last executing test programs:

5m10.36653121s ago: executing program 3 (id=296):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000500)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x10000}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xa0}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000001140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5m7.673993918s ago: executing program 3 (id=298):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x61, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x40, &(0x7f0000000100)={[{@errors_remount}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@dioread_nolock}]}, 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r3, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r3, 0xc020662a, &(0x7f0000000200)={0x8000, 0x6930, 0x5, 0x1001})

5m5.262191111s ago: executing program 3 (id=310):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1010, 0x89, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r3, 0x851, 0x400000000000000)

4m59.57301172s ago: executing program 3 (id=321):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
creat(&(0x7f0000000100)='./bus\x00', 0x44)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x201000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r2, &(0x7f0000004200)='t', 0x1)
sendfile(r2, r1, 0x0, 0x3ffff)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r3, 0x0, 0x0)

4m58.477123156s ago: executing program 3 (id=325):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000005c0)=[{{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, 0x0}}], 0x1, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0xb, 0x0, &(0x7f0000000640))
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x39}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty, 0x200}}, 0x0, 0x0, 0x0, 0x0, 0xb3550aa4ba878396}, 0x9c)

4m52.874316164s ago: executing program 3 (id=336):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000000180), 0x4000190, 0x0)

4m50.608155605s ago: executing program 32 (id=336):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
syz_open_dev$rtc(&(0x7f0000000140), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x0, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000000180), 0x4000190, 0x0)

4m22.94369816s ago: executing program 5 (id=420):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='attr\x00')
getdents64(r1, &(0x7f0000000080)=""/95, 0x5f)
getdents(r1, 0xfffffffffffffffd, 0x3b)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x3, 0x8, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_connect(0x5, 0xe4, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000017ffd340b1134200bbdf000000010902d200010000400009046a00067af4190009050f102000050801060c8b631b7507250102020700090501", @ANYBLOB], 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x200008, 0x804, 0x4, 0xf, 0x120000, 0x9, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x8, 0x101, 0x1], 0xffff1000, 0x141200})
r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000100)={'dummy0\x00'})

4m20.631893442s ago: executing program 5 (id=427):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x8)
syz_mount_image$jfs(&(0x7f00000000c0), &(0x7f00000002c0)='./file1\x00', 0x1cc0a, &(0x7f0000000680)=ANY=[], 0x51, 0x5ff1, &(0x7f000000f080)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4Alm1UkCIVq+hy7ptzjHseeru45v580rvr6dE1/5f/UdPdUVVcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPG97/74ZC8iLv463XAw4jMxiOhHrNb1kahnzuf7DyPiUGwNx3MRMViOqJff+ueZiDMR8dGBiDt3b6zXN5/aZR9nT1y/+sn3v/OP3/3p1qGfvvmTD9rjP/rs6Q9/fzPi4A9f+/CTm09m3QEAAKAUVVVVvfQ2/3B6f9/vuikAYCby83+V5NvVarVa/UTrP/bnq5/d1ysxX/2oH6tuqia72SwiYrO5TP2awe54AFgwm/Fx1y3QIfkXbRgRT3XdBDDXel03wJ64c/fGei/l22s+HxwZj+e/U27Lf7N37/yOnabTtI8xmdXP160YxLM79LM6ox7mSc6/387/4nh8lO631/nPyk75j8anPhUn5z9o59+yLf8/R8TC5t+fmH+pcv7DR8l/c7DA27/8AQAAAADY//Lf/w92vP93+fFXZVcetv/3yIx6AAAAAAAAAIAn7XGv/3eP6/8BAADA3Krfq9f+cuD+bc1j/dvzF3oRT7fuDxQmnSyz1nUfAAAAAAAAAAAAAFCS4fgY3gu9iKWIeHptraqq+qupXT+qx11+0ZW+/lCyrn/JAwDA2EcHWufy9yJWIuJC+qy/pbW1tapaWV2r1qrV5fx6drS8Uq023tfmaX3b8mgXL4iHo6r+ZiuN5ZqmvV+eNt7+fvVjjarBLhqbjQ4DB4CIGD8b3fGMtM9U1TPR9ascFoPtf/+x/bMbXf+cAgAAAHuvqqqqlz7O+3Da59/vuikAYBZW8vN/e7+AWq1Wq9Xq/Vc3VZPdbBYRsdlcpn7N4HL8ALBgNuPjrlugQ/Iv2jAiDnXdBDDXel03wJ64c/fGei/l22s+H6Tru+djQbblv9nbWi4vP2k6TfsYk1n9fN2KQTy7Qz/PzaiHeZLz77fzvzgeH6X77XX+s7JT/vV6Huygn67l/Aft/Fv2T/79ifmXKuc/fKT8B/IHAAAAAIA5lv/+f9D+37zKAAAAAAAAALBw7ty9sZ7Pe837/z8/4X695pzzP/eNnH9v1/k7/3c/yfn32/m3DsgZNOZvv3E//3/fvbH+wfV/fS5P5z7/pcGofuylXn8wTMf8VEtvxeW4Ehtx4oH7D7eNn3xgfGnb+Kkp46cfGB/V46t5/Fisxy/iSrx5b3x5yoFRK1PGqynjOf+B7b9IOf9h46vOfy2N91rT2u33+w9s983ppMc5/7f/vvjg1jV7t2Jwb92a6vU72kE/W/8nT43iV9c2rh77zaXr16+ejDTZduupSJMnLOe/lL5y/i+9MB7Pv/eb2+vt90ePnP+8uBXDHfN/oTFfr+/LM+6tCzn/UfrK+ednoMnb/yLnv/P2/0oH/QAAAAAAAAAAAAAAAMDDVFW1dYro+Yg4l87/6ercTABgpv7wgzRTJaEe172Yr37UarVarX4CdVM12evNIla2L3MuIn476ZsBAPPsfxHxz66boDPyL1j+vL96+oWumwFm6tq77/3s0pUrG1evdd0JAAAAAAAAAPBp5et/Hmlc/3nrOKDWdaO3Xf/1jTiysNf/7I8GW9c6Tyv0fDz8+t9H4+HX/x5OebylKeOjKePLU8ZXpoxPPNGjIef/fMo45384rVhJ1399qYN+upbzP5qu9Zzz/1Lrfs38q78ucv79bfkfv/7OL49fe/e9Vy+/c+ntjbc3fn7yxLkzp8+eOX327PG3Ll/ZODH+t8OO91bOP1/72nGgZcn558zlX5ac/xdTLf+y5PxfTLX8y5Lzz6/35F+WnH9+7yP/suT8X061/MuS8/9yquVflpz/K6mWf1ly/l9JtfzLkvN/NdXyL0vO/1iq5V+WnP/xVMu/LDn/vIdL/mXJ+ecjG+Rflpz/qVTLvyw5/9Opln9Zcv5nUi3/suT8z6Za/mXJ+Z9LtfzLkvP/aqrlX5ac/9dSLf+y5PxfS7X8y5Lz/3qq5V+WnP83Ui3/suT8v5lq+Zcl5/+tVMu/LDn/b6da/mXJ+b+eavmX5f7n/5uZ8cx//h4xB22YMTNppuvfTAAAAAAAAAAAAABA2ywOJ+56HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1djFxnfT/ws69eO4H4T0IIwZC14wRDNt5dvyUmGMzrPw0tTQOhpYU6xl6/gN/qXUOCULM0tAWB1KjtBb0oBUQRUlslQkilUooiFam9a65AuUGtFKmWmlQmgkq0JFudOc/z7Mzs7Myu7c2eOefzieKfd+fMzDNnzszOd63vDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzba+Z+aPB7Isy/9v/LE5y67N/74xO5h/Ob9vvVcIAAAAXKmXGn/+7XXpGwdXcKambf75Tf/6vYWFhYXsEy9efPnPFhbSCeNZNrQhyxqnRf/yi58vNG8TPJaNDQw2fT3Y4+qHepw+3OP0kR6nj/Y4fUOP08d6nL5kByyxsfh9TOPCtjf+urnYpdkN2UjjtO0dzvXYwIbBwfi7nIaBxnkWRo5lJ7NT2Uw2teQ8A43/suyprfl13ZvF6xpsuq4tWZZd+unnjsQ1DIR9vD1rubKG5vvuhXdl4y/+9HNHvj33/Os7zZ67YclKs2zHtnydX8iyxV9XZQPZhrRP4joHm9a5pcM6h1rWOdA4X/739nVeWuE64+0eC+t8pss6t4TvPXxrlmXz2bLbtHssG8w2tV1r2t9jxRGRX0Z+V74mG17VcbJ1BcdJfp7nbm09TtqPybj/t4Z9MrzMGprvjhc+P7pkv1/ucZLf6jIcq/ll359f6dhY869WW47VfJvP3bb8MdDxvutwDKRjuekY2NbrGBgcHWocA4OLa97WcgxMLznPYDbQuK6Lt3U/BibnTp+bnH3ks3eePH34+MzxmTPTU/v27N67Z/fevZPHTp6amSr+XN0u7SObssF0DG4LzzXxGHxz27bNh+TCN67e42CsJI+D/LZ/+PZ8QdcOZssc4/k2X9hx5Y+D9HO/6XEw3PQ46Pic2uFxMLyCx0G+zaUdK/uZOdz0f6c1rNVz4eamY2A9fx7m1/mxtyz/XLglrOuLb13tz8OhJcdAvFkD4bGXfye93hu7O+yXpcfFzfkJ14w2XtvtfPjw3Nz56SyMV8T1TfdV+/Gyqek2ZUuOl8FVHy8H/+aXt9/c4fubw74au6P7fZVvs2ei+33VeHa/ZjS7MDtzPuzP0azYny3f3ZWFcZW90vuz00+zfH+mLNFlf+bbfOHOK38tmHJJ0/PfSK/nv6GR4eL5byjtjZGW57+ld81QY2VZdunOlT3/jYT/X+nnvxtK8vyX76uP7ex+DOTbfHFytcfAcNfnv1vDHAjreUtIDGNNuf/lxunzxWHadF/2PG6Gh0fCcTMcr7H1uNm95Dz5peXXvWPq8o6bHbe23lctr1tWftz0+vVBaY6bfF/9+VT34ybf5unpK3/u2Bj/2vTcMdrrGBgZGs3XO5IOguL5bmFjPAZ2Zkeys9mp7Gg6T34v59c1sWtlx8Bo+P+Vfu64qSTHQL6vvrqr+zGQb/PD3Vf3tdOO8J20TdNrp/bfLyyX+W8eXry89t12tTN/vs73/uiD6XudMkS+zfN7Vpszuu+nO8J3rumwn9ofP8sd00ezV2Y/3RTWeWpv999N5dvcsG+Fx9PBLMuenX628fuu8Pvd71740fdafu/b6XfKz04/e9/kAz9ezfoBALh8Lzf+nB8tXms2/Yv1Sv79HwAAAOgLMfcPhpnI/wAAAFAZMfcPhZnI/wAAAFAZMfcPh5nUJP+fuHv/Ey89mqV3A1wI4ulxN9z/jmK72PGeD1+PLyzKv//ub4088aVHV3bdg1mW/fK+N3Tc/sQ74roK5+I639b6/SVuumVF1//Qg4vbNb9/wqX9xeXH27PSwyB2lZ+a3NW43PFHphvz6fuyxnxg/ouPFZdffB23v7i72P4vw5uWHDw20HL+HWE928McD+8pc//Bxf2Qz3i+J7a86Z+u/8ji9cXzDWx7deNmfvX3i8uN7xH1+PXF9vF2L7f+f/zyd57It3/4ts7rf3Sw8/ovhst9LsxfHCi2b97nX2pa/x+G9cfri+fb+c0fdFz/k68rtn8yHBdfD7N9/e/6kze+1On+itdz8J7ifPH6p/57T+N88fLi5bevf+zR6Zb90X75T79YXM6BT/9sqHn7+P14PdFD97Qe3wPh/m3pkWdZ9p0/ylr2c/b24nz/0Lb+eHnn7um8/jva1nlu4JbG+Rdvz+aW2/W1v97V8fbG9Rz8u80tt+fx94X99+LkD/PLvfhAOB7D6f/zTHF57W9G8uT7Wp9v4vZf31w8buPlTbat//G29c/fku+73uu/98Vi/U++c0PL+g++PxxP9xaz1/qP/9V1Lef/xreL++P8ZybOnJ29cPJo015tfhxvGNu46ZprX/Xq68JzafvXh87OnZg5Pz41PpVl4334loFrvf5vhvlfxZi/+tdQ+PHPiuPuKx8ofm69+efF14+H7z8U7s/48/FrfzHScry23+/z7yzmla7/rWEdK/W6L//7LSva8OLHn7rw93/wfPvrgnh7zr12rHH7vrr1xsZpA08Xp7c/X/Xyb69tfVz/ZHiqMb8f9utCeGfmbTcW19d++fG9Sb7yoeLxG1/JxfNnbe8nsnmo9XZc6fp/El7H/OCm1ue/eHx8/9G2d3PenA3kS5gPzw/ZfHF63Cru769curHj9cX34cnmX7+aZS5r9pHZyVMnz1x4eHJuZnZucvaRzx46ffbCmblDjfcuPfTJXudffHxvajy+j87s25M1Hu1ni7HG1nv95x48cvSuqduPzhw7fOHY3IPnZs4fPzI7e2Tm6Ozth48dm/lMr/OfPHpgetf+3Xftmjh+8uiBu/fv371/4uSZs/kyikX1sG/qUxNnzh9qnGX2wJ7903v37pmaOH326MyBu6amJi70On/jZ9NEfu5PT5yfOXV47uTpmYnZk5+dOTC9f9++XT3f/fH0uWOz45PnL5yZvDA7c36yuC3jc41v5z/7ep2fepg9G57v2gyEV+cfvWNfen/c3Lc+v+xFFZu0vjzNXgjvBRV/vvX6Oub+kTCTmuR/AAAAqIOY+8Mb/y+eIP8DAABAZcTcvyHMRP4HAACAyoi5v0j+Y+nj3+uS/69W///z+v8N+v/6/5n+f6L/r/+f6f/r//eg/1+K/v8J/X/9f/1/1krZ+v8h92cbs8y//wMAAEBFxdy/KcxE/gcAAIDKiLn/mjAT+R8AAAAqI+b+a8NMapL/ff6//r/+f7f+f9xW/z/T/y9D/3/7f+r/L6H/r/+f6f9ftvXuz/f7+kvY/9+o/0/ZlK3/H3P/q8JMapL/AQAAoA5i7n91mIn8DwAAAKW2YRXbxtx/XZiJ/A8AAACVEXP/5jCTmuT/9ev/j+r/6/83lLv/7/P/m+n/r3v/3+f/d6D/r/+f1ab/X7xY0P8vz/rXvv//p13P7/P/6Qdl6//H3P//wkxqkv8BAACgDmLuf02YifwPAAAAlRFz//VhJvI/AAAAVEbM/TeEmdQk/9fz8/+fy7JM/z/T/9f/b1un/r/+/1rQ/9f/72Z9+//5a59+6v/7/P+yrb+En/+v/0/plK3/H3P/a8NMapL/AQAAoA5i7r8xzET+BwAAgMqIuf91YSbyPwAAAFRGzP03hZnUJP/Xs//v8//1/wtr0P8fGNb/T/T/9f8z/X/9/x58/r/+fz+vX/9f/5/eytb/j7n/9WEmNcn/AAAAUAcx998cZiL/AwAAQGXE3P+GMBP5HwAAACoj5v4tYSY1yf/6//r/+v8+/1//X/9/LfVX/39w2VP0/wv6/62uXv9/fnEB+v99s379f/1/eitb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+W8JM5H8AAACojJj7x8NMapL/9f/1//X/9f/1//X/11J/9f+Xp/9f0P9v5fP/9f/1//X/6a5s/f+Y+7eGmdQk/wMAAEAdxNy/LcxE/gcAAIDKiLn/1jAT+R8AAAAqI+b+7WEmNcn/+v/6//r/+v/6//r/a0n/X/+/G/1//f9+Xr/+v/4/vZWt/x9z/21hJjXJ/wAAAFAHMfffHmYi/wMAAEBlxNz/5jAT+R8AAAAqI+b+HWEmNcn/+v/6//r/fdz/H9L/z/T/S69Y/8ZsmfX/b9uPnVXT/9f/z/T/L9t69+f7ff36//r/9Fa2/n/M/W8JM6lJ/gcAAIA6iLn/rWEm8j8AAABURsz9d4SZyP8AAABQGTH3T4SZ1CT/V7z///x/LLOZ/n9B/7/P+/8+/79l/fr/5VTvz/9fPLr1/zvT/9f/7+f16//r/9Nb2fr/MfffGWZSk/wPAAAAdRBz/84wE/kfAAAAKiPm/skwE/kfAAAAKiPm/qkwk5rk/4r3/5el/1/Q/9f/z/T/9f/XWL37/z7/vxf9f/3/fl6//r/+P72Vrf8fc/90mElN8j8AAADUQcz9u8JM5H8AAACojJj7d4eZyP8AAABQGTH37wkzqUn+75P+/85UgNL/1//X/9f/1//vK/r/Fe3/508k+v/6/2fn0g7W/9f/1/9nsMP3ytb/j7l/b5hJTfI/AAAA1EHM/fvCTOR/AAAAqIyY++8KM5H/AQAAoDJi7r87zKQm+b9P+v8+/1//X/+/if6//n8/We/+//BVuh79/4LP/2+l/+/z//X/9f/prmz9/5j794eZ1CT/AwAAQB3E3P+2MBP5HwAAACoj5v57wkzkfwAAAOgrnT6HMIq5/+1hJjXJ//r/Ve//L2zQ/9f/1//vvn79/7W13v3/q0X/v6D/30r/X/9f/1//n+7K1v+Puf9AmElN8j8AAADUQcz97wgzkf8BAACgMmLuf2eYifwPAAAAlRFz/8Ewk5rkf/3/qvf/ff6//r/+f6/16/+vLf1//f9uKtn/31D9/n942aL/X6L+f34M6f9TRmXr/8fc/64wk5rkfwAAAKiDmPvfHWYi/wMAAEBlxNz/njAT+R8AAAAqI+b+94aZ1CT/6//r/+v/6//r/+v/ryX9/zXr/zeeCvX/C6Xq//v8f/1/n/+v/09Stv5/zP3vCzOpSf4HAACAOoi5//1hJvI/AAAAVEbM/f8/zET+BwAAgMqIuf/eMJOa5H/9f/1//X/9f/1//f+1pP/v8/+70f/X/+/n9ev/6//TW9n6/zH3/0qYSU3yPwAAANRBzP33hZnI/wAAAFAZMfd/IMxE/gcAAIA+M7rsKTH3/2qYSU3yf//1/8f7sv8/mC5f/1//X/9f/1///2rS/9f/z/T/L9t69+f7ff36//r/9Fa2/n/M/b8WZlKT/A8AAAB1EHP/B8NM5H8AAACojJj7fz3MRP4HAACAyoi5//4wk5rk/6vd/28/fzc+/1//P9P/1//X/9f/v0L6//r/mf7/ZVvv/ny/r1//X/+f3srW/4+5/zfCTGqS/wEAAKAOYu5/IMxE/gcAAICSOrHqc8Tc/6EwE/kfAAAAKiPm/g+HmdQk//ff5//r/+v/6//r/+v/9xP9f/3/bvT/9f/7ef36//r/9Fa2/n/M/Q+GmdQk/wMAAEAdxNz/kTAT+R8AAAAqI+b+3wwzkf8BAACgMmLu/60wk5rkf/1//X/9f/1//X/9/7Wk/7+0/58/h+n/F/T/9f/7ef36//r/9Fa2/n/M/R8NM6lJ/gcAAIA6iLn/t8NM5H8AAACojJj7fyfMRP4HAACAyoi5/2NhJjXJ//r/+v/6//r/+v/6/2tJ/9/n/3ej/6//38/r1//X/6e3svX/Y+7/eJhJTfI/AAAA1EHM/b8bZiL/AwAAQGXE3H8ozET+BwAAgMqIuf+hMJOa5H/9f/1//X/9f/1//f+1pP+v/9+N/r/+fz+vX/9f/5/eytb/j7n/cJjJwdarAQAAAPpXzP2fCDOpyb//AwAAQB3E3H8kzET+BwAAgMqIuf9omElN8r/+v/6//r/+v/6//v9a0v/X/+9G/1//v5/Xr/+v/09vZev/x9w/E2ZSk/wPAAAAdRBz/7EwE/kfAAAAKiPm/uNhJvI/AAAAVEbM/SfCTGqS//X/9f/1/2vb/3/mu23r1P/X/18L+v/6/93o/+v/9/P69f/1/+mtbP3/mPtPhpnUJP8DAABAHcTc/8kwE/kfAAAAKiPm/k+Fmcj/AAAAUBkx958KM6lJ/tf/1//X/69t/39ln/+/cfF69f/1/y+H/r/+fzf6//r//bx+/X/9f3orW/8/5v7TYSY1yf8AAABQBzH3nwkzkf8BAACgMmLuPxtmIv8DAABAZcTcfy7MpCb5X/9/df3/gWW6gfr/ndev/1+B/n8T/X/9/8uh/6//343+v/5/P69f/1//n97K1v+Puf/3wkxqkv8BAACgDmLuPx9mIv8DAABAZcTcPxtmIv8DAPwfe/edbFlZ9XH8vA3dbyM6B6bgCByCY7DKIZgjGMGsmHPCnDAr5pxzzjmjmGOVFrfXWtCXe/e+3X1On72f9fn8wZILFhvBsn6F33oAYBi5++8XtzTZ//p/7//r//X/+n/9/y7p//X/U/T/g/T/m43+X/+v/+dIS+v/c/ffP25psv8BAACgg9z9D4hb7H8AAAAYRu7+B8Yt9j8AAAAMI3f/g+KWJvtf/6//1//r//X/+v9d0v+vtP/fbPT/J6D/9/6//l//z7Sl9f+5+x8ctzTZ/wAAANBB7v6HxC32PwAAAAwjd/9D4xb7HwAAAIaRu/9hcUuT/a//1//r//X/+n/9/y7p/1fa/3v//0T0//p//b/+n2lL6/9z9z88bmmy/wEAAKCD3P2PiFvsfwAAABhG7v5Hxi32PwAAAAwjd/+1cUuT/a//1//r/1fY/1+p/9f/r4f+X/8/Rf+v/1/z9+v/9f/MW1r/n7v/urilyf4HAACADnL3Pypusf8BAABgGLn7Hx232P8AAAAwjNz9j4lbmux//b/+X/+/wv7f+//6/xXR/+v/p+j/9f9r/n79v/6feUvr/3P3PzZuabL/AQAAoIPc/Y+LW+x/AAAAGEbu/sfHLfY/AAAADCN3//VxS5P9r//X/+v/9f/6f/3/Lun/9f9T9P/6/zV/v/5f/8+8nff/977h4J60/8/df0Pc0mT/AwAAQAe5+58Qt9j/AAAAMIzc/U+MW+x/AAAAGEbu/ifFLU32v/5f/39H///f/9P/6//1/3f8XP+/Hfp//f8U/b/+f83fr//X/zNv5/3/TO9/+Ndz9z85bmmy/wEAAKCD3P1PiVvsfwAAAFibux/3G3L3PzVusf8BAABg8c6e8PfL3f+0w/+uJvtf/6//9/6//l//r//fJf3/Yvv/w//VO9/u+v8zd/4V/b/+f83fP9X/3+sE36//p4Ol9f+5+58etzTZ/wAAANBB7v5nxC32PwAAAAwjd/+NcYv9DwAAAMPI3f/MuKXJ/t9N/3+4rj2a/l//v9H/L7D/P9Wy/7/9Z/r/3dD/L7b/n+b9/xPR/+v/vf+v/2fa0vr/3P3Pilua7H8AAADoIHf/s+MW+x8AAACGkbv/OXGL/Q8AAADDyN3/3LjlYP+f2dNXXT7e/9f/6//1/5f0/v8VY/T/3v/fHf2//n+K/l//v+bv1//r/5m3tP4/d//z4hb//B8AAADGcGpTu//5cYv9DwAAAMPI3f+CuMX+BwAAgGHk7n9h3NJk/+v/9f/6f/3/JfX/g7z/r//fHf2//n/KSfv/jf6//lz22/+fPu/X9P/6f/0/c5bW/+fuf1Hc0mT/AwAAwHiuv8tPcve/OG6x/wEAAGAYuftfErfY/wAAADCM3P0vjVua7H/9v/5f/6//1//r/3dJ/6//n+L9/7X1/+fT/+v/9f/MWVr/n7v/ZXFLk/0PAAAAHeTuf3ncYv8DAADAMHL3vyJusf8BAABgGLn7Xxm3HN7/py7nV10+e+3/s93Q/+v/9f8H9P/x11X/r/+/APp//f9mwP7/7DF/PP3/sr5f/6//Z97S+v/c/TfFLf75PwAAAAwjd/+r4hb7HwAAAIaRu//VcYv9DwAAAMPI3f+auKXJ/j+u/7/t6nO/3fv/J6P/P/r79f/6f/2//l//v73+/6j/edP/nzNa/+/9/3V8v/5f/8+8pfX/uftfG7c02f8AAADQQe7+18Ut9j8AAAAMI3f/6+MW+x8AAACGkbv/DXFLk/2//ff/r9lH/39HXKf/1//r//X/8fPj+v/D9P+7pf/3/v8U/b/+f83fr//X/zNvaf1/7v43xi1N9j8AAAB0kLv/TXGL/Q8AAADDyN3/5rjF/gcAAIBh5O5/S9zSZP9vv//3/r/+/wL7/1P6/6T/j7+u3v/X/18A/b/+f6P/v2j77ufX/v36f/0/85bW/+fuv/lg6vXb/wAAANDBzQe/PLt5a9xi/wMAAMAwcve/LW6x/wEAAGAYufvfHrc02f/6f/3/3vt/7/8X/X/8ddX/6/8vgP5f/7/R/1+0fffza/9+/b/+n3lL6/9z978jbmmy/wEAAKCD3P3vjFvsfwAAABhG7P5z/+d3+x8AAACG9K6DX57dvDtuabL/G/f/11xq/3/Vnf61/v/o79f/b6X/v/nw33v6/+b9/5WbVdH/6/+n6P/1/2v+/i30/3fbbKX/jx9cq/9neZbW/+fuf0/c0mT/AwAAQAe5+98bt9j/AAAAMIzc/bfELfY/AAAADCN3//vilib7v3H/P8j7//e5Nb5A/z9u/+/9/7j6f+//H0X/r//f6P8v2r77+bV/v/f/9f/MW1r/n7v//XFLk/0PAAAAHeTu/0DcYv8DAADAMHL3fzBusf8BAABgGLn7PxS3NNn/+v+19//e/9f/6//1/8um/9f/T9H/6//X/P36f/0/85bW/+fu/3Dc0mT/AwAAQAe5+z8St9j/AAAAMIzc/R+NW+x/AAAAGEbu/o/FLU32v/5f/7+r/v/2P4j+v0n/f53+f6P/P5b+X/8/Rf+v/1/z9+v/9f/MW1r/n7v/43FLk/0PAAAAHeTu/0TcYv8DAADAMHL3fzJusf8BAABgGLn7PxU33PMe+/uk7Tp9zM+jN9f/6/+9/6//9/6//n+X9P/6/yn6f/3/mr9f/6//Z97S+v/c/Z+OW/zzfwAAABhG7v7PxC32PwAAAAwjd/9n4xb7HwAAAIaRu/9zcUuT/a//1//r/1fb/1+l/z//+/X/y6T/1/9P0f/r/9f8/fp//T/zltb/5+7/fNzSZP8DAABAB7n7vxC32P8AAAAwjNz9X4xb7H8AAAAYRu7+L8UtTfa//l//r/9fbf/v/f9D36//Xyb9v/5/iv5f/7/m79f/6/+Zt7T+P3f/l+OWJvsfAAAAOsjd/5W4xf4HAACAYeTu/2rcYv8DAADAMHL3fy1uabL/9f/6f/2//l//r//fpcve/5/a/h9jo//X/x9D/6//1//r/5m2tP4/d//X45Ym+x8AAAA6yN3/jbjF/gcAAIBh5O7/Ztxi/wMAAMAwcvd/K25psv9H7v+nfjf9/zn6f/3/Rv9/uP8/kz/X/2+H9//1/1P0/wP3/2e28on7+379v/6frVha/5+7/9txS5P9DwAAAB3k7v9O3GL/AwAAwDBy9383brH/AQAAYBi5+78XtzTZ/yP3/1P0/+fo//X/G/2/9/93TP+v/5+i/x+4//f+v/4f9tf/n94c0//n7v9+3NJk/wMAAEAHuft/ELfY/wAAADCM3P0/jFvsfwAAABhG7v4fxS3j7P/73jLxG/X/W+//D/4m0v/r/zf6f/2//v+A/l//P0X/r/9f8/fr//X/zFva+/+5+38ct4yz/wEAAKC93P0/iVvsfwAAABhG7v6fxi32PwAAAAwjd//P4pYm+1//7/1//X+r/v+KzYn6//xPWP+v/790+n/9/xT9v/5/zd+v/9f/M29p/X/u/p/HLU32PwAAAHSQu/8XcYv9DwAAAMPI3f/LuMX+BwAAgGHk7v9V3NJk/+v/9f/6/1b9v/f/9f+Xnf5f/z9F/6//X/P3Z/+ff9/p//X/3NXS+v/c/b+OW5rsfwAAAOggd/9v4hb7HwAAAIaRu/+3cYv9DwAAAMPI3f+7uKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+av9/7//p/5i2t/8/df2vc0mT/AwAAQAe5+38ft9j/AAAAMIzc/X+IW+x/AAAAGEbu/tvilib7X/+v/x+y//9//b/+X/+/FPp//f8U/b/+f83fr//X/zNvaf1/7v4/xi1N9j8AAAB0kLv/T3GL/Q8AAADDyN3/57jF/gcAAIBh5O7/S9zSZP/r//X/F97/n64/78X2/97/1//r/xdj3P7/jP5f/3/J/f+NN537cYv+/+qtfPL+vv8I+n/9P/OW1v/n7v9r3NJk/wMAAEAHufv/FrfY/wAAADCM3P1/j1vsfwAAABhG7v5/xC1N9r/+X/8/5Pv/+n/9v/5/Mcbt/73/r//3/r/3//X/+n/mLK3/z93/z7ilyf4HAACADnL3/ytusf8BAABgGLn7/x232P8AAAAwjNz9/4lbmux//b/+X/+v/9f/6/93Sf+v/5+i/9f/r/n79f/6f+Ytrf/P3f+/AAAA//+I2SzA")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
chdir(&(0x7f00000003c0)='./bus\x00')
mknod$loop(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x8400, &(0x7f0000000180)=ANY=[], 0x3, 0xa53, &(0x7f0000001640)="$eJzs3U2MW0cdAPBn73rzWeKUhIa0tAmFtgK62+yG8BFBUzUXoqbiVqniEqVpiUgDIpWgVQ5JTtxoFYUb4kOceqkAIdELinriUolG4tJT4cCBKEiROEBLYhTvjNf+x+6zk9196/XvJ43H783YM8/7/PZ53puZAphY9fZjo/146e2Lh//5yD823Xr+ZCdHs/043bV0K3ctLU+H9/tgajG+cf3s8X5xrZhvP+bl4tlrndduKYriXLGnuFw0i92Xrrzx7vwzR88fubD3vTcPXl2JbQcAgEnz7csH9+/821/u3/7hWw8eKjZ01ufz82Za3prO+w+lE/98/l8vepdrXaHbTMg3nUI95Jvqk6+7nEbOt7H3dbH8mfC+jQH5NpSUP9W1rt92wzjL+3GzqNVne5br9dnZxd/kRft3/Uxt9vTJUy+eqaiiwLL790NFUewRhEkLrW2dL0HldakudH0KAJWK1wtvcy62LNydzrtND1f+tafq/V8Py2C193/lx/fvrcdql1+2/b8574jD8hl+b9q4ovVYbnm78vdoa1qO1xHi/UujHn/y+02F92sMWc9B1xHG5frCoHpOrXI97tSg+sf9Yr36Rorz5/DNkN79/Yl/03H5GwP9/WfNtf9vWqpc5XUZKWwc03oLExxa1Rx2gDEQ75trJTk93tcX0zeUpG8sSd9Ukr65JH1LSTpMst+/8tPi9drS7/z4m/7G9bPtL8uw7WG5ne2eFH9ixPrE9shR2+Pifb+jutvy4/3EsJb98dhzJ776wvNXFu//r3X2/5tpf9+Tlpvpu3U5ZcjthbFdvXPvf7O3nPqAfPeG+tzTJ3/7+Y7efLUdS+9TdB1nbqvHrt7XbRuU74HefM2Qb1MK8SpIPD/ZHF6Xzz/ycTV/XtNhexthO2ZCPfJxZXuKx+tqDGtV3h8H3f+f989dRaP24slTJ55Iy3k//fNUY8Ot9ftWud7A3Ru2/8+uorf/z9bO+ka9+7iwbWl9rfu40Azr5wesX0jL+f/cd6c2tdfPHv/+qReWe+Nhwp159bXvHTt16sQPPfHEE086T6o+MgErbe6Vl38wd+bV1x4/+fKxl068dOL0woEDC/PzB762sH+ufV4/1312D6wnS//0q64JAAAAAAAAAAAAMKwfHTl85a/vfOX9xf7/S/3/cv//fOdv7v//k9D/P/aTz/3gcz/A7X3S23nCAKszIV8jhU+G+u4I5ewMr/tUijvz+KX+/7m4OK5rrs99YX0cvzfnC8MJ3DZeykwYgyTOF/jZFF9I8a8LqFDt5/1Xp7hsfOu8r+fxKYxLMZ7y3y2PZ5LHMcn9vweN65SP/9tXoY4sv9XoTlj1NgL9/WvNjf+93kPXL4bK6yKstXCj1WqtZnmtllk8gLWh6vk/c7tnjk//6Vsbb4Wc7dpTvcfLOH4p3I2q57+srPzcsDip2z9k+cs9/2dn/ruhj39hxrzmnZX7319cfb+r2GL3sOXH7c/jQO8YrfwPU/l5ax4thiu/9atQfrwgNKSPQvmbhyw/bv/FUQtOBf4vlZ8/tsceHrb8xTeo1XvrEduN8/W/2G6c3Qjbn8f2HPnvf4cTNd5M5cMkG5d5Zkc1LvP/DhLvw/hyWs4HwnyfQ5zvZNT65/sr8v+BneH9ayX/38z/O96+nuKy70Oe/zfvj80+y/Wu5Uafz3a9HmtgXH3g+p8w5qF9RrMG6jGOodVqrWyDVolKC6fyz7/q3wlVl1/1518mzv8bz+Hj/L8xPc7/G9Pj/L8xvd2u+NHSpL0xPc7/Gz/POP9vTL8vlBvnB95Vkv7pkvTdJen3l6Q/UJL+mZL0vSXpD5akP1SSfm9J+sMl6Z8rSf98SfojJemPfXz6wo9LXr/e5f4ok7r9MMli/zzff5gc+frPoO//jpJ0YHz97K19Tz//u+80F/v/z3TaQ/J1vENpuZF+O8ffS7H9ZCqlvZOW/x7S13p7B0ySOH5G/P/+aEk6ML7yfV6+3zCBav1H7Bl23KpB5/mMly+k+Isp/lKKH0/xbIrnUrwvxfOrVD9WxtO//cPB12tLv/e3hfRh7yeP/YHiOFELQ9Yntg+Mej97HMdvVHdb/h12BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKhMvf24f/+uWlFcevvi4eeOnpy7tebJTo5m+3G6a6nReV1RPJHiqRT/Mj25cf3s8e74ZoprxXxRK2qd9cWz1zolbSmK4lyxp7hcNIvdl6688e78M0fPH7mw9703D15duU8AAAAA1r//BwAA///3txjh")
r0 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0xb)
sendmsg$can_bcm(r0, &(0x7f0000000040)={&(0x7f0000000000), 0x10, 0x0, 0x8, 0x0, 0x0, 0x20000800}, 0x240048c1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r1, 0x3, 0x0)
getdents64(r1, 0x0, 0x22)

