last executing test programs:

2m11.573766776s ago: executing program 0 (id=151):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x800092, &(0x7f0000000bc0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c757466383d312c696f636861727365743d69736f383835392d31332c636865636b3d7374726963742c726f6469722c757466383d302c756e695f786c6174653d312c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d63703835352c73686f72746e616d653d77696e39352c726f6469722c6e6e6f6e756d7461696c3d312c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d312c757466383d302c756e695f786c6174653d302c0500695f786c6174653d312c696f636861727365743d6370313235352c757466383d302c646566636f6e7465010000006e636f6e66696e65645f752c00", @ANYRESDEC], 0x46, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
capset(0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x2})
socket$packet(0x11, 0x3, 0x300)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/packet\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x8, 0x0, 0x0)
pread64(r0, &(0x7f00000003c0)=""/179, 0xb3, 0x40)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2m10.267328296s ago: executing program 0 (id=155):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x840, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x1, 0x24e, &(0x7f00000007c0)="$eJzs3U9oHFUcB/DfzO4aN1kk/jkIggoiooEQb4KXeFEISAgiggoRES9KIsQEb1lPXjzoWSUnL0G8GXssuYReWgo9pW0O6aXQhh4aemgPU3ZnU9Jm0wZmu1M6nw9MsjPz3vzeMPt9s5dhAqis8YiYjohaRExERCMiksMNXs+X8d7qWnNrPiLLPrmRdNvl67mDfmMR0Y6I9yJiM03iu3rEysYXu7e2P3rr1+XGm39vfN4c6kn27O3ufLz/1+wv/828u3LuwrXZJKajdd95DV7SZ1s9iXjhcRR7QiT1skfAScz99O/FTu5fjIg3uvlvRBr5xftt6ZnNRrzz53F9f79+/pVhjhUYvCxrdO6B7QyonDQiWpGkkxGRf07Tycn8N/yl2mj6/eLSjxPfLi4vfFP2TAUMSiti58NTI/+PPZD/q7U8/8BT6KUky3r5/3Ru/XJn036t7EEBA9I+SaNO/ie+Wn075B8qR/6huuQfqkv+oboelv+0pDEBw+H+D9Ul/1Bd8g/VJf9QXfIP1XU4/wBAtWQjZT+BDJSl7PkHAAAAAAAAAAAAAAAAAAA4aq25NX+wDKvmmT8i9j6IiHq/+rXeewie7f4dvZl0mt2T5N0K+fK1ggco6J+Sn75+7sowqjSP3XP21WHUP97qQkT754iYqtePfv+Swu/BeP4R+xtfFyxQ0PuflVv/znq59We2I0535p+pfvNPGi93//eff1qd61ew/g+3Cx4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAobkbAAD///wyb8c=")
ioctl$XFS_IOC_ATTRMULTI_BY_HANDLE(r0, 0x4048587b, &(0x7f0000000580)={{<r1=>r0, &(0x7f0000000000)='\x00', 0x810080, 0x0, 0xbec, 0x0, &(0x7f00000000c0)=0xfffffffa}, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r2, &(0x7f0000000000)='3', 0x1, 0x4fed0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'virt_wifi0\x00'})
setsockopt$inet6_mreq(r1, 0x29, 0x14, 0x0, 0x0)

2m9.044027392s ago: executing program 0 (id=160):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x204000, &(0x7f00000003c0)=ANY=[], 0x1, 0x5524, &(0x7f0000010040)="$eJzs3EtvG9UXAPDjPPpI++8/QizYdaSClEi1FedRwS5AKx4iVVRgwQoc27Hc2p4odpyQFQuWiAXfBIHEiiWfgQVrdogFiB0SyDMTaHhIoDgxaX4/aXzmXl+fOdeqKp2ZyAFcWPPJTz+U4kZcjYjpiLgekZ2XiiOznodnIiKJiKnHjlIx/9vEpYiYi4gbo+R5zlLx1ie3h7fWvn/9xy+/vjxz7dMvvpncroFJey4iujv5+X43j2krjw+L+dqwncXu6rCI+RvdR8U4zeN+cyvLsF87WlfL4korX5/u7PVHcbtTq49iq72dze/08gv2h62jPNkHHtZ2s3GjuZXFdj/NYuswr+vgMP+/7bA/yPM0inzvZ+ljMDiK+XzzoJnvZ+dRFuu9QTGf500bzYNRHBaxuFzU004jq2PrJN/0f9sb7d7eQTJs7vbbaS9Zq1Sfr1TvlKu7aaM5aK6Wa93GndVkodUZLSsPmrXueitNW51mpZ52F5OFVr1erlaThbvNrXatl1SrlZXKUnltsTi7nbxy/+2k00gWRvGldm9v0O70k+10N8k/sZgsV1ZeWExuVZM3NzaTzQf37m1svvXu3Xfuv7jx2svFoj+VlSwsLy0vl6tL5eXq4gXa/4dF0WPcP5xIadIFAJw//7b/v6n/B8ag6P+fjbH3/7sPIk6//w/9/1icq/73lPr/ueL8Iu4fTkT/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwYX07+9mr2cl8Pr5WzP+vmHqqGJciYioifvkL03HpWM7pIs/s36yf/UMNX5UiyzC6xuXimIuI9eL4+f+n/S0AAADAk+vzD25+nHfr+cv8pAviLOU3baauvzemfKWImJ3/bkzZpkYvT48pWfbveyYOxpQtu4F1ZUzJ8ltuM+PK9o9MHwtXHgulPEydaTkAAMCZON4JnG0XAgAAwFn6aNIFMBmlOHqUefQsOPvL+98fCF49NgIAAADOodKkCwAAAABOXdb/+/0/AAAAeLLlv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzKzt3kJBKEYQD+uqEH5i9DJrOfK8wRZgfH8AguXRoO4CU4gAu8ghfgDLjzCAYMXS2CIYak/6J5nqQtu1O8fEVgUVVJAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECbHorl7O76703dnM22nmZGAwAAAJyyLpaz8p9Juv9ePf9ZPfpd3WcRkUfEqbn7IL4cZQ6qnOK1/+1h/+JNDfcRZcLuPUbV9S0i/lfX06+2PwUAAAD4vFbzxTTN1tOfSd8F0aW0aJP/uGgoL4uIYvLYUFq+y/vzbpd/56ftvt/DuKpfVqlcwBo3FJaW3IZNpZ2l/LnvV+3GB02Wmvzky/ZFNjZ2AACgQ4OjpttZCAAAAF267LsA+pHFy1bmfitwlJpqe+/r0R0AAADwAWV9FwAAAAC0rpz/d3T+39b5fwAAANCPdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbVoXy9lqvpjWzdls62lmNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADP7M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxPy8pEAJBEAVzxv9O+v6HlQQ9gwgR0PCoohYNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxc/+8cZNhAMAf2+crLVSEgDIEIZAYYKHptbR0QwygiIGPgBSl1xJ65U+bgVYVIgsbytwFwYgQEihs/Q6dW6lL2TpkKBIzyD47cdogLpywj+b3k16/z1k+v89rS1Eev04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa9ju7cVZs5sZxWu278/DGatHffaQv3Nq8t1i0Ik7aTPr/4aXmh2Shu0QAAAA4PLK6vo+I+/nWctGnc2X9n9fHFDX/d8fHcV3PP1r3131d+xft118evLAz0Nx4nOKkF9ZGw5OPp9L772Y52579xyN65ZUvn71k5Q1J3994fjsvr2fyze3b7/bL8Egb2QIA/8aJuq+C+vehoh90mRgAh0avUXjX9X82121OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG3Y3oin6ziJiMXebly4+/DG6n79rc17i3U7e/PmZny1e87iFHlEXFgbDU+2OpvZdvXa9Usro9HwygGD4xFx8G/tCV6OiCm+PlXwdjX9Sx9OcPDUMxV0GqTVzZ6VfGYmyCLib4/p8IcSAABPpLxqRV1/P99aLvYl8xF/fr+3/n+tEceE9f+Dj87eaY7VrP8Hrc1w9i2tX/5s6eq162+sXV65OLw4/OTNU4O3BqfPnTlzbql8VrLkiQkAAADT6VetWf+n84+v/x9rxDFh/f/5t4Mvm2Nl6v997S76dZ0JAADA4fbcK3/8nuyzP+n344uV9fUrg/F25/Op8baDVA/sSNWa9X8233VWAAAAQBu2N5I96//nG3FMuP7/zA8v/tQ8ZxYRR6v1/xOrn47OtzedmdbGXxp3PUcAAAC6dbRqzfX/vHz/P9155SGNiNdfHcfVvwGcqP7P3vv6x+ZYzff/T7c3xZmULoyvR9kvRPQWus4IAACAJ9lTVSuK/d/yreWPfz72Qd/7/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABt+ysAAP//kqE4gQ==")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000c0bee9580d85d2f64ab9ee145c092e0014000305000000000000000002180000", @ANYRES32, @ANYBLOB="08000200ac1414aa"], 0x20}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'lo\x00'})
close(r3)

