last executing test programs:

27.52084215s ago: executing program 0 (id=595):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8010)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder1\x00', 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0xc, &(0x7f0000000080)=0x5, 0x4)
sendmsg$nl_generic(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="142902000000256592950000"], 0x14}}, 0x8000)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4044000}, 0x26004885)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000009b80)=""/102392, 0x18ff8)
iopl(0x3)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, 0x0, 0x1)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0))
read$dsp(r4, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000400)={&(0x7f0000000080)={0x2, 0x82, @remote}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000280)=""/32, 0x20}, {&(0x7f0000000300)=""/44, 0x2c}, {&(0x7f00000004c0)=""/230, 0xe6}, {&(0x7f00000005c0)=""/139, 0x8b}], 0x4, 0x0, 0x0, 0x40800}, 0x0)

25.535791439s ago: executing program 0 (id=600):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000340)={'wpan0\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f00009a9000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, 0x6e)
syz_open_dev$usbmon(&(0x7f0000000180), 0x3, 0x801)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
close(r1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000580)={0x0, 0x0, 0x0, &(0x7f0000000140)=""/43, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000002c0)={0x1, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffb2, 0x0, 0x0, 0x10, 0x5}, 0x94)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)

23.309126327s ago: executing program 0 (id=606):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f00000059c0)=ANY=[@ANYBLOB="6e6f646973636172642c6e6f636865636b706f696e745f6d657267652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c666c7573685f6d657267652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303235362c646973636172642c6e6f61636c2c6673796e635f6d6f64653d706f7369782c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c6163746976655f6c6f67733d322c6661756c745f747970653d30303030303030303030303031363737373231342c0002d1c71f8348abae1fff96ec907a723dca530cf5aea9622c1169c27c91b4d703f02da55a70e4108d30dd0a1b6e467d05c6c0237e3772dfb37da0e9705c62c7f6dc21ef782f52303a65f3196af86a3d58c8bfb0ef60c974b0e0b44af5ce33f407facb3838bd4bf9b7a99d612518ac3ddddf95b10ead9f78580da79051b5011a94bc44336ebf9378b479860af435366b6d4cdb9c5ffd949b52f82ac9c92de853"], 0x5, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r1 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r3, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

19.593340586s ago: executing program 0 (id=616):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40e41, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0xc201})
r1 = dup(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="001c86dd0700100000001400000060ec97000fc83c00fe8000000000000000000000000000aaff02000000000000000000000000000111"], 0xffe)

16.853308735s ago: executing program 0 (id=626):
r0 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0xa0003009})
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000280)='./file0/file0\x00', 0x2)

16.702627937s ago: executing program 0 (id=628):
socket$netlink(0x10, 0x3, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRES16], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x39, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ptrace$poke(0x5, 0x0, &(0x7f0000000080), 0xf5)
request_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='\x00\x00\x00', 0xfffffffffffffffe)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000480), r2)
sendmsg$NET_DM_CMD_START(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001180)={0x14, r3, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40880}, 0x20000000)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r6=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000280)={0x3, r6, 0x7ffffff5, 0x8000ffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r6, 0x0, 0x4d, 0x7, 0x800, 0x0, {0x80000001, 0xfff, 0x0, 0x6, 0x9, 0x9, 0x5, 0x100, 0xb, 0x80, 0x0, 0x40c, 0x5, 0x6, "4e80de46358e7f255a5d3f52e16f724fd04ef0eb3e6202d127cf9208f8a3226c"}})
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)

8.481962187s ago: executing program 2 (id=651):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

7.284268902s ago: executing program 3 (id=656):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x16, 0x0, 0x4, 0xffff, 0x0, 0x1}, 0x50)

7.258853211s ago: executing program 2 (id=657):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = openat$rtc(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$RTC_AIE_ON(r1, 0x7001)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000240)={0x3, 0x33, 0x12, 0x1, 0x8, 0x268, 0x5, 0x2})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x0, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0x14, 0x16, 0xa01, 0x4001, 0x0, {0xa}}, 0x14}}, 0x0)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b0000000014001439"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

7.106562064s ago: executing program 2 (id=658):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000880)={0x101, 0xaeb, 0x10e57, 0x8, 0xf6, "3ce692080900000000000800000000001300", 0x4, 0xff})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0x2)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x8)

6.91647301s ago: executing program 2 (id=660):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0xf6, &(0x7f0000000740)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0xe8, 0xffff, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x22eb, 0x0, 0x0, [0x5, 0x1]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "e8a27d98c71e58283e71e5a380690e06a02285a8de48fe2b48d871111a090469f7f2463b65d0769c353115bad27b567e11ae8ff15879f8116439968bec3215990c07d3964777389142e04b652a66b73d42d0c7d2cc20fa3d448de4a30e3c2daccca9c7a47a4021d19fee0d2da02fd36f9793526acad99c72071068777ffad349ca992a04df425c46418013c0"}, {0xa888, 0x88be, 0x86ddffff, {{0x0, 0x1, 0xfe}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x9}}}}}}}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$ITER_CREATE(0x1d, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="d60a0000000000006111a00000000000180000000000000000000000000000009500000000000000db020bc0694f5e514f2cfd290747bcbfe915cef1698d0d2c909ab1ad34e193a81d3e2cb6314ddd679f6e3b23ea7f34661692a7b17326e768c94703de7a95b670d9bf26865f1834ccb02dc1b0a42f82949fd1fbe09cbe618ccb8175636a0180cb5d2a2f5e44f22940f7153ff54449fd8ac7a0c4236d01bbc54d9206433a1e0700fa161f4d265d87bcb3de74729c335ad9d3113e90e88ddbb60bff0de6822a027a718bb767f01749c461ae40bae713a9c4"], &(0x7f0000000000)='GPL\x00'}, 0x80)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0x3, 0x0)
unshare(0x3c000280)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="580000001000ffff27bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="150c0000000000002c0012800e0001006970366772657461700000001800028014000700fc0000000000000000000000000000000a000100aaaaaaaaaa160040"], 0x58}, 0x1, 0x0, 0x0, 0x28001}, 0x8000)

5.859773548s ago: executing program 2 (id=662):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYRES64=0x0], 0x1, 0x5527, &(0x7f0000000500)="$eJzs3M1rI2UcB/Bf2u2+uxbx4G0HFqGFTdh0X9Dbqrv4grssqx48aZpkQ3aTTGnStPbkwaN48D8RBU8e/Rs8ePYmHhRvgpJ5JrD1BRaaNrb9fGDynXky+c3zhFL4zUACOLGWs99/rcSlOBcRixFxMaLYr5Rb4XaKlyLickQsPLVVyvE0cCnidEScj4hLk+KpZqV8+8ur4ys3f3nnt+9+OHPqwlff/ji/VQPz9nJE9DfS/nY/Zd5J+bgcb4y7RfZvjMtMb/SflMd5yu32elFhuzE9r1Hk9U46P9/YGk7yUa/RnGSn+6gY3xikCw7HnWmd4gOPG5vFcau9XmR3mBfZ2U3z2tlN/9t2h6NUp1XW+6QoH6PRNNN4e6ed1rPxpMjmYFSOp7p5q70zyXGZ5eWimfdaxTzW9/NN/7+92x1s7WTj9uawmw+ym7X6K7X6rWp9M2+1R+0b1Ua/detGttLpTU6rjtqN/u1Onnd67Voz769mK51ms1qvZyt32uvdxiCr12vXa9eqN1fLvavZm/c/yHqtbGWSr3cHW6Nub5g9yjez9InVbK12/dXV7Eo9e+/eg+zBw7t37z14/6M7H95/7d7bb5Qn/WNa2cratbW1av1ada2+eoLW/1k56RmuH/alMu8JABw9s+3/Q/8PPJOD6/83H0YcfP8f+v+ZmGX/e6asqf8/OuuHfdH/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcWD8tff1WsbOcji+U48+VQy+Ux5WIWIiIP//FYpzeU3OxrLP0H+cv/W0O31eiqDC5xplyOx8Rt8vtj+cP+lsAAACA4+ubTy9/kbr19LI87wlxmNJNm4WLH8+oXiUilpZ/nlG1hcnLizMqVvx9n4qdGVUrbmCdnVGxdMvt1KyqPZPFPXH2qaikWEh34QAAgONkbydwuF0IAAAAh+nzeU+A+ajE9FHm9Fnw9Jlf+UDw3J4jAAAA4AiqzHsCAAAAwIEr+n+//wcAAADHW/r9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgL3buICeVGAADcAeYB+89jcS49yru4BgewaVLwwG8BAdwgVfwApwBdx7BgGFaEQgxJHRmovm+ZCidND8tgUXbSQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgTq/lbPz8cP34XZvOETnL1WnyjQgAAADYtyhn4+rNMNb/p/vn6dZlqhdpHeDQ3L0b/uxkdlNO+dX+abt9udeHlxCqhPVn9NP1L4Rwk673i7q/BQAAAPi95pPpKM7W48uw7Q7RpLho0zm7zZRXhBDK4VumtM467ypTWPX77oX7TGnVAtYgU1hccuvlSjtK9XffrNoNtooiFocf+dl0MtvYAQCABnV3imZnIQAAADTpru0O0I4ifG5lbrYC+7FI23t/d2oAAADAD1S03QEAAACgdtX8v6Hz/1bO/wMAAIB2xPP/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNOinI3nk+no1Jzl6jR5RgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDB/ryjQAiEQRjsXd+ZzP0PKw2amppUgfDxNwYDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5nd/+T8xNc4kc6+NpeeRZO3U2Do19s6Noz+Mr18DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf785ICIRAEUTBn/O+k739YSdAziBABDY8qatEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzR7375PzE1ziRzp42l45Fk7aqxddXYe9A4ejDe/g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc79/MbRRUHAPy7O7uLRY21kh5qiCYe9CJl+SWJB+NB03jwTzBpyoKVxR/QAxBi7MWb6ZmL0aMxJpp643/gDAkXvHHoARPPmjc70w7QxiXQmYX9fJI377uPzbzvm0lIv/OmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEpbH+7EWTrMjuJ2MXbr/rWV1N9+qE9ubNxZSC3Frf+baOYpJz75Dlc/tOabSwQAAIDpkZX1fUTc7W4upb49m9f/3fI7qeb/6eVRXNbzD9f9ZV/W/qn9+ce9Q9sTzY7mSSc9uzocHH00lc7+rXKyvVK5B7vr5Fc+f/aS5Tek/cn6a1vd/Hq2frh586NeHh6oK2MA4HEdKfsiKH8eSn2/ycQAmBqdSuFd1v/ZbLM5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANRhaz1eLONWRCx0duLk9v1rK7v1NzbuLJTt1PXrG/HdzjnTKboRcXZ1ODha62om26UrV88vD4eDi/UHb0REU7N/UCz//GdjfDniac6eRUQzF3xag3Zxsycln2cjaPA/JQAAnkvdoqW6/m53cymNteYi/v35wfr/7UocY9b/9z4/das6V7X+79e2wglxee9/Wly78PXipStX3129sHxucG7w5Ylj/ff6x0+fPHl6MX9WsuiJCQAAAE+mV7Rq/d+ee3T//2AljjHr/29+7H9bnSvbq/5f3+9VTradTb+mMwEAAJhur775z9+tXcZbvV5cXl5bu9gfHbc/HxsdG0j1sR0oWrX+z+aazgoAAACow9Z664H9/zOVOMbc/3/pl9d/q54zi4iZYv//yMpXwzP1LWei1fHrxE2vEQAAgHr09hifKVqq6w8fOvF+Guvm7/+3t195aEfEO2+N4uLPAI5V/2cff/9rda7q+//H92eZz4z2/Oh65P18RGe+6YwAAAB4nr1QtFTs/9XdXPri94Of9rz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFC3/wIAAP//wkY7Dw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='memory.swap.current\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f0000000180)=ANY=[], 0xd4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r1, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r0, 0x4008f510, &(0x7f0000000080)=0x6)

5.785177945s ago: executing program 4 (id=663):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df12c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.683670813s ago: executing program 3 (id=664):
r0 = syz_open_procfs(0x0, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xa0003009})
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000280)='./file0/file0\x00', 0x2)

5.601207516s ago: executing program 4 (id=665):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x8}, 0x18)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x87)
connect$inet6(r3, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c)
ptrace$peeksig(0x4209, r0, &(0x7f0000000040)={0xffffffffffffff81, 0x1, 0x5}, &(0x7f0000000540)=[{}, {}, {}, {}, {}])
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000440), 0x1000a)
r5 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r6 = creat(&(0x7f0000000840)='./file0\x00', 0x166)
dup2(r5, r6)
syz_genetlink_get_family_id$batadv(&(0x7f00000014c0), r6)
sendfile(r3, r4, &(0x7f0000000000)=0x4, 0xffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5.535670913s ago: executing program 3 (id=666):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa1000000000000070100"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$evdev(0x0, 0x40002, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r3], 0x0, 0x4a}, 0x28)
io_uring_setup(0x2f00, &(0x7f0000000700)={0x0, 0xe8e2, 0x2, 0x20001, 0x2d6})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, 0x0, 0x0)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x6, 0xc, &(0x7f00000008c0)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000ffffff85850000007100000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r6, 0x0, 0xe, 0x0, &(0x7f0000000000)="5fd63edbfd8a4a6077fd87686f9a", 0x0, 0x704, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

4.156545044s ago: executing program 4 (id=667):
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c"])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0x300000d, 0x3)
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0'}, 0xb)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000040)={0x1d, r3, 0x3}, 0x18)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r2)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000000c0)="7b90", 0x2}, {0x0}, {&(0x7f0000000540)}, {&(0x7f0000000180)}], 0x4}, 0x40090)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0)

4.076021401s ago: executing program 3 (id=668):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = openat$rtc(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$RTC_AIE_ON(r1, 0x7001)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000240)={0x3, 0x33, 0x12, 0x1, 0x8, 0x268, 0x5, 0x2})
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x0, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)={0x14, 0x16, 0xa01, 0x4001, 0x0, {0xa}}, 0x14}}, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b0000000014001439"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