4m19.728898045s ago: executing program 5 (id=430):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0xfffffffc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sched_setaffinity(0x0, 0x0, 0x0)
close(r2)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="070000000000000000000200000014000180060001000200000008000300ac1414aa"], 0x28}}, 0x0)

4m17.528296236s ago: executing program 5 (id=437):
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000003f)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='./bus\x00')

4m16.709082607s ago: executing program 5 (id=441):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000002c0)={'rose0\x00', 0x112})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x2, 0x4, 0x6, 0x1, 0x1000, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400})

4m7.084371091s ago: executing program 5 (id=459):
ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x37)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m5.70476306s ago: executing program 33 (id=459):
ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x37)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
keyctl$join(0x1, &(0x7f0000000100)={'syz', 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13.240364306s ago: executing program 1 (id=1114):
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
openat$binfmt_register(0xffffff9c, &(0x7f00000002c0), 0x1, 0x0)
syz_open_dev$evdev(&(0x7f00000000c0), 0xde45, 0x101000)
socket(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x803, 0x0)
socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$l2tp6(0xa, 0x2, 0x73)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xe, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

10.956272198s ago: executing program 1 (id=1118):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000190c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x4000, 0x44)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

9.236286481s ago: executing program 1 (id=1122):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
socket$key(0xf, 0x3, 0x2)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f00000000c0), 0x4)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x1c)

9.155274122s ago: executing program 6 (id=1123):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
lseek(r0, 0x1000000, 0x0)

8.964376525s ago: executing program 2 (id=1125):
syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xfffffffffffffffe, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, 0x0)
pwritev(r0, 0x0, 0x0, 0xfffffffc, 0x0)
process_mrelease(0xffffffffffffffff, 0x1000000)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))
ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000100)={0x17, 0x3, 0x0, 0xb, 0x1000a, 0x4, 0x5, 0x82})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

8.090744787s ago: executing program 2 (id=1126):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700))
sendmsg$TEAM_CMD_OPTIONS_SET(r0, 0x0, 0x40084)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x4}, 0x8)
syz_mount_image$hfs(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x30000c8, &(0x7f0000000100)=ANY=[], 0x11, 0x2c6, &(0x7f0000005bc0)="$eJzs3btuE08Ux/HfjJ3E/3+isCFBSJSBSNAgCA2iMUKueAIqBMRGirCCgCAuVUBUCEFPR8Er8BA0IF4AKioeIFSLZmbt9WXXNpbjjcP3I8XatWd2z3gvc46laAXgn3Wt9v3jpZ/uz0gllaTXVyQrqSKVJZ3Qycrjnd3t3WajPmhDJd/D/RmFnqavzdZOI6ur6+d7JCK3VtZS53vB4niDRK44jq/+KDoIFM5f/RmstKD5dL0yxZhG8WLMfnsTjmPWmH3t66mWi44DAFCsZP63IZPXUpK/WyttJNO+zw8O2/w/rv2iAzhw8cBPO+Z/X2XFxh3fY/6jtN7zJZz73LaqxFH2PNez7tNH25NgmmFVpY/F/nd3u9k4v3W/Wbd6qWqio9maf62HU7dlSLTrGbXpACOM3WRnlL5etXNuDJsh/ieSuuJfHXOPYzOfzVdz00R6r3o7/yvHxh0mf6SiniMV4r+Qv0U/ysi1UnLbqFartqvJit/JKXWWEsNGWcmuSNQ6o1bU/QNBNCxO3+t4T68wuotDeq1m9tpsreX0Wuvq5UbTPpvz93fQzFtzw6zrlz6p1pH/WxffhgZemelVYzbCVOC/8TCe+ezdlf02o76Zo/9yaX+LC3mh/+69p13/EA++zSHPG93RZS0/evb8XqnZbDx0C7czFh4std+ZeyVltil4QXvpOwuKvb7GrUlpmoGdm+gG3f1jaGN3lR2Kg3KkF2pfpnsiFbFQ8P0JU5Ee9KIjQUFc3mVC/ZfWK+WQ7LmXKDNPH/GHgGSLscux2xVc2jcOGbmk//+qglvMr+D6a66+mtHXXKfPSmdG32OUxHlEmJq+6Ra//wMAAAAAAAAAAAAAAAAAAMyaafw7QdFjBAAAAAAAAAAAAAAAAAAAAABg1rWf/6vW83812vN/e5+7Msnn/77bUfbzfwFM0p8AAAD//0gLf7E=")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0)
write$cgroup_pid(r3, &(0x7f0000000000), 0x2a979d)