2m7.387611567s ago: executing program 0 (id=167):
socket$nl_audit(0x10, 0x3, 0x9)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@textreal={0x8, &(0x7f0000000480)="b8ed0b8ee8ba6100ec0fb08900013e3664660fef8b0eceb802008ee80fc71fc4e391cf0f0b650f011965650fc761242f", 0x30}], 0x1, 0x74, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x2004006, &(0x7f0000001180)=ANY=[@ANYBLOB='rodir,utf8=0,nonumtail=0,uni_xlate=1,utf8=1,shortname=mixed,utf8=0,shortname=mixed,shortname=winnt,iocharset=mn,shortname=winnt,uni_xlate=1,iocharset=default,shortname=lower,shortname=mixed,\x00\x00\x00\x00\x00\x00\x00'], 0x25, 0x36e, &(0x7f0000000ac0)="$eJzs3T2IHOUbAPBnb/du9x/+8a4QglarnSAhObHQ6kKIELxCI4tfjQvZaLxdhVtcuBS3t40SrBQbQSu7FFqmthKxs7A1gkTFxnSBHI7szsx+3O59gXcm5Pernrzv+8z7zDuzzOS4fe+tbqxdno8rd+7cjkqlEKWV8ytxtxBLMRfFSG3FTB8vzG4HAO5zd5Mk/kpS+4/+9EQeefYDwINr8Px/++SooXyI5Ov/P4qSAIAjdsD//780s/X9IysLADhCU8//Jye6d/yYvzT8nQAA4MH1yutvvHhuNeJStVqJaH3UqXVq8fyo/9yVuBrNaMSZWIztiPRFIX1bSJJKNqparVZ/W4paP+7UIlrdTq3/ppAsRsTVUn6wpSw/yfOT4gsXVy+crQ5ExFZ3MH+0Cp3afJzI5v/5RDRiORbj0an8iIurF5ar2QFqrTy/G9GLvLpB/adjMX4cvc5k+Ul//s2z1er5ZHUiv3OjHJf3XLnVf/U6AAAAAAAAAAAAAAAAAAAAAADwcDldHVoa7n+TtLqdDy+NDSjERP9gf5+0O9sfqJfuD5SU8915rhdH++ucmbE/T6dWirn/9MwBAAAAAAAAAAAAAAAAAADg/tHeWIh6s9lYb29cWxsPumMt733/df5d/bV6s5SF7xZHWZE1ThwnHzh25GIMp0iG6UkxHVPIxqeDixH54K35GzeHFY9PUR6exWTxWVCe6iqUhlOcfOLXL2Zl/d0PtgYtxZhalskgr3isq/VIv6ESEdu7Ze0eLO8z5laSJLulb34+nRWFiFIcuowDBN/dfuexZ9qnnh20fJtt+vDU04uv3vrsqz/W6s3opSvTbC6st7eTPQ5Yyq5yv9ZmYy4mxxTH7p9Cts6FGXfC7KA3aumttzfqxZ/+fO3xT37YMbg4+/5Jxls+2H2ub3a2LKRBIWIpX4S9Sp2Pg678m/fGPyAHzaqkn4JTX67Ub27+8nu/a26/G7t/BUds1AEAAAAAAAAAAAAAAAAAAMdi7Lvih/Dcy0dXEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcv8Hf/y9n/6g3m4319sa1Xh6sHSa4143prnJjvb3r5P87ttMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAh908AAAD//7RJX7M=")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

2m6.112623204s ago: executing program 0 (id=172):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78e})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000180)=@x86={0x3, 0x5, 0x81, 0x0, 0x9, 0xe, 0x5, 0x2, 0x1, 0x1, 0x6, 0x5, 0x0, 0x1af2, 0xd, 0x0, 0xf, 0xf4, 0x9, '\x00', 0x5, 0x8})
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000040)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r0, r0, 0xc, 0x0, @val=@netkit={@void, @value=r0}}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x7, 0x2, 0x3, 0x100, 0xffffffffffffffff, 0x3}, 0x50)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="2300000f3634b9c9c59d99b970fc1c000700000002a300000900000000000000dd84401060141489190454f7210dd4e1380a523efd29194eeabd30bb1c12b5b8dd38a0fce7e4765ca4add8165d50ee", @ANYRES32=r8, @ANYBLOB="000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r9, 0xd}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r10}, &(0x7f0000000880), &(0x7f00000008c0)=r8}, 0x20)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r7)