3.396673275s ago: executing program 2 (id=669):
r0 = openat$vmci(0xffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r0, 0x7aa, &(0x7f0000000100)={{@any, 0x4}, 0x8, 0xfffeffff})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[], 0x0, 0x96}, 0x28)
openat(0xffffffffffffff9c, 0x0, 0x300000d, 0x1)
signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_TOL(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, r2, 0x91dabd4b569e2c23, 0x70bd28, 0x25dfdbfc, {{}, {0x0, 0x4108}, {0x14, 0x18, {0x3, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x63, 0xc080)
recvmmsg(r4, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r6 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r6, 0x40146f2c, &(0x7f0000000100)={0x2, 0x1, 0x3, 0x14, 0x4})
ioctl$DVB_DEMUX_DMX_ADD_PID(r6, 0x40026f33, &(0x7f0000000040)=0x312)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r6, 0x40146f2c, &(0x7f0000000000)={0x5, 0x1, 0x1, 0x8})

3.041273691s ago: executing program 1 (id=670):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x1a10755, &(0x7f00000001c0)={[{@jqfmt_vfsold}, {@errors_continue}, {@usrquota}, {@prjquota}, {@usrquota}, {@abort}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xffffffff}}, {@delalloc}, {@test_dummy_encryption}]}, 0xff, 0x46e, &(0x7f0000000e40)="$eJzs281vFOUfAPDvzG7L249fKyIKgjSisfGlpQWVgxeNJh40MdEDHmtbCLJQQ2sihGg1Bo+GxLvxaOJf4MmTUU8mXvVuSIgSE9CYsGZmZ9ruslsK3bKE/XySaZ9n59mZ57vzPDPPzLMbQN8ayf4kEf+LiF8jYqiRbS4w0vh37cr56b+vnJ9Ool5/84/BvNzVK+eny6Ll+7YVmdE0Iv00KXbSbP7suZNTtdrsmSI/vnDqvfH5s+eeOXFq6vjs8dnTk0eOHD408fxzk892Jc4svqt7Ppzbu/vVty++Pn304js/fpPVd9e+xvqVcXTLSBb4n/Vc67rHu72zHrteX44zqfa6NqxVJSKywzWQ9/+hqMTywRuKVz7paeWADZWdsze1ebn4v1gH7mFJ9LoGQG+UF/zs/rdc7uDwo+cuv9i4AcrivlYsjTXVSIsyAxu4/5GIOLr4z5fZEi3PIZaOz+AGVgAA6DvfZeOfp9uN/9LYtaLc/4u5oeGIuC8idkTE/RGxMyIeiMjLPhgRD93i/lunhm4cf6aXbiuwNcrGfy8Uc1vN479y9BfDlSK3PY9/IDl2ojZ7sPhMRmNgU5afaLfxchMv//J5p/2vHP9lS7b/cixYbORSteUB3czUwlS3BqWXP47YU20Xf7I0E5BExO6I2LPmrS5G8fHkTjz59d5OJW8e/yq6MM9U/yriicbxX4yW+EvJ6vOT45ujNntwvGwVN/rp5wtvdNp/2/ivb19/YGuUHf+tze1/aV0l/zv0V7JyvnY+bvmG5MJvn3W8p6zeZvsfTN7K53TLmnwwtbBwZiJiMHktovX1yeX3lvmyfBb/6IH2/X9H8Z4s/ocjImvE+yLikYjYHxH/FvfQj0bEgVXi/+Glx97ttG5d7T9iyxrLdZTFP9P2/LfU/oebj/+tJyonv//29uPPjv/hPDVavJKf/26ic3U2FyWWWzMAAADc69L8u/FJOraUTtOxscZ3+HfG1rQ2N7/w1LG590/PNL5DPxwDafmka2jF89CJZLHYYiM/WTwrLtcfKp4bf1HZkufHpudqMz2OHfrdtub+v7/s/5nfK72uHbDh/F4L+ldr/097VA/gznP9h/6l/0P/0v+hf7Xr/x+15M0FwL3J9R/6l/4P/Uv/h/6l/0NfWs/v+jcqUV3l1/sSd0si0ruiGhItiUgaF/RN6+zdvT4zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMd/AQAA///gq/is")
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, 0x0)

3.024009419s ago: executing program 4 (id=671):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000040)={0x1d, r2, 0x3}, 0x18)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r1)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, 0x0)
sendmsg$inet(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000680)=[{0x0}, {0x0}], 0x2}, 0x40090)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0)

2.552626386s ago: executing program 1 (id=672):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0xf6, &(0x7f0000000740)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0xe8, 0xffff, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x22eb, 0x0, 0x0, [0x5, 0x1]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [], "e8a27d98c71e58283e71e5a380690e06a02285a8de48fe2b48d871111a090469f7f2463b65d0769c353115bad27b567e11ae8ff15879f8116439968bec3215990c07d3964777389142e04b652a66b73d42d0c7d2cc20fa3d448de4a30e3c2daccca9c7a47a4021d19fee0d2da02fd36f9793526acad99c72071068777ffad349ca992a04df425c46418013c0"}, {0xa888, 0x88be, 0x86ddffff, {{0x0, 0x1, 0xfe}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x9}}}}}}}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$ITER_CREATE(0x1d, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="d60a0000000000006111a00000000000180000000000000000000000000000009500000000000000db020bc0694f5e514f2cfd290747bcbfe915cef1698d0d2c909ab1ad34e193a81d3e2cb6314ddd679f6e3b23ea7f34661692a7b17326e768c94703de7a95b670d9bf26865f1834ccb02dc1b0a42f82949fd1fbe09cbe618ccb8175636a0180cb5d2a2f5e44f22940f7153ff54449fd8ac7a0c4236d01bbc54d9206433a1e0700fa161f4d265d87bcb3de74729c335ad9d3113e90e88ddbb60bff0de6822a027a718bb767f01749c461ae40bae713a9c4"], &(0x7f0000000000)='GPL\x00'}, 0x80)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0x3, 0x0)
unshare(0x3c000280)
writev(0xffffffffffffffff, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="580000001000ffff27bd7000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="150c0000000000002c0012800e0001006970366772657461700000001800028014000700fc0000000000000000000000000000000a000100aaaaaaaaaa160040"], 0x58}, 0x1, 0x0, 0x0, 0x28001}, 0x8000)

1.585009756s ago: executing program 32 (id=628):
socket$netlink(0x10, 0x3, 0x12)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRES16], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x39, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ptrace$poke(0x5, 0x0, &(0x7f0000000080), 0xf5)
request_key(&(0x7f0000000100)='big_key\x00', &(0x7f0000000140)={'syz', 0x2}, &(0x7f0000000180)='\x00\x00\x00', 0xfffffffffffffffe)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000480), r2)
sendmsg$NET_DM_CMD_START(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000001180)={0x14, r3, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40880}, 0x20000000)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r6=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000280)={0x3, r6, 0x7ffffff5, 0x8000ffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r6, 0x0, 0x4d, 0x7, 0x800, 0x0, {0x80000001, 0xfff, 0x0, 0x6, 0x9, 0x9, 0x5, 0x100, 0xb, 0x80, 0x0, 0x40c, 0x5, 0x6, "4e80de46358e7f255a5d3f52e16f724fd04ef0eb3e6202d127cf9208f8a3226c"}})
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)

1.5734147s ago: executing program 1 (id=674):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x108)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000380)='./bus\x00')
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2)

1.319498755s ago: executing program 1 (id=675):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)={0x38, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x52}, @IPSET_ATTR_PORT={0x0, 0x4, 0x1, 0x0, 0x4e21}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x0, 0x4, 0x1}]}, 0x1d}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="840000000002010400000000000000000a00000004000180300003802c00018014000300fc00000000000000000000100000000014004400fe800000001f610000000000000000bb3c0002800c00028005000100000000002c00018014000300fc02000000000000000000000000000014"], 0x84}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x9)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYRES32=r1, @ANYBLOB="0200000000008000800012000800010076746936740002"], 0xa0}}, 0x0)

472.550678ms ago: executing program 4 (id=676):
r0 = syz_open_procfs(0x0, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0xa0003009})
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000280)='./file0/file0\x00', 0x2)

411.879089ms ago: executing program 1 (id=677):
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000000)={0x8, 0x2000, 0x2, 0x8000adea})
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x6}, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

338.937663ms ago: executing program 3 (id=678):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000000c0)=@x86={0x60, 0x4, 0x9, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x7f, 0x9, 0x1, 0x0, 0x0, 0x8, 0x0, 0xff, 0xff, 0x0, '\x00', 0x0, 0x1})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x2, 0x0, @ioapic={0x8000000, 0x9, 0x10001, 0xfffffffe, 0x0, [{0x2, 0x4, 0x87, '\x00', 0x8}, {0x9, 0x8, 0x40, '\x00', 0xb}, {0xff, 0x7f, 0xd3, '\x00', 0x67}, {0x0, 0x5, 0xf5, '\x00', 0xf}, {0x7, 0x9, 0xc, '\x00', 0xfb}, {0x0, 0x4, 0x54, '\x00', 0xff}, {0x71, 0xd5, 0xf1, '\x00', 0x7b}, {0x3, 0x4, 0xc}, {0x7f, 0x5, 0xb, '\x00', 0xb}, {0xd7, 0xd, 0x8, '\x00', 0x6}, {0x0, 0x28, 0x80, '\x00', 0xdc}, {0xff, 0x1, 0xfa, '\x00', 0x1}, {0xfe, 0x7, 0x26}, {0xcf, 0x3, 0x1, '\x00', 0x6}, {0xf, 0xee, 0x7, '\x00', 0x3}, {0x39, 0x2, 0x6, '\x00', 0xb}, {0x9, 0x6, 0x2, '\x00', 0x8}, {0x5, 0xc, 0x5, '\x00', 0xc}, {0x7, 0x7f, 0x7, '\x00', 0xc2}, {0x0, 0x80, 0xe, '\x00', 0x7f}, {0x1, 0xc, 0x80, '\x00', 0x7f}, {0x10, 0x6, 0x3, '\x00', 0x10}, {0x1, 0x23, 0xf3, '\x00', 0x4}, {0x7, 0x6, 0x4}]}})

231.953769ms ago: executing program 4 (id=679):
syz_usb_connect(0x0, 0x1a2, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x28f42000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61153c00000000006113780000000000bfa000000000000007000000ee0016055e03010000000000250500000000000069163e0000000000bf07000000000000260507000fff0720670600003f000000140600000ee6ffd0bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2474ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7166c23d28c0a7101b8b09736ecd34aa9dc1b498"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
syz_usb_connect$printer(0x5, 0x2d, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0x4b8, 0x202, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x5, 0x40, 0x2, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x7, 0x1, 0x7, 0x9, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x3, 0x1, 0x7}}}}}]}}]}}, 0x0)