8.004038648s ago: executing program 6 (id=1127):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
close(0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x1494)
fcntl$setstatus(r0, 0x4, 0x0)

7.8927167s ago: executing program 0 (id=1128):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000140)={[{@nobh}, {@auto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@dioread_nolock}, {@bsdgroups}]}, 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f0000000040)='./file1\x00', 0x1a1142, 0x0)

7.663575994s ago: executing program 2 (id=1129):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce0702000000000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
connect$pppoe(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, {0x2, @empty, 'veth1_to_bridge\x00'}}, 0x1e)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0.::/', 0x0)
r0 = add_key$user(&(0x7f00000001c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000080)="bc5d", 0x2, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

7.616290924s ago: executing program 4 (id=1130):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000300)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000001c0)=0x100, 0x4)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
bind$xdp(r0, &(0x7f0000000180)={0x2c, 0x1, r2, 0x0, r3}, 0x10)
recvmmsg(r0, &(0x7f0000001680)=[{{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, 0x0}, 0xa5}], 0x2, 0x2060, 0x0)

7.613710814s ago: executing program 2 (id=1131):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
r4 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r4, 0x0, 0x2000c0c4)
r5 = accept$alg(r4, 0x0, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x0, 0x0)

6.309973162s ago: executing program 6 (id=1132):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
timer_create(0x4, &(0x7f0000000340)={0x0, 0xf, 0x2}, &(0x7f0000000380))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
writev(r2, &(0x7f0000000000), 0x0)
sendmsg$NL80211_CMD_FRAME(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYRES16, @ANYBLOB="01000000000000000000010000000800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693f"], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a006030"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000004fe8000000000000000000000000000bb4e200000000000000a0040"], 0xb8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

6.306126802s ago: executing program 0 (id=1133):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x80002, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000716f00000000000033"], 0xfc}}, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

6.192329854s ago: executing program 4 (id=1134):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000000180)={'gre0\x00', &(0x7f00000000c0)={'tunl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @multicast2}}}})
fcntl$setlease(r3, 0x400, 0x0)

5.998331356s ago: executing program 2 (id=1135):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
syz_open_dev$sndmidi(0x0, 0x1, 0x40503)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3000490, &(0x7f0000000100), 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
syz_open_procfs(0x0, &(0x7f0000000300)='uid_map\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)

5.983265297s ago: executing program 6 (id=1136):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x18)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8)
write$FUSE_INIT(r2, &(0x7f0000000480)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x3, 0x20000000, 0x7, 0x5, 0x1, 0x1, 0x0, 0x0, 0x20, 0x5}}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r4}, 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000980)=ANY=[@ANYBLOB="6801"], 0x168)
write$FUSE_BMAP(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000580)={0x50}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000700)='./file0/file0\x00', 0x10)

5.04430641s ago: executing program 4 (id=1137):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x71757000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0xfffffffffffffec7)
r4 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r5, &(0x7f0000000140)='./file0\x00')

3.527127331s ago: executing program 0 (id=1138):
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', 0x0, &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x4e, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaab331687b814586dd6062d308001806fffc010000000000000000000000000000fe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="600200f783d9583a84009078000004040961"], 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000280)={'veth0_to_bond\x00', {0x2, 0x4e21, @rand_addr=0x401}})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@dev}, 0x20)

2.823239031s ago: executing program 2 (id=1139):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r4 = fanotify_init(0x81, 0x0)
fanotify_mark(r4, 0x105, 0x40001032, r3, 0x0)
prlimit64(0x0, 0x7, &(0x7f00000003c0), 0x0)
read$FUSE(r4, &(0x7f00000057c0)={0x2020}, 0x2020)

2.659960283s ago: executing program 1 (id=1140):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
lseek(r3, 0xfffffffffffffff5, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @any, 0x2}, 0xa)
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
syz_open_procfs$namespace(0x0, 0x0)

2.659633463s ago: executing program 4 (id=1141):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000300), 0xf3, 0x481, &(0x7f0000000900)="$eJzs3E9sFNUfAPDvbLfw+/GvFfEPiFpFI/FPCwWVgwc1MfGAiYke8Li2hSALNbQmQhqphuDFREi8GxMvJp49ePJk1JOJFw96NyTEcBE9rZnd2XW23S3bdttt2c8nGfa9ndd97zszb+fNPGYD6Fsj6T9JxI6I+C0ihiKisLDASO3l1s25ib9vzk0kUam88WeS/ln8dXNuol40yV631zLF9KVwOYkXW9Q7c+HimVK5PHU+y4/Nnn13bObCxWdOny2dmjo1dW782LGjRw4//9z4s12J8660rfs+mN6/99W3rr02ceLa2z9+neQanY+jOwZjPrdNFnq8u5X13M5cOik2rZocai5aWJ8W0YmtEdWOOljt/0MxcHlXY91QvPJRTxsHrKlKpVIZb796vgLcwZLodQuA3qif6NPr3/qyTkOPDeHGS7ULoDTuW9lSW1NsXKgOLri+7aa5iDgx/8/n6RJrch8CAKDZd+n45+lW479C3JsrtyubGxrO5lJ2R8TdEbEnIu6JqJa9LyLuX2b9Iwvyi8c/hesrCqxD6fjvhWxuq3n815imGB7Icjur8Q8mJ0+Xpw5l2+RgDG5N84dbfnoS1Umg+OXTdvWP5MZ/6ZLWXx8LZu24Xtza/DeTpdnSqgPP3PgwYl+xVfzZBF42h7U3IvatsI7TT361v/mdgUbq9vEvobjCBuVUvoh4orb/52NB/HXJ0vOTY/+L8tShsfpRsdhPP195vV39q4q/C9L9v63l8d+IfzjJz9fOLPqILber48rvH7e9plnp8b8lebOp8vdLs7PnD0dsSY4vfj93g7uer5dP4z94oHX/3x3/bYkHIiI9iB+MiIci4uGs7Y9ExKMRcWCJ+H94+bF3Vh7/2krjP76s/b/8xMCZ779tV39n+/9oNXUwe6eT779OG7iabQcAAACbRSEidkRSGG2kC4XR0dr/4d8T2wrl6ZnZp05Ov3dusvaMwHAMFup3uoayfGT3P4dz90fHq7PmEZey/JHsvvFnA/+v5kcnpsuTvQ4e+tz2Nv0/9cdAr1sHrLkuzKMBm5T+D/1r5f3fNwdsdrfpxX6wAe5gzuLQv1r1/0s9aAew/pz/oX81+v/VDgrnHvda+PAmsPk4/0P/0v+hL63muf4NkYgvI5Yuk2yUpi4r8cnGaEaLxMnaYROFDdKefCIiiQ4Ll1qtiqsbIYo2iWLHv2pxoXKpVC7/+s1qKu31NxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB3/BsAAP//5k/kKw==")
chdir(&(0x7f0000000080)='./file1\x00')
symlink(0x0, &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
r1 = open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r1, 0x40106614, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()

2.548291794s ago: executing program 6 (id=1142):
creat(0x0, 0x30)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0), 0xfc, 0x574, &(0x7f0000001980)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUk4gWC3qvS7INJZtuyW5KEwu2B3vxIkUQsSB69+6x+A/4VxS0UKQEPXiJzGY2XZPZNNlumm3384Fp35uZzZvvvvm+fbOzywbQt8bSfwoRL0fEN0nESMu2wcg2jq3tt/Lw+nS6JLG6+ulfSSTZuub+Sfb/oazyUkT89lXEycLmdmtLy3OlSqW8kNXH6/NXxmtLy6cuzZdmy7Ply5NTU2fempp89523uxbr6+f/+f6Tux+e+fr4yne/3D9yO4mzcTjb1hrHE7jRWhmLsew5GYqzG3ac6EJjvSTZ6wOgIwNZng9FOgaMxECW9blWR57moQG77Ms0rYE+lch/6FPNeUDz2r5L18HPjAfvr10AbY5/cO29kRhuXBsdXEn+d2WUXu+OdqH9tI1f/7xzO12i3fsQ+7vQEMAGN25GxOnBwc3jX5KNf507vY19NrbRb68/sJfupvOfN/LmP4X1+U/kzH8O5eRuJx6f/4X7XWimrXT+917u/Hf9ptXoQFZ7oTHnG0ouXqqU07HtxYg4EUP70/pERHyQfxPk88LKvdV27bfO/9Ilbb85F8yO4/7ghvnfTKleevLI1zy4GfFK7vw3We//JKf/0+fj/DbbOFa+82q7bY+Pf3et/hTxWm7/P+rMZOv7k+ON82G8eVZs9vetY7+3a3+v40/7/+DW8Y8mrfdraztv48fhf8vttnV6/u9LPmuU92XrrpXq9YWJiH3Jx5vXTz56bLPe3D+N/8Txrce/vPP/QJrY24z/1tFbrbsO7yz+3ZXGP7Oj/t954d5HX/zQrv3t9f+bjdKJbM12xr/tHuCTPHcAAAAAAADQawoRcTiSQnG9XCgUi2uf7zgaBwuVaq1+8mJ18fJMNL4rOxpDhead7pGWz0NMZJ+HbdYnN9SnIuJIRHw7cKBRL05XKzN7HTwAAAAAAAAAAAAAAAAAAAD0iEMRw3nf/0/9MZD/mDargWfRFj/5DTzn2ud/tqUbv/QE9CSv/9C/5D/0L/kP/Uv+Q/+S/9C/5D/0L/kP/Wsn+f/zuV08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+nD93Ll1WVx5en07rM1eXFueqV0/NlGtzxfnF6eJ0deFKcbZana2Ui9PV+cf9vUq1emViMhavjdfLtfp4bWn5wnx18XL9wqX50mz5QnnoqUQFAAAAAAAAAAAAAAAAAAAAz5ba0vJcqVIpLygodFQY7I3D6MFCoTcOo8PCXo9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDIfwEAAP//wGE62g==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
memfd_create(0x0, 0xe)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
llistxattr(0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), 0x0, 0xfe37, 0x0)
r2 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f0000000300)={@any, 0x103, 0x1, 0x9, 0x8, 0x25, "dae5da3a9871f5769c77c05b156799bfb0a4fa58366b64c985bceb74572cdaa31b623d1ab2d33b37288cb6d9a4901d9e3257acd6e1be6b9db507cb1bd3f9b7ebf45d4ada2a4e426fd59892974db4ed304926708714774ed60068c81a0b4467ea4f22db843257de04f6a5da58e1060a093ad6778d51fb9bc63f7ef4953c5300"})

1.516341419s ago: executing program 0 (id=1143):
r0 = socket(0x2, 0x80805, 0x0)
listen(r0, 0x5)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_PREEMPT(r3, 0x40046109, &(0x7f0000000040)={0xf0, 0xf0ff})
ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000080)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000007c0)=ANY=[@ANYBLOB="bf16000000000000b70700000200f0ff4070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f040000f300000000bd01212fb56f040026fbfefc41056bd8174b79ed317142fa9ea4158123751c5c652fbc1626cca2a2ad75806150ae0209e62f51ee988e6e06c8206ac6879fc404004900c788b277be1cb79b0a4dcf23d410f6accd3641110bec4e90a634199e07f8f6eb968f200e011ea665c45a3449abe802f5ab3e89cf6cfdffffffb8580218ce740068720000074e8b1715807ea0ca469e468eea3fd2f73902ebcfcf49822775985bf313405b367e81c700000040000000000200000000005335000000143ea70c2ab40c7cb70cc8943a6d60d7c4900282e147d08e0af4b29df814f5691db43a5c00000004000000000089faff01210cce39bf405f1e846c12423a164a330100846f26ad03dd65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d6155102b1ced1e8019e63c850af895abba14f6fbd7fb5e2a431ab914040000000000010092c9f4609646b6c5c29647d2f950a959cf9938d6dfcb8ed2cbdc2ba9d580609e31c3fa90812a533ce206e7e57a79d6fce424c2204dd418c005479ecab19bdfb15a32a4fd67ce446adb431d07db79240acaf091231b986e77d05d988d6efdffdf48dca02113a38300cabf2b5543ffc166955709009e000000000061629d1822f720ec23812770d72c700a44e113d17088fdd00600000f7889b8c7044f56ff030000000000006cd4970400cac6f45a6922ded2e29514af463f747c08f4010586903500000000000000000000be34cf0f9d640dd782ac0cbc46903243d0d0f4bc7f253d0500000032daaf281c450e64c33aac8ff7e7d1c94c4505a9839688b008c370494f6734b771546d9552d3bb2da0d000000000000000009125c97f0400f5e1671bc5eb7739daa7820a91cb0e732df2ae1d39c747e00a4fbfe8942fa859cd28bdaa1509309926c77fbcb15ec58b42b400005a6b649dd5f13cd776e6c7c4b5c4b0de20e033b378553ead4c8cc530b62c36364e6505992209bdbc6203da7a3797246a6adef071102f0aa2c40095ddd05176f5cb8bd99e1ba0f9568f3e3876bba7bf973334e7919a080000000000000004fb996ad919f7e9672ce107000000ad882f2aead166c94500be902ee7dabc768eb9ec13f334aae90981ecaf5f744f22f2e45afe2c9e8632276cffe5f1fc215c0797d0244cf1ce269d10525745caaa3f77d1b80116cb9a38400242010000000100000091a0116f4693133138583da5e10b434697b0443b7b4ddfb3ace29e16e5a881336aad0974269a1025f2a9a135c0508af1aec2926627b43bba1229a7466bdca64f514b7911458da083e8681916d408d753226a83ae2434ccd3fc508216aea86833030f569d61dc998620fcf4eeb92e7bc511df63c53b82514493b8f3c74f44ba184d40e87612024da1a1ebe316923865f037c01d71b5de81121046d84b18acb5cbea7eecad9b6dd46ed83515cd9f140e5f00019be25b5910a3193e90be231a05fd82e6003969c3f081ff1d0eb50a04d14644234828cbb5aaa0ece702abdd425fa25ae04a2315c89064df633700000000d9e5953ea67310993d01000000000000003ac753358791b1490273ca535e05b11d815237743a5b79ad45de2a3c91257f02c2f30f5513662809073710937ed0055b238f466e1442f8ec7a5b394228035039ceeb452dca75f9ff5332b4c4777a58a0aa9a821667c68549e9da89ad4274ce2d3d7619936768a84a1465fff4eedba55955434f132ab7b8840558b3f918d675a79907a72a8252cd3fbaea5d3006a03507838231a335ae759ed25534f2e90a7def4b3d4af7fd47ab1a701e4b7a7dfc1d12775ed0a31bc7b5855880aa767e68196c7aa5ac115724b6cb8fcebb67719eccd87b06b38566cf61ad2f307a79d2ce9801837bf0bd3af0271de700eef2795d28cb0017000000000000000000e052d93194121b774d21a0317d0346078400004652c769fd3d3e661a2fb5ff0f000002ab2ac4eb3f19c042163e0bdb88b82de384a8055e8b1e24294b0546cce481ff5618b7b9585dbb64d66debf219fa479abf22f3d64fe82e466ea6f27859946e72f80bb1c9cfcde57b79625e2979fe689a5a246cbbdf6ad488f43f46b2536f175f46dfb27d5229467270246ab53616c46edf34c559d3de0c59ca3305e66825715e5e4cd5b54c1b05c09f04337a76a30373baac3ecec91fd546eb7c32dbecb18a308a0004be94dfab28c2a51dc856df0000000000c12254f041804f7f7074356789b1d4dd55f3e045a48241a4ce04d06acb2cf11eab759ba78da5da0f26126d4cf2c73e5f94030000040000000000000000c301985d603403592486204054be3fdda91f9e315886941928e5a8bc1a00e69a98c0a8f7192f6ee93cc4124cf4e7610915efc08c834a44e1d685d6835a40b5bc615949cbcd98d0e68d7eef5d32d5fcc7923d7544fa492aa38717481455e86dcd7816ad8940bd1995369d89ae6eadeb9117e8b94ab422c8d62f858875dccdbc89572231ef5d6df6a9c55f8df763c7c64da7cc017e1e3f5cd4cb9fe6d19b11d4d38239d318016e622b9683b7e46be64dc097982e23462392a0cd05afb2e060fd42ef00dfbd057311aab94f307d10c7a1af0d8e5a0fcb547475d13c0000000000000000f1cc97103d714d1abb901f866d9d629b4fb185f45790517c4a0f5c6a5024e3359e8d83e3f6edf9e2afb5ab59c7b2b45cfb0a3c1303a98e4ed531ac11cca1cd744b431de74c7cd6533adaa8ec749061b2959d53da626aa189781dc1be4d5c81aebc0cada819895b377d6cf0a7878ba99864ae84464744c605646caf2e06b13eba7ba10acf77d91b2297e9573abb0a4da534d735a223626402b308daf7835780fa6f4e410000000000fb00000000000000000000b14952139bd4bdbccc5e334c49584655c4fce8c5bb7c54664aef6d780100358aa54b4b49926c4be9ee4659153d9fa95d07cc4efdab2c5f4503148d0255d0b748366dafe042d78479c21d832e1431ed6d646d13e8e7230300920a5642bbed1dee9b46b6f02e572024ccf3c8edd82660e5d74c22e46af480c300000000000000000000000000000000000044ff72f96f084f4b6cdcb1b4a9d8e9f99f1b85497d0c3df704c8a0034c09caeeb0e34799b755649883539258a7b33dcef15d8fd1953ebaaa3cff81a0de7a05a440f20f6b273ceb8678f10378b670be7504dabd1471355d853292775d0366891f0bcf0a6087ed4f1f25ef52394db3e9d8318bbb9baff3db95bfd68a08ded502cc08a485c804e4fd107a7ca2a64ca081c6b2f7b895cdf98b763ebab9451c65eced6f5f97a541210806d885762ac3150225036c7eccd7a05593abd963f9a02df58085115e54f675e6a08d25b5722cabf989b4bbc562e073b81bae61f05c5e1f90e021340b60cc5fb8fdb09b6d20b0d87a6ed800000000000000000000000000000000006cc6f64f583a26a78f7f417f66c0af32f5194ddfce51e5aff28f621bb2fd2a5ab719823488d6e869b08d3d4ac7950c60144cf77437e29895a23282e3c65e015d1c334832a90ee77d93596e3f12e9ca8c67c7f3c9b66c9cb03edec184ad1d9544c7a3be250e471dca00000078544d79c0efe4094e561eeb26ee4c81106d03c004bc1589ef6e13648999c8735e2634e89aaa90c571fa3c07238697b1db783c52715055445e96995fe3273b0346b03fc742c06aa3947e0d9cf0c99b5e245ede85893112deea8bd3355a32ec15e1242f170a51f28cea4105541e96a52da4984d26bd29cb0623f00c6b0a4c00ad406d729babc9d1550a683c349017a340444000000000000000000000920ca49f7cc8194aaebdcae5a62bb7587b57f41f1c2034911f23e6bd0291b3319f03a0a15dea685a8ab75b3c60391afa5483231305402b52a8f98638009c142751518f73a847ca583e855d70c6a4a53f61ad753d5e740db44afd32b019d9e8b41361c2c1b9a8a14604fe52837a19dd6952fe2724c0105ab158a54a4a23ff0f4bc43c0e0e426e51258e40bb4b68ff4e3a8fe314a0"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000780)=r6, 0x4)
sendmsg$inet(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000200)="fa82", 0x3802}], 0x1}, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000b00))
r7 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r7})
ioctl$PTP_CLOCK_GETCAPS(r7, 0x80503d01, &(0x7f0000000000))
sendmmsg$inet_sctp(r0, &(0x7f000000a2c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x18, 0x24004850}], 0x1, 0x2000c000)