2m5.675460643s ago: executing program 0 (id=175):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x8000, 0x2, 0x6, 0xfffa}, 0x3a, [0x8001, 0x3, 0xf, 0x3, 0x80, 0x2, 0x8, 0xac58, 0x2000000a, 0x20000000, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0x1002, 0x6, 0x3, 0xfffffffc, 0x7, 0x4, 0x0, 0x4, 0x3c1b, 0x3, 0x20, 0xd, 0x1, 0x0, 0xffffffff, 0x8e660, 0x4, 0x7, 0x0, 0x5, 0x4c74, 0x80000000, 0x242, 0x6, 0xc, 0x0, 0x8071, 0x5, 0x940, 0xffffffff, 0x7, 0x5, 0x3e, 0x8f, 0x1, 0x6, 0x0, 0x5, 0x4, 0x8, 0xa8000000, 0x80, 0x0, 0x5, 0x6, 0x5, 0x4, 0x1, 0x40], [0x10000007, 0x5, 0x8000012d, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0x800000c8, 0xf9, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x4, 0x0, 0x5, 0x2e, 0xe, 0x4, 0x78, 0xea4, 0xffc, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x0, 0x2000ff, 0x5, 0x7cb, 0x5f31, 0x1000d, 0x4e0, 0x2, 0x4, 0xb, 0x3, 0x9, 0x4, 0xd, 0xe1, 0x49, 0x8000, 0x1, 0xfe000000, 0xfffe, 0x2, 0x4, 0x9, 0x3, 0x0, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x3, 0xfffffff8, 0x3], [0x5, 0x408, 0x3, 0xa, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x7, 0x5, 0x8, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x2, 0x8, 0x86, 0x3, 0x3038, 0xfffffffc, 0xb, 0xc, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x3, 0x10800003, 0x200, 0x83, 0x3, 0x4, 0x2950bfaf, 0x2, 0xa2, 0x7, 0xa9, 0x2000005, 0x6, 0xac8, 0xbf, 0x4002, 0xffffffff, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x9, 0x1c, 0x520000, 0x3, 0x1, 0x80a2ed, 0x4, 0x25], [0x5, 0xbb33, 0x7, 0x9, 0xfffffffb, 0x938, 0x6, 0x6, 0x12, 0xb9, 0xce7, 0x1ff, 0x800002, 0xfffffffb, 0x3, 0x3, 0x101, 0x10000, 0x9, 0x7ffd, 0x400, 0xa620, 0x1, 0x78b, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x5, 0x9, 0x7e, 0x100, 0x4166d9b5, 0x2, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x8000005, 0x8, 0x101, 0xa1f, 0xf44, 0x6, 0x2, 0x400b3, 0x100, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0x1ff, 0x156]}, 0x45c)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="b4000000190001002abd7000ffdbdf251d01090050001180490067004df4fc8de71626db37a39716bc6a1d9cbb21e0a06208c366fbcb7bdf381a45efcace9782aab31f4423aa8b1fa6f26bc762d6030000004ff3c640b8656c018bebe844d61d0b0000004d0012"], 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2m5.160525668s ago: executing program 32 (id=175):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x8000, 0x2, 0x6, 0xfffa}, 0x3a, [0x8001, 0x3, 0xf, 0x3, 0x80, 0x2, 0x8, 0xac58, 0x2000000a, 0x20000000, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0x1002, 0x6, 0x3, 0xfffffffc, 0x7, 0x4, 0x0, 0x4, 0x3c1b, 0x3, 0x20, 0xd, 0x1, 0x0, 0xffffffff, 0x8e660, 0x4, 0x7, 0x0, 0x5, 0x4c74, 0x80000000, 0x242, 0x6, 0xc, 0x0, 0x8071, 0x5, 0x940, 0xffffffff, 0x7, 0x5, 0x3e, 0x8f, 0x1, 0x6, 0x0, 0x5, 0x4, 0x8, 0xa8000000, 0x80, 0x0, 0x5, 0x6, 0x5, 0x4, 0x1, 0x40], [0x10000007, 0x5, 0x8000012d, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0x800000c8, 0xf9, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x4, 0x0, 0x5, 0x2e, 0xe, 0x4, 0x78, 0xea4, 0xffc, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x0, 0x2000ff, 0x5, 0x7cb, 0x5f31, 0x1000d, 0x4e0, 0x2, 0x4, 0xb, 0x3, 0x9, 0x4, 0xd, 0xe1, 0x49, 0x8000, 0x1, 0xfe000000, 0xfffe, 0x2, 0x4, 0x9, 0x3, 0x0, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x3, 0xfffffff8, 0x3], [0x5, 0x408, 0x3, 0xa, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x7, 0x5, 0x8, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x2, 0x8, 0x86, 0x3, 0x3038, 0xfffffffc, 0xb, 0xc, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x3, 0x10800003, 0x200, 0x83, 0x3, 0x4, 0x2950bfaf, 0x2, 0xa2, 0x7, 0xa9, 0x2000005, 0x6, 0xac8, 0xbf, 0x4002, 0xffffffff, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x9, 0x1c, 0x520000, 0x3, 0x1, 0x80a2ed, 0x4, 0x25], [0x5, 0xbb33, 0x7, 0x9, 0xfffffffb, 0x938, 0x6, 0x6, 0x12, 0xb9, 0xce7, 0x1ff, 0x800002, 0xfffffffb, 0x3, 0x3, 0x101, 0x10000, 0x9, 0x7ffd, 0x400, 0xa620, 0x1, 0x78b, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x5, 0x9, 0x7e, 0x100, 0x4166d9b5, 0x2, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x8000005, 0x8, 0x101, 0xa1f, 0xf44, 0x6, 0x2, 0x400b3, 0x100, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0x1ff, 0x156]}, 0x45c)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB="b4000000190001002abd7000ffdbdf251d01090050001180490067004df4fc8de71626db37a39716bc6a1d9cbb21e0a06208c366fbcb7bdf381a45efcace9782aab31f4423aa8b1fa6f26bc762d6030000004ff3c640b8656c018bebe844d61d0b0000004d0012"], 0xb4}, 0x1, 0x0, 0x0, 0x800}, 0x0)

1m26.678542136s ago: executing program 1 (id=239):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f0000000300)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@noquota}, {@inode_readahead_blks}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x1}}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xd}}, {@test_dummy_encryption}, {@acl}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x202, 0x36)
write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0x139)

1m26.251212238s ago: executing program 1 (id=241):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a0000000100000004"], 0x50)
r0 = socket$inet6(0xa, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
connect$inet6(r0, &(0x7f0000000000)={0x2, 0x4e23, 0x0, @mcast1, 0x4}, 0x1c)

1m25.875997519s ago: executing program 1 (id=242):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78e})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000180)=@x86={0x3, 0x5, 0x81, 0x0, 0x9, 0xe, 0x5, 0x2, 0x1, 0x1, 0x6, 0x5, 0x0, 0x1af2, 0xd, 0x0, 0xf, 0xf4, 0x9, '\x00', 0x5, 0x8})
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000040)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r0, r0, 0xc, 0x0, @val=@netkit={@void, @value=r0}}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x7, 0x2, 0x3, 0x100, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="2300000f3634b9c9c59d99b970fc1c000700000002a300000900000000000000dd84401060141489190454f7210dd4e1380a523efd29194eeabd30bb1c12b5b8dd38a0fce7e4765ca4add8165d50ee", @ANYRES32=r8, @ANYBLOB="000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{}, &(0x7f0000000880), &(0x7f00000008c0)=r8}, 0x20)
writev(r7, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000000204e0000", 0x58}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r7)