318.394µs ago: executing program 1 (id=680):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000020303000000000000000000020000100800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 3 (id=681):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
setresgid(0xee00, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
read$FUSE(r0, 0x0, 0x0)
lstat(&(0x7f0000000340)='./file0\x00', 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.161' (ED25519) to the list of known hosts.
[   76.964429][ T5809] cgroup: Unknown subsys name 'net'
[   77.072001][ T5809] cgroup: Unknown subsys name 'cpuset'
[   77.081209][ T5809] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   78.747538][ T5809] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   82.859116][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   82.868504][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   82.884353][ T5834] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   82.893391][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   82.901592][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   82.909132][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   82.917044][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   82.924821][ T5838] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   82.933035][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   82.940405][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   82.947524][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   82.955803][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   82.957999][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   82.966572][ T5834] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   82.972470][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   82.979716][ T5837] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   82.991067][ T5834] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.000027][ T5834] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   83.010658][ T5834] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   83.020009][ T5826] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.030888][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.040113][ T5826] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   83.051470][ T5826] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   83.063589][ T5828] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   83.071445][ T5828] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   83.775542][ T5823] chnl_net:caif_netlink_parms(): no params data found
[   83.841112][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   83.864641][ T5824] chnl_net:caif_netlink_parms(): no params data found
[   84.035925][ T5840] chnl_net:caif_netlink_parms(): no params data found
[   84.056262][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   84.203360][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.211341][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.218802][ T5821] bridge_slave_0: entered allmulticast mode
[   84.226773][ T5821] bridge_slave_0: entered promiscuous mode
[   84.236272][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.243639][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.251224][ T5823] bridge_slave_0: entered allmulticast mode
[   84.259213][ T5823] bridge_slave_0: entered promiscuous mode
[   84.301371][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.308775][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.316177][ T5821] bridge_slave_1: entered allmulticast mode
[   84.324240][ T5821] bridge_slave_1: entered promiscuous mode
[   84.332453][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.340610][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.347958][ T5823] bridge_slave_1: entered allmulticast mode
[   84.355864][ T5823] bridge_slave_1: entered promiscuous mode
[   84.431037][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.438369][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.445597][ T5824] bridge_slave_0: entered allmulticast mode
[   84.453655][ T5824] bridge_slave_0: entered promiscuous mode
[   84.511218][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.518788][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.526005][ T5824] bridge_slave_1: entered allmulticast mode
[   84.534493][ T5824] bridge_slave_1: entered promiscuous mode
[   84.560198][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.573611][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.588469][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.627008][ T5840] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.634578][ T5840] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.642760][ T5840] bridge_slave_0: entered allmulticast mode
[   84.650650][ T5840] bridge_slave_0: entered promiscuous mode
[   84.677106][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.726088][ T5840] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.733639][ T5840] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.741287][ T5840] bridge_slave_1: entered allmulticast mode
[   84.749426][ T5840] bridge_slave_1: entered promiscuous mode
[   84.783141][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.790576][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.797922][ T5822] bridge_slave_0: entered allmulticast mode
[   84.805705][ T5822] bridge_slave_0: entered promiscuous mode
[   84.818480][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.846372][ T5821] team0: Port device team_slave_0 added
[   84.855325][ T5823] team0: Port device team_slave_0 added
[   84.861532][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.869028][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.876458][ T5822] bridge_slave_1: entered allmulticast mode
[   84.884435][ T5822] bridge_slave_1: entered promiscuous mode
[   84.895569][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.936531][ T5821] team0: Port device team_slave_1 added
[   84.959237][ T5823] team0: Port device team_slave_1 added
[   85.022310][ T5840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.058568][ T5828] Bluetooth: hci0: command tx timeout
[   85.064437][ T5838] Bluetooth: hci2: command tx timeout
[   85.072917][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.085650][ T5824] team0: Port device team_slave_0 added
[   85.095627][ T5840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.121681][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.128851][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.155817][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.155950][ T5828] Bluetooth: hci1: command tx timeout
[   85.166868][ T5826] Bluetooth: hci3: command tx timeout
[   85.172390][ T5838] Bluetooth: hci4: command tx timeout
[   85.203308][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.229096][ T5824] team0: Port device team_slave_1 added
[   85.249689][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.256685][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.282836][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.295601][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.302645][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.328848][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.369766][ T5840] team0: Port device team_slave_0 added
[   85.387017][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.394202][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.420524][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.435040][ T5822] team0: Port device team_slave_0 added
[   85.458358][ T5840] team0: Port device team_slave_1 added
[   85.490542][ T5822] team0: Port device team_slave_1 added
[   85.498086][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.505075][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.532080][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.562341][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.569533][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.595667][ T5840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.622903][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.630160][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.656283][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.697529][ T5840] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.704566][ T5840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.731535][ T5840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.773637][ T5821] hsr_slave_0: entered promiscuous mode
[   85.780758][ T5821] hsr_slave_1: entered promiscuous mode
[   85.816199][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.823419][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.849543][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.863271][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.870366][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   85.896398][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.969255][ T5823] hsr_slave_0: entered promiscuous mode
[   85.976793][ T5823] hsr_slave_1: entered promiscuous mode
[   85.984168][ T5823] debugfs: 'hsr0' already exists in 'hsr'
[   85.990576][ T5823] Cannot create hsr debugfs directory
[   86.037271][ T5824] hsr_slave_0: entered promiscuous mode
[   86.044492][ T5824] hsr_slave_1: entered promiscuous mode
[   86.051468][ T5824] debugfs: 'hsr0' already exists in 'hsr'
[   86.057220][ T5824] Cannot create hsr debugfs directory
[   86.179827][ T5840] hsr_slave_0: entered promiscuous mode
[   86.189806][ T5840] hsr_slave_1: entered promiscuous mode
[   86.196984][ T5840] debugfs: 'hsr0' already exists in 'hsr'
[   86.211354][ T5840] Cannot create hsr debugfs directory
[   86.247455][ T5822] hsr_slave_0: entered promiscuous mode
[   86.255048][ T5822] hsr_slave_1: entered promiscuous mode
[   86.264377][ T5822] debugfs: 'hsr0' already exists in 'hsr'
[   86.270372][ T5822] Cannot create hsr debugfs directory
[   86.949822][ T5821] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   86.996839][ T5821] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   87.024538][ T5821] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   87.041757][ T5821] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   87.099880][ T5824] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   87.123124][ T5824] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   87.137964][ T5828] Bluetooth: hci0: command tx timeout
[   87.143816][ T5838] Bluetooth: hci2: command tx timeout
[   87.154703][ T5824] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   87.187083][ T5824] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   87.225781][ T5838] Bluetooth: hci3: command tx timeout
[   87.228346][ T5826] Bluetooth: hci1: command tx timeout
[   87.237444][ T5828] Bluetooth: hci4: command tx timeout
[   87.327479][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   87.370294][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   87.389356][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   87.423374][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   87.540156][ T5840] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   87.553056][ T5840] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   87.572201][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.600761][ T5840] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   87.624752][ T5840] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   87.659029][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   87.704304][  T178] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.711696][  T178] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.723925][  T178] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.731097][  T178] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.791422][ T5822] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   87.804365][ T5822] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   87.817163][ T5822] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   87.848394][ T5822] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   87.878900][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.961327][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   87.989837][  T178] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.996982][  T178] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.006420][  T178] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.013567][  T178] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.271928][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.374339][ T5823] 8021q: adding VLAN 0 to HW filter on device team0
[   88.423106][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.430368][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.481389][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.501722][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.508989][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.527042][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0
[   88.560560][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.637533][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   88.672998][ T5840] 8021q: adding VLAN 0 to HW filter on device team0
[   88.690216][ T3004] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.697381][ T3004] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.731411][ T3004] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.738603][ T3004] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.783071][ T3004] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.790300][ T3004] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.861957][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.909116][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.916315][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.202899][ T5824] veth0_vlan: entered promiscuous mode
[   89.223276][ T5826] Bluetooth: hci0: command tx timeout
[   89.230875][ T5828] Bluetooth: hci2: command tx timeout
[   89.293264][ T5824] veth1_vlan: entered promiscuous mode
[   89.298780][ T5828] Bluetooth: hci4: command tx timeout
[   89.304252][ T5828] Bluetooth: hci1: command tx timeout
[   89.305023][ T5826] Bluetooth: hci3: command tx timeout
[   89.393089][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.463340][ T5821] veth0_vlan: entered promiscuous mode
[   89.473859][ T5824] veth0_macvtap: entered promiscuous mode
[   89.530431][ T5824] veth1_macvtap: entered promiscuous mode
[   89.559408][ T5821] veth1_vlan: entered promiscuous mode
[   89.616535][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.649480][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.685844][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.704632][ T5823] veth0_vlan: entered promiscuous mode
[   89.714460][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.770310][ T5821] veth0_macvtap: entered promiscuous mode
[   89.791685][ T3004] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.800959][ T3004] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.811317][ T3004] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.828937][ T5821] veth1_macvtap: entered promiscuous mode
[   89.844264][ T5823] veth1_vlan: entered promiscuous mode
[   89.854191][ T3004] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   89.937236][ T5822] veth0_vlan: entered promiscuous mode
[   89.973225][ T5822] veth1_vlan: entered promiscuous mode
[   90.006407][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.023618][ T5840] veth0_vlan: entered promiscuous mode
[   90.067362][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.082379][  T178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.101299][  T178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.132190][ T5840] veth1_vlan: entered promiscuous mode
[   90.156437][ T5823] veth0_macvtap: entered promiscuous mode
[   90.168271][ T3004] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.191872][  T178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.200491][  T178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.209651][ T3004] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.219610][ T3004] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.237541][ T5823] veth1_macvtap: entered promiscuous mode
[   90.245903][ T3004] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.293766][ T5822] veth0_macvtap: entered promiscuous mode
[   90.314738][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   90.347431][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.360808][ T5822] veth1_macvtap: entered promiscuous mode
[   90.414355][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.462137][ T5840] veth0_macvtap: entered promiscuous mode
[   90.489137][ T5840] veth1_macvtap: entered promiscuous mode
