][ T6824] F2FS-fs (nbd0): Unable to read 2th superblock
[  160.986194][ T6814] loop1: detected capacity change from 0 to 32768
[  161.050398][ T6814] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  161.087953][ T6814] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  161.118815][ T6814] BTRFS info (device loop1): using free space tree
[  161.456594][ T6848] "syz.2.181" (6848) uses obsolete ecb(arc4) skcipher
[  161.575531][ T6814] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  161.579625][ T6814] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  161.631220][ T6846] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  161.740552][ T6814] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  161.770982][ T6814] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  162.127612][ T6814] BTRFS error (device loop1): open_ctree failed: -12
[  163.765113][ T5855] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by udevd (5855)
[  164.591375][ T6870] loop0: detected capacity change from 0 to 256
[  164.603787][ T6870] exfat: Deprecated parameter 'utf8'
[  164.609588][ T6870] exfat: Deprecated parameter 'utf8'
[  165.273413][ T6870] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x23a77120, utbl_chksum : 0xe619d30d)
[  165.907225][ T6863] loop1: detected capacity change from 0 to 32768
[  166.005501][ T6863] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  166.034794][ T6863] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  166.044073][ T6863] BTRFS info (device loop1): using free space tree
[  166.244806][ T6863] BTRFS info (device loop1): enabling ssd optimizations
[  166.251814][ T6863] BTRFS info (device loop1): auto enabling async discard
[  166.636647][ T6895] netlink: 'syz.2.188': attribute type 9 has an invalid length.
[  166.644485][ T6895] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.188'.
[  166.662731][ T6895] macvlan10: entered promiscuous mode
[  167.250636][ T6897] binder: 6862:6897 ioctl 40182103 0 returned -22
[  167.714320][ T5762] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  167.907459][ T6913] xt_connbytes: Forcing CT accounting to be enabled
[  167.914167][ T6913] xt_bpf: check failed: parse error
[  169.336053][ T6920] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  170.660615][ T6930] netlink: 'syz.3.198': attribute type 9 has an invalid length.
[  170.668467][ T6930] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.198'.
[  170.750692][ T6930] macvlan5: entered promiscuous mode
[  172.375570][ T6937] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  172.399646][ T6937] overlayfs: fs on './file1/file0' does not support file handles, falling back to index=off,nfs_export=off.
[  172.565784][ T6941] capability: warning: `syz.2.201' uses 32-bit capabilities (legacy support in use)
[  172.634360][ T6926] loop1: detected capacity change from 0 to 32768
[  172.703963][ T6926] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  172.782039][ T6926] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  173.006918][ T6926] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  173.118362][ T6926] gfs2: fsid=syz:syz.0: can't find local "sc" file#0: -2
[  173.648295][ T6956] netlink: 9 bytes leftover after parsing attributes in process `syz.3.205'.
[  173.833677][ T6958] loop1: detected capacity change from 0 to 2048
[  173.866235][ T6958] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  174.063717][ T6965] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  174.290005][ T6966] netlink: 'syz.0.200': attribute type 9 has an invalid length.
[  174.297871][ T6966] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.200'.
[  174.315714][ T6966] macvlan7: entered promiscuous mode
[  174.456289][ T6968] netlink: 'syz.2.207': attribute type 9 has an invalid length.
[  174.465008][ T6968] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.207'.
[  174.553614][ T6968] macvlan11: entered promiscuous mode
[  177.250458][ T6971] loop2: detected capacity change from 0 to 32768
[  177.258883][ T6971] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 scanned by syz.2.210 (6971)
[  177.304468][ T6971] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  177.334817][ T6971] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  177.354384][ T6971] BTRFS info (device loop2): using free space tree
[  177.529312][ T6971] BTRFS info (device loop2): enabling ssd optimizations
[  177.552543][ T6971] BTRFS info (device loop2): auto enabling async discard
[  179.045135][ T5760] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  179.484232][ T7018] netlink: 'syz.0.218': attribute type 9 has an invalid length.
[  179.492062][ T7018] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.218'.
[  179.574518][ T7018] macvlan8: entered promiscuous mode
[  180.444303][ T7026] netlink: 'syz.2.217': attribute type 9 has an invalid length.
[  180.452144][ T7026] netlink: 126588 bytes leftover after parsing attributes in process `syz.2.217'.
[  180.481371][ T7026] macvlan12: entered promiscuous mode
[  183.438829][ T7042] loop1: detected capacity change from 0 to 1024
[  184.189461][ T7046] syz.3.223 uses obsolete (PF_INET,SOCK_PACKET)
[  184.739198][ T7042] overlayfs: failed to resolve './bus': -2
[  184.911565][ T2893] hfsplus: b-tree write err: -5, ino 4
[  185.241309][ T7048] loop0: detected capacity change from 0 to 32768
[  185.286393][ T7048] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.225 (7048)
[  185.316863][ T7048] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  185.688593][ T7060] netlink: 'syz.1.228': attribute type 9 has an invalid length.
