last executing test programs:

6m53.894797248s ago: executing program 2 (id=59):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x458, 0x5011, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x394}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SET_KEEPCAPS(0x8, 0x1)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'xfrm0\x00'})
r1 = syz_open_dev$hiddev(&(0x7f0000000140), 0x0, 0x20000)
syz_usb_connect$uac1(0x0, 0x9c, &(0x7f0000000180)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x20, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x8a, 0x3, 0x1, 0x34, 0x0, 0x2, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x5, 0x6}, [@processing_unit={0x7, 0x24, 0x7, 0x1, 0x2, 0xbf}, @feature_unit={0xb, 0x24, 0x6, 0x6, 0x1, 0x2, [0x6, 0x8], 0x2}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x300, 0x1, 0x6, 0x2}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x4}]}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x5, 0x6, 0x0, {0x7, 0x25, 0x1, 0x80, 0x9, 0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x9, 0x24, 0x2, 0x1, 0x9, 0x3, 0x9, 0xf6, "e6"}]}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0xb, 0x5, 0x0, {0x7, 0x25, 0x1, 0x1, 0x7, 0x3}}}}}}}]}}, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0)

6m51.073799932s ago: executing program 2 (id=67):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001500), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, 0x0})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=""/4096})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

6m49.965794397s ago: executing program 2 (id=72):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x4c}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m49.508327619s ago: executing program 2 (id=77):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x5)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x562, &(0x7f0000000440)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIuHMyla+uPCV7MS9HhQG+8miE9K6PpMpp0rHXgduFuvJEheOFAvNd7L4f/gH/FQIdDRvHGm8hJT7quSdasy9rMfD5w2vfNe5L3PDnnefOenIQEMLQmsj+FiJcj4psk4nBEJHnbaOSNE2vrrT68Xs6WJBqNT/5KsvX2R0S59Vit+x3MKy9FxK9fRZwstPdbW16ZL1Uq6WJe3xsLVyZryyunLi2U5tK59PL0zMyZt2am333n7b7E2fhy7f/Hdz848/Xx1e9+vn/kdhJn41DensXVh25ubKxMxET+nIzF2U0rTvWhs0GS7PYGsC0jeZ6PRTYGHI6RPOuB/77sZbEBDKlE/sOQas0DWuf2fToPfmE8eH/tBKg9/tG190ZiX/Pc6MBq8tiZUXa+O96H/rM+fvnjzu1sif69DwGwpRs3I+L06Gj7+Jfk49/2ne5hnc19GP9g59zN5j9vdJr/FNbnP9Fh/nOwQ+5ux9b5X7jfh266yuZ/73Wc/65ftBofyWv/a875xpKLlyppNrb9PyJOxNjerP6k6zlnVu81urVtnP9lS9Z/ay6Yb8f90b2P32e2VC89S8wbPbgZ8UrH+W+yvv+TDvs/ez7O99jHsfTOa93ato7/+Wr8GPF6x/3/6IpWVpqsd70+Odk8HiZbR0W7v28d+61b/7sdf7b/Dzw5/vFk4/Xa2tP38cO+f9K8uG9z22PxR+/H/57k02Z5T37btVK9vjgVsSf5qP326Uf3bdVb62fxnzj+5PGv0/G/PyI+7zH+W0d/erVb2yDs/9mn2v9PX7j34Rffd+u/t/HvzWbpRH5LL+Nfrxv4LM8dAAAAAAAADJpCRByKpFBcLxcKxeLa5zuOxoFCpVqrn7xYXbo8G83vyo7HWKF1pfvwhs9DTOWfh23VpzfVZyLiSER8O7K/WS+Wq5XZ3Q4eAAAAAAAAAAAAAAAAAAAABsTBLt//z/w+0rb6Z3/u/CYCz5Of/IbhtWX+9+OXnoCB5PUfhpf8h+El/2F4yX8YXvIfhpf8h+El/2F4yX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoq/PnzmVLY/Xh9XJWn726vDRfvXpqNq3NFxeWysVydfFKca5anaukxXJ1YavHq1SrV6amY+naZD2t1SdryysXFqpLl+sXLi2U5tIL6diORAUAAAAAAAAAAAAAAAAAAAAvltryynypUkkXFRS2VRgdjM1Q6HNht0cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjk3wAAAP//cHo1gQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
creat(&(0x7f0000000180)='./file1\x00', 0x30)
rename(&(0x7f0000000000)='./file2\x00', &(0x7f0000000040)='./file1\x00')
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304825, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)

6m48.067759939s ago: executing program 2 (id=83):
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000002c0)={0x4000000, 0x0, 0x0, 'queue0\x00', 0x9})
syz_open_dev$video4linux(&(0x7f0000000500), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r0, 0x28, 0x1, 0x0, 0x0)
connect$vsock_stream(r0, &(0x7f0000000600)={0x28, 0x0, 0x0, @local}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x2010, 0xffffffffffffffff, 0xb110f000)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

6m47.078782318s ago: executing program 2 (id=86):
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
link(&(0x7f0000000200)='./file1\x00', 0x0)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x80, 0x0, 0xfffff034}, {0x6}]}, 0x10)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e20, 0x656d42c3, @empty, 0x9}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

6m46.440904178s ago: executing program 32 (id=86):
process_vm_writev(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
link(&(0x7f0000000200)='./file1\x00', 0x0)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x2, &(0x7f0000000080)=[{0x28, 0x80, 0x0, 0xfffff034}, {0x6}]}, 0x10)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e20, 0x656d42c3, @empty, 0x9}, 0x1c)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

5m34.117825712s ago: executing program 3 (id=238):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv2(r0, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)
sendmsg$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$PIO_FONTX(0xffffffffffffffff, 0x4b6c, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
fanotify_mark(0xffffffffffffffff, 0x4, 0x48001050, 0xffffffffffffffff, 0x0)

5m30.994949453s ago: executing program 3 (id=245):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file4\x00', 0x0, &(0x7f0000000180)={[{@noinline_xattr}, {@four_active_logs}, {@discard}, {@fault_injection={'fault_injection', 0x3d, 0xa0c8}}, {@fault_type={'fault_type', 0x3d, 0x302}}, {@lfs_mode}, {@inline_data}, {@fastboot}, {@fsync_mode_strict}, {@discard_unit_section}]}, 0x21, 0x5548, &(0x7f00000058c0)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==")
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0xe0, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0xcf, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad", @typed={0x4, 0xe9}]}]}, 0xe0}], 0x1, 0x0, 0x0, 0x1}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)

5m28.934494627s ago: executing program 3 (id=248):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
clock_adjtime(0x3, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r4}, 0x38)

5m26.14087365s ago: executing program 3 (id=251):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0xff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], @mld={0x83, 0x0, 0x0, 0x80, 0x0, @mcast1}}}}}}, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x200000, &(0x7f0000000340)={[{@user_xattr}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7c}}, {@dioread_lock}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x54d, &(0x7f0000000400)="$eJzs3U1rG0cfAPD/ynLenycOhEB7KIYcmpJGju2+pNBDeixtaKC9p8LemGApCpYcYjfQ5NBceimhUEoDpR+g9x5Dv0A/RaANhBJMe+hFZeWVo8SSrThKrFS/H6w9s7vy7Gj2P57RSCiAkTWZ/ShEvBIR3yQRhzuOFSM/OLl+3trD63PZlkSz+emfSST5vvb5Sf77YDtTjPj1q4iThc3l1ldWF8uVSrqU56ca1StT9ZXVU5eq5YV0Ib08Mzt75u3ZmffefWdgdX3j/N/ff3L3wzNfH1/77uf7R24ncTYO5cc66/EMbnRmJmMyf07G4+wTJ04PoLBhkuz2BbAjY3mcj0fWBxyOsTzqgf++LyOiCYyoRPzDiGqPA9pz+wHNg18aDz5YnwBtrn9x/bWR2NeaGx1YSx6bGWXz3YkBlJ+V8csfd25nWwzudQiAbd24GRGni8XN/V+S9387d7qPc54sQ/8HL87dbPzzZrfxT2Fj/BNdxj8Hu8TuTmwf/4X7Ayimp2z8937X8e/GotXEWJ77X2vMN55cvFRJs77t/xFxIsb3Zvmt1nPOrN1r9jrWOf7Ltqz89lgwv477xb2PP2a+3Cg/S507PbgZ8WrX8W+y0f5Jl/bPno/zfZZxLL3zWq9j29f/+Wr+FPF61/Z/tKKVbL0+OdW6H6bad8Vmf9069luv8ne7/ln7H9i6/hNJ53pt/enL+HHfP2mvYzu9//ckn7XSe/J918qNxtJ0xJ7k4837Zx49tp1vn5/V/8Txrfu/bvf//oj4vM/63zp6q+epw9D+80/V/k+fuPfRFz/0Kr+/9n+rlTqR7+mn/+v3Ap/luQMAAAAAAIBhU4iIQ5EUShvpQqFUWn9/x9E4UKjU6o2TF2vLl+ej9VnZiRgvtFe6D3e8H2I6fz9sOz/zRH42Io5ExLdj+1v50lytMr/blQcAAAAAAAAAAAAAAAAAAIAhcbDH5/8zv4/t9tUBz52v/IbRtW38D+KbnoCh5P8/jC7xD6NL/MPoEv8wusQ/jC7xD6NL/MPoEv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAwUOfPncu25trD63NZfv7qyvJi7eqp+bS+WKouz5XmaktXSgu12kIlLc3Vqtv9vUqtdmV6JpavTTXSemOqvrJ6oVpbvty4cKlaXkgvpOMvpFYAAAAAAAAAAAAAAAAAAADwcqmvrC6WK5V0SUJiR4nicFyGxIATu90zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAj/wYAAP//Gis4ow==")

5m23.991873282s ago: executing program 3 (id=257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$read(0xb, 0x0, 0x0, 0x0)
r3 = io_uring_setup(0x6503, &(0x7f0000001300)={0x0, 0x0, 0x1046})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r3, 0xc, 0x0, 0x0)

5m19.022546702s ago: executing program 3 (id=271):
r0 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x7ced, 0x40, 0x20000000, 0x15f})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz0\x00', 0x10})
epoll_create1(0x0)
ioctl$UI_DEV_CREATE(r1, 0x5501)
syz_open_dev$evdev(&(0x7f0000000340), 0xaa54, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

5m16.986278978s ago: executing program 33 (id=271):
r0 = io_uring_setup(0x1fc4, &(0x7f0000000bc0)={0x0, 0x7ced, 0x40, 0x20000000, 0x15f})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz0\x00', 0x10})
epoll_create1(0x0)
ioctl$UI_DEV_CREATE(r1, 0x5501)
syz_open_dev$evdev(&(0x7f0000000340), 0xaa54, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r0, 0xffffffffffffffff, 0x0)

14.166774016s ago: executing program 0 (id=691):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
write$binfmt_misc(r0, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0)
write$vga_arbiter(r3, &(0x7f0000000240)=@other={'trylock', ' ', 'mem'}, 0xc)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ptrace(0x10, 0x1)
bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x4000)
socket$kcm(0xa, 0x2, 0x3a)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000), 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001880)={'bond_slave_0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}, {0xc, 0xfff3}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x4, 0x7, 0x6, 0x0, 0x1}}, {0x4}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4c840}, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0xc000)

11.528194464s ago: executing program 4 (id=693):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x587fc1425463de81)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x286, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x3, 0x9, 0x1, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x8, 0x2, 0x3, 0x0, 0x3, 0x0, 0x3})
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000240), r4)
io_uring_setup(0x60f8, &(0x7f0000000a40)={0x0, 0x1, 0x2, 0xdffffffe, 0xa754})
bind$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r2, 0xdb9)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="0100000000000000000002000000080001"], 0x1c}, 0x1, 0x0, 0x0, 0x44090}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008031, 0xffffffffffffffff, 0x0)

10.223632662s ago: executing program 4 (id=694):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xb, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1c, 0x3, &(0x7f0000000600)=ANY=[], 0x0, 0xd, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
wait4(0x0, 0x0, 0x4000000a, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$l2tp(0x2, 0x2, 0x73)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
sendto$l2tp(r1, &(0x7f0000000a40), 0x0, 0x0, &(0x7f0000000ac0), 0x10)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, &(0x7f0000000180)={r3, 0x0, 0x0, 0x4, 0xc, 0x8, 0x100, 0x80000001, 0x5, 0x5, 0xfffffff9, 0x80000000})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(0xffffffffffffffff, 0xc02464bb, &(0x7f0000000080)={0x2, r5, 0x1ff, 0x0, 0x4, 0x800008, 0x0, 0x0, 0x4000})

8.721024257s ago: executing program 1 (id=696):
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00'], 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000001c0)=@filter={'filter\x00', 0xe, 0x0, 0xc0, [0x0, 0x20000040, 0x20000070, 0x200000a0], 0x0, 0x0, 0x0}, 0x138)
syz_io_uring_setup(0x497, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$netrom(0xffffffffffffffff, 0x0, 0x0)
quotactl_fd$Q_SYNC(r2, 0xffffffff80000100, 0x0, 0x0)
fallocate(r2, 0x8, 0x0, 0x2000)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="63616368655f73747261746567793d64697361626c65fdd4642c757365725f78617474722c6461783d616c776179732c6461782c63616368655f73747261746567793d64697361626c65642c61636c"], 0x5, 0x1b1, &(0x7f00000000c0)="$eJzsmM1LG0EYxp+Z3WxIT+21FFpooOmhm91NWwql0Jxy6KXQD/EiBrOG6MZIsgcTEOLRk3+Df4J4Fw9evQleVRC8ePS8MrOjOxrzISRB8P0d3jwz82Y+3t08AwFBEM+Ws9Ork/XN81cc6GaQRVr1XxhJDtfymzu/cm8OS+7e3MH3493S0f353gGIotHXF3PvFw2Eqh1Fd7+dVZ9/wZFFRup/4Pio+mfAYCs9D47/SvtgmFV6SdMNkW/bi7XAtxcaQUUIRwRXBE+Egr6+CeByg6Gi7Y9p4612Z7kcBH6zV1j9hx4nBtVP7q/I8QOI1COL9Od1UxtH1i/GBYerdAEMf5T+hrSqDe85/2szOb8x2vnHKVLi1RuUszW51U1M4YAkhgh0Y5FGMsSn9fpNRojfzxPYxoRE4h/RNsMHzT9NzT/yYX31Z6vd+VSrl6t+1V/xvMJX57PjfPHy0pvjOMD/MtKfXmjzp/rkWszCWjkMm24cb9teHB9yXEv6H0fufdxmqk9H3gcvmbj6kDNUmyAIgiAIgiAIgiAIgiAIYuy8BZP/gg7B+y2zrwMAAP//Ub9tHw==")
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)

8.593006889s ago: executing program 4 (id=697):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01)
lstat(&(0x7f0000000580)='./file0\x00', 0x0)
chown(&(0x7f0000000840)='./file0\x00', 0x0, 0x0)
chown(&(0x7f0000000380)='./bus\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000180)='./bus\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@index_on}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})