[   90.529743][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.545439][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.608325][ T1337] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.617255][ T1337] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.675131][ T1337] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.715010][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.725710][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.737686][ T1337] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.747435][ T1337] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.776745][ T1337] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.785949][ T1337] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.935883][ T5948] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   91.069316][ T1337] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.445839][ T5826] Bluetooth: hci2: command tx timeout
[   91.446858][ T5838] Bluetooth: hci0: command tx timeout
[   91.454038][ T5828] Bluetooth: hci3: command tx timeout
[   91.458966][ T5838] Bluetooth: hci1: command tx timeout
[   91.462937][ T5143] Bluetooth: hci4: command tx timeout
[   91.496431][  T178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.504854][  T178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.561997][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.576464][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.629628][ T3004] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.676146][ T3040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.688013][ T3040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.726108][ T3004] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.769602][ T3004] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.787711][ T5950] loop1: detected capacity change from 0 to 4096
[   91.788382][ T3004] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.801598][ T5950] EXT4-fs: Ignoring removed mblk_io_submit option
[   91.836243][ T5950] EXT4-fs (loop1): Test dummy encryption mode enabled
[   91.837107][ T3004] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.865221][ T3004] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.892940][ T5950] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.947680][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.964601][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.994806][ T5950] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[   92.022704][    T9] cfg80211: failed to load regulatory.db
[   92.065902][ T5950] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[   92.149741][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.157607][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.410946][  T178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.432453][  T178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.442008][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.553694][ T5962] capability: warning: `syz.4.5' uses 32-bit capabilities (legacy support in use)
[   93.207011][ T1337] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.923321][ T1337] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.064724][ T5972] loop4: detected capacity change from 0 to 512
[   94.163546][ T5972] =======================================================
[   94.163546][ T5972] WARNING: The mand mount option has been deprecated and
[   94.163546][ T5972]          and is ignored by this kernel. Remove the mand
[   94.163546][ T5972]          option from the mount to silence this warning.
[   94.163546][ T5972] =======================================================
[   94.805352][ T5972] EXT4-fs: Ignoring removed nomblk_io_submit option
[   94.872796][ T5972] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   94.924286][ T5972] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8840c01d, mo2=0102]
[   94.937864][ T5979] loop0: detected capacity change from 0 to 256
[   95.011453][ T5972] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[   95.055666][ T5979] xt_hashlimit: size too large, truncated to 1048576
[   95.094956][ T5972] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[   95.130782][ T5972] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   95.218917][ T5972] EXT4-fs warning (device loop4): dx_probe:861: inode #2: comm syz.4.9: dx entry: limit 65535 != root limit 120
[   95.362707][ T5972] EXT4-fs warning (device loop4): dx_probe:934: inode #2: comm syz.4.9: Corrupt directory, running e2fsck is recommended
[   95.469794][ T5993] loop2: detected capacity change from 0 to 1024
[   95.477123][ T5993] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.825727][ T5993] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   95.858726][ T5993] System zones: 0-1, 3-36
[   96.559301][ T5972] EXT4-fs error (device loop4): ext4_readdir:265: inode #2: block 3: comm syz.4.9: path /1/file0: bad entry in directory: directory entry overrun - offset=0, inode=4294967295, rec_len=65552, size=1024 fake=0
[   96.759769][ T5990] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'.
[   96.799653][ T5993] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.966732][ T5993] syz.2.3 (pid 5993) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[   96.997531][ T5993] EXT4-fs error (device loop2): ext4_iget_extra_inode:5025: inode #15: comm syz.2.3: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[   98.151632][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.616875][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.697216][ T6006] process 'syz.0.14' launched './file0' with NULL argv: empty string added
[   98.719756][ T6006] Invalid argument reading file caps for ./file0
[   98.948050][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   99.299276][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   99.427864][    T9] usb 5-1: Using ep0 maxpacket: 32
[   99.440848][    T9] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[   99.457829][    T9] usb 5-1: config 4 has 0 interfaces, different from the descriptor's value: 1
[   99.469350][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   99.487886][    T9] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   99.527633][    T9] usb 5-1: Product: syz
[   99.543220][    T9] usb 5-1: Manufacturer: syz
[   99.818140][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.928016][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.408044][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.416853][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.426167][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.528139][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  100.630412][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.999425][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  101.305856][ T6019] loop0: detected capacity change from 0 to 40427
[  101.321670][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  101.337187][ T6019] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  101.355611][ T6019] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  101.381629][ T6019] F2FS-fs (loop0): invalid crc value
[  101.547666][ T6019] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  101.571282][ T6019] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  101.579110][ T6019] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  102.617125][ T6048] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  102.736822][ T5902] usb 5-1: USB disconnect, device number 2
[  102.808031][   T29] audit: type=1326 audit(1772095661.377:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  102.871592][   T29] audit: type=1326 audit(1772095661.387:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  102.937850][   T29] audit: type=1326 audit(1772095661.397:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  102.960763][   T29] audit: type=1326 audit(1772095661.397:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  102.986276][   T29] audit: type=1326 audit(1772095661.397:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  103.009620][   T29] audit: type=1326 audit(1772095661.407:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  103.034566][   T29] audit: type=1326 audit(1772095661.407:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  103.085002][   T29] audit: type=1326 audit(1772095661.407:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  103.150388][   T29] audit: type=1326 audit(1772095661.407:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  103.203526][   T29] audit: type=1326 audit(1772095661.407:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6050 comm="syz.1.27" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1c9799c629 code=0x7ffc0000
[  103.782908][ T6062] syzkaller0: entered promiscuous mode
[  103.788493][ T6062] syzkaller0: entered allmulticast mode
[  105.062313][  T982] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  105.798009][  T982] usb 2-1: unable to get BOS descriptor or descriptor too short
[  105.816491][  T982] usb 2-1: too many endpoints for config 1 interface 0 altsetting 1: 253, using maximum allowed: 30
[  105.841687][  T982] usb 2-1: config 1 interface 0 altsetting 1 endpoint 0x1 has invalid maxpacket 2047, setting to 1024
[  105.855336][  T982] usb 2-1: config 1 interface 0 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 1024
[  105.866083][  T982] usb 2-1: config 1 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  105.884006][  T982] usb 2-1: config 1 interface 0 has no altsetting 0
[  105.896411][  T982] usb 2-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  105.907041][  T982] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.915503][ T6080] netlink: 12 bytes leftover after parsing attributes in process `syz.0.35'.
[  105.930420][  T982] usb 2-1: Product: syz
[  105.943547][  T982] usb 2-1: Manufacturer: syz
[  105.961931][  T982] usb 2-1: SerialNumber: syz
[  105.995222][ T6068] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  106.255061][  T982] usb 2-1: USB disconnect, device number 2
[  107.414618][ T6096] netlink: 8 bytes leftover after parsing attributes in process `syz.3.41'.
[  107.542365][ T6098] tipc: Started in network mode
[  107.558083][ T6098] tipc: Node identity 4a72849e5218, cluster identity 4711
[  107.565427][ T6098] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  107.630106][ T6103] syzkaller0: entered promiscuous mode
[  107.662929][ T6103] syzkaller0: entered allmulticast mode
[  107.779129][ T6098] tipc: Resetting bearer <eth:syzkaller0>
[  107.831352][ T6097] tipc: Resetting bearer <eth:syzkaller0>
[  107.880597][ T6097] tipc: Disabling bearer <eth:syzkaller0>
[  107.923403][ T6114] netlink: 4 bytes leftover after parsing attributes in process `syz.4.47'.
[  110.346978][ T6132] netlink: 68 bytes leftover after parsing attributes in process `syz.3.55'.
[  111.367845][ T5830] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  111.719373][ T5830] usb 1-1: Using ep0 maxpacket: 16
[  111.736066][ T5830] usb 1-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  111.754395][ T5830] usb 1-1: config 0 interface 0 has no altsetting 0
[  111.762096][ T5830] usb 1-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00
[  111.771239][ T5830] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.806818][ T5830] usb 1-1: config 0 descriptor??
[  112.407251][ T6164] loop4: detected capacity change from 0 to 1024
[  112.414627][ T6164] EXT4-fs: Ignoring removed nomblk_io_submit option
[  113.055552][ T5830] usbhid 1-1:0.0: can't add hid device: -71
[  113.694682][ T5830] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  113.789261][ T6164] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  113.798106][ T6164] System zones: 0-1, 3-36
[  113.822478][ T6164] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.951360][ T6164] EXT4-fs error (device loop4): ext4_iget_extra_inode:5025: inode #15: comm syz.4.67: corrupted in-inode xattr: ea_inode specified without ea_inode feature enabled
[  114.501155][ T5830] usb 1-1: USB disconnect, device number 2
[  114.805957][ T6177] netlink: 4 bytes leftover after parsing attributes in process `syz.1.69'.
[  115.412846][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.907868][ T5830] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  116.057936][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  116.089775][ T5830] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.111693][ T5830] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  116.138101][ T5830] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  116.152930][ T5830] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  116.170008][ T5830] usb 3-1: SerialNumber: syz
[  116.199023][ T5830] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  116.228094][    T9] usb 1-1: Using ep0 maxpacket: 16
[  116.238083][    T9] usb 1-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  116.264488][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  116.278036][    T9] usb 1-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00
[  116.294934][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.353642][    T9] usb 1-1: config 0 descriptor??
[  116.396977][ T5830] usb 3-1: USB disconnect, device number 2
[  117.766360][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  117.917927][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  117.938698][    T9] usb 1-1: USB disconnect, device number 3
[  118.331987][ T6246] netlink: 4 bytes leftover after parsing attributes in process `syz.3.93'.
[  119.234051][ T6267] loop4: detected capacity change from 0 to 2048
[  119.479375][ T6267] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.513017][ T6272] xt_hashlimit: size too large, truncated to 1048576
[  119.522642][ T6267] ext4 filesystem being mounted at /12/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.899208][ T6277] xt_hashlimit: size too large, truncated to 1048576
[  120.382934][ T6285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.107'.
[  126.161717][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.750237][ T6335] loop1: detected capacity change from 0 to 2048
[  127.757551][ T6335] msdos: Unknown parameter '?��'
[  128.118535][ T6346] loop1: detected capacity change from 0 to 256
[  128.169928][ T6346] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  129.168268][ T6352] loop1: detected capacity change from 0 to 2048
[  130.098971][ T6352] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.264792][ T6352] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.393289][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.520080][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  133.532579][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  133.867354][ T6380] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  134.086672][ T6383] Zero length message leads to an empty skb
[  135.577893][ T5830] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  135.751581][ T5830] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  135.787841][ T5830] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  135.838307][  T982] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  135.894404][ T5830] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  135.954427][ T5830] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  135.978571][ T5830] usb 2-1: SerialNumber: syz
[  136.011058][ T5830] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  136.068006][  T982] usb 1-1: Using ep0 maxpacket: 16
[  136.098007][  T982] usb 1-1: config 0 interface 0 has no altsetting 0
[  136.124892][  T982] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  136.174003][  T982] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.217110][  T982] usb 1-1: config 0 descriptor??
[  136.259843][ T5830] usb 2-1: USB disconnect, device number 3
[  136.703106][ T6410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  136.730765][ T6410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.065236][ T5830] usb 1-1: USB disconnect, device number 4
[  137.799759][ T6426] loop0: detected capacity change from 0 to 2048
[  137.842781][ T6426] msdos: Unknown parameter '?��'
[  140.532134][ T6439] tipc: Started in network mode
[  140.577873][ T6439] tipc: Node identity ee6c7437a069, cluster identity 4711
[  140.588118][ T6439] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  140.657353][ T6446] syzkaller0: entered promiscuous mode
[  140.688127][ T6446] syzkaller0: entered allmulticast mode
[  140.898447][ T6446] tipc: Resetting bearer <eth:syzkaller0>
[  141.001877][ T6438] tipc: Resetting bearer <eth:syzkaller0>
[  141.168935][ T6438] tipc: Disabling bearer <eth:syzkaller0>