[  185.688995][ T7048] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  185.696537][ T7060] netlink: 126588 bytes leftover after parsing attributes in process `syz.1.228'.
[  185.728390][ T7060] macvlan6: entered promiscuous mode
[  185.765809][ T7048] BTRFS info (device loop0): using free space tree
[  185.888924][ T7048] BTRFS info (device loop0): enabling ssd optimizations
[  185.904774][ T7048] BTRFS info (device loop0): auto enabling async discard
[  186.638859][ T5079] Bluetooth: hci0: command 0x0406 tx timeout
[  186.645967][ T5079] Bluetooth: hci2: command 0x0406 tx timeout
[  186.652055][ T5079] Bluetooth: hci1: command 0x0406 tx timeout
[  187.107209][ T5757] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  188.036937][ T7090] loop3: detected capacity change from 0 to 32768
[  188.087280][ T7090] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  189.363557][ T7090] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  189.400606][ T7111] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org.
[  189.498543][ T7090] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  189.510395][ T7111] loop1: detected capacity change from 0 to 256
[  189.557357][ T7090] gfs2: fsid=syz:syz.0: can't find local "sc" file#0: -2
[  189.725762][ T7111] FAT-fs (loop1): Directory bread(block 64) failed
[  189.744734][ T7111] FAT-fs (loop1): Directory bread(block 65) failed
[  189.775071][ T7111] FAT-fs (loop1): Directory bread(block 66) failed
[  189.795815][ T7111] FAT-fs (loop1): Directory bread(block 67) failed
[  189.838910][ T7111] FAT-fs (loop1): Directory bread(block 68) failed
[  189.864851][ T7111] FAT-fs (loop1): Directory bread(block 69) failed
[  189.900077][ T7111] FAT-fs (loop1): Directory bread(block 70) failed
[  189.914711][ T7111] FAT-fs (loop1): Directory bread(block 71) failed
[  189.939334][ T7111] FAT-fs (loop1): Directory bread(block 72) failed
[  189.959766][ T7111] FAT-fs (loop1): Directory bread(block 73) failed
[  190.332133][   T28] kauditd_printk_skb: 10 callbacks suppressed
[  190.332146][   T28] audit: type=1800 audit(1765571035.949:5): pid=7111 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.236" name="file0" dev="loop1" ino=1048593 res=0 errno=0
[  190.380622][ T7111] ptrace attach of "./syz-executor exec"[5762] was attempted by " Àÿ      Ðÿ      ð¥      Àÿ      Àÿ      Ðÿ      àÿ              ðÿ      °ÿ      Àÿ                 ÿÿÿÿ                                                                                        vfat    ÿÿÿÿ                                                    ./bus                                                           ./file0                                                                                                                         Üy<i    ÁvL                                                     /sys/kernel/debug/damon/kdamond_pid                                                                                                                                                              ¥\x1b{•˜0 ³KwMi`n¹
I™AP·;Ï“Å<mšCFcB,ùçúzÞrª?‰¹¢ÄÔÔæì\x0b£cä5�Ǹb'<|zó;\x22Õ,2ˆ¥Š94§ž6„\x07Lj{Î\x22hßÈÅzÓÆE¬÷˜màâ1¬ÆŒš¿q›Ü• Ã÷‹¿éâ6Ìë\x0a„�xz±ÕäT~î,ºoèɱæÚŒ.�ðÄ6ÅMÖX4z¿ZM†ÿ÷%Ù¼êô+šílæDÎ|ÍÒzt]†¤\x07·£ŒÆ5ßö¤4UÞIüoIáNÖZ3êm…ÃÈ×AÕ³ƒ jn”
[  191.400645][ T7126] input: syz0 as /devices/virtual/input/input6
[  191.651751][ T7126] netlink: 24 bytes leftover after parsing attributes in process `syz.2.237'.
[  192.097542][ T7128] loop0: detected capacity change from 0 to 32768
[  192.109825][ T7128] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 scanned by syz.0.241 (7128)
[  192.145594][ T7128] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  192.162555][ T7128] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  192.172467][ T7128] BTRFS info (device loop0): using free space tree
[  192.372096][ T7155] loop2: detected capacity change from 0 to 128
[  192.383642][ T7128] BTRFS info (device loop0): enabling ssd optimizations
[  192.392118][ T7155] EXT4-fs: Ignoring removed nobh option
[  192.401175][ T7128] BTRFS info (device loop0): auto enabling async discard
[  192.421075][ T7155] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  192.631507][ T7135] loop1: detected capacity change from 0 to 40427
[  192.806497][ T7155] loop2: detected capacity change from 0 to 128
[  192.850442][ T7135] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  192.893009][ T7135] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  192.927033][ T5757] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  192.966510][ T7135] F2FS-fs (loop1): invalid crc value
[  193.014338][ T7135] F2FS-fs (loop1): Found nat_bits in checkpoint
[  193.148942][ T5855] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 9 /dev/loop0 scanned by udevd (5855)
[  193.366982][ T7171] netlink: 'syz.3.248': attribute type 9 has an invalid length.