6.565081806s ago: executing program 1 (id=698):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000002c0)=<r0=>0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000140)=0x1)
socket(0x22, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r2, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r2, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x1)
ioctl$PPPIOCCONNECT(r3, 0x4004743a, 0x0)
close(0xffffffffffffffff)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001c40)={&(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x46, 0x0, 0x6, 0x0, 0x0, @void, @value}, 0x28)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
io_setup(0x5, 0x0)
io_destroy(0x0)
execve(0x0, 0x0, &(0x7f0000019100))
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000001c0)='./bus\x00', 0x808, &(0x7f0000000600)=ANY=[@ANYBLOB='nodiscard,active_logs=4,alloc_mode=default,active_logs=6,active_logs=6,fault_injection=00000000000000001263,alloc_mode=reuse,noacl,heap,alloc_mode=default,noextent_cache,compress_cache,fault_type=00000000000000000004,\x00'], 0x1, 0x551b, &(0x7f000000cf00)="$eJzs3L1vW1UUAPDjpOk3JUIMbH1ShZRItVWnH4KtQCs+RKuowMAEju1Ybm2/KHackImBETHwnyCQmBj5GxiY2RADiA0J5HdfoOFb1IlJ8/tJz+fd6+vjc63I0nkvcgDH1mL24/eVuBBnImI+Is5HFOeV8ijcTOGZiLgYEXMPHZVy/teJkxFxNiIuTJKnnJXyqY8vjy9d/+61H7746tSJc598/vXsdg3M2rMR0d9I59v9FPNOivfL+ca4W8T+tXEZ0xP9B+U4T3G7vVZk2G7srWsU8Wonrc83toaTuN5rNCex010v5jcG6Q2H485enuIF9xubxbjVXitid5gXsbOb6trZTd9tu8NRytMq871XpC++QydGozTf3mmn/Ww8KGJzMCrnU9681d6ZxHEZy7eLZt5rFXWs/ffP+f/u9e5gaycbtzeH3XyQXa/Vn6vVb1Trm3mrPWpfqzb6rRvXsqVOb7KsOmo3+jc7ed7ptWvNvL+cLXWazWq9ni3daq91G4OsXq9drV2pXl8uzy5nL999K+u1sqVJfLE72Bp1e8NsPd/M0iuWs5Xa1eeXs0v17I07q9nqvdu376y++c6tt+++cOfVl8pFfygrW1q5srJSrV+prtSXj9H+PyiLnuL+4ZFUZl0AwNGj/wdm4eD6/817EQff/8ff9P+j0V7U//+TI9X/Hvf+/wD2D49E/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGx9s/DpK8XJYhqfK+efKKeeKseViJiLiJ//xHyc3Jdzvsyz8BfrF35Xw5eVKDJM3uNUeZyNiJvl8dOTB/0pAAAAwOPrs/cvfpS69fSwOOuCOEzpos3c+XenlK8SEQuL304p29zk4ekpJSv+vk/EzpSyFRewTk8pWbrkdmJa2f6V+X3h9EOhksLcoZYDAAAciv2dwOF2IQAAABymD2ddALNRib1bmXv3gov/vP/thuCZfSMAAADgCKrMugAAAADgwBX9v9//AwAAgMdb+v0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4hZ37uXEaiOIA/Oys2eWfiBB3WuG2KYMSOHJEWwBNpAAOoQUaSA3hRgkoQZkZJTH4gPDEFqvvk5yJR85PM1FymLH1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGv63m1WXz+9/Tw2Z38Yp85sAAAAgCG7brNKb5b5/Hnpf1m6XpfzJiLaiBhauy/iSS9zUXK68/VfLq/vzpHJt4iUcOy4LceziHhXjp+vpvgmAAAA4HHaPqzv82o9vyznHhBTyps27Yv3lfKaiOiWPyqltce8N5XC0u/7Jj5WSksbWHeVwvKW202ttL+S/u6nXbu7i6bJTTv4sdMgq80dAACY0KLXTLsKAQAAYEof5h4A80jP35dn8cutwNvclNt7T3tnAAAAwH+omXsAAAAAwNWl9f9F/b/efkDl+n+Hgfp/J/9c/+/3IAAAAOAPuf4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA17TrNqvtw/p+bM7+ME6d2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8Yn/eUSAEwiAM9q7vTOb+h5UGTU1NqkD4+BuDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB487u//J+YGmeSudfG0vNIsnZqbJ0ae+fG0R/G168BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICL/XlJgRAIgiiYM/530vc/rCToGUSIgIZHFbVoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7od7/8n5gaZ5K508bS8UiydtXYumrsPWgcPRhv/wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICLnft5jaOKAwD+ZmZna6viGmUPEVHwoBe73dbW3sSDEjz4Jwgh3dbYrT/aHGwpYi7eJOdeRI8ighJv/R9yTiCXeMthDxE8KzM7k538ANdfM5vk84E377vDMO/7ZiHkO+8lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafT2JE6yQ2ccx8W5zb2HS1m/dajPPF7bns9aFkd1Jn0yvFj9EHWbSwQAAICzIynr+xDCTrq+kPVxJ6//0/KarOb/9ulxXNbzh+v+si9r/6z98vPu8/sDdcbjZDe9uTwcXDqaSuv/m+Vse+Yvr2jlTz5/95LkX0j83upzozR/ntHXGxvvtPPwXB3ZAgD/xMWyL4Ly96Gs7zeZGABnRqtSeJf1f9JpNicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAOoxWw5NlHIUQ5luTOLO193DpuP7x2vZ82a49erQWvpzcM7tFGkK4uTwcXKp1NrPt3v0HtxeHw8Hd+oOXQghNjf5WMf3bH0xxcQiNPB/BfxTExZc9K/mcjKDBH0oAAJxKadGyun4nXV/IzkVzIfzx3cH6/9VKHKas/3c/vLZZHata//drm+Hs663c+bR37/6D15fvLN4a3Bp8/Mbl/pv9K9evXr3ey9+V9LwxAQAA4N9pF61a/8dzR9f/L1TiMGX9/9k3/S+qYyXq/2NNFv2azgQAAOBse/bl33+Ljjkftdvh88WVlbv98XH/8+XxsYFU/7ZzRavW/8lc01kBAAAAdRitRgfW/29U4jDl+v9T37/wY/WeSQjhfLH+f3Hpk+GN+qYz0+r4c+Km5wgAAECzzhetuv6f5vv/4/0tD3EI4bVXxnHxbwCnqv+Td7/6oTpWdf//lfqmOJPi7vh55H03hFa36YwAAAA4zZ4oWlbs/5quL3z004X32/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtzwAAAP//TDA9TA==")
r4 = openat(0xffffffffffffff9c, 0x0, 0x48104, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r4, 0xf501, 0x0)

6.502782453s ago: executing program 0 (id=699):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0x1}, 0x18)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_REPLY={0x4}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x1}]}, 0x44}}, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time={0x2, 0x8}, {}, {}, @raw32={[0x0, 0x0, 0x2]}}, {0x0, 0x0, 0x0, 0x0, @time={0x7, 0x5}, {}, {}, @quote}], 0x38)
ioctl$SG_GET_REQUEST_TABLE(r6, 0x2275, &(0x7f00000018c0))
syz_clone3(&(0x7f0000000400)={0xf422b0c1903324ea, &(0x7f00000000c0), &(0x7f0000000180), &(0x7f0000000240), {0x1d}, &(0x7f0000000340)=""/12, 0xc, &(0x7f0000000380)=""/16, &(0x7f00000003c0)=[r0, r0, r0, 0x0, r0, r0, r0], 0x7, {r6}}, 0x58)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
dup(r7)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
dup(r8)

5.775568667s ago: executing program 0 (id=700):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
ioctl$SIOCX25GFACILITIES(0xffffffffffffffff, 0x89e2, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000100), 0xa0000, 0x0)
r4 = openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000000)=0x7fffffff)
ioctl$SNDCTL_DSP_GETODELAY(r4, 0x80045017, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x4716, 0x3)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0xc000, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x0, 0x0, 0x0, 0x1, 0x47, &(0x7f00000002c0)=""/71, 0x41000, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000480)={0xfffffffe, 0x6, 0x7, 0x43}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000580)=[{0x3, 0x3, 0x8, 0x5}, {0x5, 0x2, 0x87, 0x2}], 0x10, 0x1, @void, @value}, 0x94)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000040)={'\x00', 0x2c2c, 0x200006, 0x2, 0x4964, 0x9})
connect$inet6(r5, 0x0, 0x0)

4.532829679s ago: executing program 0 (id=701):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384\x00'}, 0x58)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/dev\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f0000000580), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000680)=ANY=[@ANYRES16=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB='\b', @ANYRES32=r1, @ANYRES32=0x0, @ANYBLOB="08000100080000000c009900060000", @ANYRES32=r3, @ANYBLOB], 0x74}}, 0x40000)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
preadv(r0, &(0x7f0000001400)=[{&(0x7f00000001c0)=""/182, 0xb6}], 0x1, 0x1239, 0x4b4a)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000140), 0x3, 0x0)
ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0xffffffffffffffb6)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(0xffffffffffffffff, 0x4004510d, &(0x7f0000000000))
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x14)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mprotect(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x4810, &(0x7f00000000c0)=ANY=[], 0x11, 0x693, &(0x7f0000000880)="$eJzs3c1vHGcdB/DvrNcvm0qO26ZpQJUwjVQQEYkdK4VwSUAIBalCVThwthqnseKkwXFR2gNxAYkrB/6AcggXOIEQEhJSpHKGW8XN4lQJiUtPaQ8MmtlZe+3u2ptXO/TziWaf55ln5pnf/OZlXyJrAnxuXTiR9t10cuHEa7eq9sadhZWNOwvXevUkk0laSbtbpLieFB8k59Od8oVqZjNcMWw7v14+e/HDjzc+6rba2RqveukMD7A9yl6sN1Nmk4w15UPYNt4bDzbe5Fa12MxMlbDjvcTBfhtPUm7z46NbPYOUY32Nodc78PQouu+bfbrX/0xyKMlU7w1tvdvZevIR7um+7kXrjy8OAAAAODAO37ud3Mr0fscBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT5Pm+f9FM7V69dkUvef/T/Q9Y39in8MdbvfIpnqVu60nEQwAAAAAAAAAPF5fupffXSzL6V67LOr/83+5bhypX5/J27mZpazmZG5lMWtZy2rmk8z0DTRxa3FtbXW+t+anZVkOWfP0wDVPjxhw51HsNQAAAAAAAAD83zjXlD/LhUzvcywAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBNkYx1i3o60qvPpNVOMpVkolpuPflHr/40u7vfAQAAAMATcPhe7uVWpnvtsqi/8x+tv/dP5e1cz1qWs5aVLOVS/VtA91t/a+POwsrGnYVr1fTZcb/9n636H6f3DKMeMd3fHgZv+Vi9RCeXs1zPOZk38lZWcimtes3KsV48g+N6r4qpONdVlqMl6FJTVnv+q6Y8GGbqjIxvZmSuia3KxrO7Z6L/6DzAlubT2vzl58h95Pzcrlsp/ts7Jod6c5Jnvr93zsfva2ceys5MnO47+47unonkK3/6/Y+urFy/eqVYP3FwTqP7MPmvratmZyYW+jLx4siZuHzz6czETq28sFm/kO/lhzmR2bye1SznJ1nMWpYym+/WtcXmfK5eZ3bP1Pltrdf3imKiOS5jO2L68uFuuVtML9frTmc5P8hbuZSlvFr/O535fCNnciZn+47wCyNc9a0BV/2fhwd//KtNpZPkl015MFR5fbYvr/333Jm6r39OK+Vkd73nHtm9cVP7i02lOhI/b8qDYTMTU9l8l+hF93wvA+MDM/Gb+rZyc+X61dUrizd2jFusD97eK9m++wfnRlKdL89VB6tubT87qr7nB/bN131HNvtaO/t+29ns2+tKnWg+w312pNN134sD+xbqvmN9fVuftz4ty7L7eQuAA+/Q1w5NdP7d+Xvn/c4vOlc6r019Z/Kbky9NZPxv499qz4290nqp+EPez0+z9zd0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgTzffeffq4srK0uqOSlmWt4d0PZZK2sm2OX/9S98ySeqHAY0+YLX0+VZSz2mnqdxfYLcfbHfee9Ak/LM5Jk8k4Y+kMjX0/NlZ+aQsy4MR8yiVsnFQ4tmPyr7eloAn4NTatRunbr7z7teXry2+ufTm0vWzZ86cnTt75tWFU5eXV5bmuq/7HSXwOPR9AgcAAAAAAAAAAACeEqP9cU7xcH/bAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAQLpxI+26KzM+dnKvaG3cWVqqpV99a8pMkrSTFbFJ8kJxPd8pM33DFsO2sJxc//Hjjo26r3Uz18q3d1hvNejNlNslYUw4wNWhmeXvYeEU9zo3h442o2NzDKmHHe4mD/fa/AAAA///tbhq7")
pwritev(0xffffffffffffffff, &(0x7f0000000600), 0x0, 0x0, 0x0)

4.497259036s ago: executing program 1 (id=702):
socket$netlink(0x10, 0x3, 0x10)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x6177, &(0x7f0000000400)={0x0, 0x54bd, 0x4, 0x8, 0x232}, &(0x7f0000000340)=<r3=>0x0, &(0x7f00000003c0)=<r4=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, @void, @value}, 0x94)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM(r5, 0x4068aea3, &(0x7f0000000140))
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, &(0x7f00000004c0)={'vcan0\x00'})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000280)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_NOP={0x0, 0x4})

4.369428358s ago: executing program 4 (id=703):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$dsp(0xffffffffffffffff, &(0x7f00000000c0)=""/108, 0x6c)
write$dsp(0xffffffffffffffff, &(0x7f0000002000)='`', 0x88020)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
keyctl$setperm(0x5, 0x0, 0x1100100)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5, 0x0, 0x1}, 0x18)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB='target PCI2.0\x00\x00'], 0x13)

2.597562391s ago: executing program 0 (id=704):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, &(0x7f0000002100)={&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x3, 0x1, 0x4, {0xa, 0x4e23, 0x10008, @mcast2, 0x3}}}, 0x80, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB], 0x10}, 0x0, 0x2000c000})
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x4, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000000)=0x1, 0xfef2)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x9, &(0x7f0000000040)=0x440, 0x4)
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x4e23, @remote}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
socket$kcm(0x2, 0xa, 0x2)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x13f}}, 0x20)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000580)={0x1, 0x4, 0x104, 0x5, 0x8, 0x20, 0x1f, "84ee2ed087d564e0cca1a80edff27d431b7aa8f3", "f400349f01000000010000000000000800"})
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r4, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r5, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x7, @empty}, @ib={0x1b, 0x0, 0x0, {"7d0300"}, 0x0, 0x0, 0x6}}}, 0x118)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, 0x0)
close(r4)

2.482145382s ago: executing program 1 (id=705):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, 0x0)
read$dsp(0xffffffffffffffff, &(0x7f00000000c0)=""/108, 0x6c)
write$dsp(0xffffffffffffffff, &(0x7f0000002000)='`', 0x88020)
keyctl$setperm(0x5, 0x0, 0x1100100)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x98}}, 0x0)
write$vga_arbiter(r5, &(0x7f0000000040)=ANY=[@ANYBLOB='target PCI2.0\x00\x00\x00\x00\x00\x00'], 0x13)

1.176091007s ago: executing program 1 (id=706):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file0\x00', 0x8c0, &(0x7f00000000c0)=ANY=[], 0x4, 0xf82, &(0x7f0000003080)="$eJzs3U9sHNX9APA36/W/2MRr4AcGfoQUWhEo2CGJ1PQWBOqlEuLSOygkNMJQ1NBKREBMD4hKiCIhThUHEBdKpRSpSKBKFeqp7alVb+0F9UKlKpWCemgjJa5iv1nvPu9k12N7dtf7+UjffX7zZuf7HXsTz4xn3wZgZNXWHo8dW8hCeOeztx99+ansk2vL7mqucXDtMYu9RghhvKWfJdv7Ii64cumlk53aLBxZe8z74bGLzefOhBBWwsHweWiEj5aWv/rw3UcOffza1C1vnnvmlV3a/aZ0PwAAYC+68Mflv973jz88MH/5woETYbK5PD8+b8T+TDzuPxwPlPPj5Vpo72ct0WoiWW8sRi1ZbyxZr57kqRfkG0+2M16w3kSXfGMtyzrtJwAAAAyj/Ly2EbLaYlu/VltcXD/vv+aLuYls8bkzy6fP9qlQAAAAoLR/n1+76XaIY2oAahBpTOcvsK0976Pvbv0524paxfnqFecbmSj3ehNCCCGE2LlwPCKGIFbnKrzYAAAAANBhvrBNVnZ2pq7m1hq95b/4cK3z82EHJK+/zdNO7PDr//r5pzavUGn+DnY//3if8193/z941f84AACUt1ePJvP9yo+j83kM0nkEx9qeNTO21fOPWrKd+hbrLJpXcFjmGyyqc6ziOsoqqn+rP8d+Kao/nQ9zUBXVn87TOaiK6p+suI6yiurvcOUnDOI/66L6pyuuo6yi+vdVXEdZRfXPVFxHWUX1z1ZcR1lF9d9QcR1lFdW/v+I6yiqqf1huqy2qv1FxHWUV1T+/3gz8YURR/TdWXEdZRfXfVHEdZRXVf3PFdfTLnbHNvw8HCtab6XDwN3AHgwAAAEBH/x36+f9GNOoDUIMQQgx9vLr+y7B9+VSHZWJbURuAGnYrpju9hoQQQoiBjPN9vPYAAAAADIb8fQH5u95Xo3x8bNP4396/9piP11vHpzY2kI+Pd9n+RJfxyS7jAAAAQAi/ef30bW9lG/Pdpe/p3+p8ePm8UdPhk6uhxDxG6XyEW82/3XnPtpu/84QjwzIbGwAAAHtV9p3Pr97/6HsvzF++cOBEy9nv1Xi+m88DWo/XBj6N/fy+gNmkn+Xn0Cfa89QK1kuvD9xQtL3Ht7mjAAAAMMLy8/dGyGqLLefdjVCrLS5unI8vhPHs9JnlU4djP/98lt/PjU9eW/5QxXUDAAAAvds43+98/p9/ju9CmMgWnzuzfPrsen+2uXy81npdYG5jedZ6XaCRLD9SsPxo7MfP7wzfn5teW7548gfLT+30zgMAAMCIOPviuWeeXF4+9cPR+aIeQtjWdsIg7IUvfLGrX/T7fyYAAGCnffnl2+M/Ojr72/X3/2/Mf3c1fnEw9htxbr8/xeX5fQL5+wA2vV//ifY8c0XrPd++XiNZbyzGZFL3VMt2wtp8g+3Pmy/K12jfzkRBvpkk32ySL52noJ6sn3WYSzB0mAkwX28uWZ7Ow1hPcmRJ/rs75AIAAIDc0gvPPr909sVzD5559smnTz196rmjR45/+/jxww9966Gltfv6l1rv7gcAAACG0cZNv/2uBAAAAAAAAAAAAAAAAAAAAEZXFR8n1u99BAAAgFH3r/MhhBUhCiL/gMF+1zHskQ1ADbsXq5P9r2FvR/DvUAghhBDbjP6e9005lhmMWF1NP2keAAAAYHddufTSydZ2k5VsR/M1t9ZYb67GvHk7++Bf5q9FvtrFh9uvl+zb0WoYdVW//uUf1PyTHcc/eHVn869diG9s9Lv//1dr38CJtcd67E33mvfepV8sNPOHEG6v95g/3f/He83Y7lCS/97QW/7V95L8T7T1ar3mvy/Jv6/H/Jv2//miDFPXzX9/zL8Q+4fu6TV/+y5OJtl6fQF8M9n/p0Kv+ZP9b/SYMPFAzA8Ao6j523z1fH8L2WH5UUJ+PD0T+/n+5ges6d0PWz3+ryXbqW+78vbt5sdBt8Z+86hupT1vbqv159+X2djeULLO1LDcVVJU/079HHdbUf3jFddRVlH9ExXXUVZR/Z3P3gdPUf3XP3scHEX193whos+K6h+W68pF9c9UXEdZRfXPVlxHWUX1b/X3eL8U1b+/4jrKKqp/ruI6yiqqv+RltcoV1T9fcR1lFdV/Y8V1lFVU/00V11FWUf03V1xHv9wR26Lz4fz8cy6O5f1G0p/s8L3s+Y8hAAAAwK7650DO/9dy5aDvtQghhBBiGGJsAGoQYpjjP6vr+l2HEGL3YnW1n1cf6LdsiO4VB2Dn7O5sFgw6P//R5uc/2vz8uZ78L/FZ0s+NdRmvdxkf7zI+kYxnyRMni8ajm5LtrubXNaObu4z/X9yDovH9yfN/nIzf2mX7C13Gb+syfnuX8Tu6jAMAADAabomt80MAAADYu17+5adv/PreJy7NX75w4ESY2DTv/OHYn4x/W3899tN573Pj8W/+P4n992P7u9j+PVnf/ScAAACw+/LPifH3fwAAANi78s8pdf4PAAAAe9d8bJ3/AwAAwN51Y2yd/wMAAMAelk11Xhzb/LrA3bHtdV4/AGDw/X9s74ztgdjeFduvxTY/Drgntl+vqD4AYOf8/Hs/Pf5WtjHf/9Fk/EpcnrebrKxfKchq7TP5T8d2X2y/0WM96ecB9Jo/t7/HPLuVf26b+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvaO29njs2EIWwjufvf3ozybe+PO1ZXc11zi49pjFXiOEMN58Xj660f9VXPHKpZdOtrZXY5uFIyELWXN5eOxiM9NMCGElHAyfh0b4aGn5qw/ffeTQx69N3fLmuWde2cVvQdv+AQAAwF70vwAAAP//7lUWHg==")
r0 = socket(0x10, 0xa, 0x44)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$unix(0x1, 0x1, 0x0)
write(r0, &(0x7f0000000240), 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r3, 0x40186e8d, &(0x7f0000000800)={@id={0x2, 0x0, @auto="0014d300000000005000000000000078"}})
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r4, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x0, @private=0xa010102}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930)
r5 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x16)
ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f0000000180)=ANY=[])
chown(&(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, 0xee00)
r6 = open(0x0, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r6, 0x40047211, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2401})