1.220895803s ago: executing program 1 (id=1144):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
getsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, &(0x7f00000000c0)=0x677fa7e1, &(0x7f00000003c0)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001800010ef5d870000000000002180000000000080020000008000100ac1414"], 0x24}}, 0x0)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, &(0x7f0000000140)={@remote}, 0x14)

972.257926ms ago: executing program 4 (id=1145):
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB='6\x00'/11, @ANYRES32, @ANYBLOB="addaced30a01a7fe46005a6cdee853229216446b411c8d9e63e3d3cdab8325cdc8faa5cb28989108c94e95"], 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0xfff3}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x80, 0x4b6, 0x401, 0x0, 0x12, 0xfffffff8}}, {0x4}}]}]}, 0x48}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000000c0), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$alg(0x26, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c"], 0x7c}}, 0x10)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

849.020198ms ago: executing program 0 (id=1146):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r1 = dup(r0)
write$FUSE_BMAP(r1, &(0x7f0000000300)={0x18, 0x0, 0x0, {0xfffffffffffffffa}}, 0x18)
r2 = eventfd(0xc)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x0, &(0x7f0000000480)=""/74, 0x8080000})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r5, 0xae9a)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x9, 0xfffffffffffffffd, 0x0, 0x0, 0x8], 0x0, 0x201})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

92.718279ms ago: executing program 1 (id=1147):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000140)={0x3})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)

90.452149ms ago: executing program 6 (id=1148):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c0000009078"], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068109e73", 0xc, 0xfffffffffffffffe)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="480000001000050400", @ANYRES32=r2, @ANYBLOB="ebffffffffffffff280012800b00010065727370616e"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r3, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

323.64µs ago: executing program 4 (id=1149):
io_uring_setup(0x1cb2, &(0x7f0000000180)={0x0, 0xb157, 0x2, 0x0, 0x28c})
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x0, @val=@tcx={@void, @value}}, 0x40)
syz_emit_ethernet(0x42, &(0x7f0000000a40)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @udp={0x2, 0x6, "a341d0", 0x8, 0x11, 0x1, @private2, @dev={0xfe, 0x80, '\x00', 0x2e}, {[], {0x4e20, 0x4e23, 0x8}}}}}}, 0x0)

0s ago: executing program 0 (id=1150):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x80700a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)

kernel console output (not intermixed with test programs):