[  141.412313][ T6456] netlink: 4 bytes leftover after parsing attributes in process `syz.0.157'.
[  143.227791][   T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  143.381725][ T6478] xt_hashlimit: size too large, truncated to 1048576
[  143.399495][   T10] usb 1-1: Using ep0 maxpacket: 16
[  143.419594][   T10] usb 1-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  143.442822][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  143.452962][   T10] usb 1-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00
[  143.476534][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.643891][   T10] usb 1-1: config 0 descriptor??
[  144.132925][ T6488] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  144.284478][   T10] usbhid 1-1:0.0: can't add hid device: -71
[  144.297479][   T10] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  144.351323][   T10] usb 1-1: USB disconnect, device number 5
[  145.389720][ T6499] loop0: detected capacity change from 0 to 4096
[  145.420745][ T6499] EXT4-fs: Ignoring removed mblk_io_submit option
[  145.457250][ T6499] EXT4-fs (loop0): Test dummy encryption mode enabled
[  145.561418][ T6499] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.683988][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.187596][ T6522] xt_hashlimit: size too large, truncated to 1048576
[  147.291918][ T6525] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  147.338251][ T6528] netlink: 12 bytes leftover after parsing attributes in process `syz.1.180'.
[  148.157919][ T5975] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  148.338676][ T5975] usb 1-1: Using ep0 maxpacket: 16
[  148.539631][ T5975] usb 1-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  148.573496][ T5975] usb 1-1: config 0 interface 0 has no altsetting 0
[  148.653543][ T5975] usb 1-1: New USB device found, idVendor=1ea7, idProduct=0907, bcdDevice= 0.00
[  148.791869][ T5975] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  148.823620][ T5975] usb 1-1: config 0 descriptor??
[  150.399942][ T5975] semitek 0003:1EA7:0907.0002: hidraw0: USB HID v0.04 Device [HID 1ea7:0907] on usb-dummy_hcd.0-1/input0
[  150.544332][ T5975] usb 1-1: USB disconnect, device number 6
[  150.926547][ T6559] fido_id[6559]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  151.048949][ T6570] netlink: 12 bytes leftover after parsing attributes in process `syz.4.193'.
[  151.104237][ T6574] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  151.245674][ T6580] loop0: detected capacity change from 0 to 2048
[  151.313401][ T6580] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.327207][ T6580] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.751955][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.609921][ T6626] xt_hashlimit: size too large, truncated to 1048576
[  156.799531][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  156.999187][    T9] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  157.010087][    T9] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  157.039996][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  157.217671][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  157.237812][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  157.263526][    T9] usb 3-1: SerialNumber: syz
[  157.282741][    T9] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  157.491759][    T9] usb 3-1: USB disconnect, device number 3
[  157.885906][ T6641] loop0: detected capacity change from 0 to 2048
[  157.996350][ T6641] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.094946][ T6641] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.226433][ T6645] loop2: detected capacity change from 0 to 4096
[  158.255696][ T6645] EXT4-fs: Ignoring removed mblk_io_submit option
[  158.441845][ T6645] EXT4-fs (loop2): Test dummy encryption mode enabled
[  159.122869][ T6645] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.108904][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.473162][ T6664] netlink: 12 bytes leftover after parsing attributes in process `syz.2.217'.
[  160.488093][ T6666] netlink: 12 bytes leftover after parsing attributes in process `syz.4.220'.
[  160.810171][ T6673] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  160.861919][ T6676] syzkaller0: entered promiscuous mode
[  160.867510][ T6676] syzkaller0: entered allmulticast mode
[  160.992629][ T6672] tipc: Resetting bearer <eth:syzkaller0>
[  161.033678][ T6672] tipc: Disabling bearer <eth:syzkaller0>
[  161.059987][ T6680] netlink: 8 bytes leftover after parsing attributes in process `syz.4.224'.
[  161.128459][ T5830] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  161.309442][ T5830] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  161.328063][ T5830] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  161.348036][ T5830] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  161.527300][ T5830] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  161.536970][ T5830] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  162.131092][ T5830] usb 3-1: SerialNumber: syz
[  162.143350][ T5830] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  162.353806][ T5887] usb 3-1: USB disconnect, device number 4
[  162.426708][ T6688] loop1: detected capacity change from 0 to 4096
[  162.438397][ T6688] EXT4-fs: Ignoring removed mblk_io_submit option
[  162.467244][ T6688] EXT4-fs (loop1): Test dummy encryption mode enabled
[  162.538336][ T6688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.642539][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.645773][ T6694] netlink: 4 bytes leftover after parsing attributes in process `syz.2.229'.
[  165.021136][ T6708] netlink: 12 bytes leftover after parsing attributes in process `syz.1.233'.
[  165.285820][ T6717] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  165.312193][ T6717] syzkaller0: entered promiscuous mode
[  165.325690][ T6717] syzkaller0: entered allmulticast mode
[  165.343588][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.452796][ T6716] tipc: Resetting bearer <eth:syzkaller0>
[  165.611215][ T6716] tipc: Disabling bearer <eth:syzkaller0>
[  165.836057][ T6729] loop1: detected capacity change from 0 to 2048
[  165.913844][ T6729] msdos: Unknown parameter '?��'
[  165.997048][ T6729] loop1: detected capacity change from 0 to 256
[  166.030417][ T6729] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  167.361219][ T6744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.244'.
[  169.372587][ T6759] loop4: detected capacity change from 0 to 2048
[  169.423805][ T6759] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  169.482813][ T6759] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.599108][ T6776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.251'.
[  169.859959][ T6780] loop1: detected capacity change from 0 to 2048
[  169.879320][ T6780] msdos: Unknown parameter '?��'
[  169.924408][ T6780] loop1: detected capacity change from 0 to 256
[  169.941917][ T6780] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  170.461141][ T6788] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  170.494605][ T6786] syzkaller0: entered promiscuous mode
[  170.504842][ T6786] syzkaller0: entered allmulticast mode
[  170.618479][ T6785] tipc: Resetting bearer <eth:syzkaller0>
[  170.684394][ T6785] tipc: Disabling bearer <eth:syzkaller0>
[  171.258279][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  171.398903][ T6798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.256'.
[  171.449474][   T10] usb 2-1: Using ep0 maxpacket: 8
[  171.461717][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  171.488542][   T10] usb 2-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  171.511062][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.552806][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.564292][   T10] usb 2-1: config 0 descriptor??
[  171.586931][   T10] uvcvideo 2-1:0.0: Found UVC 0.00 device <unnamed> (2833:0201)
[  172.152292][   T10] uvcvideo 2-1:0.0: No valid video chain found.
[  172.234752][   T10] usb 2-1: USB disconnect, device number 4
[  172.360608][ T6808] overlayfs: overlapping lowerdir path
[  172.780254][ T6821] loop4: detected capacity change from 0 to 2048
[  172.801762][ T6821] msdos: Unknown parameter '?��'
[  173.380671][ T6831] loop4: detected capacity change from 0 to 2048
[  173.439281][ T6831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.487218][ T6831] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.521688][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.302958][ T6844] overlayfs: overlapping lowerdir path
[  176.379775][ T6855] loop2: detected capacity change from 0 to 2048
[  176.387069][ T6855] msdos: Unknown parameter '?��'
[  177.018921][ T6871] netlink: 4 bytes leftover after parsing attributes in process `syz.1.276'.
[  178.072871][ T6880] loop4: detected capacity change from 0 to 4096
[  178.086702][ T6880] EXT4-fs: Ignoring removed mblk_io_submit option
[  178.129888][ T6880] EXT4-fs (loop4): Test dummy encryption mode enabled
[  178.170758][ T6880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.317991][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.628766][ T6894] loop1: detected capacity change from 0 to 40427
[  180.691413][ T6894] f2fs: Unknown parameter 'whint_mode'
[  180.723310][ T6906] loop2: detected capacity change from 0 to 2048
[  180.772043][ T6906] msdos: Unknown parameter '?��'
[  180.927856][ T6906] loop2: detected capacity change from 0 to 256
[  180.962265][ T6906] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  181.280519][ T6911] loop1: detected capacity change from 0 to 128
[  181.462347][ T6911] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  181.668706][ T6911] ext4 filesystem being mounted at /70/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  182.256409][ T5824] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  182.265797][ T6924] loop4: detected capacity change from 0 to 4096
[  182.286790][ T6924] EXT4-fs: Ignoring removed mblk_io_submit option
[  182.299238][ T6931] netlink: 4 bytes leftover after parsing attributes in process `syz.2.293'.
[  182.309584][ T6924] EXT4-fs (loop4): Test dummy encryption mode enabled
[  182.386441][ T6924] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.632814][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.824493][ T6940] loop4: detected capacity change from 0 to 512
[  182.902468][ T6940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.105139][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.026974][ T6955] netlink: 1363 bytes leftover after parsing attributes in process `syz.2.300'.
[  185.931624][ T6971] netlink: 8 bytes leftover after parsing attributes in process `syz.3.304'.
[  186.974554][ T6982] loop0: detected capacity change from 0 to 2048
[  187.060584][ T6982] msdos: Unknown parameter '?��'
[  187.124916][ T6989] netlink: 4 bytes leftover after parsing attributes in process `syz.2.309'.
[  188.087822][  T982] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  188.279769][  T982] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.317764][  T982] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.327638][  T982] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  188.385085][  T982] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  188.407807][  T982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.450495][  T982] usb 5-1: config 0 descriptor??
[  188.932129][  T982] plantronics 0003:047F:FFFF.0003: reserved main item tag 0xd
[  188.974707][  T982] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  189.640309][   T10] usb 5-1: USB disconnect, device number 3
[  189.779825][ T7011] fido_id[7011]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  189.945621][ T7015] netlink: 8 bytes leftover after parsing attributes in process `syz.0.316'.
[  193.478602][ T7040] loop0: detected capacity change from 0 to 2048
[  193.488584][ T7040] msdos: Unknown parameter '?��'
[  193.543400][ T7040] loop0: detected capacity change from 0 to 256
[  193.576820][ T7040] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  194.423181][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.431026][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  196.470613][ T7056] loop1: detected capacity change from 0 to 40427
[  196.527798][ T7056] F2FS-fs (loop1): build fault injection rate: 174
[  196.534375][ T7056] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[  196.581482][ T7056] F2FS-fs (loop1): invalid crc value
[  196.811562][ T7056] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  196.865186][ T7056] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  197.333412][ T7056] syz.1.328: attempt to access beyond end of device
[  197.333412][ T7056] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  197.360191][ T7074] syz.1.328: attempt to access beyond end of device
[  197.360191][ T7074] loop1: rw=8390665, sector=45096, nr_sectors = 8 limit=40427
[  197.492076][ T5824] syz-executor: attempt to access beyond end of device
[  197.492076][ T5824] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  197.515233][ T5824] CPU: 1 UID: 0 PID: 5824 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  197.515264][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  197.515284][ T5824] Call Trace:
[  197.515292][ T5824]  <TASK>
[  197.515301][ T5824]  dump_stack_lvl+0xe8/0x150
[  197.515335][ T5824]  f2fs_handle_critical_error+0x37c/0x540
[  197.515369][ T5824]  f2fs_write_end_io+0xcdb/0xff0
[  197.515397][ T5824]  ? __submit_merged_bio+0x256/0x700
[  197.515438][ T5824]  __submit_merged_bio+0x256/0x700
[  197.515481][ T5824]  __submit_merged_write_cond+0x3c9/0x4e0
[  197.515514][ T5824]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  197.515564][ T5824]  f2fs_write_data_pages+0x2975/0x35e0
[  197.515631][ T5824]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  197.515712][ T5824]  ? check_path+0x21/0x40
[  197.515740][ T5824]  ? check_noncircular+0xda/0x150
[  197.515768][ T5824]  ? __pfx_usage_match+0x10/0x10
[  197.515792][ T5824]  ? __bfs+0x153/0x290
[  197.515814][ T5824]  ? __pfx_hlock_conflict+0x10/0x10
[  197.515862][ T5824]  ? lockdep_unlock+0x5d/0xd0
[  197.515882][ T5824]  ? __lock_acquire+0x146e/0x2cf0
[  197.515932][ T5824]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  197.515959][ T5824]  do_writepages+0x32e/0x550
[  197.515998][ T5824]  ? do_raw_spin_unlock+0xf5/0x210
[  197.516023][ T5824]  filemap_fdatawrite+0x1e9/0x2f0
[  197.516054][ T5824]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  197.516131][ T5824]  ? do_raw_spin_unlock+0xf5/0x210
[  197.516155][ T5824]  f2fs_sync_dirty_inodes+0x30e/0x860
[  197.516199][ T5824]  f2fs_write_checkpoint+0x9df/0x26a0
[  197.516286][ T5824]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  197.516384][ T5824]  kill_f2fs_super+0x314/0x720
[  197.516421][ T5824]  ? __pfx_kill_f2fs_super+0x10/0x10
[  197.516468][ T5824]  ? lockdep_hardirqs_on+0x7a/0x110
[  197.516516][ T5824]  deactivate_locked_super+0xbc/0x130
[  197.516552][ T5824]  cleanup_mnt+0x437/0x4d0
[  197.516574][ T5824]  ? _raw_spin_unlock_irq+0x23/0x50
[  197.516606][ T5824]  task_work_run+0x1d9/0x270
[  197.516634][ T5824]  ? __pfx_task_work_run+0x10/0x10
[  197.516672][ T5824]  exit_to_user_mode_loop+0xed/0x480
[  197.516703][ T5824]  ? rcu_is_watching+0x15/0xb0
[  197.516739][ T5824]  do_syscall_64+0x32d/0xf80
[  197.516767][ T5824]  ? trace_irq_disable+0x3b/0x150
[  197.516797][ T5824]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.516819][ T5824]  ? clear_bhb_loop+0x40/0x90
[  197.516847][ T5824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.516868][ T5824] RIP: 0033:0x7f1c9799d897
[  197.516894][ T5824] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  197.516911][ T5824] RSP: 002b:00007ffcd7e67c48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  197.516942][ T5824] RAX: 0000000000000000 RBX: 00007f1c97a31ef0 RCX: 00007f1c9799d897
[  197.516955][ T5824] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd7e67d00
[  197.516968][ T5824] RBP: 00007ffcd7e67d00 R08: 00007ffcd7e68d00 R09: 00000000ffffffff
[  197.516982][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd7e68d90
[  197.516994][ T5824] R13: 00007f1c97a31ef0 R14: 000000000003031c R15: 00007ffcd7e68dd0
[  197.517039][ T5824]  </TASK>
[  197.838162][ T5824] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  198.170951][ T7080] loop0: detected capacity change from 0 to 128
[  198.302945][ T7080] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  198.397602][ T7080] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  199.724354][ T7097] loop2: detected capacity change from 0 to 128