1m20.834492814s ago: executing program 1 (id=249):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000380)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a409080000d1ce5d29c2ee0000070000000fc6ea110ff4118039c2eb4b87c660d577df701905b9aafab4afaaf755e376a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f78359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = userfaultfd(0x80800)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000080)={&(0x7f000037f000/0x2000)=nil, &(0x7f000018b000/0x3000)=nil, 0x2000, 0x2, 0x18100})
r2 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100020000000879215300000000000001090224000100000000090401130103000100092100000001220b0009058103"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xa0242, 0x0)

1m13.947902829s ago: executing program 1 (id=256):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x8, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x10000}]}, 0x38}}, 0x44080)

1m7.925991754s ago: executing program 1 (id=269):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x854)
add_key$keyring(&(0x7f0000001080), 0x0, 0x0, 0x0, 0xfffffffffffffff9)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
memfd_create(0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f00000010c0)='./file1\x00', 0x818c14, &(0x7f00000003c0)={[{@uni_xlate}, {@shortname_win95}, {@rodir}, {@fat=@nocase}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@shortname_mixed}, {@shortname_win95}, {@shortname_mixed}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@utf8no}, {@numtail}, {@utf8no}]}, 0x81, 0x29b, &(0x7f00000015c0)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='freezer.self_freezing\x00', 0x275a, 0x0)

1m7.280044786s ago: executing program 33 (id=269):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x854)
add_key$keyring(&(0x7f0000001080), 0x0, 0x0, 0x0, 0xfffffffffffffff9)
bpf$PROG_LOAD(0x5, &(0x7f0000001dc0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
memfd_create(0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f00000010c0)='./file1\x00', 0x818c14, &(0x7f00000003c0)={[{@uni_xlate}, {@shortname_win95}, {@rodir}, {@fat=@nocase}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@shortname_mixed}, {@shortname_win95}, {@shortname_mixed}, {@shortname_win95}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {@utf8no}, {@numtail}, {@utf8no}]}, 0x81, 0x29b, &(0x7f00000015c0)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='freezer.self_freezing\x00', 0x275a, 0x0)

54.522514915s ago: executing program 3 (id=293):
capset(&(0x7f0000000400)={0x19980330}, &(0x7f0000000040)={0x200000, 0x200000, 0x8000000, 0x0, 0x0, 0x1003})
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)

54.155624997s ago: executing program 3 (id=295):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
ptrace$ARCH_GET_GS(0x1e, r0, &(0x7f0000000100), 0x1004)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfbffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r3, 0xfffffffffffffffe, r3, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$erofs(&(0x7f0000000300), &(0x7f0000000000)='./file1\x00', 0x810011, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1], 0xfd, 0x1e1, &(0x7f0000000640)="$eJzslr1u01AUx//XtpwEBSExsjAQCRhwbAcQC4gsTAxIQCIGhoiYKGCIlGQgkVDgCViYkBgY2HkBJFj7EFXaqUu6deni6vpe27eRnaT56tDzk3r6t318fD6s44AgiAvL/t7ROEA+1EWUkJPnD/TER1P8d/OHn/8/fVL/9vr3Tm5sFdJiBsHizzcA/Kvq6Mf3nr67JP+/gBbrl9BwW+o6GCypeTI1qT0wvJL6naI73N+y3rZ9z3rT8Ztc2Nw43LjcVKbzm3xlaCr5MeV6bzB83/B9r7tBMa9/k6qGh0p+6rwsiGxtpX8ONDhSV8DwXOoHyEW9ES1R6r9mJPH1mfWbWGP9tWLKJZ7KGeJcvZw5KhPAcokBLA74EytVii/yld3kO5QhdIQimuh6In/Xt1QFf9Hn+MDYelfZas1cZhZ/H4t7ojPBSByHPlcyAgajBR9hYpluJPsp+MVwU9lPYpX8CD81fITl3mB4p/2h0fJa3kfXrdy379r2PbccLiJhZ+y/QrifLiXxU79JHJOZ+NTo97uOsPGxK2zaxtXC/afh1g1xzIdrTsXNK5rJPwNGPMg/qvOjzFIIgiC2ynWw40BiREJ+TaD81n12jjkSBEEQBEEQBEEQBLEaJwEAAP//63FC3Q==")
syz_emit_ethernet(0x2e, &(0x7f0000000040)=ANY=[@ANYBLOB="0251e90c0faca2000180c20000020800450000200000e00000119078000000000000000000000000000c9078a12d"], 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @void, {@ipv4={0x800, @tipc={{0xa, 0x4, 0x0, 0x3e, 0x40, 0x67, 0x0, 0x92, 0x6, 0x0, @local, @remote, {[@ssrr={0x89, 0xf, 0xa1, [@remote, @empty, @loopback]}, @generic={0x82, 0x4, "c1c8"}]}}, @payload_conn={{{0x18, 0x0, 0x1, 0x0, 0x0, 0x6, 0x3, 0x2, 0x9b, 0x0, 0x2, 0xc, 0x6, 0x0, 0x6, 0x8, 0x2, 0x4e24, 0x4e22}}}}}}}, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x31, &(0x7f0000000140)=0xfffffff4, 0x4)
bind$inet6(r4, &(0x7f0000f65000)={0xa, 0x4e20, 0x97f, @loopback, 0x1}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
getsockopt$inet6_buf(r4, 0x29, 0x6, 0x0, &(0x7f0000000080))
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r5, 0x4068aea3, &(0x7f0000000040)={0xa4, 0x0, 0x1})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x8040ae9f, &(0x7f0000000000)=@arm64)