to 1000
[  118.390444][ T4881] loop2: detected capacity change from 0 to 32768
[  118.412545][ T4890] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  118.447349][ T4890] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  118.495778][ T4890] lo speed is unknown, defaulting to 1000
[  118.520337][ T4890] lo speed is unknown, defaulting to 1000
[  118.715397][ T4899] 9pnet_virtio: no channels available for device syz
[  119.481563][ T4894] netlink: 6 bytes leftover after parsing attributes in process `syz.0.160'.
[  119.507510][ T4894] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  119.540634][ T4890] lo speed is unknown, defaulting to 1000
[  119.557756][ T4890] lo speed is unknown, defaulting to 1000
[  119.571538][ T4890] lo speed is unknown, defaulting to 1000
[  120.186839][ T4903] loop4: detected capacity change from 0 to 128
[  120.328016][ T4905] loop0: detected capacity change from 0 to 2048
[  120.557614][ T4905] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  121.593883][ T4923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.162'.
[  122.996162][ T4180] Bluetooth: hci4: link tx timeout
[  123.003082][ T4180] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  123.726234][  T146] Bluetooth: hci4: link tx timeout
[  123.731394][  T146] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  124.340105][ T4257] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  125.035750][ T4257] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  125.085387][ T4257] EXT4-fs (loop0): This should not happen!! Data will be lost
[  125.085387][ T4257] 
[  125.123211][ T4257] EXT4-fs (loop0): Total free blocks count 0
[  125.135769][ T4955] netlink: 4 bytes leftover after parsing attributes in process `syz.3.178'.
[  125.144838][ T4257] EXT4-fs (loop0): Free/Dirty block details
[  125.158574][ T4257] EXT4-fs (loop0): free_blocks=2415919504
[  125.164380][ T4257] EXT4-fs (loop0): dirty_blocks=5120
[  125.197453][ T4257] EXT4-fs (loop0): Block reservation details
[  125.207977][ T4257] EXT4-fs (loop0): i_reserved_data_blocks=320
[  125.255668][ T4214] Bluetooth: hci4: command 0x0406 tx timeout
[  125.348642][ T4257] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  125.361770][ T4257] EXT4-fs (loop0): This should not happen!! Data will be lost
[  125.361770][ T4257] 
[  130.734519][ T4210] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  131.540267][ T4210] usb 4-1: Using ep0 maxpacket: 32
[  132.122826][ T4210] usb 4-1: config 0 has an invalid interface number: 9 but max is 0
[  132.152893][ T4210] usb 4-1: config 0 has no interface number 0
[  132.353795][ T4210] usb 4-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[  132.410344][ T4210] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.510381][ T4210] usb 4-1: Product: syz
[  132.562051][ T4210] usb 4-1: Manufacturer: syz
[  132.562074][ T4210] usb 4-1: SerialNumber: syz
[  132.571056][ T4210] usb 4-1: config 0 descriptor??
[  132.615381][ T4210] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  133.057396][   T13] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  133.567948][   T13] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  133.594476][   T13] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.774127][ T4210] gspca_topro: reg_w err -110
[  133.804091][ T5017] ODEBUG: Out of memory. ODEBUG disabled
[  133.848774][ T4210] gspca_topro: Sensor soi763a
[  133.897010][   T13] usb 3-1: config 0 descriptor??
[  133.995947][ T4210] usb 4-1: USB disconnect, device number 4
[  134.166439][ T5037] loop3: detected capacity change from 0 to 1024
[  134.315148][ T5037] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  134.487460][ T5037] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  135.074434][ T5037] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,barrier,i_version,discard,min_batch_time=0x0000000000000001,stripe=0x0000000000000004,dioread_nolock,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  135.198189][ T5053] udc-core: couldn't find an available UDC or it's busy
[  135.214107][ T5053] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  136.101827][ T5052] loop4: detected capacity change from 0 to 8192
[  136.267986][ T5056] loop0: detected capacity change from 0 to 1024
[  136.514810][ T5056] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  136.570318][ T5056] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  136.585608][ T5056] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.731922][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  136.739939][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  136.809782][ T5056] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  136.928370][ T5056] EXT4-fs (loop0): Remounting filesystem read-only
[  137.023953][   T13] pegasus 3-1:0.0: can't reset MAC
[  137.029601][   T13] pegasus: probe of 3-1:0.0 failed with error -5
[  137.039229][   T13] usb 3-1: USB disconnect, device number 3
[  137.182608][ T5072] loop3: detected capacity change from 0 to 128
[  137.398219][ T5072] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,acl,,errors=continue. Quota mode: writeback.
[  137.411020][ T5072] ext4 filesystem being mounted at /34/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  139.461485][ T5084] netlink: 'syz.2.213': attribute type 1 has an invalid length.
[  139.553470][ T5087] loop4: detected capacity change from 0 to 2048
[  139.572092][ T5091] netlink: 4 bytes leftover after parsing attributes in process `syz.0.216'.
[  139.688158][ T5087] EXT4-fs (loop4): mounted filesystem without journal. Opts: discard,journal_dev=0x000000000000009b,nobarrier,,errors=continue. Quota mode: none.
[  139.845080][ T5087] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  139.921546][ T5087] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  139.982277][ T5087] EXT4-fs (loop4): This should not happen!! Data will be lost
[  139.982277][ T5087] 
[  140.025996][ T5087] EXT4-fs (loop4): Total free blocks count 0
[  140.037462][ T5087] EXT4-fs (loop4): Free/Dirty block details
[  140.064285][ T5086] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  140.080289][ T5087] EXT4-fs (loop4): free_blocks=2415919104
[  140.086170][ T5087] EXT4-fs (loop4): dirty_blocks=48
[  140.092373][ T5084] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.103188][ T3069] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  140.115201][ T4257] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  140.117002][ T5087] EXT4-fs (loop4): Block reservation details
[  140.136234][ T5087] EXT4-fs (loop4): i_reserved_data_blocks=3
[  140.233863][ T3069] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  140.538285][ T5099] loop3: detected capacity change from 0 to 32768
[  140.557869][ T5101] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 1376 with error 28
[  140.579017][ T5101] EXT4-fs (loop4): This should not happen!! Data will be lost
[  140.579017][ T5101] 
[  140.999683][ T5099] XFS (loop3): Mounting V5 Filesystem
[  141.467893][ T1108] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  141.490260][ T5099] XFS (loop3): Ending clean mount
[  141.945894][ T1108] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  142.037212][ T1108] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.465959][ T1108] usb 1-1: config 0 descriptor??
[  142.474331][ T5126] loop2: detected capacity change from 0 to 1024
[  142.695283][ T4173] XFS (loop3): Unmounting Filesystem
[  142.713907][ T5126] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  143.286005][ T5126] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  143.301977][ T5126] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.327892][ T5126] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  143.349729][ T5141] netlink: 4 bytes leftover after parsing attributes in process `syz.4.228'.
[  143.351356][ T5126] EXT4-fs (loop2): Remounting filesystem read-only
[  143.504468][ T1108] [drm] Initialized udl 0.0.1 20120220 for 1-1:0.0 on minor 2
[  143.512362][ T1108] [drm] Initialized udl on minor 2
[  143.573808][ T5150] netlink: 4 bytes leftover after parsing attributes in process `syz.2.229'.
[  143.704047][ T5150] team0 (unregistering): Port device team_slave_0 removed
[  143.767523][ T5155] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  143.785975][ T5150] team0 (unregistering): Port device team_slave_1 removed
[  143.997555][ T1108] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  144.006519][ T1108] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  144.021249][ T1108] usb 1-1: USB disconnect, device number 6
[  144.159589][ T5160] ipt_CLUSTERIP: ipt_CLUSTERIP is deprecated and it will removed soon, use xt_cluster instead
[  144.170479][ T5160] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD
[  145.140872][ T5168] netlink: 4 bytes leftover after parsing attributes in process `syz.1.234'.
[  146.630285][ T5173] loop3: detected capacity change from 0 to 164
[  146.649699][ T5176] loop0: detected capacity change from 0 to 16
[  146.731208][ T5176] erofs: (device loop0): mounted with root inode @ nid 36.
[  147.184063][ T5183] loop2: detected capacity change from 0 to 2048
[  148.417050][ T5181] erofs: (device loop0): z_erofs_map_blocks_iter: unknown type 3 @ offset 45055 of nid 36
[  148.423856][ T5183] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.427470][ T5181] erofs: (device loop0): z_erofs_readahead: readahead error at page 10 @ nid 36
[  148.446889][ T5181] erofs: (device loop0): z_erofs_readahead: readahead error at page 9 @ nid 36
[  148.456023][ T5181] erofs: (device loop0): z_erofs_readahead: readahead error at page 4 @ nid 36
[  148.465180][ T5181] erofs: (device loop0): z_erofs_map_blocks_iter: invalid logical cluster 0 at nid 36
[  148.474794][ T5181] erofs: (device loop0): z_erofs_readahead: readahead error at page 0 @ nid 36
[  148.485400][ T5181] attempt to access beyond end of device
[  148.485400][ T5181] loop0: rw=524288, want=312, limit=16
[  148.499463][ T5181] attempt to access beyond end of device
[  148.499463][ T5181] loop0: rw=524288, want=1049280, limit=16
[  148.511204][ T5181] attempt to access beyond end of device
[  148.511204][ T5181] loop0: rw=524288, want=6536, limit=16
[  148.527811][ T5187] loop4: detected capacity change from 0 to 128
[  148.609590][ T5181] attempt to access beyond end of device
[  148.609590][ T5181] loop0: rw=524288, want=24, limit=16
[  148.660407][ T5181] attempt to access beyond end of device
[  148.660407][ T5181] loop0: rw=524288, want=736, limit=16
[  148.710927][ T5181] attempt to access beyond end of device
[  148.710927][ T5181] loop0: rw=524288, want=536576872, limit=16
[  148.743335][ T5187] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,acl,,errors=continue. Quota mode: writeback.
[  148.812188][ T5187] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.107998][   T23] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  149.510972][   T23] usb 4-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  149.554108][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.864878][   T23] usb 4-1: config 0 descriptor??
[  150.322787][ T5208] program syz.0.247 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  150.950604][ T5194] udc-core: couldn't find an available UDC or it's busy
[  150.961258][ T5194] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  151.446504][ T5217] tipc: Started in network mode
[  151.462816][ T5217] tipc: Node identity 36e4d83cad0c, cluster identity 4711
[  151.481088][ T5217] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.663819][ T5217] device syzkaller0 entered promiscuous mode
[  151.685522][   T26] audit: type=1326 audit(1745887664.484:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5221 comm="syz.1.253" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f15f5880969 code=0x0
[  151.711729][ T5216] tipc: Resetting bearer <eth:syzkaller0>
[  151.749782][ T5216] tipc: Disabling bearer <eth:syzkaller0>
[  152.337839][   T23] pegasus 4-1:0.0: can't reset MAC
[  152.343913][   T23] pegasus: probe of 4-1:0.0 failed with error -5
[  152.376791][   T23] usb 4-1: USB disconnect, device number 5
[  152.793475][ T5240] loop4: detected capacity change from 0 to 512
[  154.367763][ T5240] EXT4-fs (loop4): Mount option "noacl" will be removed by 3.5
[  154.367763][ T5240] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  154.367763][ T5240] 
[  154.462009][ T5240] EXT4-fs (loop4): Ignoring removed oldalloc option
[  154.533881][ T5240] EXT4-fs (loop4): mounted filesystem without journal. Opts: min_batch_time=0x000000000000008b,dioread_lock,nodelalloc,noacl,noquota,oldalloc,nobarrier,,errors=continue. Quota mode: none.
[  154.572556][ T5254] netlink: 'syz.0.262': attribute type 10 has an invalid length.
[  154.687168][ T5240] EXT4-fs error (device loop4): ext4_map_blocks:628: inode #2: block 3: comm syz.4.257: lblock 0 mapped to illegal pblock 3 (length 1)
[  154.757633][ T5240] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.257: error -117 reading directory block
[  154.809029][ T5261] device vlan2 entered promiscuous mode
[  154.968606][ T5250] loop3: detected capacity change from 0 to 32768
[  155.037485][ T5260] EXT4-fs error (device loop4): ext4_map_blocks:628: inode #2: block 3: comm syz.4.257: lblock 0 mapped to illegal pblock 3 (length 1)
[  155.062079][ T5260] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.257: error -117 reading directory block
[  155.101429][ T5262] EXT4-fs error (device loop4): ext4_map_blocks:628: inode #2: block 3: comm syz.4.257: lblock 0 mapped to illegal pblock 3 (length 1)
[  155.259345][ T5262] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.257: error -117 reading directory block
[  155.670115][ T5250] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  155.833424][   T23] lo speed is unknown, defaulting to 1000
[  156.638363][ T5250] syz.3.261 (5250) used greatest stack depth: 20680 bytes left
[  156.861291][ T5265] loop2: detected capacity change from 0 to 32768
[  156.940157][ T4173] ocfs2: Unmounting device (7,3) on (node local)
[  157.013907][ T5294] loop4: detected capacity change from 0 to 2048
[  157.022399][ T5265] XFS (loop2): Mounting V5 Filesystem
[  157.199718][ T5294] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  157.212801][ T5265] XFS (loop2): Ending clean mount
[  157.243890][   T13] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  157.264351][ T5265] XFS (loop2): Quotacheck needed: Please wait.
[  157.391532][   T26] audit: type=1804 audit(1745887669.753:5): pid=5294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.272" name="/newroot/45/file2/bus" dev="loop4" ino=18 res=1 errno=0
[  157.417148][   T13] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  157.453104][   T26] audit: type=1804 audit(1745887669.790:6): pid=5294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.272" name="/newroot/45/file2/bus" dev="loop4" ino=18 res=1 errno=0
[  159.691008][ T5294] EXT4-fs (loop4): shut down requested (2)
[  159.702542][ T5265] XFS (loop2): Quotacheck: Done.
[  159.872882][ T4172] XFS (loop2): Unmounting Filesystem
[  160.906640][ T5331] loop4: detected capacity change from 0 to 1024
[  160.952634][ T5330] block device autoloading is deprecated. It will be removed in Linux 5.19
[  161.056996][ T5331] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  161.158708][ T5331] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  161.317219][ T5331] ext4 filesystem being mounted at /47/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.358344][ T5346] netlink: 4 bytes leftover after parsing attributes in process `syz.2.281'.
[  161.504210][ T5331] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  161.561168][ T5331] EXT4-fs (loop4): Remounting filesystem read-only
[  162.635444][ T5355] loop3: detected capacity change from 0 to 64
[  163.843794][ T5369] loop4: detected capacity change from 0 to 2048
[  164.064274][ T4213] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  164.550333][ T4214] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  164.679449][ T5369] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.189044][ T4214] usb 1-1: Using ep0 maxpacket: 32
[  165.340186][ T4213] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  165.398848][ T4213] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.663842][ T4213] usb 3-1: config 0 descriptor??
[  166.517292][ T5363] loop2: detected capacity change from 0 to 8
[  166.679525][ T5363] squashfs: Unknown parameter ''
[  167.163742][ T4214] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  167.172825][ T4214] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.186355][ T4214] usb 1-1: Product: syz
[  167.190559][ T4214] usb 1-1: Manufacturer: syz
[  167.198975][ T4214] usb 1-1: config 0 descriptor??
[  167.218000][ T4214] usb 1-1: can't set config #0, error -71
[  167.225589][ T4214] usb 1-1: USB disconnect, device number 7
[  167.321101][ T4213] pegasus: probe of 3-1:0.0 failed with error -71
[  167.347642][ T4213] usb 3-1: USB disconnect, device number 4
[  167.776938][ T5392] loop3: detected capacity change from 0 to 1024
[  168.802137][ T5392] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  168.873186][ T5408] netlink: 4 bytes leftover after parsing attributes in process `syz.1.304'.
[  168.891399][ T5392] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  169.040197][ T5392] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.877698][ T5392] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  169.908282][ T5392] EXT4-fs (loop3): Remounting filesystem read-only
[  175.049020][ T5453] loop0: detected capacity change from 0 to 2048
[  175.618666][ T5453] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.811497][ T5460] loop3: detected capacity change from 0 to 1024
[  175.835497][ T5462] loop2: detected capacity change from 0 to 64
[  175.875606][ T5460] EXT4-fs (loop3): Ignoring removed nobh option
[  175.882271][ T5460] EXT4-fs (loop3): Ignoring removed bh option
[  175.900241][ T5460] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  176.085451][ T5460] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier,dioread_lock,data_err=ignore,resgid=0x0000000000000000,data_err=ignore,jqfmt=vfsv0,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: none.
[  176.401129][ T5468] EXT4-fs (loop3): shut down requested (1)
[  176.473985][ T5468] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz.3.321: error -117 reading directory block
[  176.480306][ T4388] hfs: request for non-existent node 1317 in B*Tree
[  176.535740][ T4388] hfs: request for non-existent node 1317 in B*Tree
[  176.539342][ T5472] loop4: detected capacity change from 0 to 1024
[  176.585383][ T5472] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  176.667561][ T5472] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  176.809670][ T5472] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  176.839172][ T5472] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  176.872110][ T4173] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1083: inode #2: lblock 0: comm syz-executor: error -117 reading directory block
[  176.921579][ T5472] EXT4-fs (loop4): Remounting filesystem read-only
[  178.081652][ T5485] xt_policy: output policy not valid in PREROUTING and INPUT
[  182.092080][ T4257] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.197156][ T4257] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.259823][ T4257] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.343690][ T4257] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.477468][ T4173] syz-executor (4173) used greatest stack depth: 20096 bytes left
[  184.573853][ T5523] loop0: detected capacity change from 0 to 1024
[  184.804410][ T5523] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  184.998789][ T5523] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  185.062360][ T5523] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.197813][ T4214] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  185.632077][ T4214] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  185.791481][ T4214] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.819970][ T5523] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  185.887520][ T4214] usb 5-1: config 0 descriptor??
[  185.904491][ T5523] EXT4-fs (loop0): Remounting filesystem read-only
[  186.491181][ T4180] Bluetooth: hci3: link tx timeout
[  186.501161][ T4180] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  187.223084][  T146] Bluetooth: hci3: link tx timeout
[  187.228333][  T146] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  187.294881][ T4214] [drm] Initialized udl 0.0.1 20120220 for 5-1:0.0 on minor 2
[  187.298088][ T5551] lo speed is unknown, defaulting to 1000
[  187.329986][ T5560] loop2: detected capacity change from 0 to 2048
[  187.330815][ T4214] [drm] Initialized udl on minor 2
[  188.557732][ T4214] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffff92
[  188.702897][ T5560] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,journal_dev=0x000000000000009b,nobarrier,,errors=continue. Quota mode: none.
[  188.752727][ T4214] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  188.801149][ T5560] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  188.810770][ T4214] usb 5-1: USB disconnect, device number 3
[  188.820856][ T5560] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 34 with error 28
[  188.834169][ T5560] EXT4-fs (loop2): This should not happen!! Data will be lost
[  188.834169][ T5560] 
[  188.870749][ T5560] EXT4-fs (loop2): Total free blocks count 0
[  188.891271][ T4212] Bluetooth: hci3: command 0x0406 tx timeout
[  188.953692][ T5560] EXT4-fs (loop2): Free/Dirty block details
[  188.980174][ T5205] Bluetooth: hci4: command 0x0409 tx timeout
[  189.043374][ T5560] EXT4-fs (loop2): free_blocks=2415919104
[  189.237522][ T5560] EXT4-fs (loop2): dirty_blocks=48
[  189.285647][ T5560] EXT4-fs (loop2): Block reservation details
[  189.324167][ T5560] EXT4-fs (loop2): i_reserved_data_blocks=3
[  189.365911][ T5582] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 2 with error 28
[  189.427590][ T5582] EXT4-fs (loop2): This should not happen!! Data will be lost
[  189.427590][ T5582] 
[  189.654860][ T5551] chnl_net:caif_netlink_parms(): no params data found
[  190.671956][ T5551] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.680440][ T5551] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.699378][ T5551] device bridge_slave_0 entered promiscuous mode
[  190.708376][ T5551] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.716216][ T5551] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.724234][ T5551] device bridge_slave_1 entered promiscuous mode
[  190.765846][ T5551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.787742][ T4257] device hsr_slave_0 left promiscuous mode
[  190.795944][ T4257] device hsr_slave_1 left promiscuous mode
[  190.803849][ T4257] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.811330][ T4257] batman_adv: batadv0: Removing interface: batadv_slave_0
[  190.819871][ T4257] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  190.827433][ T4257] batman_adv: batadv0: Removing interface: batadv_slave_1
[  190.835849][ T4257] device bridge_slave_1 left promiscuous mode
[  190.843661][ T4257] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.860440][ T4257] device bridge_slave_0 left promiscuous mode
[  190.866970][ T4257] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.890056][ T4257] device veth1_macvtap left promiscuous mode
[  190.896517][ T4257] device veth0_macvtap left promiscuous mode
[  190.903261][ T4257] device veth1_vlan left promiscuous mode
[  190.910008][ T4257] device veth0_vlan left promiscuous mode
[  191.076517][ T4257] team0 (unregistering): Port device team_slave_1 removed
[  191.090414][ T4257] team0 (unregistering): Port device team_slave_0 removed
[  191.105758][ T4257] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.120290][ T4257] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.188126][ T4257] bond0 (unregistering): Released all slaves
[  191.234455][   T13] Bluetooth: hci4: command 0x041b tx timeout
[  191.251534][ T5551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.281884][ T5551] team0: Port device team_slave_0 added
[  191.295013][ T5551] team0: Port device team_slave_1 added
[  191.332533][ T5551] batman_adv: batadv0: Adding interface: batadv_slave_0
[  191.339527][ T5551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.368353][ T5551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  191.393566][ T5551] batman_adv: batadv0: Adding interface: batadv_slave_1
[  191.405563][ T5551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  191.434586][ T5551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  191.472570][ T5551] device hsr_slave_0 entered promiscuous mode
[  191.481466][ T5551] device hsr_slave_1 entered promiscuous mode
[  191.687482][ T5551] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  191.705564][ T5551] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  191.721900][ T5551] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  191.732246][ T5551] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  191.924867][ T5551] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.946896][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  191.956001][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  191.974181][ T5551] 8021q: adding VLAN 0 to HW filter on device team0
[  191.985783][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  191.996010][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  192.004971][ T4388] bridge0: port 1(bridge_slave_0) entered blocking state
[  192.012065][ T4388] bridge0: port 1(bridge_slave_0) entered forwarding state
[  192.033242][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  192.053863][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  192.075000][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  192.086709][ T4388] bridge0: port 2(bridge_slave_1) entered blocking state
[  192.093854][ T4388] bridge0: port 2(bridge_slave_1) entered forwarding state
[  192.112756][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  192.178235][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  192.194028][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  192.225959][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  192.239448][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  192.267156][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  192.277075][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  192.300933][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  192.315020][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  192.343864][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  192.369063][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  192.403469][ T5551] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  192.588728][ T3069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  192.602134][ T3069] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  192.617274][ T5551] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.959267][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  192.974501][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  192.997144][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  193.009085][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  193.020950][ T5551] device veth0_vlan entered promiscuous mode
[  193.028984][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  193.038728][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  193.052963][ T5551] device veth1_vlan entered promiscuous mode
[  193.079177][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  193.100204][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  193.110646][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  193.119379][ T4724] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  193.139896][ T5551] device veth0_macvtap entered promiscuous mode
[  193.154642][ T5551] device veth1_macvtap entered promiscuous mode