[  193.374808][ T7171] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.248'.
[  193.390319][ T7171] macvlan6: entered promiscuous mode
[  193.430762][ T7135] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  193.472099][ T7135] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  193.894817][ T5845] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  194.133327][ T7183] loop3: detected capacity change from 0 to 512
[  194.144949][ T5845] usb 2-1: Using ep0 maxpacket: 32
[  194.176463][ T5845] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  194.198822][ T5845] usb 2-1: config 0 has no interface number 0
[  194.216207][ T5845] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  194.234821][ T7183] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.250: inode has both inline data and extents flags
[  194.267576][ T5845] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.290262][ T5845] usb 2-1: Product: syz
[  194.296313][ T5845] usb 2-1: Manufacturer: syz
[  194.319767][ T7183] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.250: couldn't read orphan inode 15 (err -117)
[  194.335985][ T5845] usb 2-1: SerialNumber: syz
[  194.395278][ T5845] usb 2-1: config 0 descriptor??
[  194.408985][ T7183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.428322][ T5845] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  194.440804][ T5845] usb 2-1: selecting invalid altsetting 1
[  194.461690][ T5845] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  194.464836][ T7187] loop0: detected capacity change from 0 to 8192
[  194.519675][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.526350][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.557103][ T5845] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  194.583653][ T7187] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  194.618961][ T7187] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  194.663481][ T5845] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  194.715482][ T7187] REISERFS (device loop0): using journaled data mode
[  194.737650][ T5845] usb 2-1: media controller created
[  194.755773][ T7187] reiserfs: using flush barriers
[  194.806010][ T5818] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  194.833443][ T5845] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  194.851737][ T7187] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  194.890855][ T7187] REISERFS (device loop0): checking transaction log (loop0)
[  194.926235][ T5845] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  194.933828][ T7187] REISERFS (device loop0): Using r5 hash to sort names
[  194.947580][ T7187] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  194.962931][ T5845] zl10353_read_register: readreg error (reg=127, ret==-71)
[  194.976773][ T5845] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  194.985284][ T7187] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  195.048760][ T5818] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  195.084854][ T5818] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 3
[  195.093808][ T5818] usb 4-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  195.127427][ T7187] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  195.144537][ T7187] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  195.175837][ T5845] usb 2-1: USB disconnect, device number 4
[  195.191431][ T5818] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.217391][ T5818] usb 4-1: config 0 descriptor??
[  196.300299][ T7183] overlayfs: failed to resolve './file1': -2
[  196.340127][ T5818] Bluetooth: Can't get state to change to load configuration err
[  196.354662][ T5818] Bluetooth: Loading sysconfig file failed
[  196.360549][ T5818] ath3k: probe of 4-1:0.0 failed with error -16
[  196.383043][ T5818] usb 4-1: USB disconnect, device number 3
[  197.760410][ T5764] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.281781][ T7202] loop0: detected capacity change from 0 to 32768
[  198.502077][ T5855] I/O error, dev loop0, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  199.296798][ T7204] loop3: detected capacity change from 0 to 32768
[  199.428555][ T7214] ialloc: diAlloc returned -28!
[  199.434809][   T28] audit: type=1800 audit(1765571045.039:6): pid=7217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.256" name="bus" dev="loop3" ino=8 res=0 errno=0
[  200.023814][ T7210] loop1: detected capacity change from 0 to 40427
[  200.076782][ T7210] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  200.115584][ T7210] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  200.191843][ T7223] netlink: 'syz.3.259': attribute type 9 has an invalid length.
[  200.199604][ T7223] netlink: 126588 bytes leftover after parsing attributes in process `syz.3.259'.
[  200.210007][ T7210] F2FS-fs (loop1): Found nat_bits in checkpoint
[  200.223309][ T7223] macvlan7: entered promiscuous mode
[  200.485972][ T7210] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  200.493092][ T7210] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  201.597711][ T7247] loop2: detected capacity change from 0 to 164
[  201.782704][ T7249] netlink: 12 bytes leftover after parsing attributes in process `syz.3.264'.
[  201.819802][ T7249] netlink: 16 bytes leftover after parsing attributes in process `syz.3.264'.
[  202.036620][ T7251] loop2: detected capacity change from 0 to 4096
[  202.207809][ T7251] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  202.330542][ T7251] ntfs3: loop2: Failed to load $Extend (-22).
[  202.347593][ T7251] ntfs3: loop2: Failed to initialize $Extend.
[  203.377707][ T7264] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  203.502071][ T7268] loop3: detected capacity change from 0 to 2048
[  203.575160][ T7271] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  206.763136][ T7281] netlink: 'syz.0.270': attribute type 9 has an invalid length.
[  206.770842][ T7281] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.270'.