51.439096919s ago: executing program 3 (id=297):
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x80082, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000340), 0x218884, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000140), 0x1, 0xbc8, &(0x7f0000002380)="$eJzs3M9rHNcdAPDvjH7alrtyKaXuxSql2FC6ll1kalOoXVx66aHQXgsW8soIrX8gqTiSdVgl/0BIcg7kEkhiEnyIz74kkGsuiXONySFggmIlEEKiMPtDWku7+mGtNIr8+cDTvDdvZt73q5F23oPdDeC5NZT9SCOOR8SVJKJQ359GRG+11h9RqR23tDg/9u3i/FgSy8v/+SqJJCKeLM6PNa6V1LdH6o3+iPj470n88qX1407Pzk2OlsulqXr79Mz1W6enZ+f+NHF99FrpWunGmXN/GTk7cm74/EjHcv3u84v3v/ndP7+ofP/2D3e/fvXNJC7GQL2vOY961js2FEMrv5Nm3REx2oHr7wdd9Xya80y6Nzkp3eWgAABoK22aw/06CtEVq5O3QnzwSa7BAQAAAB2x3BWxDAAAABxwifU/AAAAHHCN9wE8WZwfa5R835Gwtx5fiojBWv5L9VLr6Y5KddsfPRFx+EkSzR9rTWqn7dhQRDz67Px7WYkWn0PebZWFiPhNq/ufVPMfrH8Sem3+aUQMd2D8oTXtn1P+Fzswft75A/B8enCp9iBb//xLV+Y/0eL5193i2fUs8n7+NeZ/S+vmf6v5d7WZ//17i2Pceev12+36svz/ev8f7zZKNn623VFS2/B4IeK33a3yT1byT9rkf2WLYxR+vF1q15d3/stvRJyM1vk3JBt/P9Hp8Ylyabj2s+UYCx+NvNNu/Lzzz+7/4Tb5b3D/+7N9t566Uvsv9fnf5cv32vVtnn/6ZW/y32qtt77nhdGZmakzEb3Jv9bvP7txvo1jGtfI8j/1+43//1v9/WevCZX630aW+UJ9m7VfXDPm3+7eeX+j/LO1X573/+r2739138tbHOMPH75yql1f8/o3K9n4j5LaWhgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIgkLUZEUq2nabEYcSQifhWH0/LN6Zk/jt/8/42rWV/EYPSk4xPl0nBEFGrtJGufqdZX22fXtP8cEcci4rXCoWq7OHazfDXv5AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhxJCIGIkmLEZFGxFIhTYvFvKMCAAAAOm4w7wAAAACAXWf9DwAAAAef9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC77NiJBw+TiKhcOFQtmd56X0+ukQG7Lc07ACA3XXkHAOSmO+8AgNxsc41vugAHULJJf3/bnr6OxwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/nXy+IOHSURULhyqlkxvva+n5Rkn9jA6YDeleQcA5KZro87uvYsD2HvP/C9+tLNxAHuv9RofeJ4km/T3rx5Tebqnb9diAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGD/GaiWJC1GRFqtp2mxGHE0IgajJxmfKJeGI+IXEfFpoacva/flHTQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNz07NzlaLpemnqWS7Ox0FRWVpkqyP8KoVfJ+ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/Ts3OTo+VyaWo670gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvE3Pzk2OlsulqS1U7m3n4KZK3jkCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCfnwIAAP//198NMw==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sendfile(r0, r0, 0x0, 0xe3aa6ea)

50.606687706s ago: executing program 3 (id=298):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000380)='./file1\x00', 0x844, &(0x7f0000000bc0)=ANY=[], 0x1, 0x267, &(0x7f0000000740)="$eJzs3b9rVFkUAOAzmcmvbSYsCwvLLjuwLGw1JIHtsyy7bNigYhgkIsGJmUjIhICBgBZJrAQrG0vLdBFBCzv9HwQbG7ERS9NZSJ4kL0xmzEQTMfMk833NPbx7znv33vDeyxRz5/LPiwuzS8tzW1uvY2AgF4Wxq9tJkouh6Il8pNYDADhN3iVJvE1SWY8FAOgM738A6D6Hvf//60nb3rQ5l8XYAICT8eWf/+9OPXlZrY39eYTUpL8Rvpg+/hgBgK9rcuri/9tPfx8cj0d3IhZvrVRWKmmb9v81F/NRj1oMRzHeRyQNafzv+MQ/w6UdgxGVxbW9+rWVSr61fiSKMRRx4czB+pFSqrW+N75rrh+NYvzQ/vqjbev74o/fmurLUYxnV2Ip6jG78y9JU/3qSKn099mJj+r7d/NiI5/p3wcAAAAAAAAAAAAAAAAAAAAAgNOpXGoYard/T7l8WH9af/T9gfb357m9W1+InwpxM9vZAwAAAAAAAAAAAAAAAAAAwLdh+fqNhWq9XrvWCGbOz3/feuRzQa5NV37v/Mc5T9cEOwtzgpf4NSJOehYPN2vPN6YvTWa/mB0M2q/qg8wHNvOJnJ6I2A1+vDdWfbz66s3BnFhvupcL6X1bradtX/PDotThhxMAAAAAAAAAAAAAAAAAAHSZ/a8BH5aRdHZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCB/d//P3bQ1ziyOZierNH1y0Bzctp5v+W6ufUMJgsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNf6EAAA//9rIKjm")
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x79c, &(0x7f00000007c0)="$eJzs3c9rXNUeAPDvnSSdJu17yYMH7/WtAg80UDoxNbYKLuJKBAsFXduGyTTUTDIlMylNyKJFBDeCigtBN137oy4Et/5YuNH/woW0VE2LFRcSufOjmSYz6SRNZir5fODOnHPPvXPOd879cWbmcieAA2s0fchEHIuId5KI4fr8JCIGqqn+iKnacvfWVvPplMT6+iu/JNVl7q6t5qNpndSReua/EfHNmxHHM1vrLS+vzE0Xi4XFen68Mn9pvLy8cuLi/PRsYbawcGpicvLk6WdOn9q7WH/7YeXorXdffPKzqT/e+M+Nt79N0sCu1sqa49grozFaf08G0po2DO91Tb2X9LoB7Eq6a/bV9vI4FsPRV021MdjNlgEA+2UdADiAEmMAADhgGt8D3F1bzTem3n4j0V23X4iIw7X4G79v1kr6YyqyaWFfmhu6mzzwy0gSESN7UP9oRHz05WufpFPU+8FvaUA3XL0WEedHRrce/5MHr1nYhae2K1zPVp9GN80+aOcf6KWv0vHPs63Gf5n6/n+4+rh5/JNtse/uxsP3/8zNzet89+oeVFyXjv+eb7q27V5T/HUjffXcP6pjvoHkwsViIT22/TMixmIgm+Ynqou2HrmN3fnzTrv6m8d/v773+sdp/enzxhKZm/3ZB9eZma5MP2rcDbevRfyvv1X8yf3+T9qMf892WMdLz731YbuyNP403sa0Nf7Wvuiw7odZvx7xRMv+3+jLZNvrE8erm8N4Y6No4fMfPxhqV39z/6dTWn/js0A3pP0/tH38I0nz9Zrlndfx/fXhr9uVPTz+1tv/oaR2EDhUn3dlulJZnIg4lLy8df7JjXUb+cbyafxj/2+9/9eqbb39D6TDpg7j77/186e7j39/pfHP7Kj/d564cW+ur139beJv6vG0/yerqbH6nE6Of5028FHeOwAAAAAAAAAAAAAAAAAAAAAAAADoVCYijkaSyd1PZzK5XO0/vP8dQ5liqVw5fqG0tDCTllXvf5pp3OpyuOl+qBP1++E38ic35Z+OiH9FxPvZwWo+ly8VZ3odPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUHWnz//+pn7K9bh0AsG8O97oBAEDXOf8DwMGzs/P/YFN6as/bAgB0h8//AHDwdHz+P7+/7QAAusfnfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbZ2TNn0mn997XVfJqfuby8NFe6fGKmUJ7LzS/lc/nS4qXcbKk0Wyzk8qX5ti90tfZULJUuTcbC0pXxSqFcGS8vr5ybLy0tVM5dnJ+eLZwrDHQtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZW66WCwsSmybGNzTF8z+7d/5/ngsmiGxb4nmo8Rg7w5QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+5vwIAAP//BeYuJQ==")
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
openat(0xffffffffffffff9c, 0x0, 0x129242, 0x30)
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
statx(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x1000, 0x0, 0x0)
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x8)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a409080000d1ce5d29c2ee0000070000000fc6ea110ff4118039c2eb4b87c660d577df701905b9aafab4afaaf755e376a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f78359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
socket$netlink(0x10, 0x3, 0x4)
r2 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r2, 0xa, 0x21)
fcntl$setlease(r2, 0x400, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
getpid()
fcntl$setown(r2, 0x8, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