1.130917818s ago: executing program 4 (id=707):
pselect6(0x40, &(0x7f00000001c0)={0xcd, 0x0, 0x0, 0x0, 0x20000000001, 0x4a92, 0xff, 0x2}, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002800)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000021cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d31c61b889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f0b2ad1eb9769d74e4f1feff374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafbbc9c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724190000006f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde99982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0ed9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c1003000000000000003a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab778c50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b28448692686ac80d81a89f9c29e2768000000000000000000000000002cb35a3b45a4eb86b2d5ab19957ebd81ba90a3e033ceaf2ebbb1a69fba8086d44f6bf9b85143a8f615ebd57d330cf9bed7b699be53d1e49c62b9e40595db3d8e5f4b1e31f4f779132f72cf926441867d2472e2c131c59b6539d82e23627242913b9400000000000000000000000000000061929a9e942f62ff3493fd898688f4e936333b1ae200047b4e02b7c3f775b59e45ae6f153236103a4c9e134909fbe0b51bfb7ba7267b0cad6c6cb9f03255d372ef43c834cd48cbaaf50afbfde5a246006407"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r4, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
r5 = socket$kcm(0x29, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001dc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff730d00000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409eaa988dbc2fee9d313d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb61799257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad0e0e2b45d14ee446b840edaa1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c50ce6a8e9f65de13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae20bf279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522f7dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87915ed063f608dddb03a95b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627820d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000c3d51d9a161446b4373e06a9e07f8a000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b4047979379dc15c9056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221f05e6ca8c705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f12fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612aa25d61ce4e2c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008435f39381c2a77c001caae53db7316fa6d48d032ab6831ebb813c85855c7a9ad8140a4b29422fc20d4e75c848984a2e217ec9c2833b8fa9106ee1be2c05103a36fc1126f1aa5284ba7179843b08ecadc199b9038cf6b9ee4e1f321a6a32e03bd987ddfada1f69756651b73a7ed0f7e467081193b2844869"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r7 = socket$kcm(0x2, 0x1, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000040)={r7, r6})
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, &(0x7f0000000040)={r4, r3})
close(r5)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000040)="f36db9d90800000f322e6764260f350f79330f8267333a99c4e17ff057ee66baf80cb8ace60d8aef66bafc0c66ed670f01c8f365f0812109000000f3260fa520", 0x40}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)

91.86536ms ago: executing program 4 (id=708):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x400, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0x7, 0xfff2}, {0x3, 0xc}, {0xfff3, 0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_NAT={0x8, 0xb, 0x1}, @TCA_CAKE_MPU={0x8, 0xe, 0xc3}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0xb, &(0x7f0000000100)=0x3, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)
setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x7, 0x2000, 0x2}, 0x14)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x14, r3, 0x1}, 0x14}}, 0x0)
listen(0xffffffffffffffff, 0x1ff)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0xf8}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

74.188346ms ago: executing program 0 (id=709):
timer_create(0xb, 0x0, &(0x7f00000003c0))
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000600)=ANY=[@ANYBLOB="666d61736b3d30303030303030303030303030303030303030303030322c646973636172642c6572726f72733d72656d6f756e742d726f2c696f636861727365743d63703837342c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030312c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6572726f72733d72656d6f756e742d726f2c696f636861727365743d63703836302c646973636172642c00dced11a2761e8532b2e0199234d7a478a2aec0301261dde220b36942b4f3d68482a89f58807c55940bdceffd4304c6e43f1216c6dc21daa755559823f0b9888dc6900528ec81651ff87269792ed5127d2ee52b9c8db3aa710ae36b906361a733254beccd064f03dab460f16c773d5c6adde92a15560e0a3257ddad10a92455a9655422ea47117f789464f7a779a56cc2a03dd0430e633e2b235ae19b1adf47a79f8970571500a1eac601a0d49337c615e8d5fb2f8384fb9e757ff9b4e3"], 0x3, 0x1510, &(0x7f0000003640)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
socket$packet(0x11, 0x3, 0x300)
clock_settime(0x300000000000000, &(0x7f0000003c80)={0x77359400})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wg0\x00'})
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x10)

0s ago: executing program 1 (id=710):
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0)
syz_open_dev$evdev(0x0, 0x1, 0x8c2b01)
setgroups(0x0, 0x0)
getgroups(0x1, &(0x7f0000000100)=[<r0=>0xee00])
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, 0x0, &(0x7f00000001c0)='configfs\x00', 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000002740)='net/igmp\x00')
read$FUSE(r4, &(0x7f0000000140)={0x2020}, 0x2061)
setregid(0x0, r0)
capset(0x0, &(0x7f0000000140))
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, 0x0, &(0x7f0000000080))
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x33, 0x0, 0x0)

kernel console output (not intermixed with test programs):