[  206.832083][ T7281] macvlan9: entered promiscuous mode
[  206.925890][ T7283] loop2: detected capacity change from 0 to 8192
[  206.978035][ T7283] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  207.025860][ T7283] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  207.089798][ T7283] REISERFS (device loop2): using journaled data mode
[  207.134381][ T7283] reiserfs: using flush barriers
[  207.218881][ T7283] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  207.277708][ T7283] REISERFS (device loop2): checking transaction log (loop2)
[  207.287723][ T7283] REISERFS (device loop2): Using r5 hash to sort names
[  207.295514][ T7283] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  207.312037][ T7283] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  207.510535][ T7283] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  207.525957][ T7283] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  207.540532][ T5845] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  207.595470][   T28] audit: type=1800 audit(1765571053.219:7): pid=7283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.272" name="bus" dev="loop2" ino=7 res=0 errno=0
[  207.757335][ T5845] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  207.789523][ T5845] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  207.807002][ T5845] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  207.823422][ T5845] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  207.835099][ T5845] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  207.843925][ T5845] usb 2-1: SerialNumber: syz
[  207.964919][ T7271] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  208.017301][ T7271] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  208.066595][ T7271] Remounting filesystem read-only
[  208.073215][ T6178] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  208.094962][ T6178] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  208.114665][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.132027][ T7294] loop0: detected capacity change from 0 to 1024
[  208.140477][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.160361][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.181282][ T6178] NILFS (loop3): discard dirty page: offset=0, ino=3
[  208.199823][ T6178] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  208.221111][ T6178] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  208.242065][ T6178] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  208.248978][ T5845] usb 2-1: USB disconnect, device number 5
[  208.263743][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.304855][ T6178] NILFS (loop3): discard dirty page: offset=65536, ino=3
[  208.334853][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.374294][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.388031][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.404812][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.414095][ T6178] NILFS (loop3): discard dirty page: offset=98304, ino=3
[  208.427432][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.445981][ T7297] netlink: 64 bytes leftover after parsing attributes in process `syz.2.275'.
[  208.446285][ T7296] loop2: detected capacity change from 0 to 256
[  208.521339][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  208.531884][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.555885][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.631828][ T6178] NILFS (loop3): discard dirty page: offset=102400, ino=3
[  208.861666][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.873744][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.882092][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.901807][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.935179][ T6178] NILFS (loop3): discard dirty page: offset=106496, ino=3
[  208.945459][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.952809][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  208.979841][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.053224][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.279'.
[  209.069840][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.104726][ T6178] NILFS (loop3): discard dirty page: offset=110592, ino=3
[  209.152683][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.196542][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.203811][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.231736][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.262205][ T6178] NILFS (loop3): discard dirty page: offset=114688, ino=3
[  209.377652][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.401733][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.414811][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.422063][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.436977][ T6178] NILFS (loop3): discard dirty page: offset=118784, ino=3
[  209.444137][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.452529][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.460284][ T7313] netlink: 8 bytes leftover after parsing attributes in process `syz.2.281'.
[  209.463876][ T7312] netlink: 'syz.0.282': attribute type 9 has an invalid length.
[  209.477009][ T7312] netlink: 126588 bytes leftover after parsing attributes in process `syz.0.282'.
[  209.482598][ T7313] ~ÿ: entered promiscuous mode
[  209.496865][ T7312] macvlan10: entered promiscuous mode
[  209.508021][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.518382][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.527818][ T6178] NILFS (loop3): discard dirty page: offset=122880, ino=3
[  209.538388][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.557256][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.611872][ T6178] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  209.640433][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.689245][ T6178] NILFS (loop3): discard dirty page: offset=196608, ino=3
[  209.696960][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.708519][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.721071][ T6178] NILFS (loop3): discard dirty block: blocknr=49, size=1024
[  209.733007][ T6178] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.746043][ T5764] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  209.791972][ T5764] NILFS (loop3): discard dirty page: offset=0, ino=6
[  209.799100][ T5764] NILFS (loop3): discard dirty block: blocknr=35, size=1024
[  209.806522][ T5764] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  209.813905][ T5764] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  209.821537][ T5764] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  209.831366][ T5764] NILFS (loop3): discard dirty page: offset=0, ino=5
[  209.842037][ T5764] NILFS (loop3): discard dirty block: blocknr=41, size=1024
[  209.850529][ T5764] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.862849][ T5764] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.883129][ T5764] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.883773][ T7307] loop1: detected capacity change from 0 to 32768
[  209.895255][ T5764] NILFS (loop3): discard dirty page: offset=0, ino=4
[  209.910948][ T7307] (syz.1.280,7307,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  209.921778][ T5764] NILFS (loop3): discard dirty block: blocknr=40, size=1024
[  209.927603][ T7307] (syz.1.280,7307,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  209.947733][ T5764] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.958631][ T5764] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  209.971543][ T5764] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  210.006525][ T7307] JBD2: Ignoring recovery information on journal
[  210.219753][ T7307] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  210.246746][ T7319] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.510753][ T7326] ksmbd: Unknown IPC event: 0, ignore.