[  193.212322][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.234616][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.246026][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.262816][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.276364][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.287126][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.297067][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.307680][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.320196][ T5551] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.330596][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  193.342030][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  193.350681][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  193.359676][  T419] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  193.370619][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.381752][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.392666][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.409480][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.419739][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.436392][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.448592][ T5551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.459675][ T5551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.471126][ T5551] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.484569][ T3069] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  193.495187][ T3069] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  193.503635][ T4321] Bluetooth: hci4: command 0x040f tx timeout
[  193.509709][ T5551] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.519996][ T5551] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.529426][ T5551] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.538981][ T5551] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.670203][  T419] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.695035][  T419] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.736155][ T3069] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  193.753376][ T3069] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  193.771234][ T3069] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  193.795402][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  193.926867][ T5688] loop2: detected capacity change from 0 to 1024
[  194.038918][ T5693] loop5: detected capacity change from 0 to 2048
[  194.092366][ T5695] netlink: 20 bytes leftover after parsing attributes in process `syz.4.368'.
[  194.163191][ T5688] EXT4-fs (loop2): Ignoring removed orlov option
[  194.175113][ T5693] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.444055][ T4210] Bluetooth: hci1: command 0x0406 tx timeout
[  194.601876][ T5688] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,quota,errors=remount-ro,grpid,orlov,. Quota mode: writeback.
[  194.930639][ T4213] Bluetooth: hci2: command 0x0406 tx timeout
[  194.936714][ T4213] Bluetooth: hci0: command 0x0406 tx timeout
[  195.507753][ T5724] netlink: 8 bytes leftover after parsing attributes in process `syz.2.359'.
[  195.534153][ T5724] device vlan0 entered promiscuous mode
[  196.510992][ T4213] Bluetooth: hci4: command 0x0419 tx timeout
[  196.543963][ T5735] loop0: detected capacity change from 0 to 2048
[  196.744148][ T5735] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  199.365260][ T5767] loop2: detected capacity change from 0 to 256
[  199.752309][ T5774] binder: 5770:5774 ioctl c0306201 200000000680 returned -11
[  201.003297][ T5786] loop5: detected capacity change from 0 to 1024
[  201.227756][ T5784] bond0: (slave vlan2): Enslaving as an active interface with an up link
[  201.260878][ T5786] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  202.599778][ T5786] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  202.625111][ T5786] ext4 filesystem being mounted at /1/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.288744][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  203.295152][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  203.395041][ T5813] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  203.718101][ T5813] EXT4-fs (loop5): Remounting filesystem read-only
[  206.107531][ T5834] Zero length message leads to an empty skb
[  206.723887][ T5853] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  206.726089][ T5849] loop4: detected capacity change from 0 to 2048
[  206.765351][ T5851] loop5: detected capacity change from 0 to 16
[  206.821331][ T5851] erofs: (device loop5): mounted with root inode @ nid 36.
[  206.847095][ T5849] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  206.866702][ T5851] attempt to access beyond end of device
[  206.866702][ T5851] loop5: rw=0, want=24, limit=16
[  206.876429][ T5857] loop0: detected capacity change from 0 to 2048
[  206.935114][ T5857] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  207.025449][   T26] audit: type=1326 audit(1745887715.556:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5859 comm="syz.5.392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d9ee6c969 code=0x0
[  207.233336][ T5865] loop2: detected capacity change from 0 to 1024
[  207.662964][ T4726] hfsplus: b-tree write err: -5, ino 4
[  208.366839][ T5882] overlayfs: failed to resolve './file1': -2
[  209.795055][ T5904] loop4: detected capacity change from 0 to 256
[  210.480477][ T5904] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  210.506389][ T5910] loop0: detected capacity change from 0 to 2048
[  210.638944][ T5910] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  212.034339][ T5934] loop4: detected capacity change from 0 to 8192
[  212.153268][ T5934] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  212.162578][ T5934] REISERFS (device loop4): using ordered data mode
[  212.169348][ T5934] reiserfs: using flush barriers
[  212.223372][ T5934] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  212.314935][ T5934] REISERFS (device loop4): checking transaction log (loop4)
[  212.585453][ T5934] REISERFS (device loop4): Using tea hash to sort names
[  212.595914][ T5934] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  212.873449][ T4208] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  212.958974][ T5939] loop2: detected capacity change from 0 to 40427
[  213.044146][ T5939] F2FS-fs (loop2): invalid crc value
[  213.114564][ T5939] F2FS-fs (loop2): Found nat_bits in checkpoint
[  213.232508][ T5939] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  213.289547][ T4208] usb 6-1: config 0 has an invalid interface number: 106 but max is 0
[  213.303057][ T4208] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.330924][ T4208] usb 6-1: config 0 has no interface number 0
[  213.365020][ T4208] usb 6-1: config 0 interface 106 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  213.391911][ T5960] loop0: detected capacity change from 0 to 1764
[  213.391980][ T4208] usb 6-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  213.416414][ T5939] attempt to access beyond end of device
[  213.416414][ T5939] loop2: rw=0, want=45072, limit=40427
[  213.429711][ T4208] usb 6-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  213.446533][ T4208] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.456996][ T4208] usb 6-1: config 0 descriptor??
[  213.734245][ T4208] usb 6-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  213.760951][ T5966] iso9660: Corrupted directory entry in block 2 of inode 1920
[  213.884166][   T26] audit: type=1800 audit(1745887721.876:8): pid=5939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.417" name="file0" dev="loop2" ino=20 res=0 errno=0
[  213.913679][ T5939] F2FS-fs (loop2): access invalid blkaddr:2816
[  213.922815][ T4208] usb 6-1: USB disconnect, device number 2
[  213.939670][  T144] usb 6-1: Failed to submit usb control message: -71
[  213.951049][  T144] usb 6-1: unable to send the bmi data to the device: -71
[  213.965214][ T5939] CPU: 1 PID: 5939 Comm: syz.2.417 Not tainted 5.15.180-syzkaller #0
[  213.973336][ T5939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  213.983406][ T5939] Call Trace:
[  213.986693][ T5939]  <TASK>
[  213.989652][ T5939]  dump_stack_lvl+0x168/0x230
[  213.994355][ T5939]  ? show_regs_print_info+0x20/0x20
[  213.999570][ T5939]  ? f2fs_get_next_page_offset+0x6a0/0x6a0
[  214.005387][ T5939]  ? stack_trace_save+0xe0/0xe0
[  214.010278][ T5939]  f2fs_is_valid_blkaddr+0xc7e/0x1250
[  214.015668][ T5939]  f2fs_map_blocks+0xbd0/0x3310
[  214.020552][ T5939]  ? f2fs_force_buffered_io+0x680/0x680
[  214.026108][ T5939]  ? xa_load+0x286/0x2a0
[  214.030360][ T5939]  f2fs_mpage_readpages+0xc53/0x21f0
[  214.035679][ T5939]  ? dquot_release_reservation_block+0xa0/0xa0
[  214.041858][ T5939]  ? f2fs_is_compress_backend_ready+0x99/0x120
[  214.048040][ T5939]  ? f2fs_readahead+0x163/0x2f0
[  214.052898][ T5939]  ? f2fs_set_data_page_dirty+0xad0/0xad0
[  214.058624][ T5939]  read_pages+0x165/0x920
[  214.062969][ T5939]  ? page_cache_ra_unbounded+0x930/0x930
[  214.068609][ T5939]  ? add_to_page_cache_lru+0x2a8/0x4a0
[  214.074084][ T5939]  page_cache_ra_unbounded+0x830/0x930
[  214.079563][ T5939]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  214.086094][ T5939]  f2fs_readdir+0x471/0xd40
[  214.090636][ T5939]  ? f2fs_fill_dentries+0xce0/0xce0
[  214.095855][ T5939]  ? end_current_label_crit_section+0x14b/0x170
[  214.102104][ T5939]  ? preempt_count_add+0x8d/0x190
[  214.107136][ T5939]  ? down_read_killable+0x1ce/0x340
[  214.112336][ T5939]  ? fsnotify_perm+0x254/0x560
[  214.117107][ T5939]  iterate_dir+0x218/0x560
[  214.121528][ T5939]  ? f2fs_fill_dentries+0xce0/0xce0
[  214.126737][ T5939]  __se_sys_getdents64+0xe5/0x260
[  214.131855][ T5939]  ? __x64_sys_getdents64+0x80/0x80
[  214.137056][ T5939]  ? filldir+0x720/0x720
[  214.141391][ T5939]  ? vtime_user_exit+0x2dc/0x400
[  214.146334][ T5939]  ? lockdep_hardirqs_on+0x94/0x140
[  214.151537][ T5939]  do_syscall_64+0x4c/0xa0
[  214.155959][ T5939]  ? clear_bhb_loop+0x15/0x70
[  214.160632][ T5939]  ? clear_bhb_loop+0x15/0x70
[  214.165309][ T5939]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  214.171214][ T5939] RIP: 0033:0x7fd360190969
[  214.175634][ T5939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.195249][ T5939] RSP: 002b:00007fd35dff8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  214.203675][ T5939] RAX: ffffffffffffffda RBX: 00007fd3603b7fa0 RCX: 00007fd360190969
[  214.211647][ T5939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  214.219618][ T5939] RBP: 00007fd360212ab1 R08: 0000000000000000 R09: 0000000000000000
[  214.227587][ T5939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  214.235563][ T5939] R13: 0000000000000000 R14: 00007fd3603b7fa0 R15: 00007fff6e81f008
[  214.243557][ T5939]  </TASK>
[  214.258736][  T144] usb 6-1: unable to get target info from device
[  214.272442][  T144] usb 6-1: could not get target info (-71)
[  214.279169][ T5939] attempt to access beyond end of device
[  214.279169][ T5939] loop2: rw=0, want=45072, limit=40427
[  214.299276][  T144] usb 6-1: could not probe fw (-71)
[  214.557702][ T4172] attempt to access beyond end of device
[  214.557702][ T4172] loop2: rw=2049, want=45120, limit=40427
[  214.697216][ T5987] loop4: detected capacity change from 0 to 64
[  214.996068][ T5995] loop0: detected capacity change from 0 to 2048
[  215.039568][ T5992] loop5: detected capacity change from 0 to 32768
[  215.073765][ T5987] gfs2: path_lookup on c::: returned error -2
[  215.320015][ T5995] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  215.684371][ T6011] netlink: 'syz.2.424': attribute type 1 has an invalid length.
[  215.832532][ T6014] loop4: detected capacity change from 0 to 64
[  215.847499][ T6011] 8021q: adding VLAN 0 to HW filter on device bond2
[  216.006018][ T6011] device veth3 entered promiscuous mode
[  216.065346][ T6011] bond2: (slave veth3): Enslaving as a backup interface with a down link
[  217.651520][ T6033] loop2: detected capacity change from 0 to 256
[  218.124598][ T6051] loop5: detected capacity change from 0 to 40427
[  218.238331][ T6051] F2FS-fs (loop5): invalid crc value
[  218.316620][ T6051] F2FS-fs (loop5): Found nat_bits in checkpoint
[  218.417657][ T6051] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  218.647798][ T5551] F2FS-fs (loop5): access invalid blkaddr:2816
[  218.656661][ T5551] CPU: 0 PID: 5551 Comm: syz-executor Not tainted 5.15.180-syzkaller #0
[  218.665047][ T5551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  218.675125][ T5551] Call Trace:
[  218.678422][ T5551]  <TASK>
[  218.681370][ T5551]  dump_stack_lvl+0x168/0x230
[  218.686073][ T5551]  ? show_regs_print_info+0x20/0x20
[  218.691301][ T5551]  ? f2fs_get_next_page_offset+0x6a0/0x6a0
[  218.697150][ T5551]  ? stack_trace_save+0xe0/0xe0
[  218.702038][ T5551]  f2fs_is_valid_blkaddr+0xc7e/0x1250
[  218.707443][ T5551]  f2fs_map_blocks+0xbd0/0x3310
[  218.712350][ T5551]  ? f2fs_force_buffered_io+0x680/0x680
[  218.717925][ T5551]  ? xa_load+0x286/0x2a0
[  218.722198][ T5551]  f2fs_mpage_readpages+0xc53/0x21f0
[  218.727543][ T5551]  ? dquot_release_reservation_block+0xa0/0xa0
[  218.733743][ T5551]  ? f2fs_is_compress_backend_ready+0x99/0x120
[  218.739929][ T5551]  ? f2fs_readahead+0x163/0x2f0
[  218.744799][ T5551]  ? f2fs_set_data_page_dirty+0xad0/0xad0
[  218.750551][ T5551]  read_pages+0x165/0x920
[  218.754914][ T5551]  ? page_cache_ra_unbounded+0x930/0x930
[  218.760576][ T5551]  ? add_to_page_cache_lru+0x2a8/0x4a0
[  218.766066][ T5551]  page_cache_ra_unbounded+0x830/0x930
[  218.771576][ T5551]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  218.778122][ T5551]  f2fs_readdir+0x471/0xd40
[  218.782679][ T5551]  ? f2fs_fill_dentries+0xce0/0xce0
[  218.787903][ T5551]  ? end_current_label_crit_section+0x14b/0x170
[  218.794179][ T5551]  ? preempt_count_add+0x8d/0x190
[  218.799323][ T5551]  ? down_read_killable+0x1ce/0x340
[  218.804562][ T5551]  ? fsnotify_perm+0x254/0x560
[  218.809360][ T5551]  iterate_dir+0x218/0x560
[  218.813809][ T5551]  ? f2fs_fill_dentries+0xce0/0xce0
[  218.819032][ T5551]  __se_sys_getdents64+0xe5/0x260
[  218.824087][ T5551]  ? __x64_sys_getdents64+0x80/0x80
[  218.829306][ T5551]  ? filldir+0x720/0x720
[  218.833569][ T5551]  ? vtime_user_exit+0x2dc/0x400
[  218.838530][ T5551]  ? lockdep_hardirqs_on+0x94/0x140
[  218.843751][ T5551]  do_syscall_64+0x4c/0xa0
[  218.848185][ T5551]  ? clear_bhb_loop+0x15/0x70
[  218.852891][ T5551]  ? clear_bhb_loop+0x15/0x70
[  218.857599][ T5551]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  218.863518][ T5551] RIP: 0033:0x7f0d9ee9f2d3
[  218.867954][ T5551] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  218.887584][ T5551] RSP: 002b:00007ffea70fbae8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  218.896026][ T5551] RAX: ffffffffffffffda RBX: 000055555c129600 RCX: 00007f0d9ee9f2d3
[  218.904029][ T5551] RDX: 0000000000008000 RSI: 000055555c129600 RDI: 0000000000000005
[  218.912021][ T5551] RBP: 000055555c1295d4 R08: 0000000000000000 R09: 0000000000000000
[  218.920017][ T5551] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  218.928008][ T5551] R13: 0000000000000010 R14: 000055555c1295d0 R15: 00007ffea70fdda0
[  218.936022][ T5551]  </TASK>
[  219.164672][ T5551] F2FS-fs (loop5): access invalid blkaddr:2816
[  219.690983][ T5551] CPU: 1 PID: 5551 Comm: syz-executor Not tainted 5.15.180-syzkaller #0
[  219.699371][ T5551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  219.709452][ T5551] Call Trace:
[  219.712745][ T5551]  <TASK>
[  219.715684][ T5551]  dump_stack_lvl+0x168/0x230
[  219.720384][ T5551]  ? show_regs_print_info+0x20/0x20
[  219.725603][ T5551]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  219.731261][ T5551]  f2fs_is_valid_blkaddr+0xc7e/0x1250
[  219.736662][ T5551]  f2fs_map_blocks+0xbd0/0x3310
[  219.741569][ T5551]  ? f2fs_force_buffered_io+0x680/0x680
[  219.747144][ T5551]  ? xa_load+0x286/0x2a0
[  219.751415][ T5551]  f2fs_mpage_readpages+0xc53/0x21f0
[  219.756752][ T5551]  ? dquot_release_reservation_block+0xa0/0xa0
[  219.762954][ T5551]  ? f2fs_is_compress_backend_ready+0x99/0x120
[  219.769145][ T5551]  ? f2fs_readahead+0x163/0x2f0
[  219.774022][ T5551]  ? f2fs_set_data_page_dirty+0xad0/0xad0
[  219.779777][ T5551]  read_pages+0x165/0x920
[  219.784158][ T5551]  ? page_cache_ra_unbounded+0x930/0x930
[  219.789827][ T5551]  ? add_to_page_cache_lru+0x2a8/0x4a0
[  219.795317][ T5551]  page_cache_ra_unbounded+0x830/0x930
[  219.800902][ T5551]  ? read_cache_pages_invalidate_pages+0x1c0/0x1c0
[  219.807436][ T5551]  f2fs_readdir+0x471/0xd40
[  219.811985][ T5551]  ? f2fs_fill_dentries+0xce0/0xce0
[  219.817221][ T5551]  ? end_current_label_crit_section+0x14b/0x170
[  219.823587][ T5551]  ? preempt_count_add+0x8d/0x190
[  219.828627][ T5551]  ? down_read_killable+0x1ce/0x340
[  219.833840][ T5551]  ? fsnotify_perm+0x254/0x560
[  219.838632][ T5551]  iterate_dir+0x218/0x560
[  219.843077][ T5551]  ? f2fs_fill_dentries+0xce0/0xce0
[  219.848315][ T5551]  __se_sys_getdents64+0xe5/0x260
[  219.853367][ T5551]  ? __x64_sys_getdents64+0x80/0x80
[  219.858584][ T5551]  ? filldir+0x720/0x720
[  219.862850][ T5551]  ? vtime_user_exit+0x2dc/0x400
[  219.867818][ T5551]  ? lockdep_hardirqs_on+0x94/0x140
[  219.873053][ T5551]  do_syscall_64+0x4c/0xa0
[  219.877505][ T5551]  ? clear_bhb_loop+0x15/0x70
[  219.882398][ T5551]  ? clear_bhb_loop+0x15/0x70
[  219.887104][ T5551]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  219.893034][ T5551] RIP: 0033:0x7f0d9ee9f2d3
[  219.897483][ T5551] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 52 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  219.917113][ T5551] RSP: 002b:00007ffea70fbae8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  219.925591][ T5551] RAX: ffffffffffffffda RBX: 000055555c129600 RCX: 00007f0d9ee9f2d3
[  219.933588][ T5551] RDX: 0000000000008000 RSI: 000055555c129600 RDI: 0000000000000005
[  219.941592][ T5551] RBP: 000055555c1295d4 R08: 0000000000000000 R09: 0000000000000000
[  219.949701][ T5551] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  219.957711][ T5551] R13: 0000000000000010 R14: 000055555c1295d0 R15: 00007ffea70fdda0
[  219.965731][ T5551]  </TASK>
[  219.987033][ T5551] attempt to access beyond end of device
[  219.987033][ T5551] loop5: rw=0, want=45072, limit=40427
[  222.127630][ T4388] attempt to access beyond end of device
[  222.127630][ T4388] loop5: rw=2049, want=40992, limit=40427
[  222.142113][ T6103] loop2: detected capacity change from 0 to 2048
[  222.338697][ T6103] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.611066][ T6117] netlink: 16 bytes leftover after parsing attributes in process `syz.4.449'.
[  225.700541][ T4724] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.763561][ T6136] loop4: detected capacity change from 0 to 1024
[  225.847564][ T4724] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.875814][ T6136] EXT4-fs (loop4): Ignoring removed orlov option
[  226.365611][ T6136] EXT4-fs (loop4): mounted filesystem without journal. Opts: nombcache,nobarrier,nodiscard,orlov,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  226.707191][ T4724] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.763693][   T26] audit: type=1800 audit(1745887733.761:9): pid=6136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.452" name="file1" dev="loop4" ino=19 res=0 errno=0
[  226.854473][ T6151] loop0: detected capacity change from 0 to 64
[  227.313537][   T26] audit: type=1800 audit(1745887734.203:10): pid=6152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.452" name="file1" dev="loop4" ino=19 res=0 errno=0
[  227.342999][ T4724] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.858567][ T4257] attempt to access beyond end of device
[  227.858567][ T4257] loop0: rw=1, want=162, limit=64
[  227.923233][ T4257] Buffer I/O error on dev loop0, logical block 161, lost async page write
[  227.969613][ T4257] attempt to access beyond end of device
[  227.969613][ T4257] loop0: rw=1, want=163, limit=64
[  228.175396][ T4257] Buffer I/O error on dev loop0, logical block 162, lost async page write
[  228.187520][ T4257] attempt to access beyond end of device
[  228.187520][ T4257] loop0: rw=1, want=164, limit=64
[  228.199663][ T4257] Buffer I/O error on dev loop0, logical block 163, lost async page write
[  228.208639][ T4257] attempt to access beyond end of device
[  228.208639][ T4257] loop0: rw=1, want=168, limit=64
[  228.220122][ T4257] Buffer I/O error on dev loop0, logical block 167, lost async page write
[  228.263866][ T4257] attempt to access beyond end of device
[  228.263866][ T4257] loop0: rw=1, want=170, limit=64
[  228.439930][ T4257] Buffer I/O error on dev loop0, logical block 169, lost async page write
[  228.616843][ T4257] attempt to access beyond end of device
[  228.616843][ T4257] loop0: rw=1, want=172, limit=64
[  228.891328][ T4257] Buffer I/O error on dev loop0, logical block 171, lost async page write
[  229.356499][ T4257] attempt to access beyond end of device
[  229.356499][ T4257] loop0: rw=1, want=173, limit=64
[  229.538042][ T4257] Buffer I/O error on dev loop0, logical block 172, lost async page write
[  229.546913][ T4257] attempt to access beyond end of device
[  229.546913][ T4257] loop0: rw=1, want=174, limit=64
[  229.557983][ T4257] Buffer I/O error on dev loop0, logical block 173, lost async page write
[  229.566638][ T4257] attempt to access beyond end of device
[  229.566638][ T4257] loop0: rw=1, want=175, limit=64
[  229.577384][ T4257] Buffer I/O error on dev loop0, logical block 174, lost async page write
[  229.586043][ T4257] attempt to access beyond end of device
[  229.586043][ T4257] loop0: rw=1, want=176, limit=64
[  229.596692][ T4257] Buffer I/O error on dev loop0, logical block 175, lost async page write
[  229.748855][ T6177] loop4: detected capacity change from 0 to 1024
[  229.772920][ T6179] loop0: detected capacity change from 0 to 128
[  230.068884][ T6177] EXT4-fs (loop4): Ignoring removed nobh option
[  230.078646][ T6177] EXT4-fs (loop4): Ignoring removed bh option
[  231.291237][ T6177] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  231.401623][ T6186] netlink: 12 bytes leftover after parsing attributes in process `syz.2.453'.
[  231.419667][ T6177] EXT4-fs (loop4): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  231.582409][ T6187] lo speed is unknown, defaulting to 1000
[  232.127973][ T6187] chnl_net:caif_netlink_parms(): no params data found
[  232.214498][ T6187] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.221689][ T6187] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.230957][ T6187] device bridge_slave_0 entered promiscuous mode
[  232.258273][ T6187] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.265393][ T6187] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.274555][ T6187] device bridge_slave_1 entered promiscuous mode
[  232.327996][ T6187] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.371991][ T6187] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.402273][ T4724] device hsr_slave_0 left promiscuous mode
[  232.409246][ T4724] device hsr_slave_1 left promiscuous mode
[  232.416027][ T4724] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  232.424534][ T4724] batman_adv: batadv0: Removing interface: batadv_slave_0
[  232.432722][ T4724] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.440357][ T4724] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.448039][ T4724] device bridge_slave_1 left promiscuous mode
[  232.454390][ T4724] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.466835][ T4724] device bridge_slave_0 left promiscuous mode
[  232.473464][ T4724] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.486850][ T4724] device veth1_macvtap left promiscuous mode
[  232.492966][ T4724] device veth0_macvtap left promiscuous mode
[  232.499231][ T4724] device veth1_vlan left promiscuous mode
[  232.509461][ T4724] device veth0_vlan left promiscuous mode
[  232.692578][ T4724] team0 (unregistering): Port device team_slave_1 removed
[  232.706326][ T4724] team0 (unregistering): Port device team_slave_0 removed
[  232.720749][ T4724] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  232.736167][ T4724] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  232.764594][ T2856] Bluetooth: hci4: command 0x0409 tx timeout
[  232.808809][ T4724] bond0 (unregistering): Released all slaves
[  232.858234][ T6187] team0: Port device team_slave_0 added
[  232.867118][ T6187] team0: Port device team_slave_1 added
[  232.908477][ T6187] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.915738][ T6187] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.943916][ T6187] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.956389][ T6187] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.963604][ T6187] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.990756][ T6187] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.116717][ T6187] device hsr_slave_0 entered promiscuous mode
[  233.123974][ T6187] device hsr_slave_1 entered promiscuous mode
[  233.347895][ T6187] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  233.358168][ T6187] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  233.367816][ T6187] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  233.377558][ T6187] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  233.479789][ T6187] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.519512][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  233.538426][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  233.557724][ T6187] 8021q: adding VLAN 0 to HW filter on device team0
[  233.569294][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  233.592462][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  233.606360][ T4388] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.613512][ T4388] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.633157][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  233.642045][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  233.652076][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  233.661048][ T4388] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.668181][ T4388] bridge0: port 2(bridge_slave_1) entered forwarding state
[  233.678605][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  233.688124][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  233.708833][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  233.721786][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  233.733942][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  233.750636][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  233.765521][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  233.774704][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  233.788152][ T6187] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  233.799922][ T6187] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  233.808632][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  233.824764][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  233.836536][ T4388] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  234.007426][ T4257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  234.022313][ T4257] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  234.036668][ T6187] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.329111][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  234.339413][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  234.377140][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  234.397264][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  234.408148][ T6187] device veth0_vlan entered promiscuous mode
[  234.423003][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  234.430995][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  234.463259][ T6187] device veth1_vlan entered promiscuous mode
[  234.511024][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  234.534160][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  234.555772][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  234.588552][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  234.599890][ T6187] device veth0_macvtap entered promiscuous mode
[  234.634205][ T6187] device veth1_macvtap entered promiscuous mode