1q: adding VLAN 0 to HW filter on device batadv0
[   91.342397][ T5835] veth0_vlan: entered promiscuous mode
[   91.414351][ T5835] veth1_vlan: entered promiscuous mode
[   91.436497][ T5842] Bluetooth: hci1: command tx timeout
[   91.522603][ T5842] Bluetooth: hci2: command tx timeout
[   91.526806][ T5845] veth0_vlan: entered promiscuous mode
[   91.528735][   T51] Bluetooth: hci0: command tx timeout
[   91.559271][ T5834] veth0_vlan: entered promiscuous mode
[   91.590123][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.600476][   T51] Bluetooth: hci3: command tx timeout
[   91.606296][ T5842] Bluetooth: hci4: command tx timeout
[   91.632056][ T5834] veth1_vlan: entered promiscuous mode
[   91.693006][ T5845] veth1_vlan: entered promiscuous mode
[   91.726104][ T5835] veth0_macvtap: entered promiscuous mode
[   91.776931][ T5848] veth0_vlan: entered promiscuous mode
[   91.798409][ T5835] veth1_macvtap: entered promiscuous mode
[   91.832282][ T5848] veth1_vlan: entered promiscuous mode
[   91.871704][ T5834] veth0_macvtap: entered promiscuous mode
[   91.880669][ T5845] veth0_macvtap: entered promiscuous mode
[   91.897073][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.914491][ T5834] veth1_macvtap: entered promiscuous mode
[   91.936589][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.952104][ T5845] veth1_macvtap: entered promiscuous mode
[   91.976789][ T5835] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.986638][ T5835] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.996304][ T5835] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.005567][ T5835] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.051181][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0
[   92.063539][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.095994][ T1211] cfg80211: failed to load regulatory.db
[   92.119829][ T5848] veth0_macvtap: entered promiscuous mode
[   92.150764][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.173976][ T5848] veth1_macvtap: entered promiscuous mode
[   92.197184][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.227282][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.261671][ T5845] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.284890][ T5845] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.293941][ T5845] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.304751][ T5845] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.330842][ T5834] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.341172][ T5834] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.350563][ T5834] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.367731][ T5834] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.468526][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.534008][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.549860][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.585861][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.626947][ T4527] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.636163][ T4527] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.653451][ T5848] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.664046][ T5848] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.673671][ T5848] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.685072][ T5848] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.780284][ T5919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.788816][ T5919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.863606][ T5919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.891259][ T5919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.940835][ T5835] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   92.964150][ T1039] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.980822][ T1039] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.990118][ T5832] veth0_vlan: entered promiscuous mode
[   93.077540][ T5832] veth1_vlan: entered promiscuous mode
[   93.091452][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.108794][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.110620][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.144854][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.219866][ T5925] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4'.
[   93.268365][ T5925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4'.
[   93.315804][ T5919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.348818][ T5919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.419652][ T5832] veth0_macvtap: entered promiscuous mode
[   93.488443][ T5832] veth1_macvtap: entered promiscuous mode
[   93.515713][   T51] Bluetooth: hci1: command tx timeout
[   93.596457][ T5842] Bluetooth: hci2: command tx timeout
[   93.601971][   T51] Bluetooth: hci0: command tx timeout
[   93.675842][ T5842] Bluetooth: hci4: command tx timeout
[   93.681953][   T51] Bluetooth: hci3: command tx timeout
[   93.984786][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   94.266485][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.347661][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.423490][ T5832] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.463986][ T5832] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.485895][ T5832] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.495036][ T5832] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.912055][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.949991][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.003172][ T5952] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11'.
[   95.068763][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.106244][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.510454][ T5935] loop1: detected capacity change from 0 to 40427
[   95.603152][ T5935] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   95.618766][ T5955] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   95.645535][ T5935] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   95.703433][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   95.738264][ T5957] loop3: detected capacity change from 0 to 256
[   95.780018][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   95.792105][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   95.815012][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.824156][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.832879][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.841923][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.850647][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.862271][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   97.209304][ T5951] loop2: detected capacity change from 0 to 32768
[   97.250855][ T5951] =======================================================
[   97.250855][ T5951] WARNING: The mand mount option has been deprecated and
[   97.250855][ T5951]          and is ignored by this kernel. Remove the mand
[   97.250855][ T5951]          option from the mount to silence this warning.
[   97.250855][ T5951] =======================================================
[   97.484255][ T5951] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[   98.198526][ T5977] loop0: detected capacity change from 0 to 1024
[   98.314022][ T5848] ocfs2: Unmounting device (7,2) on (node local)
[   99.735873][ T4527] hfsplus: b-tree write err: -5, ino 4
[   99.769885][ T5987] loop4: detected capacity change from 0 to 2048
[   99.816151][ T5987] EXT4-fs: Ignoring removed mblk_io_submit option
[   99.998058][ T5987] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.263835][ T5999] loop1: detected capacity change from 0 to 2048
[  100.321055][ T5999] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  100.597826][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.751131][   T24] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  103.118936][   T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  103.140810][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  103.166073][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  103.185645][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  103.204369][   T24] usb 4-1: SerialNumber: syz
[  103.251167][   T24] usb 4-1: 0:2 : does not exist
[  103.576113][ T5888] usb 4-1: USB disconnect, device number 2
[  103.891495][ T6029] loop2: detected capacity change from 0 to 40427
[  103.908280][ T6033] loop1: detected capacity change from 0 to 32768
[  103.927452][ T6029] F2FS-fs (loop2): build fault injection rate: 690
[  103.973590][ T6029] F2FS-fs (loop2): heap/no_heap options were deprecated
[  104.054376][ T6029] F2FS-fs (loop2): Image doesn't support compression
[  104.083474][ T6033] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  104.196219][ T6029] F2FS-fs (loop2): invalid crc value
[  104.262007][   T30] audit: type=1800 audit(1747978479.501:2): pid=6033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.33" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  104.410636][   T30] audit: type=1800 audit(1747978479.651:3): pid=6049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.33" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  104.638781][ T5888] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  104.717609][ T5834] ocfs2: Unmounting device (7,1) on (node local)
[  104.717684][ T6029] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  104.823610][ T5888] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  104.861867][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.095777][ T5888] usb 5-1: config 0 descriptor??
[  105.099539][ T6047] f2fs_ckpt-7:2: attempt to access beyond end of device
[  105.099539][ T6047] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.161420][ T5888] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  105.162810][ T6047] CPU: 1 UID: 0 PID: 6047 Comm: f2fs_ckpt-7:2 Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) 
[  105.162833][ T6047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.162843][ T6047] Call Trace:
[  105.162850][ T6047]  <TASK>
[  105.162857][ T6047]  dump_stack_lvl+0x189/0x250
[  105.162890][ T6047]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.162906][ T6047]  ? __pfx_queue_work_on+0x10/0x10
[  105.162921][ T6047]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  105.162945][ T6047]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  105.162980][ T6047]  f2fs_handle_critical_error+0x37c/0x540
[  105.163008][ T6047]  f2fs_write_end_io+0x5b8/0x7e0
[  105.163031][ T6047]  ? __submit_merged_bio+0x251/0x6a0
[  105.163065][ T6047]  __submit_merged_bio+0x27a/0x6a0
[  105.163092][ T6047]  __submit_merged_write_cond+0x255/0x530
[  105.163119][ T6047]  f2fs_write_data_pages+0x261d/0x3000
[  105.163176][ T6047]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  105.163268][ T6047]  ? __lock_acquire+0xab9/0xd20
[  105.163299][ T6047]  ? do_raw_spin_lock+0x121/0x290
[  105.163329][ T6047]  ? do_raw_spin_unlock+0x122/0x240
[  105.163348][ T6047]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  105.163371][ T6047]  do_writepages+0x32e/0x550
[  105.163407][ T6047]  ? do_raw_spin_unlock+0x122/0x240
[  105.163430][ T6047]  filemap_fdatawrite+0x191/0x230
[  105.163447][ T6047]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  105.163511][ T6047]  ? do_raw_spin_unlock+0x122/0x240
[  105.163534][ T6047]  f2fs_sync_dirty_inodes+0x31f/0x830
[  105.163573][ T6047]  f2fs_write_checkpoint+0x94a/0x1de0
[  105.163620][ T6047]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  105.163684][ T6047]  ? __pfx_down_write+0x10/0x10
[  105.163703][ T6047]  ? __pfx___schedule+0x10/0x10
[  105.163734][ T6047]  __checkpoint_and_complete_reqs+0xd9/0x3b0
[  105.163762][ T6047]  ? __pfx___checkpoint_and_complete_reqs+0x10/0x10
[  105.163802][ T6047]  issue_checkpoint_thread+0xd9/0x260
[  105.163829][ T6047]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  105.163858][ T6047]  ? __pfx_autoremove_wake_function+0x10/0x10
[  105.163889][ T6047]  ? __kthread_parkme+0x7b/0x200
[  105.163906][ T6047]  ? __kthread_parkme+0x1a1/0x200
[  105.163929][ T6047]  kthread+0x711/0x8a0
[  105.163951][ T6047]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  105.163975][ T6047]  ? __pfx_kthread+0x10/0x10
[  105.163996][ T6047]  ? _raw_spin_unlock_irq+0x23/0x50
[  105.164018][ T6047]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.164031][ T6047]  ? __pfx_kthread+0x10/0x10
[  105.164051][ T6047]  ret_from_fork+0x3fc/0x770
[  105.164077][ T6047]  ? __pfx_ret_from_fork+0x10/0x10
[  105.164106][ T6047]  ? __switch_to_asm+0x39/0x70
[  105.164121][ T6047]  ? __switch_to_asm+0x33/0x70
[  105.164136][ T6047]  ? __pfx_kthread+0x10/0x10
[  105.164156][ T6047]  ret_from_fork_asm+0x1a/0x30
[  105.164190][ T6047]  </TASK>
[  105.472650][ T6047] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  105.503772][   T30] audit: type=1800 audit(1747978480.741:4): pid=6029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.32" name="file0" dev="loop2" ino=10 res=0 errno=0
[  105.686049][ T5888] gp8psk: usb in 128 operation failed.
[  105.693652][ T5888] gp8psk: usb in 137 operation failed.
[  105.703254][ T5888] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  105.981000][ T5888] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  106.373601][ T5888] usb 5-1: USB disconnect, device number 2
[  106.604029][ T6069] loop0: detected capacity change from 0 to 16
[  106.682748][ T6069] erofs (device loop0): mounted with root inode @ nid 36.
[  106.793527][ T6069] process 'syz.0.45' launched '/dev/fd/3' with NULL argv: empty string added
[  106.843653][ T6075] loop1: detected capacity change from 0 to 128
[  106.882721][ T6075] EXT4-fs: Ignoring removed mblk_io_submit option
[  106.983323][ T6075] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  107.019267][ T6075] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  107.209199][ T6080] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.48: No space for directory leaf checksum. Please run e2fsck -D.
[  107.224984][ T6080] EXT4-fs error (device loop1): __ext4_find_entry:1626: inode #2: comm syz.1.48: checksumming directory block 0
[  107.774462][ T6083] loop3: detected capacity change from 0 to 16
[  107.785312][ T6083] erofs (device loop3): mounted with root inode @ nid 36.
[  108.084407][ T6085] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  108.188792][ T6085] erofs (device loop3): read error -117 @ 43 of nid 36
[  108.379355][ T5834] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  109.534851][ T5888] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  109.805113][ T5888] usb 2-1: Using ep0 maxpacket: 8
[  109.899082][ T5888] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  109.975263][ T5888] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  110.074039][ T5888] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  110.168400][ T5888] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  110.257871][ T5888] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  110.353152][ T5888] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  110.393218][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.650402][ T5888] usb 2-1: GET_CAPABILITIES returned 0
[  110.656356][ T5888] usbtmc 2-1:16.0: can't read capabilities
[  110.852398][   T24] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  110.911863][   T24] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  110.961598][ T6104] loop2: detected capacity change from 0 to 1024
[  110.972308][ T5888] usb 2-1: USB disconnect, device number 2
[  111.314897][ T6105] fido_id[6105]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  111.719979][ T6092] loop3: detected capacity change from 0 to 40427
[  111.727514][ T5907] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  111.769710][ T6092] F2FS-fs (loop3): heap/no_heap options were deprecated
[  111.804080][ T6092] F2FS-fs (loop3): invalid crc value
[  111.905782][ T5907] usb 3-1: Using ep0 maxpacket: 32
[  111.926967][ T5907] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.964730][ T5907] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.011143][ T5907] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  112.054290][ T5907] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  112.099067][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.161316][ T5907] usb 3-1: config 0 descriptor??
[  112.216125][ T6092] F2FS-fs (loop3): Start checkpoint disabled!
[  112.666747][ T5907] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.0002/input/input5
[  112.807558][ T6113] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.823711][ T6113] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.855803][ T5907] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.0002/input/input6
[  113.010484][ T5907] kye 0003:0458:5011.0002: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.2-1/input0
[  113.201696][ T5907] usb 3-1: USB disconnect, device number 2
[  113.262347][ T6134] fido_id[6134]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  115.689356][   T30] audit: type=1326 audit(1747978490.931:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6168 comm="syz.4.75" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6b9eb8e969 code=0x0
[  115.711391][    C1] vkms_vblank_simulate: vblank timer overrun
[  115.959461][ T6174] loop2: detected capacity change from 0 to 1024
[  115.976316][ T6174] EXT4-fs: Ignoring removed nobh option
[  116.004996][ T6174] EXT4-fs: Ignoring removed bh option
[  116.166778][ T6174] EXT4-fs error (device loop2): ext4_orphan_get:1419: comm syz.2.77: bad orphan inode 32767
[  116.197492][ T6174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.305198][ T6153] loop1: detected capacity change from 0 to 40427
[  116.318554][ T6174] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.77: iget: bad i_size value: 576460752303423498
[  116.345612][ T6153] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  116.355202][ T6174] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz.2.77: iget: bad i_size value: 576460752303423498
[  116.376289][ T6153] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  116.397503][ T6153] F2FS-fs (loop1): invalid crc value
[  116.400396][ T6174] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  116.408532][ T5880] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  116.602809][ T6153] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  116.618753][ T5880] usb 1-1: Using ep0 maxpacket: 8
[  116.640990][ T6153] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  116.656097][ T5880] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  116.664421][ T5880] usb 1-1: config 0 has no interface number 0
[  116.672055][ T5880] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  116.684070][ T5880] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  116.711880][ T6191] input: syz0 as /devices/virtual/input/input7
[  116.744650][ T5880] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  116.783526][ T5880] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  116.825093][ T5880] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  116.846188][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.878551][ T5880] usb 1-1: config 0 descriptor??
[  116.913501][ T5880] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  116.931175][ T5834] syz-executor: attempt to access beyond end of device
[  116.931175][ T5834] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  116.967974][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: syz-executor Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) 
[  116.968003][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  116.968015][ T5834] Call Trace:
[  116.968023][ T5834]  <TASK>
[  116.968032][ T5834]  dump_stack_lvl+0x189/0x250
[  116.968062][ T5834]  ? __pfx_dump_stack_lvl+0x10/0x10
[  116.968078][ T5834]  ? __pfx_queue_work_on+0x10/0x10
[  116.968094][ T5834]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  116.968121][ T5834]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  116.968159][ T5834]  f2fs_handle_critical_error+0x37c/0x540
[  116.968192][ T5834]  f2fs_write_end_io+0x5b8/0x7e0
[  116.968219][ T5834]  ? __submit_merged_bio+0x251/0x6a0
[  116.968262][ T5834]  __submit_merged_bio+0x27a/0x6a0
[  116.968301][ T5834]  __submit_merged_write_cond+0x255/0x530
[  116.968336][ T5834]  f2fs_write_data_pages+0x261d/0x3000
[  116.968410][ T5834]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  116.968503][ T5834]  ? check_path+0x21/0x40
[  116.968520][ T5834]  ? check_noncircular+0xe0/0x160
[  116.968607][ T5834]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  116.968635][ T5834]  do_writepages+0x32e/0x550
[  116.968681][ T5834]  ? do_raw_spin_unlock+0x122/0x240
[  116.968710][ T5834]  filemap_fdatawrite+0x191/0x230
[  116.968745][ T5834]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  116.968833][ T5834]  ? do_raw_spin_unlock+0x122/0x240
[  116.968862][ T5834]  f2fs_sync_dirty_inodes+0x31f/0x830
[  116.968913][ T5834]  f2fs_write_checkpoint+0x94a/0x1de0
[  116.968973][ T5834]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  116.969078][ T5834]  ? kill_f2fs_super+0x298/0x6c0
[  116.969114][ T5834]  kill_f2fs_super+0x2c3/0x6c0
[  116.969150][ T5834]  ? __pfx_kill_f2fs_super+0x10/0x10
[  116.969172][ T5834]  ? radix_tree_delete_item+0x2b6/0x400
[  116.969208][ T5834]  ? shrinker_free+0x2ce/0x3e0
[  116.969236][ T5834]  deactivate_locked_super+0xb9/0x130
[  116.969264][ T5834]  cleanup_mnt+0x425/0x4c0
[  116.969288][ T5834]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.969310][ T5834]  task_work_run+0x1d4/0x260
[  116.969339][ T5834]  ? __pfx_task_work_run+0x10/0x10
[  116.969357][ T5834]  ? __x64_sys_umount+0x122/0x160
[  116.969382][ T5834]  ? exit_to_user_mode_loop+0x40/0x110
[  116.969412][ T5834]  exit_to_user_mode_loop+0xec/0x110
[  116.969438][ T5834]  do_syscall_64+0x2bd/0x3b0
[  116.969452][ T5834]  ? lockdep_hardirqs_on+0x9c/0x150
[  116.969468][ T5834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.969482][ T5834]  ? clear_bhb_loop+0x60/0xb0
[  116.969509][ T5834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.969525][ T5834] RIP: 0033:0x7f8ac778fc97
[  116.969543][ T5834] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  116.969558][ T5834] RSP: 002b:00007ffcce7e8638 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  116.969578][ T5834] RAX: 0000000000000000 RBX: 00007f8ac781089d RCX: 00007f8ac778fc97
[  116.969590][ T5834] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcce7e86f0
[  116.969599][ T5834] RBP: 00007ffcce7e86f0 R08: 0000000000000000 R09: 0000000000000000
[  116.969609][ T5834] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcce7e9780
[  116.969619][ T5834] R13: 00007f8ac781089d R14: 000000000001c867 R15: 00007ffcce7e97c0
[  116.969656][ T5834]  </TASK>
[  116.970873][ T5834] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  117.059119][ T6193] loop3: detected capacity change from 0 to 1024
[  117.090692][ T5848] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz-executor: iget: bad i_size value: 576460752303423498
[  117.139229][ T6193] EXT4-fs: Ignoring removed oldalloc option
[  117.368114][ T5848] EXT4-fs error (device loop2): ext4_lookup:1787: inode #15: comm syz-executor: iget: bad i_size value: 576460752303423498
[  117.544889][ T6193] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  117.623179][ T6193] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.926648][ T5848] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.044888][ T6179] delete_channel: no stack
[  118.061783][   T24] usb 1-1: USB disconnect, device number 2
[  118.061801][    C0] ldusb 1-1:0.55: usb_submit_urb failed (-19)