[  210.683221][ T7327] loop3: detected capacity change from 0 to 8192
[  210.712157][ T7327] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  210.725407][ T7327] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  210.735551][ T7327] REISERFS (device loop3): using ordered data mode
[  210.742153][ T7327] reiserfs: using flush barriers
[  210.764071][ T7327] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  210.784054][ T7327] REISERFS (device loop3): checking transaction log (loop3)
[  210.849422][ T7327] REISERFS (device loop3): Using r5 hash to sort names
[  210.860396][ T7327] ==================================================================
[  210.868496][ T7327] BUG: KASAN: out-of-bounds in leaf_paste_entries+0x7a9/0x1110
[  210.876084][ T7327] Read of size 18446744073709551584 at addr ffff88805c202fa4 by task syz.3.285/7327
[  210.885461][ T7327] 
[  210.887806][ T7327] CPU: 0 PID: 7327 Comm: syz.3.285 Not tainted syzkaller #0
[  210.895096][ T7327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  210.905178][ T7327] Call Trace:
[  210.908466][ T7327]  <TASK>
[  210.911413][ T7327]  dump_stack_lvl+0x16c/0x230
[  210.916127][ T7327]  ? __lock_acquire+0x7c80/0x7c80
[  210.921180][ T7327]  ? show_regs_print_info+0x20/0x20
[  210.926409][ T7327]  ? load_image+0x3b0/0x3b0
[  210.930922][ T7327]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  210.936308][ T7327]  ? __virt_addr_valid+0x18c/0x540
[  210.941433][ T7327]  ? __virt_addr_valid+0x469/0x540
[  210.946559][ T7327]  print_report+0xac/0x220
[  210.950997][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  210.956310][ T7327]  kasan_report+0x117/0x150
[  210.960831][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  210.966134][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  210.971436][ T7327]  kasan_check_range+0x288/0x290
[  210.976384][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  210.981680][ T7327]  __asan_memmove+0x29/0x70
[  210.986193][ T7327]  leaf_paste_entries+0x7a9/0x1110
[  210.991319][ T7327]  balance_leaf+0xac49/0x10da0
[  210.996090][ T7327]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.002170][ T7327]  ? unwind_get_return_address+0x91/0xc0
[  211.007819][ T7327]  ? stack_trace_save+0xe0/0xe0
[  211.012680][ T7327]  ? arch_stack_walk+0x160/0x190
[  211.017633][ T7327]  ? do_balance+0x940/0x940
[  211.022142][ T7327]  ? stack_trace_save+0x9c/0xe0
[  211.027008][ T7327]  ? __stack_depot_save+0x1f/0x630
[  211.032135][ T7327]  ? kasan_set_track+0x5f/0x70
[  211.036909][ T7327]  ? kasan_set_track+0x4e/0x70
[  211.041677][ T7327]  ? __kasan_kmalloc+0x8f/0xa0
[  211.046459][ T7327]  ? __kmalloc+0xb4/0x240
[  211.050801][ T7327]  ? fix_nodes+0x6034/0x82e0
[  211.055397][ T7327]  ? reiserfs_paste_into_item+0x5ce/0x7f0
[  211.061129][ T7327]  ? reiserfs_add_entry+0x978/0xd90
[  211.066335][ T7327]  ? reiserfs_mkdir+0x693/0x970
[  211.071194][ T7327]  ? reiserfs_xattr_init+0x33c/0x6a0
[  211.076485][ T7327]  ? reiserfs_fill_super+0x1f85/0x2340
[  211.081959][ T7327]  ? mount_bdev+0x22b/0x2d0
[  211.086471][ T7327]  ? legacy_get_tree+0xea/0x180
[  211.091331][ T7327]  ? vfs_get_tree+0x8c/0x280
[  211.095930][ T7327]  ? do_new_mount+0x24b/0xa40
[  211.100613][ T7327]  ? __se_sys_mount+0x2da/0x3c0
[  211.105559][ T7327]  ? do_syscall_64+0x55/0xb0
[  211.110164][ T7327]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.116252][ T7327]  ? __wake_up+0x190/0x190
[  211.120691][ T7327]  ? get_parents+0x400/0xd20
[  211.125549][ T7327]  ? get_neighbors+0x9ba/0x1030
[  211.130423][ T7327]  ? fix_nodes+0x7b4c/0x82e0
[  211.135046][ T7327]  do_balance+0x2fe/0x940
[  211.139389][ T7327]  ? get_right_neighbor_position+0x210/0x210
[  211.145380][ T7327]  ? reiserfs_paste_into_item+0x38e/0x7f0
[  211.151462][ T7327]  reiserfs_paste_into_item+0x6a1/0x7f0