45.445039339s ago: executing program 3 (id=311):
socket$inet6_udp(0xa, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e75"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0), 0x14000, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})
chdir(&(0x7f0000000100)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x5, 0x0, 0x0)
openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0xc42, 0x11, 0x5}, 0x18)
syz_read_part_table(0x5c9, &(0x7f0000000000)="$eJzs1M9LHHcUAPA3u2t37WWllPZQKEKlhyK02GsXLKLLXupSWuihf4AetCD0YMEqaq8V/4GK2ELx4lWItwQlSALmEMTzQs75AUGETNjdGTWEJJfFEPP5HHbfzPe9fbN833yDd1ry519ZlJajFBHF12UvRcRJ/0XOz9vjE43B5vc//jTzyWinPNeXfe/ejIiBpFsaEZPlTtdolEeONg8/yLKG8qA/65IsRVRfan+WdkWcB7zfdmr75ZXVuQ9jvjZ9XF9oPU2Tpc/WxmfXOwP46Xe/FGLr84jYK1wqOupp/+rK6lz97/nS9HElu5metd+QF8ZzOMmjPyIqj83vNVHK938xIuoLrY2Pl0+WT3/48v/fvx7+6OTWWn4OPkkuzsSI9fZH5W09MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcD3t1ParK6tz9dGoTR/XF1rflrKFtK3aV4yI3yJir1DJFoo97t/fDZrnbf+7m04+/Of+7KWsb26/ojzp6cNw5bL5y4eqtdEes9N8X9OuxUjLEbt5zVTEs54PIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwbaxNNAabhXaUxK8RMVYY+Ld9lZa760mkEVHsXjyIONjrho3yyNTm4dij7bjzxb2Doa1mll/JfncmTdM0vrqRdmQ3S0npSv8cb/Q8AAD//wiFj3I=")
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x100, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r5, {0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "000f00009fcc0002000100000e000058"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000891}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)

44.139481898s ago: executing program 3 (id=314):
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = inotify_init()
io_setup(0x5, &(0x7f0000000440)=<r4=>0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r4, 0x2, &(0x7f0000000240)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x3, 0x0, r5, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x400, r5, 0x0, 0x0, 0x80, 0x0, 0x1, r5}])
inotify_rm_watch(r3, 0x0)

43.556065562s ago: executing program 34 (id=314):
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = inotify_init()
io_setup(0x5, &(0x7f0000000440)=<r4=>0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
io_submit(r4, 0x2, &(0x7f0000000240)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x3, 0x0, r5, 0x0}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x400, r5, 0x0, 0x0, 0x80, 0x0, 0x1, r5}])
inotify_rm_watch(r3, 0x0)

9.672585984s ago: executing program 2 (id=398):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0x78e})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4040aea0, &(0x7f0000000180)=@x86={0x3, 0x5, 0x81, 0x0, 0x9, 0xe, 0x5, 0x2, 0x1, 0x1, 0x6, 0x5, 0x0, 0x1af2, 0xd, 0x0, 0xf, 0xf4, 0x9, '\x00', 0x5, 0x8})
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000040)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000005c0)={r0, r0, 0xc, 0x0, @val=@netkit={@void, @value=r0}}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="2300000f3634b9c9c59d99b970fc1c000700000002a300000900000000000000dd84401060141489190454f7210dd4e1380a523efd29194eeabd30bb1c12b5b8dd38a0fce7e4765ca4add8165d50ee", @ANYRES32, @ANYBLOB="000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r7, 0xd}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r8}, &(0x7f0000000880), &(0x7f00000008c0)}, 0x20)
writev(r6, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000000204e0000", 0x58}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r6)

8.824112438s ago: executing program 5 (id=399):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000040de28021100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x16, 0x0, @void}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="00008500000085"], 0x0, 0x0, 0x0, 0x0}, 0x0)

7.741566439s ago: executing program 2 (id=403):
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000580)='./file1\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x238, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiUhsUthYGDCiucvtoaQ5NIJgJULir0oPs4aYTU4uK5iAJMHGRjsLIY2F/4BFCisLO/8BQQsVBAuvsLCxGZkfeze3w+ZySzrfpxi+M/Nm3743b1+xIAjiv+X7tz9fn1+amT8L4AgmcMis//QAxrRmW337L68enXnZvLzz9vObD6tHn7zLPk8eEWJwobyHfx/A+1kPiZpx+/RfKSbMZB68p6+D47TRN8FQNfouOG4YHYHhttEPLN2W9tXq/aU4qt5rxwtSTMuhLodQDo3s+3W3GRbMXAghmLW/tr6x3IrjqGMJ3+xZW5vI2Iwies6Wx538lRCgO8vRtN5PZvHWs6fbcp7mZtrKXx0cdRNEAwxzZn0GO2ludEqs+I/7qKQuvIH4MdaKM9FKwUwxAMOCLGvR/F0gNXuLY1PFjk/KcC66W2OFbhGDp0rob8lM5h7PK6/RSkcJP3s7rrhgLrSAr6vZKMSm8wEo8UKW0IHfsisKRZGK8S776G790ILn1rNgw12w/ddPeb/vnH6IZsUfvUQrkHH1VnzvYO4C+LSr+4d4zXDK6k++1T9qycrD2tr6xtTSSmsxWoxWw7BxngFb58KaakR6dPpevz9XVH86bNqTfH4pxzbgAR63kqRT12PAAlSQJJ1QzUPrs5nbbf+6Y44luALgpJ7Ilhb0nug5PligbbiylWrSNSIIgiAIgiAIgiAIgiAIgijECTD1F3QI4TVl/S8AAP//CkpUTQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000000)='./file2\x00', 0x193400, 0x80)

7.296522428s ago: executing program 2 (id=405):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', 0x8, &(0x7f0000000340)={[{@discard_unit_block}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@noinline_data}, {@jqfmt_vfsold}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@memory_normal}, {@alloc_mode_def}, {@noheap}, {@block_mode}, {@extent_cache}, {@atgc}, {@user_xattr}]}, 0x1, 0x5505, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
open(&(0x7f0000000100)='./bus\x00', 0x24040, 0x10)
truncate(&(0x7f0000000000)='./bus\x00', 0x80000000)

7.152828441s ago: executing program 4 (id=406):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="01000000080000000200000004"], 0x48)
socket(0x41503864490ca358, 0x6, 0xffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xfc776000)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f00000014c0)=0x4d)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
shutdown(r4, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f0000000440)={&(0x7f000047b000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0}, 0x0)