[  234.677098][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.689876][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.708648][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.722795][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.736390][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.748198][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.758315][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  234.777846][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.789736][ T6187] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.798056][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  234.807039][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  234.821657][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  234.855649][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  234.869327][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.889030][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.898891][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.925656][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.947215][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.959173][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.969681][ T6187] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.980488][ T6187] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.998611][ T6187] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.007836][ T4257] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  235.018935][   T23] Bluetooth: hci4: command 0x041b tx timeout
[  235.021366][ T4257] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  235.044294][ T6187] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.062592][ T6187] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.071330][ T6187] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.094760][ T6187] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.202787][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.226320][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.249772][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  235.270559][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  235.294227][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.318804][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  235.483075][ T6304] loop6: detected capacity change from 0 to 2048
[  235.641019][ T6304] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  235.691425][ T6304] UDF-fs: Scanning with blocksize 512 failed
[  235.999091][ T6304] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.140499][ T6341] loop6: detected capacity change from 0 to 2048
[  237.400440][ T6346] kvm: pic: non byte read
[  237.413312][ T5205] Bluetooth: hci4: command 0x040f tx timeout
[  237.438646][ T6346] kvm: pic: non byte read
[  237.443333][ T6346] kvm: pic: non byte read
[  237.459242][ T6341] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.501377][ T6346] kvm: pic: non byte read
[  238.907162][ T6372] loop0: detected capacity change from 0 to 1024
[  239.008452][ T6372] UDF-fs: bad mount option "rootdÚ®5Eï¾ðü“@§O�þir=00000000000000000002" or missing value
[  240.162444][ T2856] Bluetooth: hci4: command 0x0419 tx timeout
[  242.461374][ T6402] program syz.2.486 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  245.419451][ T6402] loop2: detected capacity change from 0 to 40427
[  246.597152][ T6472] loop0: detected capacity change from 0 to 512
[  246.626435][ T4178] block nbd2: Receive control failed (result -107)
[  246.760101][ T6465] nbd2: detected capacity change from 0 to 8589934592
[  246.785489][  T150] block nbd2: Dead connection, failed to find a fallback
[  246.792955][  T150] block nbd2: shutting down sockets
[  246.798668][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.810422][  T150] buffer_io_error: 6 callbacks suppressed
[  246.810438][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.832119][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.844795][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.875122][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.886236][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.896018][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.907101][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.915670][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.926693][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.935027][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.945964][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.955247][ T6472] EXT4-fs error (device loop0): ext4_fill_super:4841: inode #2: comm syz.0.499: iget: bad i_size value: -1
[  246.962267][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  246.977404][ T6472] EXT4-fs (loop0): get root inode failed
[  246.979111][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  246.983161][ T6472] EXT4-fs (loop0): mount failed
[  246.992198][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  247.006786][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  247.016608][ T6465] ldm_validate_partition_table(): Disk read failed.
[  247.025897][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  247.036860][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  247.073901][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  247.085455][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  247.099686][ T6465] Dev nbd2: unable to read RDB block 0
[  247.147010][ T6465]  nbd2: unable to read partition table
[  247.166686][ T6465] NILFS (nbd2): unable to read superblock
[  247.366897][ T4296] ldm_validate_partition_table(): Disk read failed.
[  247.683626][ T6488] loop0: detected capacity change from 0 to 128
[  247.773381][ T6488] ADFS-fs (loop0): error: can't find an ADFS filesystem on dev loop0.
[  248.450750][ T4296] Dev nbd2: unable to read RDB block 0
[  248.508158][ T4296]  nbd2: unable to read partition table
[  248.537894][ T6495] loop0: detected capacity change from 0 to 256
[  248.701685][ T4296] ldm_validate_partition_table(): Disk read failed.
[  248.845666][ T4296] Dev nbd2: unable to read RDB block 0
[  248.947135][ T4296]  nbd2: unable to read partition table
[  252.485800][ T6541] loop4: detected capacity change from 0 to 64
[  253.188545][ T6551] netlink: 24 bytes leftover after parsing attributes in process `syz.2.516'.
[  253.189225][   T26] audit: type=1326 audit(1745887758.138:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  253.245562][ T6551] netlink: 24 bytes leftover after parsing attributes in process `syz.2.516'.
[  253.361642][   T26] audit: type=1326 audit(1745887758.138:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.113729][   T26] audit: type=1326 audit(1745887758.138:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.176933][ T6558] loop4: detected capacity change from 0 to 1024
[  254.212496][   T26] audit: type=1326 audit(1745887758.157:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.231786][ T6567] loop0: detected capacity change from 0 to 512
[  254.291210][   T26] audit: type=1326 audit(1745887758.157:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.323536][ T6570] loop2: detected capacity change from 0 to 1024
[  254.333336][ T6558] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  254.337768][   T26] audit: type=1326 audit(1745887758.194:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.366902][   T26] audit: type=1326 audit(1745887758.203:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.406584][ T6570] EXT4-fs (loop2): Unrecognized mount option "defcontext=system_u" or missing value
[  254.432796][   T26] audit: type=1326 audit(1745887758.203:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.462994][   T26] audit: type=1326 audit(1745887758.203:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.485473][ T6567] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  254.545882][   T26] audit: type=1326 audit(1745887758.203:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6556 comm="syz.4.518" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47da8db969 code=0x7ffc0000
[  254.673145][ T6567] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  254.785958][ T6567] EXT4-fs (loop0): 1 truncate cleaned up
[  254.807369][ T6567] EXT4-fs (loop0): mounted filesystem without journal. Opts: init_itable=0x0000000000000000,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,quota,. Quota mode: writeback.
[  255.022099][ T6583] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  258.270408][ T6640] device syzkaller0 entered promiscuous mode
[  259.229560][ T6642] loop4: detected capacity change from 0 to 1024
[  259.452457][ T6653] device syzkaller0 entered promiscuous mode
[  259.491772][ T6642] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  260.774567][ T6676] loop4: detected capacity change from 0 to 512
[  260.794778][ T6666] device syzkaller0 entered promiscuous mode
[  260.934639][ T6676] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  260.998431][ T6676] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  261.079293][ T6683] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  261.862809][ T6676] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.548: corrupted in-inode xattr
[  261.881149][ T6684] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  261.901500][ T6676] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.548: couldn't read orphan inode 15 (err -117)
[  262.108743][ T6688] loop2: detected capacity change from 0 to 40427
[  262.139469][ T6684] tipc: Resetting bearer <eth:macvlan0>
[  262.150351][ T6676] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  262.151966][ T6684] tipc: Resetting bearer <eth:macvlan0>
[  262.195403][ T6688] F2FS-fs (loop2): invalid crc value
[  262.409080][ T6688] F2FS-fs (loop2): Found nat_bits in checkpoint
[  262.966855][ T6688] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[  263.003333][ T6688] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  263.130445][ T6688] handle_bad_sector: 7 callbacks suppressed
[  263.130465][ T6688] attempt to access beyond end of device
[  263.130465][ T6688] loop2: rw=2049, want=45104, limit=40427
[  263.183384][ T1108] tipc: Node number set to 2615728188
[  263.262214][ T6707] loop4: detected capacity change from 0 to 256
[  263.304330][ T6705] loop6: detected capacity change from 0 to 1024
[  264.061164][ T6705] EXT4-fs (loop6): mounted filesystem without journal. Opts: nombcache,abort,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  268.572813][ T4178] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  270.084337][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  270.637369][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  271.132960][ T6823] Cannot find add_set index 0 as target
[  272.007516][ T6826] netlink: 256 bytes leftover after parsing attributes in process `syz.0.572'.
[  273.742214][ T4212] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  273.764823][ T6842] overlayfs: failed to clone upperpath
[  273.817446][   T26] kauditd_printk_skb: 66 callbacks suppressed
[  273.817464][   T26] audit: type=1326 audit(1745887777.174:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  273.863291][ T6846] loop0: detected capacity change from 0 to 1024
[  273.907202][   T26] audit: type=1326 audit(1745887777.211:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  273.946123][   T26] audit: type=1326 audit(1745887777.211:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  273.991709][   T26] audit: type=1326 audit(1745887777.211:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.014481][ T4212] usb 7-1: Using ep0 maxpacket: 8
[  274.054456][   T26] audit: type=1326 audit(1745887777.211:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.072843][ T6857] netlink: 4 bytes leftover after parsing attributes in process `syz.1.592'.
[  274.088988][ T1108] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  274.111102][    C1] vcan0: j1939_xtp_rx_dat: no tx connection found
[  274.118032][    C1] vcan0: j1939_xtp_rx_dat: no rx connection found
[  274.124608][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.132485][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.140379][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.144867][   T26] audit: type=1326 audit(1745887777.211:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.148255][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.178138][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.185982][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.193926][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.198064][   T26] audit: type=1326 audit(1745887777.211:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.201777][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.231822][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.239659][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.247695][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.255574][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.260933][   T26] audit: type=1326 audit(1745887777.211:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.263531][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.263551][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.263600][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.309148][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.317088][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.324918][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.328721][   T26] audit: type=1326 audit(1745887777.211:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.332932][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.362842][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.370776][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.378615][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.386563][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.387349][   T26] audit: type=1326 audit(1745887777.211:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6838 comm="syz.2.587" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fd360190969 code=0x7ffc0000
[  274.394423][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.394498][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.394515][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.394562][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.394576][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.394625][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.463914][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.471860][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.479787][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.487683][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.495573][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.503606][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.511449][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.519396][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.527265][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.535209][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.543039][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.551000][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.558924][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.566882][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.574716][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.582672][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.587715][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.590535][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.602278][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.609329][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.619756][ T1108] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  274.626862][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.626949][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.640959][ T1108] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  274.647871][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.647955][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.656897][ T1108] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.665024][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.665116][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.676274][ T1108] usb 5-1: config 0 descriptor??
[  274.680713][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.718034][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.725861][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.733788][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.741654][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.749538][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.757396][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.765339][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.773209][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.781189][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.789109][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.797050][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.804915][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.812845][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.820786][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.828709][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.836554][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.844504][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.852374][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.860447][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.868371][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.876335][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[  274.884256][    C1] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[  274.907314][ T6846] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  274.921785][ T6846] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.984986][ T6846] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.589: bg 0: block 393: padding at end of block bitmap is not set
[  275.030871][ T6846] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[  275.043925][ T4212] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  275.052521][ T4212] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  275.063283][ T6846] EXT4-fs (loop0): This should not happen!! Data will be lost
[  275.063283][ T6846] 
[  275.074978][ T4212] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  275.084946][ T4212] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  275.095371][ T4212] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  275.127358][ T4212] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  275.150466][ T4212] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.210505][ T1108] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd
[  275.234822][ T1108] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  275.334303][ T6897] loop0: detected capacity change from 0 to 256
[  275.336643][ T1108] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  275.378680][ T6887] ªªªªªª: renamed from vlan0
[  275.454812][ T4212] usb 7-1: GET_CAPABILITIES returned 0
[  275.460363][ T4212] usbtmc 7-1:16.0: can't read capabilities
[  275.821081][ T1108] usb 7-1: USB disconnect, device number 2
[  276.205959][ T1325] usb 5-1: USB disconnect, device number 4
[  276.656925][ T6897] binfmt_misc: register: failed to install interpreter file ./file0
[  277.156146][ T6940] netlink: 4 bytes leftover after parsing attributes in process `syz.6.605'.
[  277.194534][ T6940] device syz_tun entered promiscuous mode
[  277.207391][ T6940] device macvtap1 entered promiscuous mode
[  277.225847][ T6943] netlink: 4 bytes leftover after parsing attributes in process `syz.6.605'.
[  277.259753][ T6943] device syz_tun left promiscuous mode
[  277.469310][ T6951] loop6: detected capacity change from 0 to 512
[  277.484095][ T6918] loop4: detected capacity change from 0 to 32768
[  277.576513][ T6918] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.602 (6918)
[  277.693045][ T6918] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  277.713889][ T6918] BTRFS info (device loop4): force clearing of disk cache
[  277.721841][ T6957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.607'.
[  277.738625][ T6918] BTRFS info (device loop4): enabling auto defrag
[  277.740188][ T6951] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  277.745360][ T6918] BTRFS info (device loop4): max_inline at 0
[  277.765312][ T6918] BTRFS info (device loop4): enabling disk space caching
[  277.772431][ T6918] BTRFS info (device loop4): disk space caching is enabled
[  277.783769][ T6918] BTRFS info (device loop4): has skinny extents
[  277.795507][ T6951] ext4 filesystem being mounted at /24/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.142661][ T6918] BTRFS info (device loop4): enabling ssd optimizations
[  278.184625][ T6918] BTRFS info (device loop4): clearing free space tree
[  278.207973][ T6918] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  278.236740][ T6918] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  278.864417][ T4257] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  280.024935][ T7039] overlayfs: failed to clone upperpath
[  280.175935][ T7037] netlink: 4 bytes leftover after parsing attributes in process `syz.1.616'.
[  281.425308][ T7069] loop4: detected capacity change from 0 to 512
[  281.528539][ T7069] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  281.596720][ T7069] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  281.644370][ T7069] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2219: inode #15: comm syz.4.612: corrupted in-inode xattr
[  281.668620][ T7069] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.612: couldn't read orphan inode 15 (err -117)
[  281.683690][ T7069] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  282.586117][ T7087] capability: warning: `syz.2.624' uses 32-bit capabilities (legacy support in use)
[  283.235300][ T7090] netlink: 'syz.2.626': attribute type 4 has an invalid length.
[  283.446597][ T7092] netlink: 'syz.2.626': attribute type 4 has an invalid length.
[  286.653962][   T26] kauditd_printk_skb: 5 callbacks suppressed
[  286.653979][   T26] audit: type=1326 audit(1745887789.021:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  286.689021][   T26] audit: type=1326 audit(1745887789.021:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  286.735423][   T26] audit: type=1326 audit(1745887789.021:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.061299][   T26] audit: type=1326 audit(1745887789.021:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.090548][   T26] audit: type=1326 audit(1745887789.021:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.171713][   T26] audit: type=1326 audit(1745887789.021:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.272873][ T7150] capability: warning: `syz.6.643' uses deprecated v2 capabilities in a way that may be insecure
[  287.333668][   T26] audit: type=1326 audit(1745887789.021:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.386216][ T7150] netlink: 16 bytes leftover after parsing attributes in process `syz.6.643'.
[  287.405099][   T26] audit: type=1326 audit(1745887789.021:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.477772][   T26] audit: type=1326 audit(1745887789.021:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  287.552921][   T26] audit: type=1326 audit(1745887789.021:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7130 comm="syz.6.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x7fc00000
[  290.997685][ T7190] netlink: 4 bytes leftover after parsing attributes in process `syz.4.655'.
[  291.019579][ T7190] device ipvlan2 entered promiscuous mode
[  291.027030][ T7190] bridge0: port 3(ipvlan2) entered blocking state
[  291.033780][ T7190] bridge0: port 3(ipvlan2) entered disabled state
[  293.292313][ T7219] netlink: 87 bytes leftover after parsing attributes in process `syz.2.665'.
[  293.349454][ T7211] kvm: vcpu 0: requested 1792 ns lapic timer period limited to 200000 ns
[  293.694301][ T7227] Cannot find add_set index 0 as target
[  293.756968][ T7226] loop0: detected capacity change from 0 to 64
[  294.462214][ T7229] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  296.283068][ T7252] xt_hashlimit: overflow, rate too high: 0
[  296.318651][ T7251] loop0: detected capacity change from 0 to 4096
[  297.251900][ T7251] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[  297.648092][ T7273] loop6: detected capacity change from 0 to 256
[  297.780833][ T7273] exfat: Deprecated parameter 'namecase'
[  297.932305][ T7273] exfat: Bad value for 'errors'
[  298.037929][ T7282] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  300.611952][ T7303] netlink: 12 bytes leftover after parsing attributes in process `syz.6.691'.
[  302.452078][ T7319] netlink: 'syz.0.696': attribute type 10 has an invalid length.
[  302.474139][ T7319] device syz_tun entered promiscuous mode
[  302.498076][ T7319] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  303.433185][ T7331] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  303.550333][ T7354] loop6: detected capacity change from 0 to 64
[  305.713366][ T7062] Bluetooth: hci4: command 0x0407 tx timeout
[  305.820629][ T4726] attempt to access beyond end of device
[  305.820629][ T4726] loop6: rw=1, want=162, limit=64
[  305.834207][ T4726] buffer_io_error: 138 callbacks suppressed
[  305.834226][ T4726] Buffer I/O error on dev loop6, logical block 161, lost async page write
[  305.849976][ T4726] attempt to access beyond end of device
[  305.849976][ T4726] loop6: rw=1, want=163, limit=64
[  305.861475][ T4726] Buffer I/O error on dev loop6, logical block 162, lost async page write
[  305.872686][ T4726] attempt to access beyond end of device
[  305.872686][ T4726] loop6: rw=1, want=164, limit=64
[  305.884379][ T4726] Buffer I/O error on dev loop6, logical block 163, lost async page write
[  305.893358][ T4726] attempt to access beyond end of device
[  305.893358][ T4726] loop6: rw=1, want=168, limit=64
[  305.906921][ T4726] Buffer I/O error on dev loop6, logical block 167, lost async page write
[  305.922096][ T4726] attempt to access beyond end of device
[  305.922096][ T4726] loop6: rw=1, want=170, limit=64
[  305.947881][ T4726] Buffer I/O error on dev loop6, logical block 169, lost async page write
[  305.958931][ T4726] attempt to access beyond end of device
[  305.958931][ T4726] loop6: rw=1, want=172, limit=64
[  305.981024][ T4726] Buffer I/O error on dev loop6, logical block 171, lost async page write
[  306.000817][ T4726] attempt to access beyond end of device
[  306.000817][ T4726] loop6: rw=1, want=173, limit=64
[  306.022693][ T4726] Buffer I/O error on dev loop6, logical block 172, lost async page write
[  306.045126][ T4726] attempt to access beyond end of device
[  306.045126][ T4726] loop6: rw=1, want=174, limit=64
[  306.073315][ T4726] Buffer I/O error on dev loop6, logical block 173, lost async page write
[  306.103574][ T4726] attempt to access beyond end of device
[  306.103574][ T4726] loop6: rw=1, want=175, limit=64
[  306.120383][ T4726] Buffer I/O error on dev loop6, logical block 174, lost async page write
[  306.146034][ T4726] attempt to access beyond end of device
[  306.146034][ T4726] loop6: rw=1, want=176, limit=64
[  306.200757][ T4726] Buffer I/O error on dev loop6, logical block 175, lost async page write
[  307.504061][  T146] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  307.760161][ T7371] loop6: detected capacity change from 0 to 32768
[  307.864859][ T7371] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.712 (7371)
[  308.851731][ T7380] device pim6reg1 entered promiscuous mode
[  308.892603][ T7371] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  308.909644][ T7371] BTRFS info (device loop6): using free space tree
[  308.939310][ T7371] BTRFS info (device loop6): has skinny extents
[  309.886746][ T7406] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  309.911634][ T7371] BTRFS info (device loop6): enabling ssd optimizations