[  211.157029][ T7327]  ? reiserfs_cut_from_item+0x1f10/0x1f10
[  211.162884][ T7327]  ? reiserfs_get_parent+0x280/0x280
[  211.168184][ T7327]  ? _find_first_zero_bit+0x65/0x100
[  211.173481][ T7327]  reiserfs_add_entry+0x978/0xd90
[  211.178521][ T7327]  ? drop_new_inode+0x60/0x60
[  211.183221][ T7327]  ? journal_begin+0x1f5/0x360
[  211.187994][ T7327]  ? reiserfs_update_inode_transaction+0x20/0x130
[  211.194426][ T7327]  reiserfs_mkdir+0x693/0x970
[  211.199111][ T7327]  ? reiserfs_symlink+0x7b0/0x7b0
[  211.204141][ T7327]  ? lockdep_hardirqs_on+0x98/0x150
[  211.209355][ T7327]  reiserfs_xattr_init+0x33c/0x6a0
[  211.214482][ T7327]  reiserfs_fill_super+0x1f85/0x2340
[  211.219784][ T7327]  ? reiserfs_kill_sb+0x140/0x140
[  211.224826][ T7327]  ? down_write+0x162/0x1f0
[  211.229333][ T7327]  ? down_read_killable+0x340/0x340
[  211.234622][ T7327]  ? setup_bdev_super+0x56b/0x660
[  211.239648][ T7327]  mount_bdev+0x22b/0x2d0
[  211.243982][ T7327]  ? reiserfs_kill_sb+0x140/0x140
[  211.249019][ T7327]  ? get_tree_bdev+0x510/0x510
[  211.253784][ T7327]  ? vfs_parse_fs_param+0x420/0x420
[  211.258994][ T7327]  legacy_get_tree+0xea/0x180
[  211.263695][ T7327]  ? remove_save_link+0x3c0/0x3c0
[  211.268725][ T7327]  vfs_get_tree+0x8c/0x280
[  211.273143][ T7327]  do_new_mount+0x24b/0xa40
[  211.277656][ T7327]  __se_sys_mount+0x2da/0x3c0
[  211.282362][ T7327]  ? __x64_sys_mount+0xc0/0xc0
[  211.287133][ T7327]  ? lockdep_hardirqs_on+0x98/0x150
[  211.292338][ T7327]  ? __x64_sys_mount+0x20/0xc0
[  211.297105][ T7327]  do_syscall_64+0x55/0xb0
[  211.301526][ T7327]  ? clear_bhb_loop+0x40/0x90
[  211.306217][ T7327]  ? clear_bhb_loop+0x40/0x90
[  211.310905][ T7327]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.316806][ T7327] RIP: 0033:0x7f8749d90eea
[  211.321253][ T7327] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.340880][ T7327] RSP: 002b:00007f874ab75e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  211.349327][ T7327] RAX: ffffffffffffffda RBX: 00007f874ab75ef0 RCX: 00007f8749d90eea
[  211.357305][ T7327] RDX: 0000200000000000 RSI: 00002000000000c0 RDI: 00007f874ab75eb0
[  211.365286][ T7327] RBP: 0000200000000000 R08: 00007f874ab75ef0 R09: 0000000000008488
[  211.373261][ T7327] R10: 0000000000008488 R11: 0000000000000246 R12: 00002000000000c0
[  211.381240][ T7327] R13: 00007f874ab75eb0 R14: 0000000000001104 R15: 0000200000000080
[  211.389234][ T7327]  </TASK>
[  211.392254][ T7327] 
[  211.394579][ T7327] The buggy address belongs to the physical page:
[  211.400997][ T7327] page:ffffea0001708080 refcount:3 mapcount:0 mapping:ffff888148c393f8 index:0x213 pfn:0x5c202
[  211.411343][ T7327] memcg:ffff88802380c000
[  211.415598][ T7327] aops:def_blk_aops ino:700003
[  211.420371][ T7327] flags: 0xfff18000008204(referenced|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  211.430107][ T7327] page_type: 0xffffffff()
[  211.434468][ T7327] raw: 00fff18000008204 0000000000000000 dead000000000122 ffff888148c393f8
[  211.443059][ T7327] raw: 0000000000000213 ffff88804b4503a0 00000003ffffffff ffff88802380c000
[  211.451650][ T7327] page dumped because: kasan: bad access detected
[  211.458075][ T7327] page_owner tracks the page as allocated
[  211.463792][ T7327] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 7327, tgid 7324 (syz.3.285), ts 210838497781, free_ts 210831628528
[  211.484043][ T7327]  post_alloc_hook+0x1cd/0x210
[  211.488826][ T7327]  get_page_from_freelist+0x195c/0x19f0
[  211.494451][ T7327]  __alloc_pages+0x1e3/0x460
[  211.499054][ T7327]  folio_alloc+0x1e/0x30
[  211.503313][ T7327]  filemap_alloc_folio+0xdf/0x470
[  211.508390][ T7327]  __filemap_get_folio+0x3ee/0xbc0
[  211.513525][ T7327]  __getblk_gfp+0x223/0x660
[  211.518053][ T7327]  search_by_key+0x41d/0x4630