[  118.105682][   T24] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  118.164242][   T30] audit: type=1804 audit(1747978493.391:6): pid=6186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.80" name="/newroot/17/file1/file1" dev="loop3" ino=15 res=1 errno=0
[  118.238459][ T5919] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.370835][ T5919] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.376357][ T6203] overlayfs: cleanup linked index (index/#99, ino=99, nlink=2)
[  118.511645][ T5919] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.612615][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.650311][ T5919] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.636008][ T5919] bridge_slave_1: left allmulticast mode
[  120.732005][ T5919] bridge_slave_1: left promiscuous mode
[  120.834175][ T5919] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.259080][ T5919] bridge_slave_0: left allmulticast mode
[  121.306687][ T5919] bridge_slave_0: left promiscuous mode
[  121.312518][ T5919] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.819524][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  122.847116][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  122.865846][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  122.904421][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  122.916188][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  123.860988][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  124.447209][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  124.467662][    T9] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  124.494917][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  124.521731][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  124.532831][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.543334][    T9] usb 1-1: Product: syz
[  124.547822][    T9] usb 1-1: Manufacturer: syz
[  124.568512][    T9] usb 1-1: SerialNumber: syz
[  124.806601][    T9] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  125.035026][ T5842] Bluetooth: hci4: command tx timeout
[  125.139245][   T24] usb 1-1: USB disconnect, device number 3
[  125.996594][ T6251] usblp0:failed reading printer status (-71)
[  126.293533][ T5919] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  126.345153][ T5919] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  126.371017][ T5919] bond0 (unregistering): Released all slaves
[  126.414730][   T24] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  126.575170][   T24] usb 1-1: Using ep0 maxpacket: 16
[  126.636304][ T6268] usblp0: removed
[  126.657080][   T24] usb 1-1: device descriptor read/all, error -71
[  126.777300][ T6275] loop0: detected capacity change from 0 to 512
[  126.907083][ T6275] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  126.944945][ T6275] ext4 filesystem being mounted at /24/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.115199][ T5842] Bluetooth: hci4: command tx timeout
[  127.201797][ T6291] syz.0.105 uses obsolete (PF_INET,SOCK_PACKET)
[  127.635125][ T6301] kvm: pic: level sensitive irq not supported
[  127.635349][ T6301] kvm: pic: non byte read
[  127.670627][ T6301] kvm: pic: non byte read
[  127.690107][ T6301] kvm: pic: non byte read
[  127.724094][ T6301] kvm: pic: non byte read
[  127.870024][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  127.910908][ T5919] hsr_slave_0: left promiscuous mode
[  127.975563][ T5919] hsr_slave_1: left promiscuous mode
[  128.008493][ T5919] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.057143][ T5919] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.118542][ T5919] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.155860][ T5919] batman_adv: batadv0: Removing interface: batadv_slave_1
[  129.079108][ T6322] Zero length message leads to an empty skb
[  129.197520][ T5842] Bluetooth: hci4: command tx timeout
[  129.682791][ T5919] veth1_macvtap: left promiscuous mode
[  129.689240][ T5919] veth0_macvtap: left promiscuous mode
[  129.704950][ T5919] veth1_vlan: left promiscuous mode
[  129.765628][ T5919] veth0_vlan: left promiscuous mode
[  129.790884][ T5880] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  130.094713][ T5880] usb 4-1: Using ep0 maxpacket: 16
[  130.127701][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  130.304106][ T5880] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  130.525180][ T5880] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.906984][ T5880] usb 4-1: config 0 descriptor??
[  131.285355][ T5842] Bluetooth: hci4: command tx timeout
[  131.730261][ T6322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.535205][ T6322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.679059][ T6342] loop1: detected capacity change from 0 to 128
[  132.744989][ T6342] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  132.773259][ T6322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  132.801085][ T6342] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  132.817063][ T6322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  132.891380][ T5880] hid (null): bogus close delimiter
[  132.909035][ T5880] hid (null): unknown global tag 0xa5
[  132.927280][ T5880] hid (null): unknown global tag 0xd
[  132.939976][ T5880] hid (null): unknown global tag 0xc
[  133.055267][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  133.076037][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  133.562943][ T5880] hid-generic 0003:0158:0100.0003: unknown main item tag 0x1
[  133.603940][ T5880] hid-generic 0003:0158:0100.0003: unexpected long global item
[  133.642053][ T5880] hid-generic 0003:0158:0100.0003: probe with driver hid-generic failed with error -22
[  133.724095][ T5834] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.755608][ T5880] usb 4-1: USB disconnect, device number 3
[  135.147164][ T6366] loop3: detected capacity change from 0 to 32768
[  135.165527][ T6366] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.126 (6366)
[  135.190001][ T6366] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  135.200717][ T6366] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  135.209745][ T6366] BTRFS info (device loop3): disk space caching is enabled
[  135.217157][ T6366] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  135.490404][ T6366] BTRFS info (device loop3): rebuilding free space tree
[  135.543906][ T6366] BTRFS info (device loop3): disabling free space tree
[  135.552576][ T6366] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  135.563470][ T6366] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  135.667605][ T5919] team0 (unregistering): Port device team_slave_1 removed
[  135.975675][ T6388] netlink: 24 bytes leftover after parsing attributes in process `syz.1.128'.
[  136.193833][ T6225] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  136.498906][ T5919] team0 (unregistering): Port device team_slave_0 removed
[  136.730945][ T5835] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  136.969187][ T6394] evm: overlay not supported
[  137.016394][ T6394] overlayfs: failed to get inode (-116)
[  137.022872][ T6394] overlayfs: failed to get inode (-116)
[  137.055278][ T6394] overlayfs: failed to get inode (-116)
[  137.061045][ T6394] overlayfs: failed to get inode (-116)
[  138.342969][ T6406] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  140.221172][ T6428] hub 6-0:1.0: USB hub found
[  140.226439][ T6428] hub 6-0:1.0: 1 port detected
[  140.260520][ T6428] loop4: detected capacity change from 0 to 1024
[  140.545500][ T6428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.700595][ T6428] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  141.348998][ T6242] chnl_net:caif_netlink_parms(): no params data found
[  141.449293][ T6444] loop3: detected capacity change from 0 to 256
[  141.564973][ T5887] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  141.734761][ T5887] usb 5-1: Using ep0 maxpacket: 16
[  141.771898][ T5887] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  141.862137][ T5887] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  141.881924][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.900622][ T5887] usb 5-1: Product: syz
[  141.961765][ T6452] QAT: Invalid ioctl 1075883590
[  141.967526][ T6452] QAT: Invalid ioctl 1075883590
[  141.972790][ T6452] QAT: Invalid ioctl 1075883590
[  141.978434][ T6452] QAT: Invalid ioctl 1075883590
[  141.984172][ T6452] QAT: Invalid ioctl 1075883590
[  141.989709][ T6452] QAT: Invalid ioctl 1075883590
[  141.995350][ T6452] QAT: Invalid ioctl 1075883590
[  142.000835][ T6452] QAT: Invalid ioctl 1075883590
[  142.006906][ T6452] QAT: Invalid ioctl 1075883590
[  142.012262][ T6452] QAT: Invalid ioctl 1075883590
[  142.614899][ T5887] usb 5-1: Manufacturer: syz
[  142.619759][ T5887] usb 5-1: SerialNumber: syz
[  142.639662][ T5887] usb 5-1: config 0 descriptor??
[  142.653065][ T5887] usb 5-1: selecting invalid altsetting 1
[  142.679609][ T5887] usb 5-1: Can not set alternate setting to 1, error: -22
[  142.708478][ T5887] synaptics_usb 5-1:0.0: probe with driver synaptics_usb failed with error -22
[  143.137296][ T6428] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  143.860461][ T5880] usb 5-1: USB disconnect, device number 3
[  144.354347][ T6242] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.325717][ T6242] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.411451][ T6242] bridge_slave_0: entered allmulticast mode
[  145.509844][ T6242] bridge_slave_0: entered promiscuous mode
[  145.572606][ T6242] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.600026][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.628721][ T6242] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.675807][ T6242] bridge_slave_1: entered allmulticast mode
[  145.684475][ T6242] bridge_slave_1: entered promiscuous mode
[  148.619575][ T6242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.642946][ T6242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  148.999134][ T6530] loop0: detected capacity change from 0 to 256
[  149.029688][ T6242] team0: Port device team_slave_0 added
[  149.068361][ T6242] team0: Port device team_slave_1 added
[  149.105861][ T6530] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  149.407680][ T6524] syzkaller0: entered promiscuous mode
[  149.413586][ T6524] syzkaller0: entered allmulticast mode
[  151.394527][ T6544] binder_alloc: 6543: binder_alloc_buf, no vma
[  153.447969][ T6556] loop0: detected capacity change from 0 to 512
[  153.549355][ T6556] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  153.628865][ T6556] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.738481][ T6556] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370
[  153.821197][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  154.673470][ T6561] loop3: detected capacity change from 0 to 32768
[  154.752699][ T6561] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.167 (6561)
[  154.957046][ T6561] BTRFS info (device loop3): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  155.045157][ T6561] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  155.099874][ T6561] BTRFS info (device loop3): using free-space-tree
[  155.808852][   T30] audit: type=1800 audit(1747978531.051:7): pid=6561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.167" name="bus" dev="loop3" ino=263 res=0 errno=0
[  156.128302][ T5835] BTRFS info (device loop3): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  156.585627][ T6593] loop0: detected capacity change from 0 to 64
[  158.469003][ T6606] loop0: detected capacity change from 0 to 2048
[  158.591002][ T6606]  loop0: p1 < > p4
[  158.609188][ T6606] loop0: p4 size 8388608 extends beyond EOD, truncated
[  159.110996][ T6002] udevd[6002]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  159.137237][ T6131] udevd[6131]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  159.972278][ T6002] udevd[6002]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  159.989045][ T6131] udevd[6131]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  160.123803][ T6539] lo speed is unknown, defaulting to 1000
[  160.129270][ T6242] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.295757][ T6242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.503902][ T6618] kvm: pic: single mode not supported
[  160.504025][ T6618] kvm: pic: level sensitive irq not supported
[  160.603380][ T6242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.866064][ T6539] lo speed is unknown, defaulting to 1000
[  160.878144][ T6539] lo speed is unknown, defaulting to 1000
[  160.894177][ T6539] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  160.912723][ T6539] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  160.981751][ T6539] lo speed is unknown, defaulting to 1000
[  160.993587][ T6539] lo speed is unknown, defaulting to 1000
[  161.001719][ T6539] lo speed is unknown, defaulting to 1000
[  161.012744][ T6539] lo speed is unknown, defaulting to 1000
[  161.043120][ T6618] kvm: pic: single mode not supported
[  161.043145][ T6618] kvm: pic: level sensitive irq not supported
[  161.053520][ T6242] batman_adv: batadv0: Adding interface: batadv_slave_1
[  161.071983][ T6242] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  161.107677][ T6618] kvm: pic: single mode not supported
[  161.107702][ T6618] kvm: pic: level sensitive irq not supported
[  161.113923][ T6618] kvm: pic: single mode not supported
[  161.122305][   T30] audit: type=1326 audit(1747978536.351:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.136787][ T6242] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  161.185450][ T6539] lo speed is unknown, defaulting to 1000
[  161.210942][   T30] audit: type=1326 audit(1747978536.351:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.262357][   T30] audit: type=1326 audit(1747978536.401:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.285477][ T6629] syz_tun: entered allmulticast mode
[  161.310916][ T6625] syz_tun: left allmulticast mode
[  161.344779][   T30] audit: type=1326 audit(1747978536.401:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.378902][   T30] audit: type=1326 audit(1747978536.401:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.467845][   T30] audit: type=1326 audit(1747978536.401:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.494860][ T6632] loop4: detected capacity change from 0 to 4096
[  161.521346][ T6632] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  161.593375][   T30] audit: type=1326 audit(1747978536.401:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.643956][   T30] audit: type=1326 audit(1747978536.401:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.732872][   T30] audit: type=1326 audit(1747978536.401:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.779032][   T30] audit: type=1326 audit(1747978536.401:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6627 comm="syz.3.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1fe78e969 code=0x7ffc0000
[  161.829893][ T6242] hsr_slave_0: entered promiscuous mode
[  161.866531][ T6242] hsr_slave_1: entered promiscuous mode
[  161.882566][ T6242] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  161.919198][ T6242] Cannot create hsr debugfs directory
[  161.931711][ T6637] loop1: detected capacity change from 0 to 512
[  162.899911][ T6637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.975606][ T6637] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  163.542870][ T6650] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.186: Failed to acquire dquot type 0
[  164.276630][ T5834] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.645305][ T6664] loop1: detected capacity change from 0 to 2048
[  165.374954][ T6664] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  165.404080][ T6664] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  165.443519][ T6664] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  166.703990][ T6242] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  167.627919][ T6242] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  167.786333][ T6242] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  167.885846][ T6242] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  169.293193][ T6702] loop3: detected capacity change from 0 to 512
[  169.341092][ T6702] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  169.425022][ T6702] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  169.750609][ T6242] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.891630][ T6242] 8021q: adding VLAN 0 to HW filter on device team0
[  170.926615][ T4527] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.935071][ T4527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  171.004451][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  171.011842][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.826237][ T6242] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  173.837066][ T6242] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  175.923006][ T6242] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.178440][ T6769] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  177.278691][ T6769] syzkaller0: entered promiscuous mode
[  177.302494][ T6769] syzkaller0: entered allmulticast mode
[  178.237267][ T6778] loop1: detected capacity change from 0 to 2048
[  178.330152][ T6778] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  178.477398][ T6778] syz.1.214: attempt to access beyond end of device
[  178.477398][ T6778] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  178.507682][ T6781] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  180.745297][ T6800] loop4: detected capacity change from 0 to 2048
[  180.888129][ T6801] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  181.666850][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  181.680746][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  181.699624][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  181.707782][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  181.715671][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  181.845179][ T6801] NILFS (loop4): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3)
[  181.862329][ T6801] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=2)
[  181.924973][ T6801] Remounting filesystem read-only
[  181.941772][ T5832] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  182.235271][ T6811] loop4: detected capacity change from 0 to 256
[  183.260771][ T6815] loop4: detected capacity change from 0 to 16
[  183.304047][ T6815] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  183.764255][   T51] Bluetooth: hci5: command tx timeout
[  185.837991][   T51] Bluetooth: hci5: command tx timeout
[  187.387874][ T6841] loop0: detected capacity change from 0 to 1024
[  187.617222][ T6841] hfsplus: xattr searching failed
[  187.647613][ T6841] hfsplus: xattr searching failed
[  187.713050][ T6841] hfsplus: xattr searching failed
[  187.915151][   T51] Bluetooth: hci5: command tx timeout
[  188.936674][ T3474] hfsplus: b-tree write err: -5, ino 3
[  190.024643][   T51] Bluetooth: hci5: command tx timeout
[  190.925903][ T6807] lo speed is unknown, defaulting to 1000
[  192.546685][ T6883] loop4: detected capacity change from 0 to 40427
[  192.577256][ T6883] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  192.586260][ T6883] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  192.642660][ T6883] F2FS-fs (loop4): invalid crc value
[  192.695365][ T6883] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  192.703016][ T6883] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  194.491928][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  194.499773][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  195.025579][ T6901] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  195.380827][ T6904] loop3: detected capacity change from 0 to 40427
[  195.395513][ T6904] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  195.403718][ T6904] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  195.412597][ T6904] F2FS-fs (loop3): build fault injection rate: 17008
[  195.419974][ T6904] F2FS-fs (loop3): build fault injection type: 0x1f8
[  195.446912][ T6904] F2FS-fs (loop3): invalid crc value
[  195.565182][ T6904] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  195.572320][ T6904] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  196.296829][ T5835] syz-executor: attempt to access beyond end of device
[  196.296829][ T5835] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  196.353633][ T5835] CPU: 0 UID: 0 PID: 5835 Comm: syz-executor Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) 
[  196.353662][ T5835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.353672][ T5835] Call Trace:
[  196.353680][ T5835]  <TASK>
[  196.353688][ T5835]  dump_stack_lvl+0x189/0x250
[  196.353716][ T5835]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.353734][ T5835]  ? __pfx_queue_work_on+0x10/0x10
[  196.353751][ T5835]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  196.353777][ T5835]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  196.353817][ T5835]  f2fs_handle_critical_error+0x37c/0x540
[  196.353849][ T5835]  f2fs_write_end_io+0x5b8/0x7e0
[  196.353874][ T5835]  ? __submit_merged_bio+0x251/0x6a0
[  196.353912][ T5835]  __submit_merged_bio+0x27a/0x6a0
[  196.353942][ T5835]  __submit_merged_write_cond+0x255/0x530
[  196.353981][ T5835]  f2fs_write_data_pages+0x261d/0x3000
[  196.354043][ T5835]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  196.354082][ T5835]  ? do_raw_spin_unlock+0x122/0x240
[  196.354135][ T5835]  ? __mod_zone_page_state+0xd7/0x140
[  196.354165][ T5835]  ? folios_put_refs+0x560/0x640
[  196.354201][ T5835]  ? __pfx_folios_put_refs+0x10/0x10
[  196.354221][ T5835]  ? rcu_is_watching+0x15/0xb0
[  196.354249][ T5835]  ? __lock_acquire+0xab9/0xd20
[  196.354293][ T5835]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  196.354319][ T5835]  do_writepages+0x32e/0x550
[  196.354360][ T5835]  ? do_raw_spin_unlock+0x122/0x240
[  196.354386][ T5835]  filemap_fdatawrite+0x191/0x230
[  196.354405][ T5835]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  196.354478][ T5835]  ? do_raw_spin_unlock+0x122/0x240
[  196.354505][ T5835]  f2fs_sync_dirty_inodes+0x31f/0x830
[  196.354552][ T5835]  f2fs_write_checkpoint+0x94a/0x1de0
[  196.354603][ T5835]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  196.354684][ T5835]  ? kill_f2fs_super+0x298/0x6c0
[  196.354717][ T5835]  kill_f2fs_super+0x2c3/0x6c0
[  196.354750][ T5835]  ? __pfx_kill_f2fs_super+0x10/0x10
[  196.354773][ T5835]  ? radix_tree_delete_item+0x2b6/0x400
[  196.354808][ T5835]  ? shrinker_free+0x2ce/0x3e0
[  196.354835][ T5835]  deactivate_locked_super+0xb9/0x130
[  196.354863][ T5835]  cleanup_mnt+0x425/0x4c0
[  196.354889][ T5835]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.354910][ T5835]  task_work_run+0x1d4/0x260
[  196.354936][ T5835]  ? __pfx_task_work_run+0x10/0x10
[  196.354956][ T5835]  ? __x64_sys_umount+0x122/0x160
[  196.354989][ T5835]  ? exit_to_user_mode_loop+0x40/0x110
[  196.355018][ T5835]  exit_to_user_mode_loop+0xec/0x110
[  196.355044][ T5835]  do_syscall_64+0x2bd/0x3b0
[  196.355061][ T5835]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.355077][ T5835]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.355095][ T5835]  ? clear_bhb_loop+0x60/0xb0
[  196.355118][ T5835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.355135][ T5835] RIP: 0033:0x7fe1fe78fc97
[  196.355152][ T5835] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  196.355166][ T5835] RSP: 002b:00007ffc80889bf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  196.355187][ T5835] RAX: 0000000000000000 RBX: 00007fe1fe81089d RCX: 00007fe1fe78fc97