[  309.955583][   T26] audit: type=1800 audit(1745887810.520:112): pid=7371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.712" name="file1" dev="loop6" ino=260 res=0 errno=0
[  310.233357][   T26] audit: type=1800 audit(1745887810.778:113): pid=7413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.712" name="file1" dev="loop6" ino=260 res=0 errno=0
[  310.291101][   T26] audit: type=1800 audit(1745887810.806:114): pid=7413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.712" name="file1" dev="loop6" ino=260 res=0 errno=0
[  310.298894][ T7415] tipc: Enabled bearer <udp:syz2>, priority 10
[  310.354460][ T7411] loop4: detected capacity change from 0 to 2048
[  310.456199][ T7415] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  310.916431][ T7411] EXT4-fs (loop4): mounted filesystem without journal. Opts: lazytime,usrjquota=,errors=remount-ro,bsdgroups,auto_da_alloc,jqfmt=vfsv1,nouid32,journal_dev=0x0000000000000007,grpjquota=,usrjquota=,. Quota mode: none.
[  311.338495][ T7426] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  311.391272][ T7426] EXT4-fs (loop4): Remounting filesystem read-only
[  311.959298][ T7449] loop4: detected capacity change from 0 to 8
[  312.243202][ T4256] Bluetooth: hci5: Frame reassembly failed (-84)
[  312.355430][ T4256] Bluetooth: hci5: Frame reassembly failed (-84)
[  313.177955][ T7457] netlink: 144 bytes leftover after parsing attributes in process `syz.1.722'.
[  314.073536][ T7463] loop0: detected capacity change from 0 to 128
[  314.181276][   T26] audit: type=1800 audit(1745887814.423:115): pid=7464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.726" name="file0" dev="loop4" ino=3 res=0 errno=0
[  314.217258][ T7467] overlayfs: failed to clone upperpath
[  314.438071][  T146] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  318.777594][ T7507] loop0: detected capacity change from 0 to 512
[  318.880452][ T7504] loop4: detected capacity change from 0 to 1024
[  318.903406][ T7507] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  318.934429][ T7507] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  318.959621][ T7507] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2219: inode #15: comm syz.0.742: corrupted in-inode xattr
[  318.986430][ T7504] EXT4-fs (loop4): Unrecognized mount option "defcontext=system_u" or missing value
[  319.001843][ T7507] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.742: couldn't read orphan inode 15 (err -117)
[  319.015990][ T7507] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  320.364816][ T7520] tipc: Started in network mode
[  320.426546][ T7520] tipc: Node identity 080211000001, cluster identity 4711
[  320.442225][ T7520] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  321.515820][ T7527] process 'syz.6.750' launched './file0' with NULL argv: empty string added
[  321.572115][ T7062] tipc: Node number set to 134418688
[  321.578964][ T7527] mmap: syz.6.750 (7527) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  322.437935][ T7535] binder: BINDER_SET_CONTEXT_MGR already set
[  322.444673][ T7535] binder: 7530:7535 ioctl 4018620d 200000000040 returned -16
[  322.501324][ T4212] Bluetooth: hci3: command 0x0406 tx timeout
[  323.929352][ T7558] loop6: detected capacity change from 0 to 1024
[  324.212191][ T7558] EXT4-fs (loop6): Unrecognized mount option "defcontext=system_u" or missing value
[  328.516377][ T7594] sch_tbf: burst 21990 is lower than device lo mtu (11337746) !
[  328.635414][ T7451] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  329.914518][ T7451] usb 1-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[  329.937742][ T7451] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.953867][ T7609] netlink: 12 bytes leftover after parsing attributes in process `syz.4.772'.
[  329.980662][ T7451] usb 1-1: config 0 descriptor??
[  330.913775][ T7451] usb 1-1: can't set config #0, error -71
[  330.928369][ T7451] usb 1-1: USB disconnect, device number 8
[  334.335250][ T7653] loop0: detected capacity change from 0 to 2048
[  334.374816][ T7653] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  335.442187][ T7660] loop6: detected capacity change from 0 to 512
[  335.627341][ T7668] overlayfs: failed to clone upperpath
[  335.672606][ T7660] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  335.777194][ T7660] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  336.043591][ T7660] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.790: corrupted in-inode xattr
[  336.228824][ T7660] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.790: couldn't read orphan inode 15 (err -117)
[  336.358505][ T4208] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  336.524564][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  336.530934][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  336.561380][ T7660] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  336.597427][ T4208] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  339.146385][ T7680] overlayfs: failed to clone upperpath
[  339.338923][   T26] audit: type=1326 audit(1745887837.629:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7689 comm="syz.0.798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61ed4bd969 code=0x0
[  340.238774][ T7702] tipc: Started in network mode
[  340.253580][ T7702] tipc: Node identity 080211, cluster identity 4711
[  340.267356][ T7702] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  340.695657][ T7712] netlink: 8 bytes leftover after parsing attributes in process `syz.2.802'.
[  341.693641][ T4321] tipc: Node number set to 134353152
[  342.482366][ T7723] loop6: detected capacity change from 0 to 512
[  342.804769][ T7723] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  342.894068][ T7723] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  342.957763][ T7723] EXT4-fs error (device loop6): ext4_xattr_ibody_find:2219: inode #15: comm syz.6.806: corrupted in-inode xattr
[  343.002750][ T7723] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.806: couldn't read orphan inode 15 (err -117)
[  343.026367][ T7718] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  343.044935][ T7723] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,max_batch_time=0x0000000000000001,debug,noload,nombcache,noblock_validity,init_itable=0x0000000000000601,inode_readahead_blks=0x0000000000008000,,errors=continue. Quota mode: none.
[  343.085877][ T7718] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  344.823154][ T7743] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  346.783940][ T7760] device syzkaller0 entered promiscuous mode
[  348.239150][ T7780] Invalid option length (1081) for dns_resolver key
[  348.374509][   T26] audit: type=1326 audit(1745887845.970:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7784 comm="syz.6.824" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc13cec8969 code=0x0
[  351.712579][ T7800] loop0: detected capacity change from 0 to 32768
[  351.821657][ T7800] XFS: ikeep mount option is deprecated.
[  352.559380][ T7809] loop4: detected capacity change from 0 to 512
[  352.644004][ T7809] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  352.654382][ T7800] XFS (loop0): Mounting V5 Filesystem
[  352.878079][ T7809] EXT4-fs (loop4): 1 truncate cleaned up
[  352.930200][ T7809] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,,errors=continue. Quota mode: writeback.
[  353.433037][ T7800] XFS (loop0): Ending clean mount
[  354.206178][ T4208] hid-generic 0005:0457:0009.0004: unknown main item tag 0x0
[  354.306552][ T4208] hid-generic 0005:0457:0009.0004: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  354.462648][ T4168] XFS (loop0): Unmounting Filesystem
[  355.544135][ T7852] sch_tbf: burst 21990 is lower than device lo mtu (65550) !
[  357.094723][ T7871] loop0: detected capacity change from 0 to 512
[  357.228095][ T7871] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  357.490186][ T7871] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.833: iget: bad extended attribute block 512
[  357.588934][ T7871] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.833: couldn't read orphan inode 15 (err -117)
[  357.618116][ T7871] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  357.625302][ T7883] loop6: detected capacity change from 0 to 8
[  357.812945][ T7881] netlink: 28 bytes leftover after parsing attributes in process `syz.4.850'.
[  359.258740][ T7894] netlink: 'syz.0.852': attribute type 4 has an invalid length.
[  359.824328][ T7900] loop0: detected capacity change from 0 to 512
[  359.840674][ T7902] loop4: detected capacity change from 0 to 1024
[  361.032525][ T7900] EXT4-fs (loop0): inline encryption not supported
[  361.047987][ T7900] EXT4-fs (loop0): Ignoring removed bh option
[  361.236211][ T7900] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  361.255200][ T7900] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2219: inode #15: comm syz.0.864: corrupted in-inode xattr
[  361.274445][ T7900] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.864: couldn't read orphan inode 15 (err -117)
[  361.286586][ T7058] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  361.287846][ T7900] EXT4-fs (loop0): mounted filesystem without journal. Opts: inlinecrypt,resgid=0x000000000000ee00,bh,noload,data_err=ignore,usrjquota=,,errors=continue. Quota mode: none.
[  362.600977][ T7058] usb 7-1: Using ep0 maxpacket: 16
[  362.732090][ T7058] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  362.841573][ T7058] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  363.246057][ T7058] usb 7-1: New USB device found, idVendor=04d8, idProduct=00eb, bcdDevice= 0.00
[  363.489951][ T7058] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.567155][ T7058] usb 7-1: config 0 descriptor??
[  363.588969][ T7058] usb 7-1: can't set config #0, error -71
[  363.613475][ T7928] loop6: detected capacity change from 0 to 1024
[  363.620665][ T7058] usb 7-1: USB disconnect, device number 3
[  365.560875][ T7928] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  368.631711][ T7948] loop0: detected capacity change from 0 to 8192
[  368.728530][ T7965] loop4: detected capacity change from 0 to 256
[  368.864534][ T7965] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xeb89544e, utbl_chksum : 0xe619d30d)
[  368.997408][ T7969] loop6: detected capacity change from 0 to 1024
[  369.708275][ T7948] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  369.810978][ T7948] REISERFS (device loop0): using ordered data mode
[  369.819329][ T7948] reiserfs: using flush barriers
[  369.983962][ T7948] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  370.022678][ T1280] hfsplus: b-tree write err: -5, ino 4
[  370.026183][ T7948] REISERFS (device loop0): checking transaction log (loop0)
[  370.037483][ T7948] REISERFS (device loop0): Using r5 hash to sort names
[  370.044893][ T7948] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  370.683481][ T7975] loop4: detected capacity change from 0 to 512
[  370.887753][ T7975] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.877: bg 0: block 248: padding at end of block bitmap is not set
[  370.929800][ T7975] Quota error (device loop4): write_blk: dquota write failed
[  370.937482][ T7975] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  370.968998][ T7975] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.877: Failed to acquire dquot type 1
[  371.023196][ T7975] EXT4-fs (loop4): 1 truncate cleaned up
[  371.167048][ T7975] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  371.184991][ T7975] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  374.832443][ T7630] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.019233][ T8034] loop0: detected capacity change from 0 to 512
[  382.027021][ T8034] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.893: bg 0: block 248: padding at end of block bitmap is not set
[  382.083151][ T8034] Quota error (device loop0): write_blk: dquota write failed
[  382.086801][ T8053] netlink: 4 bytes leftover after parsing attributes in process `syz.2.907'.
[  382.115537][ T8034] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  382.159902][ T8054] netlink: 12 bytes leftover after parsing attributes in process `syz.6.896'.
[  382.169552][ T8034] EXT4-fs error (device loop0): ext4_acquire_dquot:6204: comm syz.0.893: Failed to acquire dquot type 1
[  382.199037][ T8034] EXT4-fs (loop0): 1 truncate cleaned up
[  382.229781][ T8034] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  382.277417][ T8034] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.366079][ T8034] tipc: Bearer <ib:wg2>: already 2 bearers with priority 10
[  382.385360][ T8034] tipc: Bearer <ib:wg2>: trying with adjusted priority
[  382.394525][ T8034] tipc: Enabled bearer <ib:wg2>, priority 9
[  382.468597][ T4289] Quota error (device loop0): remove_tree: Getting block too big (0 >= 6)
[  382.520957][ T4289] EXT4-fs error (device loop0): ext4_release_dquot:6227: comm kworker/u4:10: Failed to release dquot type 1
[  383.598444][ T8067] loop0: detected capacity change from 0 to 4096
[  383.667748][ T8067] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  385.087460][ T4168] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  385.807793][ T8094] loop0: detected capacity change from 0 to 1024
[  385.864529][ T8094] EXT4-fs (loop0): Ignoring removed nobh option
[  385.900793][ T8084] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  385.910562][ T8094] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  385.923256][ T8084] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  385.990526][ T8101] delete_channel: no stack
[  386.011236][ T8094] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,grpid,barrier=0x0000000000000001,bsdgroups,nouid32,max_dir_size_kb=0x00000000004007b1,abort,nodelalloc,nobh,user_xattr,dioread_lock,dioread_nolock,,errors=continue. Quota mode: none.
[  387.893218][ T8123] device bond_slave_0 entered promiscuous mode
[  387.900003][ T8123] device bond_slave_1 entered promiscuous mode
[  387.906513][ T8123] device team_slave_0 entered promiscuous mode
[  387.913169][ T8123] device team_slave_1 entered promiscuous mode
[  388.022562][ T8123] device bond_slave_0 left promiscuous mode
[  388.029138][ T8123] device bond_slave_1 left promiscuous mode
[  388.035505][ T8123] device team_slave_0 left promiscuous mode
[  388.042105][ T8123] device team_slave_1 left promiscuous mode
[  389.174120][ T8138] xt_l2tp: v2 doesn't support IP mode
[  394.500877][ T8177] loop6: detected capacity change from 0 to 512
[  394.742443][ T8179] loop0: detected capacity change from 0 to 1024
[  394.760775][ T8183] loop4: detected capacity change from 0 to 512
[  394.837363][ T8177] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.931: bg 0: block 248: padding at end of block bitmap is not set
[  394.864565][ T8177] Quota error (device loop6): write_blk: dquota write failed
[  394.872627][ T8177] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  394.892621][ T8177] EXT4-fs error (device loop6): ext4_acquire_dquot:6204: comm syz.6.931: Failed to acquire dquot type 1
[  394.905632][ T8177] EXT4-fs (loop6): 1 truncate cleaned up
[  394.916122][ T8177] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  394.928956][ T8177] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  394.976002][ T8183] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  395.002052][ T8177] tipc: Enabled bearer <ib:wg2>, priority 10
[  395.013576][ T8183] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #15: comm syz.4.932: iget: bad extended attribute block 512
[  395.021937][ T8179] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  395.041628][ T8183] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.932: couldn't read orphan inode 15 (err -117)
[  395.457179][ T8183] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  396.289556][ T3069] Quota error (device loop6): remove_tree: Getting block too big (0 >= 6)
[  397.052607][ T3069] EXT4-fs error (device loop6): ext4_release_dquot:6227: comm kworker/u4:5: Failed to release dquot type 1
[  397.183443][ T8178] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  397.199611][ T8178] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 29 with error 28
[  397.213836][ T8178] EXT4-fs (loop0): This should not happen!! Data will be lost
[  397.213836][ T8178] 
[  397.224063][ T8178] EXT4-fs (loop0): Total free blocks count 0
[  397.230134][ T8178] EXT4-fs (loop0): Free/Dirty block details
[  397.236095][ T8178] EXT4-fs (loop0): free_blocks=68451041280
[  397.242292][ T8178] EXT4-fs (loop0): dirty_blocks=32
[  397.247439][ T8178] EXT4-fs (loop0): Block reservation details
[  397.253588][ T8178] EXT4-fs (loop0): i_reserved_data_blocks=2
[  400.276170][ T8211] loop6: detected capacity change from 0 to 32768
[  400.298933][ T8213] loop0: detected capacity change from 0 to 256
[  400.338809][ T8213] exfat: Deprecated parameter 'namecase'
[  400.364701][ T8213] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[  402.850764][ T8241] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  403.062308][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  403.068870][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  403.537144][ T8245] kvm: pic: non byte read
[  403.541976][ T8245] kvm: pic: level sensitive irq not supported
[  403.542028][ T8245] kvm: pic: non byte read
[  404.627281][ T4388] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.924378][ T8337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.972'.
[  413.532543][ T8381] input: syz0 as /devices/virtual/input/input8
[  414.638252][ T8395] netlink: 4 bytes leftover after parsing attributes in process `syz.2.991'.
[  414.912310][ T8395] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  415.662809][ T8395] batman_adv: batadv0: Removing interface: batadv_slave_1
[  417.551117][ T8388] loop6: detected capacity change from 0 to 32768
[  418.149836][ T8424] loop4: detected capacity change from 0 to 8192
[  418.458523][ T8424] REISERFS (device loop4): found reiserfs format "3.6" with non-standard journal
[  418.522701][ T8424] REISERFS (device loop4): using ordered data mode
[  418.597103][ T8424] reiserfs: using flush barriers
[  418.704859][ T8424] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  418.996688][ T8424] REISERFS (device loop4): checking transaction log (loop4)
[  419.287793][ T8424] REISERFS (device loop4): Using tea hash to sort names
[  419.296638][ T8424] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  420.677516][ T8452] xt_l2tp: missing protocol rule (udp|l2tpip)
[  421.588700][ T8456] loop6: detected capacity change from 0 to 256
[  422.541584][ T8456] loop6: detected capacity change from 0 to 1024
[  422.604030][ T8456] hfsplus: unable to parse mount options
[  422.799142][ T8456] loop6: detected capacity change from 0 to 512
[  426.249849][ T8500] syz.0.1022 (8500): drop_caches: 2
[  426.258198][ T8500] syz.0.1022 (8500): drop_caches: 2
[  429.539229][ T8524] overlayfs: failed to clone upperpath
[  429.644347][ T8528] loop0: detected capacity change from 0 to 64
[  431.282621][ T8528] hfs: unable to locate alternate MDB
[  431.293390][ T8528] hfs: continuing without an alternate MDB
[  436.361111][ T8574] overlayfs: failed to clone upperpath
[  437.369402][ T8588] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1046'.
[  438.728153][ T8599] overlayfs: failed to clone upperpath
[  446.045908][ T8681] input: syz1 as /devices/virtual/input/input9
[  446.637052][ T7055] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  447.222315][ T7055] usb 5-1: Using ep0 maxpacket: 32
[  447.503981][ T7055] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  447.673266][ T7055] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  447.733957][ T7055] usb 5-1: config 0 descriptor??
[  447.832303][ T7055] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  448.411307][ T8698] sctp: failed to load transform for md5: -2
[  451.797673][ T7055] gspca_vc032x: reg_r err -71
[  451.802401][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  451.814059][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  451.820891][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  451.826205][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  451.837484][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  451.843211][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  451.848542][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.540219][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.554540][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.560031][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.565530][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.571383][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.762784][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.773966][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.790718][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.798238][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.803623][ T7055] gspca_vc032x: I2c Bus Busy Wait 00
[  453.808954][ T7055] gspca_vc032x: Unknown sensor...
[  453.831917][ T7055] vc032x: probe of 5-1:0.0 failed with error -22
[  454.061111][ T7055] usb 5-1: USB disconnect, device number 5
[  456.117415][ T8782] xt_CT: You must specify a L4 protocol and not use inversions on it
[  456.385782][ T8788] loop4: detected capacity change from 0 to 256
[  456.675917][ T8795] loop6: detected capacity change from 0 to 64
[  457.244783][ T8795] hfs: unable to locate alternate MDB
[  457.721070][ T8795] hfs: continuing without an alternate MDB
[  462.193396][ T8847] loop6: detected capacity change from 0 to 16
[  462.380500][ T8847] erofs: (device loop6): mounted with root inode @ nid 36.
[  467.629866][ T8913] loop0: detected capacity change from 0 to 512
[  467.735505][ T8913] EXT4-fs (loop0): Ignoring removed nobh option
[  467.772973][ T8913] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  467.860833][ T8913] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1128: invalid indirect mapped block 256 (level 2)
[  467.892651][ T8913] EXT4-fs (loop0): 2 truncates cleaned up
[  467.915081][ T8913] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,auto_da_alloc,data_err=ignore,nojournal_checksum,dioread_nolock,bsdgroups,,errors=continue. Quota mode: writeback.
[  469.678628][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  470.236497][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  473.590184][ T9001] loop4: detected capacity change from 0 to 512
[  473.878731][ T9001] EXT4-fs (loop4): 1 truncate cleaned up
[  473.890614][ T9001] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  474.441641][ T9017] loop6: detected capacity change from 0 to 1024
[  474.573461][ T9017] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  475.336783][ T9030] BUG: kernel NULL pointer dereference, address: 0000000000000000
[  475.344785][ T9030] #PF: supervisor instruction fetch in kernel mode
[  475.351306][ T9030] #PF: error_code(0x0010) - not-present page
[  475.357313][ T9030] PGD 5f8b3067 P4D 5f8b3067 PUD 0 
[  475.362470][ T9030] Oops: 0010 [#1] PREEMPT SMP KASAN
[  475.367693][ T9030] CPU: 0 PID: 9030 Comm: syz.4.1149 Not tainted 5.15.180-syzkaller #0
[  475.375874][ T9030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  475.385952][ T9030] RIP: 0010:0x0
[  475.389444][ T9030] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[  475.397174][ T9030] RSP: 0018:ffffc90003b5f618 EFLAGS: 00010246
[  475.403274][ T9030] RAX: 1ffffffff1628f87 RBX: 0000000000000000 RCX: 0000000000000001
[  475.411271][ T9030] RDX: ffffc90003b5f6c0 RSI: 0000000000000001 RDI: ffff8880257a6000
[  475.419266][ T9030] RBP: ffffc90003b5f730 R08: dffffc0000000000 R09: ffffed1004af4c08
[  475.427268][ T9030] R10: ffffed1004af4c08 R11: 1ffff11004af4c07 R12: ffffffff8b147c38
[  475.435268][ T9030] R13: dffffc0000000000 R14: ffff8880257a6000 R15: ffffe8ffffc467d8
[  475.443272][ T9030] FS:  00007f47d87436c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  475.452225][ T9030] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  475.459058][ T9030] CR2: ffffffffffffffd6 CR3: 0000000079590000 CR4: 00000000003506f0
[  475.467091][ T9030] DR0: 0000040000000000 DR1: 000000000000064f DR2: 0000000000000006
[  475.475085][ T9030] DR3: 0000000000000006 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  475.483080][ T9030] Call Trace:
[  475.486380][ T9030]  <TASK>
[  475.489325][ T9030]  bond_xdp_xmit+0x282/0x420
[  475.494034][ T9030]  ? bond_xdp+0x840/0x840
[  475.498390][ T9030]  ? bq_enqueue+0x2ee/0x3d0
[  475.502919][ T9030]  bq_xmit_all+0xa3e/0xdf0
[  475.507363][ T9030]  ? dev_map_enqueue+0x210/0x210
[  475.512332][ T9030]  ? rcu_is_watching+0x11/0xa0
[  475.517122][ T9030]  ? __dev_flush+0x1b0/0x1b0
[  475.521736][ T9030]  ? trace_xdp_redirect+0x90/0x210
[  475.522027][ T9036] overlayfs: failed to resolve './file0': -2
[  475.526879][ T9030]  ? xdp_do_redirect+0x678/0xa80
[  475.526913][ T9030]  ? tun_xdp_act+0x5ce/0x850
[  475.542410][ T9030]  ? read_lock_is_recursive+0x10/0x10
[  475.547810][ T9030]  ? __local_bh_disable_ip+0xee/0x190
[  475.553207][ T9030]  ? __cant_sleep+0x210/0x210
[  475.557908][ T9030]  ? __tun_build_skb+0x240/0x240
[  475.562873][ T9030]  __dev_flush+0xbf/0x1b0
[  475.567225][ T9030]  xdp_do_flush+0xa/0x20
[  475.571526][ T9030]  tun_get_user+0x2851/0x3740
[  475.576228][ T9030]  ? tun_ring_recv+0xc30/0xc30
[  475.581020][ T9030]  ? rcu_lock_release+0x5/0x20
[  475.585805][ T9030]  ? __lock_acquire+0x7c60/0x7c60
[  475.590861][ T9030]  tun_chr_write_iter+0x112/0x1e0
[  475.595912][ T9030]  vfs_write+0x712/0xd00
[  475.600179][ T9030]  ? file_end_write+0x250/0x250
[  475.605052][ T9030]  ? __fget_files+0x40f/0x480
[  475.609763][ T9030]  ? __fdget_pos+0x1e2/0x370
[  475.614371][ T9030]  ? ksys_write+0x71/0x250
[  475.618809][ T9030]  ksys_write+0x14d/0x250
[  475.623158][ T9030]  ? __ia32_sys_read+0x80/0x80
[  475.627949][ T9030]  ? lockdep_hardirqs_on+0x94/0x140
[  475.633173][ T9030]  do_syscall_64+0x4c/0xa0
[  475.637609][ T9030]  ? clear_bhb_loop+0x15/0x70
[  475.642311][ T9030]  ? clear_bhb_loop+0x15/0x70
[  475.647010][ T9030]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  475.652931][ T9030] RIP: 0033:0x7f47da8da41f
[  475.657375][ T9030] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  475.677011][ T9030] RSP: 002b:00007f47d8743000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  475.685454][ T9030] RAX: ffffffffffffffda RBX: 00007f47dab02fa0 RCX: 00007f47da8da41f
[  475.693542][ T9030] RDX: 0000000000000042 RSI: 0000200000000a40 RDI: 00000000000000c8
[  475.701539][ T9030] RBP: 00007f47da95dab1 R08: 0000000000000000 R09: 0000000000000000
[  475.709540][ T9030] R10: 0000000000000042 R11: 0000000000000293 R12: 0000000000000000
[  475.717535][ T9030] R13: 0000000000000000 R14: 00007f47dab02fa0 R15: 00007ffe0e1415c8
[  475.725548][ T9030]  </TASK>
[  475.728589][ T9030] Modules linked in:
[  475.732510][ T9030] CR2: 0000000000000000
[  475.736694][ T9030] ---[ end trace 6d1ebc520a292b8b ]---
[  475.742163][ T9030] RIP: 0010:0x0
[  475.745650][ T9030] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[  475.753374][ T9030] RSP: 0018:ffffc90003b5f618 EFLAGS: 00010246
[  475.759461][ T9030] RAX: 1ffffffff1628f87 RBX: 0000000000000000 RCX: 0000000000000001
[  475.767450][ T9030] RDX: ffffc90003b5f6c0 RSI: 0000000000000001 RDI: ffff8880257a6000
[  475.775441][ T9030] RBP: ffffc90003b5f730 R08: dffffc0000000000 R09: ffffed1004af4c08
[  475.783431][ T9030] R10: ffffed1004af4c08 R11: 1ffff11004af4c07 R12: ffffffff8b147c38
[  475.791423][ T9030] R13: dffffc0000000000 R14: ffff8880257a6000 R15: ffffe8ffffc467d8
[  475.799416][ T9030] FS:  00007f47d87436c0(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  475.808366][ T9030] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  475.814971][ T9030] CR2: ffffffffffffffd6 CR3: 0000000079590000 CR4: 00000000003506f0
[  475.822962][ T9030] DR0: 0000040000000000 DR1: 000000000000064f DR2: 0000000000000006
[  475.831036][ T9030] DR3: 0000000000000006 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  475.839029][ T9030] Kernel panic - not syncing: Fatal exception in interrupt
[  475.846476][ T9030] Kernel Offset: disabled
[  475.850811][ T9030] Rebooting in 86400 seconds..