[  211.522741][ T7327]  reiserfs_read_locked_inode+0x158/0x2640
[  211.528562][ T7327]  reiserfs_fill_super+0x11f0/0x2340
[  211.533862][ T7327]  mount_bdev+0x22b/0x2d0
[  211.538200][ T7327]  legacy_get_tree+0xea/0x180
[  211.543013][ T7327]  vfs_get_tree+0x8c/0x280
[  211.547442][ T7327]  do_new_mount+0x24b/0xa40
[  211.551954][ T7327]  __se_sys_mount+0x2da/0x3c0
[  211.556631][ T7327]  do_syscall_64+0x55/0xb0
[  211.561050][ T7327] page last free stack trace:
[  211.565718][ T7327]  free_unref_page_prepare+0x7ce/0x8e0
[  211.571190][ T7327]  free_unref_page_list+0xbe/0x860
[  211.576316][ T7327]  release_pages+0x1fa0/0x2220
[  211.581086][ T7327]  __folio_batch_release+0x71/0xe0
[  211.586202][ T7327]  shmem_undo_range+0x5d0/0x1a40
[  211.591144][ T7327]  shmem_evict_inode+0x273/0xa70
[  211.596173][ T7327]  evict+0x486/0x870
[  211.600077][ T7327]  __dentry_kill+0x431/0x650
[  211.604693][ T7327]  dentry_kill+0xb8/0x290
[  211.609132][ T7327]  dput+0xfe/0x1e0
[  211.612869][ T7327]  __fput+0x5e5/0x970
[  211.616876][ T7327]  __se_sys_close+0x15f/0x220
[  211.621587][ T7327]  do_syscall_64+0x55/0xb0
[  211.626026][ T7327]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.631941][ T7327] 
[  211.634272][ T7327] Memory state around the buggy address:
[  211.639904][ T7327]  ffff88805c202e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.647969][ T7327]  ffff88805c202f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.656039][ T7327] >ffff88805c202f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.664188][ T7327]                                ^
[  211.669303][ T7327]  ffff88805c203000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.677369][ T7327]  ffff88805c203080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  211.685437][ T7327] ==================================================================
[  211.694871][ T7327] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  211.702078][ T7327] CPU: 0 PID: 7327 Comm: syz.3.285 Not tainted syzkaller #0
[  211.709368][ T7327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  211.719435][ T7327] Call Trace:
[  211.722719][ T7327]  <TASK>
[  211.725694][ T7327]  dump_stack_lvl+0x16c/0x230
[  211.730390][ T7327]  ? show_regs_print_info+0x20/0x20
[  211.735606][ T7327]  ? load_image+0x3b0/0x3b0
[  211.740215][ T7327]  panic+0x2c0/0x710
[  211.744206][ T7327]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  211.750372][ T7327]  ? bpf_jit_dump+0xd0/0xd0
[  211.754888][ T7327]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  211.760874][ T7327]  ? _raw_spin_unlock+0x40/0x40
[  211.765732][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  211.771028][ T7327]  check_panic_on_warn+0x84/0xa0
[  211.775974][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  211.781266][ T7327]  end_report+0x6f/0x140
[  211.785533][ T7327]  kasan_report+0x128/0x150
[  211.790219][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  211.795521][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  211.800815][ T7327]  kasan_check_range+0x288/0x290
[  211.805760][ T7327]  ? leaf_paste_entries+0x7a9/0x1110
[  211.811059][ T7327]  __asan_memmove+0x29/0x70
[  211.815588][ T7327]  leaf_paste_entries+0x7a9/0x1110
[  211.821154][ T7327]  balance_leaf+0xac49/0x10da0
[  211.825929][ T7327]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.832008][ T7327]  ? unwind_get_return_address+0x91/0xc0
[  211.837663][ T7327]  ? stack_trace_save+0xe0/0xe0
[  211.842530][ T7327]  ? arch_stack_walk+0x160/0x190
[  211.847492][ T7327]  ? do_balance+0x940/0x940
[  211.852022][ T7327]  ? stack_trace_save+0x9c/0xe0
[  211.856898][ T7327]  ? __stack_depot_save+0x1f/0x630
[  211.862039][ T7327]  ? kasan_set_track+0x5f/0x70
[  211.866826][ T7327]  ? kasan_set_track+0x4e/0x70