[  196.355199][ T5835] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc80889cb0
[  196.355210][ T5835] RBP: 00007ffc80889cb0 R08: 0000000000000000 R09: 0000000000000000
[  196.355220][ T5835] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc8088ad40
[  196.355232][ T5835] R13: 00007fe1fe81089d R14: 000000000002fd3f R15: 00007ffc8088ad80
[  196.355265][ T5835]  </TASK>
[  196.854627][ T5835] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  197.123306][ T6807] chnl_net:caif_netlink_parms(): no params data found
[  199.270402][ T6807] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.471195][ T6807] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.644978][ T6807] bridge_slave_0: entered allmulticast mode
[  199.664954][ T6807] bridge_slave_0: entered promiscuous mode
[  199.769649][ T6807] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.794973][ T6807] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.834792][ T5842] Bluetooth: hci5: command 0x0405 tx timeout
[  199.855368][ T6807] bridge_slave_1: entered allmulticast mode
[  199.863591][ T6807] bridge_slave_1: entered promiscuous mode
[  199.875309][ T6949] loop3: detected capacity change from 0 to 1024
[  200.061358][ T6949] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.081732][ T6807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.098593][ T6807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.275419][ T5835] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.295564][ T6807] team0: Port device team_slave_0 added
[  201.851048][ T6807] team0: Port device team_slave_1 added
[  201.990745][   T13] bridge_slave_1: left allmulticast mode
[  202.014813][   T13] bridge_slave_1: left promiscuous mode
[  202.030277][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.066031][   T13] bridge_slave_0: left allmulticast mode
[  202.072088][   T13] bridge_slave_0: left promiscuous mode
[  202.082975][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.191692][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  205.214238][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  205.232427][   T13] bond0 (unregistering): Released all slaves
[  205.290663][ T6807] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.298989][ T6807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.326483][ T6807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.105614][ T6807] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.112633][ T6807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.355967][ T6807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.418636][ T7010] netlink: 173 bytes leftover after parsing attributes in process `syz.4.268'.
[  207.664423][   T13] hsr_slave_0: left promiscuous mode
[  207.739625][   T13] hsr_slave_1: left promiscuous mode
[  207.822816][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  207.919032][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.189566][ T7028] overlayfs: failed to resolve './file0': -2
[  210.275219][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  210.287123][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  210.310415][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  210.327345][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  210.336420][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  210.432083][   T13] team0 (unregistering): Port device team_slave_1 removed
[  210.654244][   T13] team0 (unregistering): Port device team_slave_0 removed
[  211.958018][ T5154] Bluetooth: hci3: command 0x0406 tx timeout
[  211.964199][ T5154] Bluetooth: hci1: command 0x0406 tx timeout
[  211.970586][ T5154] Bluetooth: hci0: command 0x0406 tx timeout
[  212.170547][ T7042] loop0: detected capacity change from 0 to 32768
[  212.187679][ T7042] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.278 (7042)
[  212.216642][ T7042] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.227057][ T7042] BTRFS info (device loop0): using sha256 (sha256-x86_64) checksum algorithm
[  212.236277][ T7042] BTRFS info (device loop0): disk space caching is enabled
[  212.243517][ T7042] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  212.414800][ T5842] Bluetooth: hci2: command tx timeout
[  212.705437][ T7063] Cannot find del_set index 4 as target
[  212.941679][ T7042] BTRFS info (device loop0): rebuilding free space tree
[  213.063147][ T7042] BTRFS info (device loop0): disabling free space tree
[  213.070711][ T7042] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  213.080603][ T7042] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  213.491867][ T4527] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  214.296142][ T5845] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  214.474852][ T5842] Bluetooth: hci2: command tx timeout
[  216.574722][ T5842] Bluetooth: hci2: command tx timeout
[  216.991173][ T7077] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.879706][ T6807] hsr_slave_0: entered promiscuous mode
[  217.957768][ T6807] hsr_slave_1: entered promiscuous mode
[  217.964219][ T6807] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  218.020786][ T6807] Cannot create hsr debugfs directory
[  218.138246][ T7106] loop0: detected capacity change from 0 to 256
[  218.174155][ T7032] lo speed is unknown, defaulting to 1000
[  218.175541][ T7106] exfat: Deprecated parameter 'utf8'
[  218.246609][ T7106] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  218.796463][ T5842] Bluetooth: hci2: command tx timeout
[  219.823928][ T7127] netlink: 24 bytes leftover after parsing attributes in process `syz.0.292'.
[  220.627253][ T7124] ceph: No mds server is up or the cluster is laggy
[  220.967050][ T7141] tipc: Started in network mode
[  220.984669][ T7141] tipc: Node identity 4, cluster identity 4711
[  221.004831][ T7141] tipc: Node number set to 4
[  222.375262][ T7162] atomic_op ffff88803153a198 conn xmit_atomic 0000000000000000
[  223.140850][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  223.215609][ T7171] loop4: detected capacity change from 0 to 64
[  223.690330][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.020406][ T7177] overlayfs: failed to clone upperpath
[  224.598419][ T7032] chnl_net:caif_netlink_parms(): no params data found
[  224.828725][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.886870][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.145968][ T7032] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.900147][ T7032] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.907944][ T7032] bridge_slave_0: entered allmulticast mode
[  226.916474][ T7032] bridge_slave_0: entered promiscuous mode
[  226.927690][ T7032] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.996588][ T7032] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.003970][ T7032] bridge_slave_1: entered allmulticast mode
[  227.952006][ T7032] bridge_slave_1: entered promiscuous mode
[  229.381472][ T7032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  229.475236][ T5907] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  229.528571][ T7032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  229.788491][ T5907] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 52, changing to 4
[  229.941281][ T5907] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 13368, setting to 1023
[  230.205106][ T5907] usb 1-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice= 3.eb
[  230.308403][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.346124][ T5907] usb 1-1: Product: syz
[  230.353664][ T5907] usb 1-1: Manufacturer: syz
[  230.581316][ T5907] usb 1-1: SerialNumber: syz
[  230.605571][ T5907] usb 1-1: config 0 descriptor??
[  230.962614][ T6807] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  231.140489][ T7215] netlink: 'syz.0.311': attribute type 72 has an invalid length.
[  231.210776][ T7215] netlink: 24 bytes leftover after parsing attributes in process `syz.0.311'.
[  231.380030][ T5907] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input8
[  231.433618][ T6807] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  231.678951][ T5887] usb 1-1: USB disconnect, device number 6
[  231.716677][ T7032] team0: Port device team_slave_0 added
[  231.724962][ T6807] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  231.756439][ T6807] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  232.610770][ T7252] loop4: detected capacity change from 0 to 1024
[  232.684136][ T7032] team0: Port device team_slave_1 added
[  232.798583][ T7254] netlink: 4 bytes leftover after parsing attributes in process `syz.1.319'.
[  232.814033][   T13] bridge_slave_1: left allmulticast mode
[  232.830724][   T13] bridge_slave_1: left promiscuous mode
[  232.854916][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.974393][   T13] bridge_slave_0: left allmulticast mode
[  232.993791][   T13] bridge_slave_0: left promiscuous mode
[  233.029227][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  233.840519][ T7263] loop4: detected capacity change from 0 to 1024
[  233.869913][ T7263] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  233.890198][ T7263] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  233.909223][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  233.909242][   T30] audit: type=1800 audit(1747978609.151:34): pid=7265 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.322" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  233.915343][ T7263] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  234.011429][ T7263] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: inode #5: comm syz.4.321: unexpected bad inode w/o EXT4_IGET_BAD
[  234.032216][ T7263] EXT4-fs (loop4): no journal found
[  234.038775][ T7263] EXT4-fs (loop4): can't get journal size
[  234.070141][ T7263] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  234.441530][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.502113][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  234.528572][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  234.551141][   T13] bond0 (unregistering): Released all slaves
[  235.791714][ T7280] loop4: detected capacity change from 0 to 1024
[  236.514367][ T7032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  236.581380][ T7032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.713805][ T7032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.068381][ T7032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.076297][ T7032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.207786][ T7032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.132663][ T5907] lo speed is unknown, defaulting to 1000
[  238.313149][ T7032] hsr_slave_0: entered promiscuous mode
[  238.345408][ T7032] hsr_slave_1: entered promiscuous mode
[  238.355817][ T7032] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.374595][ T7032] Cannot create hsr debugfs directory
[  238.554466][   T13] hsr_slave_0: left promiscuous mode
[  238.604133][   T13] hsr_slave_1: left promiscuous mode
[  238.640477][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.758769][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  239.409717][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  239.466246][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  239.613555][   T13] veth1_macvtap: left promiscuous mode
[  239.674973][   T13] veth0_macvtap: left promiscuous mode
[  239.705397][   T13] veth1_vlan: left promiscuous mode
[  239.732989][   T13] veth0_vlan: left promiscuous mode
[  241.667059][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  241.680679][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  241.690184][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  241.699933][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  241.710120][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  243.066739][   T13] team0 (unregistering): Port device team_slave_1 removed
[  243.188194][   T13] team0 (unregistering): Port device team_slave_0 removed
[  243.754891][ T5846] Bluetooth: hci4: command tx timeout
[  244.897659][ T7345] loop4: detected capacity change from 0 to 764
[  244.988741][ T7345] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  245.038877][ T7327] veth1_macvtap: left promiscuous mode
[  245.044615][ T7327] macsec0: entered allmulticast mode
[  245.223832][ T7345] Symlink component flag not implemented
[  245.230173][ T7345] Symlink component flag not implemented
[  245.236985][ T7345] Symlink component flag not implemented (128)
[  245.243453][ T7345] Symlink component flag not implemented (122)
[  245.874672][ T5846] Bluetooth: hci4: command tx timeout
[  246.500637][ T7333] lo speed is unknown, defaulting to 1000
[  248.204626][ T5846] Bluetooth: hci4: command tx timeout
[  248.334432][ T7032] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  248.472039][ T7032] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  248.855254][ T7032] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  249.132446][ T7032] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  250.236854][ T5846] Bluetooth: hci4: command tx timeout
[  252.991388][ T7333] chnl_net:caif_netlink_parms(): no params data found
[  254.538115][ T7032] 8021q: adding VLAN 0 to HW filter on device bond0
[  255.851230][   T13] bridge_slave_1: left allmulticast mode
[  255.864657][   T13] bridge_slave_1: left promiscuous mode
[  255.870511][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.644896][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  256.651442][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  257.686283][   T13] bridge_slave_0: left allmulticast mode
[  257.728920][   T13] bridge_slave_0: left promiscuous mode
[  257.742425][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.570157][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  258.616257][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  258.645887][   T13] bond0 (unregistering): Released all slaves
[  259.921797][ T7468] Bluetooth: MGMT ver 1.23
[  260.430965][   T13] hsr_slave_0: left promiscuous mode
[  260.459471][   T13] hsr_slave_1: left promiscuous mode
[  260.475325][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  260.509846][ T7446] syz.0.358 (7446) used greatest stack depth: 20088 bytes left
[  260.527676][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  261.528974][ T7479] Falling back ldisc for ttyS3.
[  263.812666][   T13] team0 (unregistering): Port device team_slave_1 removed
[  264.078423][   T13] team0 (unregistering): Port device team_slave_0 removed
[  265.788663][ T7333] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.813121][ T7333] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.831489][ T7333] bridge_slave_0: entered allmulticast mode
[  265.877692][ T7333] bridge_slave_0: entered promiscuous mode
[  265.943057][ T7333] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.976546][ T7333] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.035717][ T7333] bridge_slave_1: entered allmulticast mode
[  266.083941][ T7333] bridge_slave_1: entered promiscuous mode
[  266.395532][ T7032] 8021q: adding VLAN 0 to HW filter on device team0
[  266.485827][ T7333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.555755][ T7333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  266.766930][ T7333] team0: Port device team_slave_0 added
[  266.889434][ T4527] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.896906][ T4527] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.909894][ T7333] team0: Port device team_slave_1 added
[  267.927001][ T4527] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.934344][ T4527] bridge0: port 2(bridge_slave_1) entered forwarding state
[  268.150536][ T7333] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.994581][ T7333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.063783][ T7333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.137027][ T7333] batman_adv: batadv0: Adding interface: batadv_slave_1
[  269.144036][ T7333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  269.314061][ T7333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  270.700962][ T7333] hsr_slave_0: entered promiscuous mode
[  270.737823][ T7333] hsr_slave_1: entered promiscuous mode
[  270.776765][ T7333] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  270.804596][ T7333] Cannot create hsr debugfs directory
[  270.818249][ T7547] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  270.948674][ T7547] kvm: pic: non byte read
[  270.992504][ T7547] kvm: pic: level sensitive irq not supported
[  270.992628][ T7547] kvm: pic: non byte read
[  271.357955][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  271.384885][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  271.396449][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  271.507023][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  271.523431][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  273.734358][ T5842] Bluetooth: hci2: command tx timeout
[  276.004915][ T5842] Bluetooth: hci2: command tx timeout
[  276.425624][ T7589] loop6: detected capacity change from 0 to 16384
[  276.862962][ T7584] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  276.932502][ T7584] loop0: detected capacity change from 0 to 16
[  276.939839][ T7584] erofs: Unknown parameter 'fsmagic'
[  277.115129][ T5907] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  277.524585][ T5907] usb 5-1: Using ep0 maxpacket: 16
[  277.532179][ T5907] usb 5-1: config 0 has no interfaces?
[  278.229326][ T5842] Bluetooth: hci2: command tx timeout
[  278.261457][ T5907] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  278.271801][ T5907] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.280828][ T5907] usb 5-1: Product: syz
[  278.621731][ T5907] usb 5-1: Manufacturer: syz
[  278.630909][ T5907] usb 5-1: SerialNumber: syz
[  278.639459][ T5907] usb 5-1: config 0 descriptor??
[  278.875212][ T7556] lo speed is unknown, defaulting to 1000
[  278.966821][ T5880] usb 5-1: USB disconnect, device number 4
[  280.390523][ T5842] Bluetooth: hci2: command tx timeout
[  280.874036][ T7617] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  281.808306][    C1] vcan0: j1939_tp_rxtimer: 0xffff888032bfd800: rx timeout, send abort
[  281.819374][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060883800: rx timeout, send abort
[  281.834614][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888032bfd800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  281.849720][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888060883800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  284.472213][ T4527] bridge_slave_1: left allmulticast mode
[  285.219899][ T4527] bridge_slave_1: left promiscuous mode
[  285.235006][ T4527] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.260677][ T4527] bridge_slave_0: left allmulticast mode
[  285.363022][ T4527] bridge_slave_0: left promiscuous mode
[  286.276458][ T4527] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.973223][ T7663] loop4: detected capacity change from 0 to 4096
[  293.853261][ T4527] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  293.972109][ T4527] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  293.998572][ T4527] bond0 (unregistering): Released all slaves
[  294.036742][ T7556] chnl_net:caif_netlink_parms(): no params data found
[  294.284691][ T4527] hsr_slave_0: left promiscuous mode
[  294.302871][ T4527] hsr_slave_1: left promiscuous mode
[  294.328142][ T4527] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.370704][ T4527] batman_adv: batadv0: Removing interface: batadv_slave_1
[  295.241785][ T7728] delete_channel: no stack
[  298.032799][ T7749] kvm: kvm [7748]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x2fe
[  298.059169][ T7749] kvm: kvm [7748]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0xaff
[  299.056796][ T4527] team0 (unregistering): Port device team_slave_1 removed
[  299.130472][ T4527] team0 (unregistering): Port device team_slave_0 removed
[  303.047675][ T7808] netlink: 'syz.0.428': attribute type 10 has an invalid length.
[  303.497327][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  303.538991][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  303.649984][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  303.683698][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  303.779337][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  304.203599][ T7815] loop4: detected capacity change from 0 to 2048
[  304.270381][ T7808] team0: Device hsr_slave_0 failed to register rx_handler
[  304.310140][ T7815] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  305.276806][ T7822] usb usb8: usbfs: process 7822 (syz.0.432) did not claim interface 0 before use
[  305.505579][ T7556] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.538824][ T7556] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.565221][ T7556] bridge_slave_0: entered allmulticast mode
[  305.572572][ T7556] bridge_slave_0: entered promiscuous mode
[  306.030466][ T7556] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.039695][ T5846] Bluetooth: hci5: command tx timeout
[  306.283879][ T7556] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.404596][ T7556] bridge_slave_1: entered allmulticast mode
[  306.554227][ T7556] bridge_slave_1: entered promiscuous mode
[  306.924724][ T7807] lo speed is unknown, defaulting to 1000
[  308.104739][ T5846] Bluetooth: hci5: command tx timeout
[  310.089801][ T7556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  310.205610][ T5846] Bluetooth: hci5: command tx timeout
[  310.357534][ T7556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.980558][ T7556] team0: Port device team_slave_0 added
[  312.111247][ T7556] team0: Port device team_slave_1 added
[  312.294807][ T5846] Bluetooth: hci5: command tx timeout
[  312.311507][ T7864] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  312.490162][ T5846] Bluetooth: hci1: unexpected event for opcode 0x200a
[  313.048557][ T7556] batman_adv: batadv0: Adding interface: batadv_slave_0
[  313.072749][ T7556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  313.204597][ T7556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  313.291588][ T7876] loop0: detected capacity change from 0 to 128
[  314.559840][ T7556] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.635456][   T30] audit: type=1326 audit(1747978689.861:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7877 comm="syz.4.447" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6b9eb8e969 code=0x0
[  314.691984][ T7556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.721535][ T7556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  317.815241][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  317.821890][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  317.870402][ T7907] netlink: 'syz.4.452': attribute type 1 has an invalid length.
[  317.879983][ T7907] netlink: 'syz.4.452': attribute type 4 has an invalid length.
[  317.888048][ T7907] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.452'.
[  318.079565][ T7907] netlink: 'syz.4.452': attribute type 1 has an invalid length.
[  318.087716][ T7907] netlink: 'syz.4.452': attribute type 4 has an invalid length.
[  318.095968][ T7907] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.452'.
[  318.382370][ T7556] hsr_slave_0: entered promiscuous mode
[  318.405267][ T7556] hsr_slave_1: entered promiscuous mode
[  318.415548][ T7556] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  318.424625][ T7556] Cannot create hsr debugfs directory