6.181063743s ago: executing program 5 (id=408):
socket$inet_udp(0x2, 0x2, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f00000004c0)=ANY=[@ANYBLOB="757466383d312c726f6469722c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c636865636b3d7374726963742c756e695f786c6174653d302c6e6f636173652c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c71756965742c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c757466383d302c666c7573682c726f6469722c73686f72746e616d653d6d697865642c73686f77657865632c636865636b3d72656c617865642c726f6469722c726f6469722c007cbda5978eff1afd303a09806ce0c610fe00684c0c67004cdbbd0b9992b0bbea8911a2050000006311c61fb0edf19ed5b7f8d03bfbf22d5655a02f9c7e7307c4f0cbeda2b4e5b2821ba502f452ce09bae8f886c9b612847e26f9afb26c9805000000000000000bc8604552e1dcb75008cfdd8a85c302b83f5ba6d806e8f77268091776f01e8c0465aa4a0ac02f13f9daeab1932f5688fd0ba15f0fc0d94f21c352fe6bc02b893c57f77281db316d62c523025b2c545ab273f28000ba55a384f4ddaa65567a7eb6e51c9d5b69a84c1cec408643486d4c6a17a1fe12f05c1bf8b7494265dc0493bbc87c7f86f7e5e9ed79d5822adebabbe3c1e9320ad777219218ae6103ce6a392927ef866f4b0bcfecea44742736cfc57fe72eee93d416f6ff7da7641eb9865ee1f09a9b76f87189d2f0113ebf44794240ccdfdee8fa1eccb4abfa1d4d470623d6e1530497c7e64924d946272d4fa346cfecac39646cbbf431869c533429e09b", @ANYRES32], 0x88, 0x2a9, &(0x7f0000000c00)="$eJzs3T9rc1UYAPDnpmmSV4dkcJKCF3RwKm1XlxRpoZhJyaAOWmwL0gShhYJ/MHZydXH0EwiCm1/CxW8guApudihcuTf3mqSmaSNN9S2/39LTc89zznNOz6V0yNMPN4anR2mcXH7xa7RaSdS68SyukuhELSpfxYzuNwEAPM+usiz+yMaWiUsiorW6tACAFVr69/+PK08JAFixd959763dXm/v7TRtxf7w64t+/pd9/nX8fPckPo5BHMdWtOM6IvvbuL2fZdmonuY68dpwdNHPI4cf/FzOv/t7RBG/He3oFF2z8Qe9ve10bCp+lOfxQrl+N4/fiXa8NGf9g97ezpz46Dfi9Ven8t+MdvzyUXwSgzgqkpjEf7mdpm9m3/75+ft5enl8MrroN4txE9naI/9oAAAAAAAAAAAAAAAAAAAAAAB4wjbL2jnNKOr35F1l/Z216/yb9Ugrndn6POP4pJroRn2gURbfVfV1ttI0zcqBk/h6vFyP+n+zawAAAAAAAAAAAAAAAAAAAPh/Of/0s9PDweD47EEaVTWA6mP9/3ae7lTPK7F4cHOyVq1sLpg51qoxScTCNPJNPNCx3NV4dlvO3/+w7IStu8esLzqfh2lUt+v0MJl/hs2oelrVJflpekwj7rlW47ZHG0UC1eW4a57G3EftpffeeLFojBaMiWTRe/HGb+OEy57k5kvUKE51bvh62ZgKv3E3brvP1SnNvin/kKjWAQAAAAAAAAAAAAAAAAAAKzX5GPCch5cLQ2tZc2VpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjmvz//yUaozL4HoMbcXY+f+X6Y24TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ+6vAAAA//+lillR")
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
getegid()
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x51a23}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x20}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000094}, 0x20040040)
socket$nl_route(0x10, 0x3, 0x0)

6.142412896s ago: executing program 4 (id=409):
openat$vsock(0xffffffffffffff9c, 0x0, 0x428001, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x1000000, &(0x7f00000000c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
ftruncate(r0, 0xf4ff)

5.413500162s ago: executing program 4 (id=411):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x40086610, &(0x7f0000000140)=@v2={0x2, @aes256, 0x1, '\x00', @b})

4.955361698s ago: executing program 5 (id=412):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000004940), 0x8201, 0x0)
write$vga_arbiter(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB='decodes '], 0xd)

4.74785339s ago: executing program 5 (id=413):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
futex(0x0, 0x86, 0x0, &(0x7f00000002c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x105042, 0x1c3)
getsockname$packet(r3, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000300)=0x14)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000300), 0x77, 0x1501)
ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f0000000040)={0x3, 0x30, 0x8a49, 0x1, 0x0, 0x206, 0x0})
close(0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80143, 0x1ff)

4.332892644s ago: executing program 4 (id=414):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r4, &(0x7f0000000000)=@file={0x1}, 0x6e)

3.345442444s ago: executing program 5 (id=415):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
unshare(0x6020400)
ioctl$KVM_CREATE_VM(r0, 0xae03, 0x62)

3.280108532s ago: executing program 2 (id=416):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000140)={0x2009})

2.88982626s ago: executing program 6 (id=417):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000180), &(0x7f0000000400)='./file0\x00', 0x10010, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}}, 0x0, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x6)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