[  199.988136][ T7097] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  200.000785][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  200.079718][ T7100] loop4: detected capacity change from 0 to 2048
[  200.111175][ T7097] FAT-fs (loop2): error, invalid FAT chain (i_pos 548, last_block 8)
[  200.147003][ T7100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.188663][ T7097] FAT-fs (loop2): Filesystem has been set read-only
[  200.228818][ T7103] FAT-fs (loop2): error, corrupted file size (i_pos 548, 522)
[  200.236824][ T7105] fuse: Bad value for 'group_id'
[  200.248279][ T7100] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.298122][ T7105] fuse: Bad value for 'group_id'
[  201.246422][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.261728][ T7114] loop2: detected capacity change from 0 to 16
[  201.287643][ T7114] erofs (device loop2): invalid ishare xattr prefix id 0
[  201.312954][ T7115] netlink: 83 bytes leftover after parsing attributes in process `syz.1.345'.
[  202.580423][ T7132] loop0: detected capacity change from 0 to 1024
[  202.604520][ T7132] EXT4-fs: Ignoring removed orlov option
[  202.685047][ T7132] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.843449][   T29] kauditd_printk_skb: 32 callbacks suppressed
[  202.843467][   T29] audit: type=1804 audit(1772095761.417:44): pid=7132 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.349" name="/newroot/62/file1/bus" dev="loop0" ino=11 res=1 errno=0
[  202.905069][ T7142] fuse: Bad value for 'group_id'
[  202.924705][ T7142] fuse: Bad value for 'group_id'
[  203.013402][ T5823] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.840632][ T7153] loop2: detected capacity change from 0 to 16
[  203.920023][ T7153] erofs (device loop2): mounted with root inode @ nid 36.
[  204.783652][ T7172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.362'.
[  205.969877][ T7187] loop0: detected capacity change from 0 to 2048
[  206.070887][ T7187]  loop0: p1 < >
[  206.090458][ T7194] netlink: 4 bytes leftover after parsing attributes in process `syz.4.368'.
[  206.343439][ T7204] netlink: 128 bytes leftover after parsing attributes in process `syz.2.371'.
[  206.359985][ T7202] loop0: detected capacity change from 0 to 512
[  206.747509][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  206.762961][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  206.769312][ T5834] Bluetooth: hci1: command 0x0406 tx timeout
[  206.775498][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  206.786283][ T5836] Bluetooth: hci2: command 0x0406 tx timeout
[  207.530844][ T7217] loop0: detected capacity change from 0 to 512
[  207.877013][ T7217] FAT-fs (loop0): Directory bread(block 199916) failed
[  208.046777][ T7217] FAT-fs (loop0): Directory bread(block 199917) failed
[  208.153132][ T7217] FAT-fs (loop0): Directory bread(block 199918) failed
[  208.160088][ T7217] FAT-fs (loop0): Directory bread(block 199919) failed
[  208.166979][ T7217] FAT-fs (loop0): Directory bread(block 199920) failed
[  208.173919][ T7217] FAT-fs (loop0): Directory bread(block 199921) failed
[  208.182502][ T7217] FAT-fs (loop0): Directory bread(block 199922) failed
[  208.190097][ T7217] FAT-fs (loop0): Directory bread(block 199923) failed
[  208.682845][ T7230] loop4: detected capacity change from 0 to 256
[  209.344817][ T7230] FAT-fs (loop4): Directory bread(block 64) failed
[  209.358045][ T7230] FAT-fs (loop4): Directory bread(block 65) failed
[  209.364670][ T7230] FAT-fs (loop4): Directory bread(block 66) failed
[  209.388374][ T7230] FAT-fs (loop4): Directory bread(block 67) failed
[  209.399901][ T7207] loop2: detected capacity change from 0 to 40427
[  209.418661][ T7207] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  209.432933][ T7230] FAT-fs (loop4): Directory bread(block 68) failed
[  209.466741][ T7207] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  209.477848][ T7230] FAT-fs (loop4): Directory bread(block 69) failed
[  209.485783][ T7230] FAT-fs (loop4): Directory bread(block 70) failed
[  209.497179][ T7235] netlink: 12 bytes leftover after parsing attributes in process `syz.1.380'.
[  209.518028][ T7207] F2FS-fs (loop2): invalid crc_offset: 33558524
[  209.538105][ T7230] FAT-fs (loop4): Directory bread(block 71) failed
[  209.544815][ T7207] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4)
[  209.568338][ T7230] FAT-fs (loop4): Directory bread(block 72) failed
[  209.608089][ T7230] FAT-fs (loop4): Directory bread(block 73) failed
[  209.938129][ T7248] netlink: 4 bytes leftover after parsing attributes in process `syz.2.384'.
[  210.313374][ T7255] loop0: detected capacity change from 0 to 2048
[  210.343320][ T7255] msdos: Unknown parameter '?��'
[  212.072738][ T7274] loop4: detected capacity change from 0 to 2048
[  212.110483][ T7274] msdos: Unknown parameter '?��'
[  214.048994][ T7309] netlink: 4 bytes leftover after parsing attributes in process `syz.4.402'.
[  214.275271][ T7312] loop2: detected capacity change from 0 to 4096
[  214.355732][ T7312] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.563309][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.674138][ T7291] loop0: detected capacity change from 0 to 40427
[  214.692551][ T7291] F2FS-fs (loop0): build fault injection rate: 174
[  214.699396][ T7291] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  214.709086][ T7291] F2FS-fs (loop0): invalid crc value
[  214.953553][ T7291] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  214.984848][ T7291] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  215.050374][ T7308] loop1: detected capacity change from 0 to 40427
[  215.078981][ T7308] F2FS-fs (loop1): invalid crc value
[  215.309610][ T7308] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  215.357021][ T7308] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  215.467046][   T29] audit: type=1804 audit(1772095774.017:45): pid=7308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.404" name="/newroot/90/bus/bus" dev="loop1" ino=10 res=1 errno=0
[  215.718396][ T5823] syz-executor: attempt to access beyond end of device
[  215.718396][ T5823] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  215.752756][ T5823] CPU: 1 UID: 0 PID: 5823 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  215.752781][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  215.752792][ T5823] Call Trace:
[  215.752799][ T5823]  <TASK>
[  215.752807][ T5823]  dump_stack_lvl+0xe8/0x150
[  215.752839][ T5823]  f2fs_handle_critical_error+0x37c/0x540
[  215.752869][ T5823]  f2fs_write_end_io+0xcdb/0xff0
[  215.752894][ T5823]  ? __submit_merged_bio+0x256/0x700
[  215.752932][ T5823]  __submit_merged_bio+0x256/0x700
[  215.752962][ T5823]  __submit_merged_write_cond+0x3c9/0x4e0
[  215.752995][ T5823]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  215.753042][ T5823]  f2fs_write_data_pages+0x2975/0x35e0
[  215.753108][ T5823]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  215.753150][ T5823]  ? css_rstat_updated+0x23a/0x530
[  215.753205][ T5823]  ? check_noncircular+0xda/0x150
[  215.753244][ T5823]  ? lockdep_unlock+0x5d/0xd0
[  215.753263][ T5823]  ? __lock_acquire+0x146e/0x2cf0
[  215.753312][ T5823]  ? do_raw_spin_lock+0x12b/0x2f0
[  215.753343][ T5823]  ? do_raw_spin_unlock+0xf5/0x210
[  215.753363][ T5823]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  215.753389][ T5823]  do_writepages+0x32e/0x550
[  215.753426][ T5823]  ? do_raw_spin_unlock+0xf5/0x210
[  215.753452][ T5823]  filemap_fdatawrite+0x1e9/0x2f0
[  215.753482][ T5823]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  215.753559][ T5823]  ? do_raw_spin_unlock+0xf5/0x210
[  215.753585][ T5823]  f2fs_sync_dirty_inodes+0x30e/0x860
[  215.753629][ T5823]  f2fs_write_checkpoint+0x9df/0x26a0
[  215.753692][ T5823]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  215.753780][ T5823]  kill_f2fs_super+0x314/0x720
[  215.753814][ T5823]  ? __pfx_kill_f2fs_super+0x10/0x10
[  215.753854][ T5823]  ? lockdep_hardirqs_on+0x7a/0x110
[  215.753896][ T5823]  deactivate_locked_super+0xbc/0x130
[  215.753929][ T5823]  cleanup_mnt+0x437/0x4d0
[  215.753949][ T5823]  ? _raw_spin_unlock_irq+0x23/0x50
[  215.753977][ T5823]  task_work_run+0x1d9/0x270
[  215.754003][ T5823]  ? __pfx_task_work_run+0x10/0x10
[  215.754037][ T5823]  exit_to_user_mode_loop+0xed/0x480
[  215.754058][ T5823]  ? rcu_is_watching+0x15/0xb0
[  215.754089][ T5823]  do_syscall_64+0x32d/0xf80
[  215.754115][ T5823]  ? trace_irq_disable+0x3b/0x150
[  215.754142][ T5823]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.754161][ T5823]  ? clear_bhb_loop+0x40/0x90
[  215.754193][ T5823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.754212][ T5823] RIP: 0033:0x7fb14bd9d897
[  215.754230][ T5823] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  215.754245][ T5823] RSP: 002b:00007ffd535e9498 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  215.754264][ T5823] RAX: 0000000000000000 RBX: 00007fb14be31ef0 RCX: 00007fb14bd9d897
[  215.754277][ T5823] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd535e9550
[  215.754288][ T5823] RBP: 00007ffd535e9550 R08: 00007ffd535ea550 R09: 00000000ffffffff
[  215.754300][ T5823] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd535ea5e0
[  215.754311][ T5823] R13: 00007fb14be31ef0 R14: 000000000003493d R15: 00007ffd535ea620
[  215.754345][ T5823]  </TASK>
[  215.755221][ T5823] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  215.867954][ T5824] syz-executor: attempt to access beyond end of device
[  215.867954][ T5824] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  216.131512][ T7336] loop4: detected capacity change from 0 to 40427
[  216.158771][ T5824] CPU: 1 UID: 0 PID: 5824 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  216.158796][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  216.158807][ T5824] Call Trace:
[  216.158815][ T5824]  <TASK>
[  216.158823][ T5824]  dump_stack_lvl+0xe8/0x150
[  216.158854][ T5824]  f2fs_handle_critical_error+0x37c/0x540
[  216.158885][ T5824]  f2fs_write_end_io+0xcdb/0xff0
[  216.158929][ T5824]  __submit_merged_bio+0x256/0x700
[  216.158959][ T5824]  __submit_merged_write_cond+0x3c9/0x4e0
[  216.158990][ T5824]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  216.159036][ T5824]  f2fs_write_data_pages+0x2975/0x35e0
[  216.159060][ T5824]  ? rcu_is_watching+0x15/0xb0
[  216.159122][ T5824]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  216.159153][ T5824]  ? sched_balance_rq+0x4f38/0x5850
[  216.159231][ T5824]  ? __lock_acquire+0x6b5/0x2cf0
[  216.159271][ T5824]  ? __lock_acquire+0x6b5/0x2cf0
[  216.159300][ T5824]  ? do_raw_spin_lock+0x12b/0x2f0
[  216.159331][ T5824]  ? do_raw_spin_unlock+0xf5/0x210
[  216.159352][ T5824]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  216.159378][ T5824]  do_writepages+0x32e/0x550
[  216.159416][ T5824]  ? do_raw_spin_unlock+0xf5/0x210
[  216.159441][ T5824]  filemap_fdatawrite+0x1e9/0x2f0
[  216.159473][ T5824]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  216.159546][ T5824]  ? do_raw_spin_unlock+0xf5/0x210
[  216.159570][ T5824]  f2fs_sync_dirty_inodes+0x30e/0x860
[  216.159612][ T5824]  f2fs_write_checkpoint+0x9df/0x26a0
[  216.159672][ T5824]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  216.159754][ T5824]  kill_f2fs_super+0x314/0x720
[  216.159805][ T5824]  ? __pfx_kill_f2fs_super+0x10/0x10
[  216.159846][ T5824]  ? lockdep_hardirqs_on+0x7a/0x110
[  216.159901][ T5824]  deactivate_locked_super+0xbc/0x130
[  216.159933][ T5824]  cleanup_mnt+0x437/0x4d0
[  216.159952][ T5824]  ? _raw_spin_unlock_irq+0x23/0x50
[  216.159980][ T5824]  task_work_run+0x1d9/0x270
[  216.160005][ T5824]  ? __pfx_task_work_run+0x10/0x10
[  216.160037][ T5824]  exit_to_user_mode_loop+0xed/0x480
[  216.160059][ T5824]  ? rcu_is_watching+0x15/0xb0
[  216.160090][ T5824]  do_syscall_64+0x32d/0xf80
[  216.160115][ T5824]  ? trace_irq_disable+0x3b/0x150
[  216.160147][ T5824]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.160167][ T5824]  ? clear_bhb_loop+0x40/0x90
[  216.160191][ T5824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.160210][ T5824] RIP: 0033:0x7f1c9799d897
[  216.160228][ T5824] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  216.160243][ T5824] RSP: 002b:00007ffcd7e67c48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  216.160263][ T5824] RAX: 0000000000000000 RBX: 00007f1c97a31ef0 RCX: 00007f1c9799d897
[  216.160275][ T5824] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcd7e67d00
[  216.160287][ T5824] RBP: 00007ffcd7e67d00 R08: 00007ffcd7e68d00 R09: 00000000ffffffff
[  216.160300][ T5824] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcd7e68d90
[  216.160311][ T5824] R13: 00007f1c97a31ef0 R14: 0000000000034a75 R15: 00007ffcd7e68dd0
[  216.160342][ T5824]  </TASK>
[  216.160349][ T5824] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  216.487763][ T7336] F2FS-fs (loop4): Fix alignment : done, start(4096) end(16896) block(12288)
[  216.523109][ T7336] F2FS-fs (loop4): invalid crc value
[  216.715079][ T7336] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  216.738687][ T7336] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  217.049218][ T7352] tipc: Started in network mode
[  217.067936][ T7352] tipc: Node identity ac14142f, cluster identity 4711
[  217.098242][ T7352] tipc: New replicast peer: 0.0.0.0
[  217.104593][ T7352] tipc: Enabled bearer <udp:syz2>, priority 10
[  217.291187][ T7358] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  217.331117][ T7358] x_tables: duplicate underflow at hook 2
[  217.393273][ T7361] xt_CT: You must specify a L4 protocol and not use inversions on it
[  217.530842][ T7367] netlink: 32 bytes leftover after parsing attributes in process `syz.1.420'.
[  217.549917][ T7367] dummy0: entered promiscuous mode
[  217.645730][ T7372] netlink: 4 bytes leftover after parsing attributes in process `syz.2.419'.
[  218.036685][ T7382] netlink: 124 bytes leftover after parsing attributes in process `syz.3.422'.
[  218.333451][ T5887] tipc: Node number set to 2886997039
[  218.518852][ T7387] loop2: detected capacity change from 0 to 128
[  218.844324][ T7391] tipc: New replicast peer: 0.0.0.0
[  218.863890][ T7391] tipc: Enabled bearer <udp:syz2>, priority 10
[  219.010446][ T7380] loop1: detected capacity change from 0 to 40427
[  219.045023][ T7380] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  219.067765][ T7380] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  219.087339][ T7380] F2FS-fs (loop1): invalid crc value
[  219.795387][ T7380] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  219.863627][ T7380] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  219.891585][ T7380] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  219.978895][   T10] tipc: Node number set to 1308980279
[  220.005659][ T7380] F2FS-fs (loop1): Stopped filesystem due to reason: 0
[  220.681436][ T7400] loop2: detected capacity change from 0 to 40427
[  220.808758][ T7400] F2FS-fs: heap/no_heap options were deprecated
[  220.838343][ T7400] F2FS-fs (loop2): build fault injection rate: 19
[  220.844812][ T7400] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  220.893776][ T7400] F2FS-fs (loop2): invalid crc value
[  220.956673][ T7400] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  221.271909][ T7400] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  221.326068][ T7400] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  221.356737][ T7400] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  221.404607][ T7400] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060
[  221.486294][    C0] F2FS-fs (loop2): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  221.497116][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted syzkaller #0 PREEMPT(full) 
[  221.497142][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  221.497156][    C0] Call Trace:
[  221.497164][    C0]  <TASK>
[  221.497173][    C0]  dump_stack_lvl+0xe8/0x150
[  221.497208][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  221.497240][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  221.497268][    C0]  ? blk_update_request+0x57e/0xe60
[  221.497316][    C0]  blk_update_request+0x57e/0xe60
[  221.497374][    C0]  blk_mq_end_request+0x3e/0x70
[  221.497416][    C0]  blk_flush_complete_seq+0x678/0xcc0
[  221.497442][    C0]  flush_end_io+0xbaa/0xe60
[  221.497472][    C0]  __blk_mq_end_request+0x4f8/0x630
[  221.497505][    C0]  blk_done_softirq+0x10a/0x160
[  221.497533][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  221.497560][    C0]  handle_softirqs+0x22a/0x870
[  221.497587][    C0]  ? schedule+0x90/0x360
[  221.497609][    C0]  ? run_ksoftirqd+0x36/0x60