[  318.731213][ T7915] loop4: detected capacity change from 0 to 512
[  318.777140][ T7915] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.455: casefold flag without casefold feature
[  318.846487][ T7915] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.455: couldn't read orphan inode 15 (err -117)
[  318.861729][ T7904] overlayfs: failed to clone upperpath
[  318.903357][ T7915] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.913929][ T7807] chnl_net:caif_netlink_parms(): no params data found
[  320.553190][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.702825][ T7943] warning: `syz.1.459' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  324.086686][ T4527] bridge_slave_1: left allmulticast mode
[  324.092601][ T4527] bridge_slave_1: left promiscuous mode
[  324.136146][ T4527] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.856389][ T4527] bridge_slave_0: left allmulticast mode
[  325.904649][ T4527] bridge_slave_0: left promiscuous mode
[  325.910503][ T4527] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.949250][ T4527] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  330.010944][ T4527] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.104454][ T7991] netlink: 84 bytes leftover after parsing attributes in process `syz.0.470'.
[  330.128729][ T4527] bond0 (unregistering): Released all slaves
[  331.504909][ T5842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  332.026328][ T8001] loop0: detected capacity change from 0 to 8
[  332.474874][ T5842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  332.483702][ T5842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  332.496650][ T5842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  332.507551][ T5842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  333.515348][ T4527] hsr_slave_0: left promiscuous mode
[  333.529680][ T4527] hsr_slave_1: left promiscuous mode
[  333.976772][ T4527] batman_adv: batadv0: Removing interface: batadv_slave_0
[  334.054573][ T4527] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.425917][ T5842] Bluetooth: hci4: command tx timeout
[  337.444633][ T5842] Bluetooth: hci4: command tx timeout
[  338.031662][ T4527] team0 (unregistering): Port device team_slave_1 removed
[  338.167843][ T4527] team0 (unregistering): Port device team_slave_0 removed
[  339.604944][ T5842] Bluetooth: hci4: command tx timeout
[  341.674780][ T5842] Bluetooth: hci4: command tx timeout
[  342.612098][ T7807] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.623183][ T7807] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.633062][ T7807] bridge_slave_0: entered allmulticast mode
[  342.642055][ T7807] bridge_slave_0: entered promiscuous mode
[  342.659060][ T7807] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.666642][ T7807] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.673998][ T7807] bridge_slave_1: entered allmulticast mode
[  342.683279][ T7807] bridge_slave_1: entered promiscuous mode
[  342.953679][ T8050] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  342.966300][ T8050] usb usb1: Process 8050 (syz.4.484) called USBDEVFS_CLEAR_HALT for active endpoint 0x81
[  344.006168][ T8055] openvswitch: netlink: Message has 3 unknown bytes.
[  344.013081][ T8055] openvswitch: netlink: Actions may not be safe on all matching packets
[  346.345634][ T7807] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.479164][ T7807] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  346.494697][ T7998] lo speed is unknown, defaulting to 1000
[  347.444326][ T8069] Falling back ldisc for ttyS3.
[  347.623504][ T7807] team0: Port device team_slave_0 added
[  347.680348][ T7807] team0: Port device team_slave_1 added
[  348.560939][ T8100] netlink: 452 bytes leftover after parsing attributes in process `syz.1.493'.
[  348.806899][ T7807] batman_adv: batadv0: Adding interface: batadv_slave_0
[  348.827016][ T7807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.789056][ T7807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.457388][ T7807] batman_adv: batadv0: Adding interface: batadv_slave_1
[  350.468427][ T7807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.504979][ T7807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.273324][ T5887] IPVS: starting estimator thread 0...
[  351.434701][ T8125] IPVS: using max 28 ests per chain, 67200 per kthread
[  351.895781][ T7807] hsr_slave_0: entered promiscuous mode
[  351.916246][ T7807] hsr_slave_1: entered promiscuous mode
[  351.942276][ T7807] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  351.962790][ T7807] Cannot create hsr debugfs directory
[  354.611576][ T7998] chnl_net:caif_netlink_parms(): no params data found
[  355.117399][ T8135] capability: warning: `syz.4.502' uses 32-bit capabilities (legacy support in use)
[  356.675165][ T5919] bridge_slave_1: left allmulticast mode
[  356.692187][ T5919] bridge_slave_1: left promiscuous mode
[  356.732018][ T5919] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.775550][ T8139] loop4: detected capacity change from 0 to 40427
[  356.792819][ T8139] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  356.800721][ T8139] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  356.847765][ T8139] F2FS-fs (loop4): invalid crc value
[  356.962964][ T8139] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  356.970416][ T8139] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  357.022669][ T5919] bridge_slave_0: left allmulticast mode
[  357.736112][ T8154] syz.4.504: attempt to access beyond end of device
[  357.736112][ T8154] loop4: rw=2049, sector=77824, nr_sectors = 520 limit=40427
[  357.851147][ T5919] bridge_slave_0: left promiscuous mode
[  357.858429][ T5919] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.923639][ T5832] syz-executor: attempt to access beyond end of device
[  358.923639][ T5832] loop4: rw=2051, sector=77824, nr_sectors = 520 limit=40427
[  359.144253][ T5832] F2FS-fs (loop4): Issue discard(9728, 9728, 65) failed, ret: -5
[  359.609079][ T5919] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  359.785335][ T8162] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  359.854143][ T5919] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  359.904940][ T5919] bond0 (unregistering): Released all slaves
[  361.266979][ T7998] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.410758][ T7998] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.419397][ T7998] bridge_slave_0: entered allmulticast mode
[  361.432995][ T7998] bridge_slave_0: entered promiscuous mode
[  361.442244][ T7998] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.454794][ T7998] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.462917][ T7998] bridge_slave_1: entered allmulticast mode
[  361.517170][ T8175] loop9: detected capacity change from 0 to 6
[  361.552975][ T8175] Dev loop9: unable to read RDB block 6
[  361.559283][ T8175]  loop9: unable to read partition table
[  361.573466][ T8175] loop9: partition table beyond EOD, truncated
[  361.579940][ T8175] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dƤ����ݡ�����
[  361.579940][ T8175] 
) failed (rc=-5)
[  362.183022][ T7998] bridge_slave_1: entered promiscuous mode
[  362.404590][ T5919] hsr_slave_0: left promiscuous mode
[  362.439335][ T5919] hsr_slave_1: left promiscuous mode
[  362.459615][ T5919] batman_adv: batadv0: Removing interface: batadv_slave_0
[  362.580725][ T8188] loop4: detected capacity change from 0 to 4096
[  362.623088][ T8188] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  363.442562][ T5919] batman_adv: batadv0: Removing interface: batadv_slave_1
[  365.620080][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  365.631687][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  365.645647][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  365.658853][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  365.667937][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  365.818207][ T5919] team0 (unregistering): Port device team_slave_1 removed
[  366.633212][ T5919] team0 (unregistering): Port device team_slave_0 removed
[  366.929184][ T8204] veth0_vlan: entered allmulticast mode
[  366.947412][ T8205] veth0_vlan: left promiscuous mode
[  366.956516][ T8205] veth0_vlan: entered promiscuous mode
[  366.991985][ T8214] loop0: detected capacity change from 0 to 64
[  367.141539][ T7998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  367.221742][ T7998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.816824][ T5842] Bluetooth: hci2: command tx timeout
[  370.874603][ T5842] Bluetooth: hci2: command tx timeout
[  373.394187][ T5842] Bluetooth: hci2: command tx timeout
[  375.440208][ T5842] Bluetooth: hci2: command tx timeout
[  375.569447][ T8209] lo speed is unknown, defaulting to 1000
[  375.632623][ T7998] team0: Port device team_slave_0 added
[  376.471778][ T7998] team0: Port device team_slave_1 added
[  378.232363][ T8247] pim6reg: entered allmulticast mode
[  378.536295][ T7998] batman_adv: batadv0: Adding interface: batadv_slave_0
[  378.556582][ T7998] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  378.592831][ T7998] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.808001][ T8253] loop4: detected capacity change from 0 to 64
[  378.815281][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  378.821826][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  379.510006][ T7998] batman_adv: batadv0: Adding interface: batadv_slave_1
[  379.746282][ T7998] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  380.020539][ T7998] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  383.228055][ T8277] Falling back ldisc for ttyprintk.
[  383.267132][ T3474] bridge_slave_1: left allmulticast mode
[  383.280004][ T3474] bridge_slave_1: left promiscuous mode
[  383.287377][ T8281] netlink: 'syz.1.534': attribute type 6 has an invalid length.
[  383.299478][ T3474] bridge0: port 2(bridge_slave_1) entered disabled state
[  383.328508][ T3474] bridge_slave_0: left allmulticast mode
[  383.334392][ T3474] bridge_slave_0: left promiscuous mode
[  383.361202][ T3474] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.671756][ T3474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.713560][ T3474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.743153][ T3474] bond0 (unregistering): Released all slaves
[  383.780290][ T7998] hsr_slave_0: entered promiscuous mode
[  383.881204][ T7998] hsr_slave_1: entered promiscuous mode
[  384.023923][ T7998] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  384.103664][ T7998] Cannot create hsr debugfs directory
[  384.468659][ T3474] hsr_slave_0: left promiscuous mode
[  384.485471][ T3474] hsr_slave_1: left promiscuous mode
[  384.491605][ T3474] batman_adv: batadv0: Removing interface: batadv_slave_0
[  384.592265][ T3474] batman_adv: batadv0: Removing interface: batadv_slave_1
[  388.639097][ T3474] team0 (unregistering): Port device team_slave_1 removed
[  388.716447][ T3474] team0 (unregistering): Port device team_slave_0 removed
[  392.378620][ T5846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  392.389497][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  392.409726][ T5846] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  392.430420][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  392.439193][ T5846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  394.474633][ T5842] Bluetooth: hci5: command tx timeout
[  394.481692][ T8337] lo speed is unknown, defaulting to 1000
[  394.915695][ T8350] netlink: 332 bytes leftover after parsing attributes in process `syz.4.551'.
[  394.926166][ T8350] netlink: 'syz.4.551': attribute type 9 has an invalid length.
[  394.934269][ T8350] netlink: 152 bytes leftover after parsing attributes in process `syz.4.551'.
[  395.057034][ T8209] chnl_net:caif_netlink_parms(): no params data found
[  396.851288][ T5842] Bluetooth: hci5: command tx timeout
[  397.571645][ T8368] loop0: detected capacity change from 0 to 128
[  398.508280][ T8376] loop0: detected capacity change from 0 to 256
[  398.875866][ T5842] Bluetooth: hci5: command tx timeout
[  400.958418][ T5842] Bluetooth: hci5: command tx timeout
[  400.977246][ T8209] bridge0: port 1(bridge_slave_0) entered blocking state
[  400.992278][ T8209] bridge0: port 1(bridge_slave_0) entered disabled state
[  400.999756][ T8209] bridge_slave_0: entered allmulticast mode
[  401.045605][ T8209] bridge_slave_0: entered promiscuous mode
[  402.533077][ T8209] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.607230][ T8209] bridge0: port 2(bridge_slave_1) entered disabled state
[  402.639541][ T8209] bridge_slave_1: entered allmulticast mode
[  402.741242][ T8209] bridge_slave_1: entered promiscuous mode
[  405.899941][ T8417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.013980][ T3474] bridge_slave_1: left allmulticast mode
[  406.026482][ T8417] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.044275][ T3474] bridge_slave_1: left promiscuous mode
[  406.195200][ T3474] bridge0: port 2(bridge_slave_1) entered disabled state
[  406.226637][ T8422] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  406.411646][ T3474] bridge_slave_0: left allmulticast mode
[  406.476719][ T3474] bridge_slave_0: left promiscuous mode
[  406.517579][ T3474] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.955185][ T3474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  411.999171][ T3474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  412.010826][ T3474] bond0 (unregistering): Released all slaves
[  412.106529][ T8209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.173112][ T8209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.395670][ T5890] IPVS: starting estimator thread 0...
[  412.525097][ T8447] IPVS: using max 26 ests per chain, 62400 per kthread
[  413.034871][ T8450] loop0: detected capacity change from 0 to 256
[  414.428297][ T8456] netlink: 8 bytes leftover after parsing attributes in process `syz.0.571'.
[  415.131455][ T8458] loop4: detected capacity change from 0 to 40427
[  415.437251][ T8463] loop0: detected capacity change from 0 to 4111
[  415.538629][ T3474] hsr_slave_0: left promiscuous mode
[  415.974198][ T3474] hsr_slave_1: left promiscuous mode
[  415.980973][ T3474] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.989337][ T3474] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.152182][ T3474] team0 (unregistering): Port device team_slave_1 removed
[  416.186906][ T8463] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  416.207239][ T8458] F2FS-fs (loop4): invalid crc value
[  416.263693][ T8463] ntfs3(loop0): failed to replay log file. Can't mount rw!
[  416.311099][ T8458] F2FS-fs (loop4): Start checkpoint disabled!
[  416.326291][ T8458] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  416.399524][ T3474] team0 (unregistering): Port device team_slave_0 removed
[  417.945737][ T5919] kworker/u8:8: attempt to access beyond end of device
[  417.945737][ T5919] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  417.965466][ T5919] CPU: 1 UID: 0 PID: 5919 Comm: kworker/u8:8 Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) 
[  417.965493][ T5919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  417.965505][ T5919] Workqueue: writeback wb_workfn (flush-7:4)
[  417.965538][ T5919] Call Trace:
[  417.965546][ T5919]  <TASK>
[  417.965554][ T5919]  dump_stack_lvl+0x189/0x250
[  417.965579][ T5919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  417.965598][ T5919]  ? __pfx_queue_work_on+0x10/0x10
[  417.965615][ T5919]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  417.965641][ T5919]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  417.965681][ T5919]  f2fs_handle_critical_error+0x37c/0x540
[  417.965713][ T5919]  f2fs_write_end_io+0x5b8/0x7e0
[  417.965738][ T5919]  ? __submit_merged_bio+0x251/0x6a0
[  417.965778][ T5919]  __submit_merged_bio+0x27a/0x6a0
[  417.965808][ T5919]  __submit_merged_write_cond+0x255/0x530
[  417.965840][ T5919]  f2fs_write_data_pages+0x261d/0x3000
[  417.965915][ T5919]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.965955][ T5919]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  417.966023][ T5919]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  417.966061][ T5919]  ? trace_f2fs_writepages+0x7f/0x200
[  417.966085][ T5919]  ? f2fs_write_node_pages+0x478/0x6e0
[  417.966114][ T5919]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  417.966153][ T5919]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.966180][ T5919]  do_writepages+0x32e/0x550
[  417.966213][ T5919]  ? reacquire_held_locks+0x127/0x1d0
[  417.966231][ T5919]  ? writeback_sb_inodes+0x372/0x1000
[  417.966267][ T5919]  __writeback_single_inode+0x145/0xff0
[  417.966295][ T5919]  ? do_raw_spin_unlock+0x122/0x240
[  417.966322][ T5919]  writeback_sb_inodes+0x6b5/0x1000
[  417.966358][ T5919]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  417.966405][ T5919]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  417.966482][ T5919]  ? rcu_is_watching+0x15/0xb0
[  417.966513][ T5919]  wb_writeback+0x43b/0xaf0
[  417.966551][ T5919]  ? queue_io+0x371/0x590
[  417.966583][ T5919]  ? __pfx_wb_writeback+0x10/0x10
[  417.966621][ T5919]  ? _raw_spin_unlock_irq+0x23/0x50
[  417.966652][ T5919]  wb_workfn+0x409/0xef0
[  417.966694][ T5919]  ? __pfx_wb_workfn+0x10/0x10
[  417.966725][ T5919]  ? __lock_acquire+0xab9/0xd20
[  417.966764][ T5919]  ? process_scheduled_works+0x9ef/0x17b0
[  417.966801][ T5919]  ? process_scheduled_works+0x9ef/0x17b0
[  417.966827][ T5919]  ? process_scheduled_works+0x9ef/0x17b0
[  417.966856][ T5919]  process_scheduled_works+0xade/0x17b0
[  417.966927][ T5919]  ? __pfx_process_scheduled_works+0x10/0x10
[  417.966977][ T5919]  worker_thread+0x8a0/0xda0
[  417.967028][ T5919]  kthread+0x711/0x8a0
[  417.967055][ T5919]  ? __pfx_worker_thread+0x10/0x10
[  417.967072][ T5919]  ? __pfx_kthread+0x10/0x10
[  417.967096][ T5919]  ? _raw_spin_unlock_irq+0x23/0x50
[  417.967121][ T5919]  ? lockdep_hardirqs_on+0x9c/0x150
[  417.967137][ T5919]  ? __pfx_kthread+0x10/0x10
[  417.967160][ T5919]  ret_from_fork+0x3fc/0x770
[  417.967190][ T5919]  ? __pfx_ret_from_fork+0x10/0x10
[  417.967223][ T5919]  ? __switch_to_asm+0x39/0x70
[  417.967241][ T5919]  ? __switch_to_asm+0x33/0x70
[  417.967258][ T5919]  ? __pfx_kthread+0x10/0x10
[  417.967281][ T5919]  ret_from_fork_asm+0x1a/0x30
[  417.967320][ T5919]  </TASK>
[  417.967328][ T5919] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  418.516471][ T8484] hub 1-0:1.0: USB hub found
[  418.522867][ T8484] hub 1-0:1.0: 1 port detected
[  419.311502][ T8209] team0: Port device team_slave_0 added
[  419.328146][ T8209] team0: Port device team_slave_1 added
[  419.424270][ T8337] chnl_net:caif_netlink_parms(): no params data found
[  419.984129][ T8209] batman_adv: batadv0: Adding interface: batadv_slave_0
[  420.028174][ T8209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  420.754573][ T8209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  421.462381][ T8209] batman_adv: batadv0: Adding interface: batadv_slave_1
[  421.987356][ T8489] syz.0.580 (8489): drop_caches: 2
[  422.014908][ T8209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.041629][ T8209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  423.042285][ T8337] bridge0: port 1(bridge_slave_0) entered blocking state
[  423.051138][ T8337] bridge0: port 1(bridge_slave_0) entered disabled state
[  423.059443][ T8337] bridge_slave_0: entered allmulticast mode
[  423.067912][ T8337] bridge_slave_0: entered promiscuous mode
[  423.078273][ T8503] loop0: detected capacity change from 0 to 8192
[  423.353000][ T8337] bridge0: port 2(bridge_slave_1) entered blocking state
[  423.528369][ T8337] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.924699][ T8337] bridge_slave_1: entered allmulticast mode
[  424.087885][ T8337] bridge_slave_1: entered promiscuous mode
[  425.335411][ T8518] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  425.344747][ T8518] FAT-fs (loop0): Filesystem has been set read-only
[  426.304280][ T8337] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  426.375795][ T8337] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  426.543667][ T8526] xt_CT: You must specify a L4 protocol and not use inversions on it
[  427.699570][ T5846] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  427.762120][ T5846] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  427.773684][ T5846] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  427.800089][ T5846] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  427.813654][ T5846] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  429.259263][ T8543] usb usb1: usbfs: process 8543 (syz.4.592) did not claim interface 0 before use
[  430.254778][ T5846] Bluetooth: hci4: command tx timeout
[  430.560349][ T8337] team0: Port device team_slave_0 added
[  431.878884][ T8337] team0: Port device team_slave_1 added
[  432.475190][ T5846] Bluetooth: hci4: command tx timeout
[  432.688913][ T8558] loop0: detected capacity change from 0 to 512
[  432.711099][ T8337] batman_adv: batadv0: Adding interface: batadv_slave_0
[  432.766109][ T8337] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  432.808470][ T8337] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  432.838796][ T3474] bridge_slave_1: left allmulticast mode
[  432.856036][ T3474] bridge_slave_1: left promiscuous mode
[  432.871956][ T3474] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.902357][ T3474] bridge_slave_0: left allmulticast mode
[  432.921729][ T3474] bridge_slave_0: left promiscuous mode
[  432.929265][ T3474] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.009511][ T8566] xt_l2tp: v2 sid > 0xffff: 262144
[  434.554826][ T5846] Bluetooth: hci4: command tx timeout
[  435.052840][ T3474] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  435.121121][ T3474] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  435.184949][ T3474] bond0 (unregistering): Released all slaves
[  435.193503][ T8568] loop4: detected capacity change from 0 to 16
[  435.201017][ T8568] erofs: Unknown parameter ''
[  435.434378][ T8570] netlink: 24 bytes leftover after parsing attributes in process `syz.0.600'.
[  435.476271][ T8530] lo speed is unknown, defaulting to 1000
[  436.325226][ T8337] batman_adv: batadv0: Adding interface: batadv_slave_1
[  436.332448][ T8337] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  436.391633][ T8337] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  436.635886][ T5846] Bluetooth: hci4: command tx timeout
[  437.630332][ T3474] batman_adv: batadv0: Removing interface: batadv_slave_0
[  437.674371][ T7331] udevd[7331]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  437.723467][ T7034] udevd[7034]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  437.740656][ T3474] batman_adv: batadv0: Removing interface: batadv_slave_1
[  437.898346][ T3474] team0 (unregistering): Port device team_slave_1 removed
[  439.509054][ T3474] team0 (unregistering): Port device team_slave_0 removed
[  440.252530][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  440.259370][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  440.647061][ T8595] 9pnet_fd: p9_fd_create_unix (8595): problem connecting socket: ./file0: -111
[  440.755553][ T8596] workqueue: Failed to create a rescuer kthread for wq "nfc3_nci_cmd_wq": -EINTR
[  444.677201][ T8337] hsr_slave_0: entered promiscuous mode
[  444.875409][ T8337] hsr_slave_1: entered promiscuous mode
[  444.882146][ T8337] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  444.939879][ T8337] Cannot create hsr debugfs directory