[  211.871598][ T7327]  ? __kasan_kmalloc+0x8f/0xa0
[  211.876372][ T7327]  ? __kmalloc+0xb4/0x240
[  211.880726][ T7327]  ? fix_nodes+0x6034/0x82e0
[  211.885338][ T7327]  ? reiserfs_paste_into_item+0x5ce/0x7f0
[  211.891080][ T7327]  ? reiserfs_add_entry+0x978/0xd90
[  211.896286][ T7327]  ? reiserfs_mkdir+0x693/0x970
[  211.901751][ T7327]  ? reiserfs_xattr_init+0x33c/0x6a0
[  211.907045][ T7327]  ? reiserfs_fill_super+0x1f85/0x2340
[  211.912521][ T7327]  ? mount_bdev+0x22b/0x2d0
[  211.917044][ T7327]  ? legacy_get_tree+0xea/0x180
[  211.921919][ T7327]  ? vfs_get_tree+0x8c/0x280
[  211.926528][ T7327]  ? do_new_mount+0x24b/0xa40
[  211.931229][ T7327]  ? __se_sys_mount+0x2da/0x3c0
[  211.936092][ T7327]  ? do_syscall_64+0x55/0xb0
[  211.940701][ T7327]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  211.946805][ T7327]  ? __wake_up+0x190/0x190
[  211.951234][ T7327]  ? get_parents+0x400/0xd20
[  211.955841][ T7327]  ? get_neighbors+0x9ba/0x1030
[  211.960713][ T7327]  ? fix_nodes+0x7b4c/0x82e0
[  211.965369][ T7327]  do_balance+0x2fe/0x940
[  211.969710][ T7327]  ? get_right_neighbor_position+0x210/0x210
[  211.975701][ T7327]  ? reiserfs_paste_into_item+0x38e/0x7f0
[  211.981435][ T7327]  reiserfs_paste_into_item+0x6a1/0x7f0
[  211.987004][ T7327]  ? reiserfs_cut_from_item+0x1f10/0x1f10
[  211.992769][ T7327]  ? reiserfs_get_parent+0x280/0x280
[  211.998063][ T7327]  ? _find_first_zero_bit+0x65/0x100
[  212.003365][ T7327]  reiserfs_add_entry+0x978/0xd90
[  212.008409][ T7327]  ? drop_new_inode+0x60/0x60
[  212.013110][ T7327]  ? journal_begin+0x1f5/0x360
[  212.017886][ T7327]  ? reiserfs_update_inode_transaction+0x20/0x130
[  212.024316][ T7327]  reiserfs_mkdir+0x693/0x970
[  212.029074][ T7327]  ? reiserfs_symlink+0x7b0/0x7b0
[  212.034106][ T7327]  ? lockdep_hardirqs_on+0x98/0x150
[  212.039322][ T7327]  reiserfs_xattr_init+0x33c/0x6a0
[  212.044452][ T7327]  reiserfs_fill_super+0x1f85/0x2340
[  212.049765][ T7327]  ? reiserfs_kill_sb+0x140/0x140
[  212.054808][ T7327]  ? down_write+0x162/0x1f0
[  212.059320][ T7327]  ? down_read_killable+0x340/0x340
[  212.064523][ T7327]  ? setup_bdev_super+0x56b/0x660
[  212.069556][ T7327]  mount_bdev+0x22b/0x2d0
[  212.073899][ T7327]  ? reiserfs_kill_sb+0x140/0x140
[  212.078936][ T7327]  ? get_tree_bdev+0x510/0x510
[  212.083705][ T7327]  ? vfs_parse_fs_param+0x420/0x420
[  212.088920][ T7327]  legacy_get_tree+0xea/0x180
[  212.093610][ T7327]  ? remove_save_link+0x3c0/0x3c0
[  212.098645][ T7327]  vfs_get_tree+0x8c/0x280
[  212.103073][ T7327]  do_new_mount+0x24b/0xa40
[  212.107588][ T7327]  __se_sys_mount+0x2da/0x3c0
[  212.112278][ T7327]  ? __x64_sys_mount+0xc0/0xc0
[  212.117049][ T7327]  ? lockdep_hardirqs_on+0x98/0x150
[  212.122257][ T7327]  ? __x64_sys_mount+0x20/0xc0
[  212.127032][ T7327]  do_syscall_64+0x55/0xb0
[  212.131454][ T7327]  ? clear_bhb_loop+0x40/0x90
[  212.136146][ T7327]  ? clear_bhb_loop+0x40/0x90
[  212.140833][ T7327]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  212.146742][ T7327] RIP: 0033:0x7f8749d90eea
[  212.151165][ T7327] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.170790][ T7327] RSP: 002b:00007f874ab75e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  212.179232][ T7327] RAX: ffffffffffffffda RBX: 00007f874ab75ef0 RCX: 00007f8749d90eea
[  212.187403][ T7327] RDX: 0000200000000000 RSI: 00002000000000c0 RDI: 00007f874ab75eb0
[  212.195397][ T7327] RBP: 0000200000000000 R08: 00007f874ab75ef0 R09: 0000000000008488
[  212.203382][ T7327] R10: 0000000000008488 R11: 0000000000000246 R12: 00002000000000c0
[  212.211365][ T7327] R13: 00007f874ab75eb0 R14: 0000000000001104 R15: 0000200000000080
[  212.219356][ T7327]  </TASK>
[  212.222714][ T7327] Kernel Offset: disabled
[  212.227032][ T7327] Rebooting in 86400 seconds..