[  221.497642][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  221.497668][    C0]  run_ksoftirqd+0x36/0x60
[  221.497693][    C0]  smpboot_thread_fn+0x541/0xa50
[  221.497721][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  221.497756][    C0]  kthread+0x388/0x470
[  221.497782][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  221.497808][    C0]  ? __pfx_kthread+0x10/0x10
[  221.497827][    C0]  ret_from_fork+0x51e/0xb90
[  221.497855][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  221.497879][    C0]  ? __switch_to+0xc7d/0x1450
[  221.497904][    C0]  ? __pfx_kthread+0x10/0x10
[  221.497924][    C0]  ret_from_fork_asm+0x1a/0x30
[  221.497967][    C0]  </TASK>
[  221.497975][    C0] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  221.688412][ T5822] F2FS-fs (loop2): do_checkpoint failed err:-5, stop checkpoint
[  221.984546][ T7423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.435'.
[  222.949476][ T7432] xt_hashlimit: size too large, truncated to 1048576
[  222.990590][ T7434] tipc: Started in network mode
[  222.995509][ T7434] tipc: Node identity ac14142f, cluster identity 4711
[  223.023258][ T7434] tipc: New replicast peer: 0.0.0.0
[  223.034819][ T7434] tipc: Enabled bearer <udp:syz2>, priority 10
[  223.182373][ T7438] loop0: detected capacity change from 0 to 128
[  223.229977][ T7438] EXT4-fs (loop0): Test dummy encryption mode enabled
[  223.289672][ T7438] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  223.315658][ T7444] loop4: detected capacity change from 0 to 2048
[  223.454040][ T7438] ext4 filesystem being mounted at /82/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  223.482062][ T7444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.527844][ T7444] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.609384][ T7444] EXT4-fs (loop4): shut down requested (2)
[  223.711814][ T5823] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  223.779182][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.967959][ T7454] loop2: detected capacity change from 0 to 2048
[  223.975234][ T7454] msdos: Unknown parameter '?��'
[  224.147832][ T5887] tipc: Node number set to 2886997039
[  224.960964][ T7462] netlink: 12 bytes leftover after parsing attributes in process `syz.4.447'.
[  225.060105][ T7465] loop2: detected capacity change from 0 to 2048
[  225.067387][ T7465] msdos: Unknown parameter '?��'
[  226.229040][ T7478] netlink: 4 bytes leftover after parsing attributes in process `syz.4.450'.
[  227.155914][ T7488] xt_hashlimit: size too large, truncated to 1048576
[  227.574674][ T7498] loop0: detected capacity change from 0 to 2048
[  227.583015][ T7501] loop4: detected capacity change from 0 to 512
[  227.593253][ T7502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.459'.
[  227.605090][ T7498] msdos: Unknown parameter '?��'
[  227.636403][ T7501] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  227.688009][ T7501] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  227.693453][ T7498] loop0: detected capacity change from 0 to 256
[  227.809095][ T7498] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  227.903703][ T7501] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  227.955950][ T7512] loop2: detected capacity change from 0 to 512
[  227.998383][ T7501] EXT4-fs (loop4): 1 truncate cleaned up
[  228.059579][ T7501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.074086][ T7512] EXT4-fs: Ignoring removed bh option
[  228.182321][ T7512] EXT4-fs (loop2): 1 truncate cleaned up
[  228.216841][ T7512] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.347659][   T29] audit: type=1800 audit(1772095786.917:46): pid=7512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.462" name="file1" dev="loop2" ino=13 res=0 errno=0
[  228.506513][ T7526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.465'.
[  229.053692][ T7528] overlayfs: invalid origin (0000)
[  229.076936][ T7512] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.462: invalid indirect mapped block 4294967295 (level 1)
[  229.134971][ T7528] overlayfs: failed index dir cleanup (-512)
[  229.160665][ T7528] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  229.181658][ T7512] EXT4-fs (loop2): Remounting filesystem read-only
[  229.352392][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.380256][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.607204][ T7537] loop2: detected capacity change from 0 to 2048
[  229.628930][ T7537] msdos: Unknown parameter '?��'
[  230.564248][ T7545] loop1: detected capacity change from 0 to 128
[  230.728116][ T7547] loop2: detected capacity change from 0 to 512
[  230.773778][ T7547] EXT4-fs (loop2): Test dummy encryption mode enabled
[  230.791137][ T7547] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  230.936756][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.176188][ T7561] loop0: detected capacity change from 0 to 256
[  231.902407][ T7561] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d)
[  232.182836][ T7579] netlink: 4 bytes leftover after parsing attributes in process `syz.3.482'.
[  232.313472][ T7582] loop0: detected capacity change from 0 to 2048
[  232.342699][ T7582] msdos: Unknown parameter '?��'
[  232.526286][ T7582] loop0: detected capacity change from 0 to 256
[  232.547561][ T7582] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  233.878745][ T7568] loop4: detected capacity change from 0 to 40427
[  234.040327][ T7568] F2FS-fs (loop4): Wrong SIT boundary, start(1536) end(1) blocks(1024)
[  234.068162][ T7568] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  234.152913][ T7568] F2FS-fs (loop4): invalid crc value
[  234.322328][ T7600] fuse: Unknown parameter 'grou00000000000000000000'
[  234.360369][ T7568] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  234.401971][ T7568] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  234.429521][ T7568] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  234.554811][ T7604] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  234.765492][   T29] audit: type=1326 audit(1772095793.337:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  234.837814][   T29] audit: type=1326 audit(1772095793.367:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  234.927760][   T29] audit: type=1326 audit(1772095793.367:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  234.965628][   T29] audit: type=1326 audit(1772095793.367:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.022240][   T29] audit: type=1326 audit(1772095793.367:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.083605][   T29] audit: type=1326 audit(1772095793.367:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.156742][   T29] audit: type=1326 audit(1772095793.367:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.264535][  T796] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  235.340492][   T29] audit: type=1326 audit(1772095793.367:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=93 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.363008][   T29] audit: type=1326 audit(1772095793.367:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.393927][   T29] audit: type=1326 audit(1772095793.367:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff783b9c629 code=0x7ffc0000
[  235.478063][  T796] usb 1-1: Using ep0 maxpacket: 16
[  235.493480][  T796] usb 1-1: config 0 interface 0 has no altsetting 0
[  235.506207][  T796] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  235.537966][  T796] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.570650][  T796] usb 1-1: config 0 descriptor??
[  235.909202][ T7631] netlink: 4 bytes leftover after parsing attributes in process `syz.2.499'.
[  236.175865][  T796] hid (null): unknown global tag 0xc
[  236.301391][  T796] hid (null): usage index exceeded
[  236.422279][  T796] hid (null): unknown global tag 0xe
[  236.646697][  T796] usb 1-1: USB disconnect, device number 7
[  236.760895][ T7638] fuse: Unknown parameter 'grou00000000000000000000'
[  240.615437][ T7667] loop4: detected capacity change from 0 to 2048
[  240.708713][ T7667] msdos: Unknown parameter '?��'
[  244.734029][ T7708] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  245.223725][ T7719] netlink: 1363 bytes leftover after parsing attributes in process `syz.2.528'.
[  246.205474][ T7732] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  246.219040][ T7732] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  246.240077][ T7731] loop4: detected capacity change from 0 to 2048
[  246.258568][ T7731] msdos: Unknown parameter '?��'
[  247.501518][ T7750] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  248.527897][ T7760] loop1: detected capacity change from 0 to 2048
[  248.602484][ T6411]  loop1: p3 < > p4 < >
[  248.627188][ T6411] loop1: partition table partially beyond EOD, truncated
[  248.645434][ T6411] loop1: p3 start 4284160 is beyond EOD, truncated
[  248.747551][ T7760]  loop1: p3 < > p4 < >
[  248.772335][ T7760] loop1: partition table partially beyond EOD, truncated
[  248.810878][ T7760] loop1: p3 start 4284160 is beyond EOD, truncated
[  249.682978][ T7771] overlayfs: missing 'lowerdir'
[  249.713067][ T6411] udevd[6411]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  250.389350][ T7788] netlink: 4 bytes leftover after parsing attributes in process `syz.2.547'.
[  255.866594][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  255.874099][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  257.459400][ T7837] overlayfs: missing 'lowerdir'
[  257.928956][ T7848] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'.
[  258.012496][ T7843] loop1: detected capacity change from 0 to 2048
[  258.026358][ T7849] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  258.073727][ T7843] msdos: Unknown parameter '?��'
[  261.050026][ T7878] loop2: detected capacity change from 0 to 2048
[  261.050916][ T7878] msdos: Unknown parameter '?��'
[  261.086260][ T7878] loop2: detected capacity change from 0 to 256
[  261.086724][ T7878] exfat: Unknown parameter 'x���?�A�1w�S�ł��qZY�H��Z�p��a�٤�o#����\�쒻��1q�<�yɛ�o��)���������/����$B��F�Թӯ�U��.'
[  264.652041][ T7911] loop2: detected capacity change from 0 to 512
[  264.701510][ T7911] EXT4-fs: Ignoring removed nobh option
[  264.803680][ T7911] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.857863][ T7911] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  265.056265][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.258823][ T7922] fuse: Unknown parameter 'group_id00000000000000000000'
[  265.464338][ T7924] loop0: detected capacity change from 0 to 2048
[  265.528693][ T7924] msdos: Unknown parameter '?��'
[  266.437741][ T7931] loop4: detected capacity change from 0 to 2048
[  266.665003][ T7931] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.748152][ T7931] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.817212][ T7943] overlayfs: failed to resolve './file0': -2
[  270.484788][ T5821] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.586550][ T7969] fuse: Unknown parameter 'group_id00000000000000000000'
[  270.966407][ T5887] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  271.237950][ T5887] usb 5-1: Using ep0 maxpacket: 32
[  271.291429][ T5887] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  271.376782][ T5887] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  271.492529][ T5887] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  271.538981][ T5887] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  271.573887][ T5887] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  271.624143][ T5887] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  271.678368][ T5887] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  271.687421][ T5887] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.758483][ T5887] usb 5-1: config 0 descriptor??
[  272.017915][ T5887] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  272.097505][ T5887] usb 5-1: USB disconnect, device number 4
[  272.417367][ T5887] usblp0: removed
[  272.623202][ T7990] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'.
[  272.738094][ T5887] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  272.937746][ T5887] usb 5-1: Using ep0 maxpacket: 32
[  272.944890][ T5887] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  272.963613][ T5887] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  273.017110][ T5887] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  273.036497][ T5887] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  273.056731][ T5887] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  273.077029][ T5887] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  273.107732][ T5887] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  273.127823][ T5887] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.160570][ T5887] usb 5-1: config 0 descriptor??
[  273.388477][ T5887] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  274.314581][  T796] usb 5-1: USB disconnect, device number 5
[  274.480413][  T796] usblp0: removed
[  275.542297][ T8013] overlayfs: missing 'workdir'
[  275.584704][ T7994] loop0: detected capacity change from 0 to 40427
[  275.718332][ T7994] F2FS-fs (loop0): build fault injection rate: 174
[  275.747500][ T7994] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  275.797699][ T7994] F2FS-fs (loop0): invalid crc value
[  275.852464][ T7994] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-4)
[  275.881466][ T8015] fuse: Bad value for 'user_id'
[  275.910125][ T8015] fuse: Bad value for 'user_id'
[  276.472684][ T8020] loop2: detected capacity change from 0 to 512
[  276.565509][ T8020] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.590905][ T8020] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  277.491603][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  277.491621][   T29] audit: type=1800 audit(1772095836.067:60): pid=8029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.614" name="file1" dev="loop2" ino=15 res=0 errno=0
[  278.952001][ T8050] overlayfs: missing 'workdir'
[  279.292365][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.294622][ T8056] loop1: detected capacity change from 0 to 2048
[  279.464782][ T8056] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.501699][ T8056] ext4 filesystem being mounted at /122/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.399652][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.366600][ T8095] overlayfs: failed to clone upperpath
[  284.744668][ T8113] loop2: detected capacity change from 0 to 512
[  284.778999][ T8113] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  284.826555][ T8113] EXT4-fs (loop2): 1 truncate cleaned up
[  284.878538][ T8113] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.149208][ T5822] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.186552][ T8119] loop1: detected capacity change from 0 to 2048
[  285.262035][ T8119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.933126][ T8119] ext4 filesystem being mounted at /127/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.215134][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.383254][ T8142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.647'.
[  287.926633][ T8164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.654'.
[  292.018654][ T8205] netlink: 4 bytes leftover after parsing attributes in process `syz.4.667'.
[  292.207114][ T8184] loop2: detected capacity change from 0 to 40427
[  292.235138][ T8184] F2FS-fs (loop2): Mismatch start address, segment0(512) cp_blkaddr(918016)
[  292.262934][ T8184] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  292.280754][ T8184] F2FS-fs (loop2): invalid crc value
[  292.403880][ T8184] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  292.414415][ T8184] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  292.422280][ T8184] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  292.525822][ T5822] syz-executor: attempt to access beyond end of device
[  292.525822][ T5822] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  292.561022][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  292.561045][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  292.561066][ T5822] Call Trace:
[  292.561073][ T5822]  <TASK>
[  292.561081][ T5822]  dump_stack_lvl+0xe8/0x150
[  292.561113][ T5822]  f2fs_handle_critical_error+0x37c/0x540
[  292.561142][ T5822]  f2fs_write_end_io+0xcdb/0xff0
[  292.561187][ T5822]  __submit_merged_bio+0x256/0x700
[  292.561216][ T5822]  __submit_merged_write_cond+0x3c9/0x4e0
[  292.561247][ T5822]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  292.561294][ T5822]  f2fs_write_data_pages+0x2975/0x35e0