[  445.996631][ T8625] batman_adv: batadv0: Adding interface: ip6gretap1
[  446.014491][ T8625] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.082491][ T8625] batman_adv: batadv0: Not using interface ip6gretap1 (retrying later): interface not active
[  447.911753][ T8640] loop4: detected capacity change from 0 to 2048
[  447.992138][ T8640] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  448.013346][ T8640] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  448.047192][ T8640] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  448.188006][ T8530] chnl_net:caif_netlink_parms(): no params data found
[  450.799311][ T8658] overlayfs: failed to clone upperpath
[  450.890761][ T8662] loop4: detected capacity change from 0 to 4096
[  450.955223][ T8662] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  451.381390][ T8662] ntfs3(loop4): ino=19, mi_enum_attr
[  451.387031][ T8662] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  451.879793][ T8662] Process accounting resumed
[  452.275761][ T8530] bridge0: port 1(bridge_slave_0) entered blocking state
[  452.292920][ T8530] bridge0: port 1(bridge_slave_0) entered disabled state
[  452.315474][ T8530] bridge_slave_0: entered allmulticast mode
[  452.336672][ T8530] bridge_slave_0: entered promiscuous mode
[  452.360581][ T8530] bridge0: port 2(bridge_slave_1) entered blocking state
[  452.378990][ T8530] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.394776][ T8530] bridge_slave_1: entered allmulticast mode
[  452.402968][ T8530] bridge_slave_1: entered promiscuous mode
[  456.425395][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  456.436309][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  456.447174][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  456.457290][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  456.472130][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  456.483616][ T8530] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.496962][ T8530] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  457.918128][ T8530] team0: Port device team_slave_0 added
[  458.181021][ T8530] team0: Port device team_slave_1 added
[  458.302899][ T8710] loop0: detected capacity change from 0 to 32768
[  458.339559][ T8710] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.628 (8710)
[  458.386516][ T8710] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  458.397349][ T8710] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  458.406672][ T8710] BTRFS info (device loop0): using free-space-tree
[  458.554583][ T5846] Bluetooth: hci2: command tx timeout
[  459.047378][ T8710] BTRFS info (device loop0): rebuilding free space tree
[  459.331279][ T8710] BTRFS info (device loop0): balance: start -susage=12582912,drange=65536..8,limit=10376293541461622786,limit=2..2415919104
[  459.357362][ T8710] BTRFS info (device loop0): relocating block group 1048576 flags system
[  459.430065][ T8530] batman_adv: batadv0: Adding interface: batadv_slave_0
[  459.488693][ T8530] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.596285][ T8710] BTRFS info (device loop0): balance: ended with status: 0
[  459.688525][ T8530] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  459.736229][ T8691] lo speed is unknown, defaulting to 1000
[  459.780050][ T8530] batman_adv: batadv0: Adding interface: batadv_slave_1
[  459.829452][ T8530] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.963292][ T8530] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  460.987898][ T5846] Bluetooth: hci2: command tx timeout
[  461.139565][ T5845] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  463.034598][ T5846] Bluetooth: hci2: command tx timeout
[  463.082239][ T8757] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  464.295312][ T5888] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  464.525023][ T8530] hsr_slave_0: entered promiscuous mode
[  464.606187][ T8530] hsr_slave_1: entered promiscuous mode
[  464.657087][ T8530] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  464.689255][ T5888] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  464.764984][ T8530] Cannot create hsr debugfs directory
[  464.777651][ T5888] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  464.846576][ T5888] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  464.939450][ T5888] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  465.011415][ T5888] usb 5-1: SerialNumber: syz
[  465.405413][ T5846] Bluetooth: hci2: command tx timeout
[  465.654080][ T5888] usb 5-1: 0:2 : does not exist
[  466.031239][ T8756] block device autoloading is deprecated and will be removed.
[  466.042485][ T8756] syz.4.634: attempt to access beyond end of device
[  466.042485][ T8756] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  467.159276][ T8776] Trying to write to read-only block-device nullb0
[  467.409077][ T5888] usb 5-1: USB disconnect, device number 5
[  468.710571][ T8785] loop4: detected capacity change from 0 to 16
[  468.731017][ T8785] erofs (device loop4): rootino(nid 36) is not a directory(i_mode 16700)
[  469.001209][ T8781] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  469.103028][ T8788] netlink: 8 bytes leftover after parsing attributes in process `syz.0.642'.
[  475.351706][ T8691] chnl_net:caif_netlink_parms(): no params data found
[  475.783146][ T8815] capability: warning: `syz.4.647' uses deprecated v2 capabilities in a way that may be insecure
[  476.494719][   T51] Bluetooth: hci2: command 0x0405 tx timeout
[  476.983698][ T5846] Bluetooth: hci1: command 0x0406 tx timeout
[  477.284210][ T6225] bridge_slave_1: left allmulticast mode
[  477.290290][ T6225] bridge_slave_1: left promiscuous mode
[  477.296235][ T6225] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.288347][ T6225] bridge_slave_0: left allmulticast mode
[  478.294626][ T6225] bridge_slave_0: left promiscuous mode
[  478.300703][ T6225] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.240283][ T8832] loop4: detected capacity change from 0 to 32768
[  479.279976][ T8832] 
[  479.279976][ T8832]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.279976][ T8832] 
[  479.311384][ T8832] ERROR: (device loop4): diWrite: ixpxd invalid
[  479.311384][ T8832] 
[  479.323913][ T8832] ERROR: (device loop4): txCommit: 
[  479.323913][ T8832] 
[  479.666613][ T8833] 
[  479.666613][ T8833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.666613][ T8833] 
[  479.766636][ T8833] 
[  479.766636][ T8833]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  479.766636][ T8833] 
[  480.752638][ T6225] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  480.779011][ T6225] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  480.800079][ T6225] bond0 (unregistering): Released all slaves
[  484.047451][ T6225] hsr_slave_0: left promiscuous mode
[  484.391109][ T6225] hsr_slave_1: left promiscuous mode
[  484.403051][ T6225] batman_adv: batadv0: Removing interface: batadv_slave_0
[  484.421304][ T6225] batman_adv: batadv0: Removing interface: batadv_slave_1
[  484.620151][ T6225] team0 (unregistering): Port device team_slave_1 removed
[  484.668579][ T6225] team0 (unregistering): Port device team_slave_0 removed
[  484.987848][ T8691] bridge0: port 1(bridge_slave_0) entered blocking state
[  485.018394][ T8691] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.030700][ T8691] bridge_slave_0: entered allmulticast mode
[  485.043359][ T8691] bridge_slave_0: entered promiscuous mode
[  486.064790][ T8691] bridge0: port 2(bridge_slave_1) entered blocking state
[  486.072022][ T8691] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.064276][ T8691] bridge_slave_1: entered allmulticast mode
[  487.214810][ T8876] xt_l2tp: v2 doesn't support IP mode
[  487.474785][ T8876] netlink: 12 bytes leftover after parsing attributes in process `syz.4.659'.
[  487.907435][ T8691] bridge_slave_1: entered promiscuous mode
[  487.915711][ T8872] loop0: detected capacity change from 0 to 1024
[  489.579187][ T8876] vlan2: entered promiscuous mode
[  489.584921][ T8876] team0: entered promiscuous mode
[  489.590137][ T8876] team_slave_0: entered promiscuous mode
[  489.597975][ T8876] team_slave_1: entered promiscuous mode
[  490.486431][ T8691] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.632467][ T8691] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  491.217185][ T6507] hfsplus: b-tree write err: -5, ino 4
[  491.423989][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  491.440082][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  491.450088][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  491.498701][ T8691] team0: Port device team_slave_0 added
[  491.626634][ T8691] team0: Port device team_slave_1 added
[  491.712432][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  491.769700][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  493.915914][ T5846] Bluetooth: hci5: command tx timeout
[  494.234974][ T8691] batman_adv: batadv0: Adding interface: batadv_slave_0
[  494.242160][ T8691] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.134682][ T8691] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  495.177948][ T8691] batman_adv: batadv0: Adding interface: batadv_slave_1
[  495.185466][ T8691] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  495.938698][ T8918] loop0: detected capacity change from 0 to 512
[  495.994675][ T5846] Bluetooth: hci5: command tx timeout
[  496.085962][ T8691] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  496.131335][ T8893] lo speed is unknown, defaulting to 1000
[  497.870459][ T8691] hsr_slave_0: entered promiscuous mode
[  497.882149][ T8691] hsr_slave_1: entered promiscuous mode
[  498.076955][ T8691] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  498.079571][ T5846] Bluetooth: hci5: command tx timeout
[  498.090357][ T8691] Cannot create hsr debugfs directory
[  498.317846][ T8936] loop0: detected capacity change from 0 to 128
[  498.325782][ T8936] omfs: Bad value for 'umask'
[  500.161637][ T5846] Bluetooth: hci5: command tx timeout
[  501.082342][ T6389] bridge_slave_1: left allmulticast mode
[  501.109035][ T6389] bridge_slave_1: left promiscuous mode
[  501.148472][ T6389] bridge0: port 2(bridge_slave_1) entered disabled state
[  501.188937][ T6389] bridge_slave_0: left allmulticast mode
[  501.234582][ T6389] bridge_slave_0: left promiscuous mode
[  501.240438][ T6389] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.678714][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[  501.685455][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  502.364722][ T6389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  502.400526][ T6389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  502.479602][ T6389] bond0 (unregistering): Released all slaves
[  503.259765][ T6389] hsr_slave_0: left promiscuous mode
[  503.270087][ T6389] hsr_slave_1: left promiscuous mode
[  503.289748][ T6389] batman_adv: batadv0: Removing interface: batadv_slave_0
[  503.450464][ T6389] batman_adv: batadv0: Removing interface: batadv_slave_1
[  506.535056][ T9016] loop4: detected capacity change from 0 to 512
[  506.550338][ T9016] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  506.730484][ T9016] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a000c019, mo2=0002]
[  506.739251][ T9016] System zones: 1-12
[  506.761484][ T9016] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  506.776868][ T9016] EXT4-fs (loop4): 1 truncate cleaned up
[  506.835252][ T9016] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  507.438874][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  508.280272][ T9027] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8
[  511.685572][ T6389] team0 (unregistering): Port device team_slave_1 removed
[  511.978597][ T6389] team0 (unregistering): Port device team_slave_0 removed
[  513.171756][ T9047] could not allocate digest TFM handle sha224-ssse3
[  513.243063][ T9053] ptrace attach of "./syz-executor exec"[5845] was attempted by "./syz-executor exec"[9053]
[  513.345475][ T9054] netlink: 'syz.0.691': attribute type 21 has an invalid length.
[  513.355631][ T9054] netlink: 128 bytes leftover after parsing attributes in process `syz.0.691'.
[  513.511463][ T9033] pim6reg: entered allmulticast mode
[  513.599156][ T9054] netlink: 'syz.0.691': attribute type 4 has an invalid length.
[  513.607534][ T9054] netlink: 3 bytes leftover after parsing attributes in process `syz.0.691'.
[  514.999789][ T8893] chnl_net:caif_netlink_parms(): no params data found
[  516.741498][ T9084] loop4: detected capacity change from 0 to 512
[  516.835761][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  516.985183][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  517.002818][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  517.016445][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  517.026337][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  517.160700][ T9084] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.697: casefold flag without casefold feature
[  517.259298][ T9084] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.697: couldn't read orphan inode 15 (err -117)
[  517.330128][ T9084] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  518.001807][ T8893] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.047428][ T8893] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.067894][ T8893] bridge_slave_0: entered allmulticast mode
[  518.598974][ T8893] bridge_slave_0: entered promiscuous mode
[  518.625644][ T8893] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.676379][ T8893] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.683669][ T8893] bridge_slave_1: entered allmulticast mode
[  518.694195][ T8893] bridge_slave_1: entered promiscuous mode
[  519.196185][   T51] Bluetooth: hci4: command tx timeout
[  520.703671][ T8893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  520.756402][ T9080] lo speed is unknown, defaulting to 1000
[  520.762506][ T6389] bridge_slave_1: left allmulticast mode
[  520.789444][ T6389] bridge_slave_1: left promiscuous mode
[  520.812059][ T6389] bridge0: port 2(bridge_slave_1) entered disabled state
[  520.958354][ T5832] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.103028][ T9112] loop0: detected capacity change from 0 to 1024
[  521.120156][ T6389] bridge_slave_0: left allmulticast mode
[  521.146531][ T6389] bridge_slave_0: left promiscuous mode
[  521.232814][ T6389] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.321694][   T51] Bluetooth: hci4: command tx timeout
[  523.355411][   T51] Bluetooth: hci4: command tx timeout
[  524.011731][ T6389] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  524.076324][ T6389] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  524.091403][ T6389] bond0 (unregistering): Released all slaves
[  524.131994][ T8893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  525.259248][ T9144] loop0: detected capacity change from 0 to 256
[  525.272559][ T6389] hsr_slave_0: left promiscuous mode
[  525.310131][ T9144] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  525.525242][   T51] Bluetooth: hci4: command tx timeout
[  525.692089][ T6389] hsr_slave_1: left promiscuous mode
[  525.722737][ T6389] batman_adv: batadv0: Removing interface: batadv_slave_0
[  630.754390][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  630.761581][    C0] rcu: 	(detected by 0, t=10506 jiffies, g=37213, q=103 ncpus=2)
[  630.769463][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4295000172-4294989670), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  630.782960][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g37213 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  630.794196][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  630.804444][    C0] rcu: RCU grace-period kthread stack dump:
[  630.810647][    C0] task:rcu_preempt     state:R  running task     stack:26280 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  630.824625][    C0] Call Trace:
[  630.827954][    C0]  <TASK>
[  630.831016][    C0]  __schedule+0x16f5/0x4d00
[  630.835663][    C0]  ? schedule+0x165/0x360
[  630.840037][    C0]  ? __pfx___schedule+0x10/0x10
[  630.845206][    C0]  ? schedule+0x91/0x360
[  630.849571][    C0]  schedule+0x165/0x360
[  630.853853][    C0]  schedule_timeout+0x12b/0x270
[  630.859172][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  630.864568][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  630.870666][    C0]  ? __pfx_process_timeout+0x10/0x10
[  630.875984][    C0]  ? prepare_to_swait_event+0x341/0x380
[  630.881672][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  630.886549][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  630.891868][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  630.897180][    C0]  ? __pfx_rcu_watching_snap_save+0x10/0x10
[  630.903132][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  630.908490][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  630.913831][    C0]  ? finish_swait+0xcd/0x1f0
[  630.918452][    C0]  rcu_gp_kthread+0x99/0x390
[  630.923337][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  630.928656][    C0]  ? __kthread_parkme+0x7b/0x200
[  630.933719][    C0]  ? __kthread_parkme+0x1a1/0x200
[  630.938784][    C0]  kthread+0x711/0x8a0
[  630.942968][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  630.948377][    C0]  ? __pfx_kthread+0x10/0x10
[  630.953111][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  630.958968][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  630.964291][    C0]  ? __pfx_kthread+0x10/0x10
[  630.968942][    C0]  ret_from_fork+0x3fc/0x770
[  630.973671][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  630.978935][    C0]  ? __switch_to_asm+0x39/0x70
[  630.983741][    C0]  ? __switch_to_asm+0x33/0x70
[  630.988588][    C0]  ? __pfx_kthread+0x10/0x10
[  630.993227][    C0]  ret_from_fork_asm+0x1a/0x30
[  630.998064][    C0]  </TASK>
[  631.001216][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  631.007592][    C0] Sending NMI from CPU 0 to CPUs 1:
[  631.012858][    C1] NMI backtrace for cpu 1
[  631.012874][    C1] CPU: 1 UID: 0 PID: 9144 Comm: syz.0.709 Not tainted 6.15.0-rc7-next-20250522-syzkaller #0 PREEMPT(full) 
[  631.012891][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  631.012901][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x93/0x110
[  631.012928][    C1] Code: 75 08 e8 40 95 37 f6 4c 89 f7 e8 98 2c 38 f6 f7 c3 00 02 00 00 74 05 e8 cb 27 61 f6 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 <f6> 44 24 21 02 75 4f f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 e8
[  631.012941][    C1] RSP: 0018:ffffc90000a08be0 EFLAGS: 00000046
[  631.012956][    C1] RAX: 0000000000000001 RBX: 0000000000000802 RCX: 0000000000000001
[  631.012967][    C1] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff99d47560
[  631.012977][    C1] RBP: ffffc90000a08c78 R08: ffffffff99d47563 R09: 1ffffffff33a8eac
[  631.012988][    C1] R10: dffffc0000000000 R11: fffffbfff33a8ead R12: dffffc0000000000
[  631.012999][    C1] R13: ffff88807a0c5d20 R14: ffffffff99d47560 R15: 1ffff9200014117c
[  631.013010][    C1] FS:  00007ff75e2286c0(0000) GS:ffff888125d59000(0000) knlGS:0000000000000000
[  631.013023][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  631.013034][    C1] CR2: 0000001b30507ff8 CR3: 0000000079e3a000 CR4: 00000000003526f0
[  631.013050][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  631.013058][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  631.013068][    C1] Call Trace:
[  631.013077][    C1]  <IRQ>
[  631.013085][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  631.013107][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  631.013128][    C1]  debug_object_activate+0x2e2/0x420
[  631.013156][    C1]  enqueue_hrtimer+0x30/0x3a0
[  631.013172][    C1]  __hrtimer_run_queues+0x656/0xc60
[  631.013202][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  631.013222][    C1]  ? read_tsc+0x9/0x20
[  631.013244][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  631.013277][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  631.013292][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  631.013314][    C1]  </IRQ>
[  631.013320][    C1]  <TASK>
[  631.013326][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  631.013342][    C1] RIP: 0010:lock_acquire+0x175/0x360
[  631.013362][    C1] Code: 00 00 00 00 9c 8f 44 24 30 f7 44 24 30 00 02 00 00 0f 85 cd 00 00 00 f7 44 24 08 00 02 00 00 74 01 fb 65 48 8b 05 fb 4d fe 10 <48> 3b 44 24 58 0f 85 f2 00 00 00 48 83 c4 60 5b 41 5c 41 5d 41 5e
[  631.013374][    C1] RSP: 0018:ffffc90003657448 EFLAGS: 00000206
[  631.013386][    C1] RAX: 84a3c36ce883ce00 RBX: 0000000000000000 RCX: 84a3c36ce883ce00
[  631.013404][    C1] RDX: 0000000000000001 RSI: ffffffff8db6a54c RDI: ffffffff8be29000
[  631.013422][    C1] RBP: ffffffff8b653371 R08: 0000000000000000 R09: ffffffff8b653371
[  631.013432][    C1] R10: dffffc0000000000 R11: ffffed10037d25fe R12: 0000000000000000
[  631.013442][    C1] R13: ffffffff8dffafa0 R14: 0000000000000001 R15: 0000000000000246
[  631.013454][    C1]  ? schedule+0x91/0x360
[  631.013473][    C1]  ? schedule+0x91/0x360
[  631.013502][    C1]  ? schedule+0x91/0x360
[  631.013520][    C1]  schedule+0xb1/0x360
[  631.013538][    C1]  ? schedule+0x91/0x360
[  631.013558][    C1]  schedule_timeout+0x9a/0x270
[  631.013577][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  631.013600][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  631.013619][    C1]  unix_wait_for_peer+0x1e9/0x2e0
[  631.013641][    C1]  ? __pfx_unix_wait_for_peer+0x10/0x10
[  631.013660][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[  631.013677][    C1]  ? apparmor_unix_may_send+0x322/0x380
[  631.013701][    C1]  unix_dgram_sendmsg+0xbda/0x17c0
[  631.013731][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  631.013753][    C1]  ? aa_sock_msg_perm+0xda/0x1d0
[  631.013775][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  631.013793][    C1]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  631.013813][    C1]  __sock_sendmsg+0x219/0x270
[  631.013831][    C1]  ____sys_sendmsg+0x52d/0x830
[  631.013860][    C1]  ? __pfx_____sys_sendmsg+0x10/0x10
[  631.013883][    C1]  ? import_iovec+0x74/0xa0
[  631.013904][    C1]  ___sys_sendmsg+0x21f/0x2a0
[  631.013924][    C1]  ? __pfx____sys_sendmsg+0x10/0x10
[  631.013963][    C1]  ? __might_fault+0xb0/0x130
[  631.013979][    C1]  __sys_sendmmsg+0x227/0x430
[  631.014001][    C1]  ? __pfx___sys_sendmmsg+0x10/0x10
[  631.014019][    C1]  ? do_futex+0x333/0x420
[  631.014039][    C1]  ? __sys_connect+0x38d/0x440
[  631.014062][    C1]  ? __pfx___se_sys_futex+0x10/0x10
[  631.014083][    C1]  __x64_sys_sendmmsg+0xa0/0xc0
[  631.014104][    C1]  do_syscall_64+0xfa/0x3b0
[  631.014117][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  631.014130][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.014144][    C1]  ? clear_bhb_loop+0x60/0xb0
[  631.014160][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.014174][    C1] RIP: 0033:0x7ff75d38e969
[  631.014188][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.014200][    C1] RSP: 002b:00007ff75e228038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  631.014214][    C1] RAX: ffffffffffffffda RBX: 00007ff75d5b5fa0 RCX: 00007ff75d38e969
[  631.014224][    C1] RDX: 0000000000000651 RSI: 0000200000000000 RDI: 0000000000000006
[  631.014233][    C1] RBP: 00007ff75d410ab1 R08: 0000000000000000 R09: 0000000000000000
[  631.014243][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  631.014252][    C1] R13: 0000000000000000 R14: 00007ff75d5b5fa0 R15: 00007ffd67fbc988
[  631.014269][    C1]  </TASK>