[  292.561356][ T5822]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  292.561396][ T5822]  ? css_rstat_updated+0x23a/0x530
[  292.561444][ T5822]  ? rcu_is_watching+0x15/0xb0
[  292.561470][ T5822]  ? mod_memcg_lruvec_state+0x1b8/0x360
[  292.561501][ T5822]  ? __lock_acquire+0x6b5/0x2cf0
[  292.561541][ T5822]  ? __lock_acquire+0x6b5/0x2cf0
[  292.561570][ T5822]  ? do_raw_spin_lock+0x12b/0x2f0
[  292.561601][ T5822]  ? do_raw_spin_unlock+0xf5/0x210
[  292.561621][ T5822]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  292.561646][ T5822]  do_writepages+0x32e/0x550
[  292.561683][ T5822]  ? do_raw_spin_unlock+0xf5/0x210
[  292.561708][ T5822]  filemap_fdatawrite+0x1e9/0x2f0
[  292.561738][ T5822]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  292.561812][ T5822]  ? do_raw_spin_unlock+0xf5/0x210
[  292.561837][ T5822]  f2fs_sync_dirty_inodes+0x30e/0x860
[  292.561878][ T5822]  f2fs_write_checkpoint+0x9df/0x26a0
[  292.561944][ T5822]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  292.562035][ T5822]  kill_f2fs_super+0x314/0x720
[  292.562067][ T5822]  ? __pfx_kill_f2fs_super+0x10/0x10
[  292.562106][ T5822]  ? lockdep_hardirqs_on+0x7a/0x110
[  292.562146][ T5822]  deactivate_locked_super+0xbc/0x130
[  292.562177][ T5822]  cleanup_mnt+0x437/0x4d0
[  292.562195][ T5822]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.562223][ T5822]  task_work_run+0x1d9/0x270
[  292.562247][ T5822]  ? __pfx_task_work_run+0x10/0x10
[  292.562278][ T5822]  exit_to_user_mode_loop+0xed/0x480
[  292.562299][ T5822]  ? rcu_is_watching+0x15/0xb0
[  292.562329][ T5822]  do_syscall_64+0x32d/0xf80
[  292.562353][ T5822]  ? trace_irq_disable+0x3b/0x150
[  292.562379][ T5822]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.562397][ T5822]  ? clear_bhb_loop+0x40/0x90
[  292.562420][ T5822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.562438][ T5822] RIP: 0033:0x7ff783b9d897
[  292.562455][ T5822] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  292.562469][ T5822] RSP: 002b:00007ffe04d329d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  292.562487][ T5822] RAX: 0000000000000000 RBX: 00007ff783c31ef0 RCX: 00007ff783b9d897
[  292.562499][ T5822] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe04d32a90
[  292.562510][ T5822] RBP: 00007ffe04d32a90 R08: 00007ffe04d33a90 R09: 00000000ffffffff
[  292.562522][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe04d33b20
[  292.562532][ T5822] R13: 00007ff783c31ef0 R14: 000000000004764e R15: 00007ffe04d33b60
[  292.562564][ T5822]  </TASK>
[  292.564913][ T5822] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  292.941175][ T8214] loop1: detected capacity change from 0 to 512
[  292.977791][ T8214] EXT4-fs (loop1): Test dummy encryption mode enabled
[  292.995649][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  292.995671][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  292.995682][ T5822] Call Trace:
[  292.995689][ T5822]  <TASK>
[  292.995696][ T5822]  dump_stack_lvl+0xe8/0x150
[  292.995726][ T5822]  f2fs_handle_critical_error+0x37c/0x540
[  292.995755][ T5822]  f2fs_write_end_io+0xcdb/0xff0
[  292.995798][ T5822]  __submit_merged_bio+0x256/0x700
[  292.995827][ T5822]  __submit_merged_write_cond+0x3c9/0x4e0
[  292.995858][ T5822]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  292.995914][ T5822]  f2fs_write_data_pages+0x2975/0x35e0
[  292.995975][ T5822]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  292.996014][ T5822]  ? css_rstat_updated+0x23a/0x530
[  292.996061][ T5822]  ? rcu_is_watching+0x15/0xb0
[  292.996087][ T5822]  ? mod_memcg_lruvec_state+0x1b8/0x360
[  292.996116][ T5822]  ? __lock_acquire+0x6b5/0x2cf0
[  292.996154][ T5822]  ? __lock_acquire+0x6b5/0x2cf0
[  292.996182][ T5822]  ? do_raw_spin_lock+0x12b/0x2f0
[  292.996214][ T5822]  ? do_raw_spin_unlock+0xf5/0x210
[  292.996233][ T5822]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  292.996258][ T5822]  do_writepages+0x32e/0x550
[  292.996317][ T5822]  ? do_raw_spin_unlock+0xf5/0x210
[  292.996345][ T5822]  filemap_fdatawrite+0x1e9/0x2f0
[  292.996380][ T5822]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  292.996468][ T5822]  ? do_raw_spin_unlock+0xf5/0x210
[  292.996497][ T5822]  f2fs_sync_dirty_inodes+0x30e/0x860
[  292.996546][ T5822]  f2fs_write_checkpoint+0x9df/0x26a0
[  292.996618][ T5822]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  292.996716][ T5822]  kill_f2fs_super+0x314/0x720
[  292.996753][ T5822]  ? __pfx_kill_f2fs_super+0x10/0x10
[  292.996799][ T5822]  ? lockdep_hardirqs_on+0x7a/0x110
[  292.996859][ T5822]  deactivate_locked_super+0xbc/0x130
[  292.996902][ T5822]  cleanup_mnt+0x437/0x4d0
[  292.996923][ T5822]  ? _raw_spin_unlock_irq+0x23/0x50
[  292.996956][ T5822]  task_work_run+0x1d9/0x270
[  292.996984][ T5822]  ? __pfx_task_work_run+0x10/0x10
[  292.997021][ T5822]  exit_to_user_mode_loop+0xed/0x480
[  292.997044][ T5822]  ? rcu_is_watching+0x15/0xb0
[  292.997079][ T5822]  do_syscall_64+0x32d/0xf80
[  292.997107][ T5822]  ? trace_irq_disable+0x3b/0x150
[  292.997138][ T5822]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.997159][ T5822]  ? clear_bhb_loop+0x40/0x90
[  292.997186][ T5822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  292.997207][ T5822] RIP: 0033:0x7ff783b9d897
[  292.997227][ T5822] Code: a2 c7 05 5c ee 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  292.997244][ T5822] RSP: 002b:00007ffe04d329d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  292.997266][ T5822] RAX: 0000000000000000 RBX: 00007ff783c31ef0 RCX: 00007ff783b9d897
[  292.997279][ T5822] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe04d32a90
[  292.997292][ T5822] RBP: 00007ffe04d32a90 R08: 00007ffe04d33a90 R09: 00000000ffffffff
[  292.997305][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe04d33b20
[  292.997318][ T5822] R13: 00007ff783c31ef0 R14: 000000000004764e R15: 00007ffe04d33b60
[  292.997356][ T5822]  </TASK>
[  293.030675][ T8214] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  293.035606][ T5822] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  293.329373][ T8221] netlink: 4 bytes leftover after parsing attributes in process `syz.4.671'.
[  293.358445][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.707878][ T5837] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  294.716794][ T5837] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  294.832435][ T5837] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  294.896270][ T5837] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  294.907453][ T5837] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  296.711871][ T8252] ------------[ cut here ]------------
[  296.717391][ T8252] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000)
[  296.743494][ T8252] WARNING: kernel/bpf/verifier.c:2767 at reg_bounds_sanity_check+0x201/0xc30, CPU#1: syz.4.679/8252
[  296.754316][ T8252] Modules linked in:
[  296.758254][ T8252] CPU: 1 UID: 0 PID: 8252 Comm: syz.4.679 Not tainted syzkaller #0 PREEMPT(full) 
[  296.768365][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  296.778481][ T8252] RIP: 0010:reg_bounds_sanity_check+0x3e6/0xc30
[  296.784741][ T8252] Code: 98 00 00 00 4c 8b 8c 24 88 00 00 00 41 ff 34 24 41 57 55 41 55 ff b4 24 f0 00 00 00 ff b4 24 a8 00 00 00 ff b4 24 c0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 49 bf 00 00 00 00 00 fc ff df 48 8b 84
[  296.804409][ T8252] RSP: 0018:ffffc900064ceeb0 EFLAGS: 00010246
[  296.810529][ T8252] RAX: dffffc0000000000 RBX: 1ffff1100c73c64a RCX: 00000000ffffdfcd
[  296.818731][ T8252] RDX: ffffffff8bd472c0 RSI: ffffffff8bd4fbc0 RDI: ffffffff9015ee90
[  296.826831][ T8252] RBP: 00000000ffffdfcc R08: ffffffffffffdfcc R09: 80000000ffffdfcd
[  296.835656][ T8252] R10: ffff8880639e3358 R11: 1ffff1100c73c650 R12: ffff8880639e3250
[  296.844387][ T8252] R13: 00000000ffffdfcd R14: 1ffff1100c73c649 R15: 00000000ffffdfcc
[  296.852455][ T8252] FS:  00007f7ed4c5d6c0(0000) GS:ffff888125555000(0000) knlGS:0000000000000000
[  296.861460][ T8252] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  296.868086][ T8252] CR2: 00007f7ed4c3cd58 CR3: 00000000780dc000 CR4: 00000000003526f0
[  296.876098][ T8252] Call Trace:
[  296.879427][ T8252]  <TASK>
[  296.882398][ T8252]  reg_set_min_max+0x264/0x340
[  296.887195][ T8252]  check_cond_jmp_op+0x1db5/0x31a0
[  296.892382][ T8252]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  296.897940][ T8252]  ? compute_scc_callchain+0x2f9/0x350
[  296.903424][ T8252]  ? bpf_reset_stack_write_marks+0x1eb/0x260
[  296.909464][ T8252]  do_check+0x7938/0x10670
[  296.913936][ T8252]  ? irqentry_exit+0x59e/0x620
[  296.918770][ T8252]  ? __pfx_do_check+0x10/0x10
[  296.923466][ T8252]  ? init_func_state+0x1ab2/0x28d0
[  296.928632][ T8252]  do_check_common+0x19c8/0x25b0
[  296.934406][ T8252]  bpf_check+0x5f3e/0x1ce00
[  296.939508][ T8252]  ? plist_check_list+0x2f4/0x310
[  296.944590][ T8252]  ? kvm_sched_clock_read+0x11/0x20
[  296.949849][ T8252]  ? finish_task_switch+0x240/0x920
[  296.955073][ T8252]  ? rcu_is_watching+0x15/0xb0
[  296.959908][ T8252]  ? trace_sched_exit_tp+0x3a/0x150
[  296.965130][ T8252]  ? __schedule+0x15f3/0x5300
[  296.969870][ T8252]  ? __pfx___schedule+0x10/0x10
[  296.974756][ T8252]  ? rcu_is_watching+0x15/0xb0
[  296.979727][ T8252]  ? __pfx___schedule+0x10/0x10
[  296.984607][ T8252]  ? __pfx_bpf_check+0x10/0x10
[  296.989425][ T8252]  ? irqentry_exit+0x59e/0x620
[  296.994236][ T8252]  ? lockdep_hardirqs_on+0x7a/0x110
[  296.999531][ T8252]  ? irqentry_exit+0x59e/0x620
[  297.004321][ T8252]  ? trace_irq_disable+0x3b/0x150
[  297.009426][ T8252]  ? __asan_memset+0x22/0x50
[  297.014046][ T8252]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  297.019283][ T8252]  ? security_bpf_prog_load+0x125/0x3c0
[  297.024851][ T8252]  bpf_prog_load+0x1484/0x1ae0
[  297.029682][ T8252]  ? __pfx_bpf_prog_load+0x10/0x10
[  297.035658][ T8252]  ? trace_irq_disable+0x3b/0x150
[  297.041304][ T8252]  ? rep_movs_alternative+0x4c/0x90
[  297.046569][ T8252]  ? bpf_lsm_bpf+0x9/0x20
[  297.050960][ T8252]  ? security_bpf+0x7e/0x2d0
[  297.055577][ T8252]  __sys_bpf+0x618/0x950
[  297.059877][ T8252]  ? __pfx___sys_bpf+0x10/0x10
[  297.064692][ T8252]  __x64_sys_bpf+0x7c/0x90
[  297.069156][ T8252]  do_syscall_64+0x14d/0xf80
[  297.073770][ T8252]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.079896][ T8252]  ? clear_bhb_loop+0x40/0x90
[  297.084595][ T8252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.090517][ T8252] RIP: 0033:0x7f7ed3d9c629
[  297.094962][ T8252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  297.114630][ T8252] RSP: 002b:00007f7ed4c5d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  297.123085][ T8252] RAX: ffffffffffffffda RBX: 00007f7ed4016180 RCX: 00007f7ed3d9c629
[  297.131103][ T8252] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  297.140309][ T8252] RBP: 00007f7ed3e32b39 R08: 0000000000000000 R09: 0000000000000000
[  297.148903][ T8252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  297.156904][ T8252] R13: 00007f7ed4016218 R14: 00007f7ed4016180 R15: 00007ffc18a7a1b8
[  297.164959][ T8252]  </TASK>
[  297.168087][ T8252] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  297.175380][ T8252] CPU: 1 UID: 0 PID: 8252 Comm: syz.4.679 Not tainted syzkaller #0 PREEMPT(full) 
[  297.184595][ T8252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  297.194658][ T8252] Call Trace:
[  297.197949][ T8252]  <TASK>
[  297.200899][ T8252]  vpanic+0x56c/0xa60
[  297.204906][ T8252]  ? __pfx__printk+0x10/0x10
[  297.209515][ T8252]  ? __pfx_vpanic+0x10/0x10
[  297.214035][ T8252]  ? is_bpf_text_address+0x292/0x2b0
[  297.219334][ T8252]  ? is_bpf_text_address+0x26/0x2b0
[  297.224553][ T8252]  panic+0xc5/0xd0
[  297.228294][ T8252]  ? __pfx_panic+0x10/0x10
[  297.232741][ T8252]  __warn+0x315/0x4f0
[  297.236748][ T8252]  ? reg_bounds_sanity_check+0x201/0xc30
[  297.242419][ T8252]  ? reg_bounds_sanity_check+0x201/0xc30
[  297.248077][ T8252]  __report_bug+0x29a/0x540
[  297.252603][ T8252]  ? __pfx_stack_trace_save+0x10/0x10
[  297.257992][ T8252]  ? reg_bounds_sanity_check+0x201/0xc30
[  297.263644][ T8252]  ? __pfx___report_bug+0x10/0x10
[  297.268691][ T8252]  ? check_cond_jmp_op+0x1c55/0x31a0
[  297.274002][ T8252]  ? do_check+0x7938/0x10670
[  297.278609][ T8252]  ? do_check_common+0x19c8/0x25b0
[  297.283737][ T8252]  ? bpf_check+0x5f3e/0x1ce00
[  297.288446][ T8252]  ? bpf_prog_load+0x1484/0x1ae0
[  297.293394][ T8252]  ? __sys_bpf+0x618/0x950
[  297.297927][ T8252]  ? __x64_sys_bpf+0x7c/0x90
[  297.302555][ T8252]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.308662][ T8252]  report_bug_entry+0x19a/0x290
[  297.313541][ T8252]  ? reg_bounds_sanity_check+0x3e6/0xc30
[  297.319189][ T8252]  ? reg_bounds_sanity_check+0x3eb/0xc30
[  297.324839][ T8252]  handle_bug+0xce/0x200
[  297.329094][ T8252]  exc_invalid_op+0x1a/0x50
[  297.333616][ T8252]  asm_exc_invalid_op+0x1a/0x20
[  297.338473][ T8252] RIP: 0010:reg_bounds_sanity_check+0x3e6/0xc30
[  297.344722][ T8252] Code: 98 00 00 00 4c 8b 8c 24 88 00 00 00 41 ff 34 24 41 57 55 41 55 ff b4 24 f0 00 00 00 ff b4 24 a8 00 00 00 ff b4 24 c0 00 00 00 <67> 48 0f b9 3a 48 83 c4 38 49 bf 00 00 00 00 00 fc ff df 48 8b 84
[  297.364343][ T8252] RSP: 0018:ffffc900064ceeb0 EFLAGS: 00010246
[  297.370423][ T8252] RAX: dffffc0000000000 RBX: 1ffff1100c73c64a RCX: 00000000ffffdfcd
[  297.378398][ T8252] RDX: ffffffff8bd472c0 RSI: ffffffff8bd4fbc0 RDI: ffffffff9015ee90
[  297.386381][ T8252] RBP: 00000000ffffdfcc R08: ffffffffffffdfcc R09: 80000000ffffdfcd
[  297.394363][ T8252] R10: ffff8880639e3358 R11: 1ffff1100c73c650 R12: ffff8880639e3250
[  297.402341][ T8252] R13: 00000000ffffdfcd R14: 1ffff1100c73c649 R15: 00000000ffffdfcc
[  297.410367][ T8252]  reg_set_min_max+0x264/0x340
[  297.415176][ T8252]  check_cond_jmp_op+0x1db5/0x31a0
[  297.420309][ T8252]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  297.425778][ T8252]  ? compute_scc_callchain+0x2f9/0x350
[  297.431243][ T8252]  ? bpf_reset_stack_write_marks+0x1eb/0x260
[  297.437243][ T8252]  do_check+0x7938/0x10670
[  297.441701][ T8252]  ? irqentry_exit+0x59e/0x620
[  297.446497][ T8252]  ? __pfx_do_check+0x10/0x10
[  297.451192][ T8252]  ? init_func_state+0x1ab2/0x28d0
[  297.456333][ T8252]  do_check_common+0x19c8/0x25b0
[  297.461324][ T8252]  bpf_check+0x5f3e/0x1ce00
[  297.465847][ T8252]  ? plist_check_list+0x2f4/0x310
[  297.470892][ T8252]  ? kvm_sched_clock_read+0x11/0x20
[  297.476114][ T8252]  ? finish_task_switch+0x240/0x920
[  297.481324][ T8252]  ? rcu_is_watching+0x15/0xb0
[  297.486098][ T8252]  ? trace_sched_exit_tp+0x3a/0x150
[  297.491313][ T8252]  ? __schedule+0x15f3/0x5300
[  297.496002][ T8252]  ? __pfx___schedule+0x10/0x10
[  297.500865][ T8252]  ? rcu_is_watching+0x15/0xb0
[  297.505647][ T8252]  ? __pfx___schedule+0x10/0x10
[  297.510524][ T8252]  ? __pfx_bpf_check+0x10/0x10
[  297.515316][ T8252]  ? irqentry_exit+0x59e/0x620
[  297.520094][ T8252]  ? lockdep_hardirqs_on+0x7a/0x110
[  297.525310][ T8252]  ? irqentry_exit+0x59e/0x620
[  297.530084][ T8252]  ? trace_irq_disable+0x3b/0x150
[  297.535131][ T8252]  ? __asan_memset+0x22/0x50
[  297.539738][ T8252]  ? bpf_lsm_bpf_prog_load+0x9/0x20
[  297.544947][ T8252]  ? security_bpf_prog_load+0x125/0x3c0
[  297.550516][ T8252]  bpf_prog_load+0x1484/0x1ae0
[  297.555298][ T8252]  ? __pfx_bpf_prog_load+0x10/0x10
[  297.560410][ T8252]  ? trace_irq_disable+0x3b/0x150
[  297.565464][ T8252]  ? rep_movs_alternative+0x4c/0x90
[  297.570669][ T8252]  ? bpf_lsm_bpf+0x9/0x20
[  297.575006][ T8252]  ? security_bpf+0x7e/0x2d0
[  297.579603][ T8252]  __sys_bpf+0x618/0x950
[  297.583861][ T8252]  ? __pfx___sys_bpf+0x10/0x10
[  297.588659][ T8252]  __x64_sys_bpf+0x7c/0x90
[  297.593086][ T8252]  do_syscall_64+0x14d/0xf80
[  297.597687][ T8252]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.603764][ T8252]  ? clear_bhb_loop+0x40/0x90
[  297.608456][ T8252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.614350][ T8252] RIP: 0033:0x7f7ed3d9c629
[  297.618776][ T8252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  297.638387][ T8252] RSP: 002b:00007f7ed4c5d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  297.646811][ T8252] RAX: ffffffffffffffda RBX: 00007f7ed4016180 RCX: 00007f7ed3d9c629
[  297.654800][ T8252] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  297.662777][ T8252] RBP: 00007f7ed3e32b39 R08: 0000000000000000 R09: 0000000000000000
[  297.670760][ T8252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  297.678736][ T8252] R13: 00007f7ed4016218 R14: 00007f7ed4016180 R15: 00007ffc18a7a1b8
[  297.686730][ T8252]  </TASK>
[  297.690395][ T8252] Kernel Offset: disabled
[  297.694723][ T8252] Rebooting in 86400 seconds..