2.83236663s ago: executing program 5 (id=418):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000003c0)='./file0\x00', 0x0, &(0x7f0000000640)={[{@lfs_mode}, {@usrjquota={'usrjquota', 0x3d, 'nouser_xattr'}}, {@acl}, {@resgid={'resgid', 0x3d, 0xee00}}, {@inline_xattr}, {@grpjquota={'grpjquota', 0x3d, '('}}, {@quota}, {@nouser_xattr}, {@noflush_merge}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x552b, &(0x7f0000000b40)="$eJzs3EtvG2UXAODjpOn96xchFuw6UoWUSLVVp00FuwCtuIhUUYEFK3Bsx3Jre6LYcUJWLFgiFvwTBBIrlvwGFqzZIRYgdkggz4whKReB7NRp8zzS+My8fn3mvJYV6czEDuDUWkx+/rEUV+JCRMxHxOWIbL9UbJm1PDwXEVcjYu7QVirGfx84GxEXI+LKKHmes1Q89en14bXVH9746atvzp259NmX385u1cCsPR8R3e18f6+bx7SVxwfFeG3YzmL31rCI+RPdh8Vxmse95maWYa82nlfL4s1WPj/d3u2P4lanVh/FVnsrG9/u5SfsD1vjPNkLHtR2suNGczOL7X6axdZBXtf+Qf637aA/yPM0inwfZOljMBjHfLy538zXs/0wi/XeoBjP86aN5v4oDotYnC7qaaeR1bE5yTt9sr3Z7u3uJ8PmTr+d9pLVSvWFSvV2ubqTNpqD5q1yrdu4fStZanVG08qDZq271krTVqdZqafd5WSpVa+Xq9Vk6U5zs13rJdVq5WblRnl1udi7nrx6752k00iWRvHldm930O70k610J8lfsZysVG6+uJxcqyZvrW8kG/fv3l3fePu9O+/ee2n99VeKSX8qK1laubGyUq7eKK9Ul0/R+j8qip7i+mEipVkXAPDkmaj/Lx9KpP8H/oPj6/937kccf/8f+v+peKL639Pe///D+rVhzIQPHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqfXdwuevZTuL+fGlYvx/xdAzxXEpIuYi4te/MB9nj+ScL/Is/M38hUdq+LoUWYbROc4V28WIWCu2X/5/3O8CAAAAPL2++PDqJ3m3nj8szrogHqf8os3c5fenlK8UEQuL308p29zo4dkpJcs+32dif0rZsgtY56eULL/kdmbSLOOLa/9q8vyRcP5QKOVhbtJyAACAk+doJzBxFwIAAMCJ9fGsC2A2SjG+lTm+F5z95/0fNwQvHDkCAAAATqhHv2p/WOkx1gEAAADMRtb/+/0/AAAAeLrlv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAbO3eTmzYQxwH0bxsX+qWiqvtepTs4Ro/QZZcVB+glOEAW5Aq5AGcguxwhggiPQyBCSiQPthK9J5lhrOHHDMKLmZEGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEu6rVfz638//3fN2e66yTMaAAAA4JxNvZo3b6ap/rm9/7W99b2tFxFRRsS5uXsVH04yqzanfmp/ddy+ftaHm4gmYf8d4/b6FBG/2uv+26V/BQAAAHi/1ovlLM3W08t06A7Rp7RoU375nSmviIh6epcprdzn/cgU1vy/R/E3U1qzgDXJFJaW3Ea50l6ledwPq3aTo6JIRXn2Y4dOZhs7AADQo+qk6HcWAgAAQJ/+DN0BhlHE41bmYStwnIp2e+/jSQ0AAAB4g4qhOwAAAAB0Vb3UoJn/93T+3875fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAl7SpV/P1YjnrmrPddZNnNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zczOpqmKMcoeIqLgQS92s62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/03GAv9dbDHip4VuZXdtJE3BQ6s2k+H3jzvjMM875vFkK+82YXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDK+L1JnGSbhSKOy2N3H95cy/qdR/rM7a17S1nL4qjJpI+GV+o7Ua+9RAAAADg+kqq+DyHcT7dXsj5eyOv/tDonq/l/eK6Iq3r+0bp/Z7noq9o/a7//9uCl3YEWinGyi15cHw2X96fSeXKznG3P/+8ZnfzO589ekvwDiT/cfHGc5vcz+u7Onfe7eTjXRLYAwOM4VfVlUP0/lPWDNhMD4Njo1Arvqv5PFtrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAJ483wTBVHIYSlziTO7Dy8uXZQf3vr3lLVzt26tRW+mVwzu0QaQri4PhouNzqb2Xbt+o3Lq6PR8GrzwashhLZGf7ec/uWPpzg5hMcc648W7qpgXxCXH/as5HM0ghb/KAEA8JSY27OXli2r6++n2yvZsWgxhH9+3Fv/v1GLw5T1/4NPzt2tj1Wv/wdPeJZHSX/jyhf9a9dvvLV+ZfXS8NLws7dPD94ZnDl/9uz5fv6spO+JCQAAAP/lxFRndctWr//jxf3r/ydrcZiy/v/y+8HX9bES9f+BJot+bWcCAABwvL3w2t9/RQccj7rd8NXqxsbVQbHd3T9dbFtI9dDmylav/5PFtrMCAAAAmjDejPas/1+oxWHK9f9nf3r5l/o1kxDCfLn+f2rt89GF5qYz0w79xeD5w3+duO05AgAA0K75stXX/9P8/f9495WHOITw5utFXP4M4FT1f/LBtz/Xx6q//3+muSnOpLhX3I+874XQ6bWdEQAAAE+zE2XLiv0/0+2VT389+VHX+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATfs3AAD//31cRhM=")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x1a1043, 0xc5)
write(r0, 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000003c0)={0xd8, 0xba4, 0x200})

2.639792135s ago: executing program 6 (id=419):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
clock_gettime(0x2, &(0x7f0000000040))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r3, 0x891b, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2182, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x200000000000000)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x10)
sendfile(r4, r4, 0x0, 0x20000023896)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000180)={{0x4, 0x7, 0x97, 0x4}, 'syz1\x00', 0x2b})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000200)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x50)

2.551357238s ago: executing program 2 (id=420):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@noblock_validity}, {}, {@sysvgroups}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@grpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
creat(0x0, 0x149)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4004, &(0x7f0000000340)={[{@jqfmt_vfsv1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x6}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}], [{@smackfsdef}, {@fsmagic={'fsmagic', 0x3d, 0x5}}, {@fsuuid={'fsuuid', 0x3d, {[0x64, 0x34, 0x63, 0x38, 0x66, 0x30, 0x32, 0x63], 0x2d, [0x62, 0x33, 0x36, 0x35], 0x2d, [0x38, 0x61, 0x31, 0x38], 0x2d, [0x36, 0x35, 0x30, 0x30], 0x2d, [0x62, 0x6, 0x63, 0x30, 0x34, 0x34, 0x34, 0x37]}}}]}, 0x0, 0x260, &(0x7f0000000bc0)="$eJzs3TFoHXUcB/Df3XvPmOQhURdBUEFENBDiJrrERSEgIYgIKkQkuCiJEBPc8pxcHHRWyeQSpFvTjiVL6NJS6JS2GdKl0IYODR3a4ZV7l5Q074WGvJd3pff5wCPvLv97v99x9/3fLccFUFojETEREZWIGI2IWkQkBwe8lX9G9hZXBjdmIprNL+4mrXH5cm5/u+GIaETEhxGxnibxYzViae2b7fubn737x2Ltnf/Wvh7s4S4MHXfgzvbW57v/Tv1+dvKDpctXb08lMRH1J/ar95IO66pJxCunUewZkVSL7oDjmP71zLUs969GxNut/Ncijfzg/bnwwnot3v/nqG3/unPl9X72CvRes1nLroGNJlA6aUTUI0nHIiL/nqZjY/k9/PXKUPrT/MIvoz/ML87NFj1TAb1Sj9j69PzAueFD+b9VyfMfES8W3SNwOrL8fzm9eiP7vlspuhugn7L8j363/F7IP5SO/EN5yT+UxUjbGvmH8pJ/KC/5h/KSfyivQ/kfKLofoH9Odv1vmifgOeD+H8rgo9n5Dk+2H8w/AFAuzYGin0AGilL0/AMAAAAAAAAAAAAAAAAAALRbGdyY2f/0q+bFvyN2PomIaqf6ldb7iPdfQzx0L8mGPZbkmx2lcZz6377ZTffd+7/gp69futnPar+1rbn0Rj/rt1uei2hkbY1Xq+3nX7J3/p3cy0/5f+37Lgt06eOviq3/cLXY+pObERey+We80/yTxmutv53nn3p2/Lqs//ODLn8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvnkUAAD//8l2cMU=")
socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000180)={{0x2, 0x1000, @remote}, {0x20000010304, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1}}, 0x2, {0x2, 0x0, @multicast1=0xe000cc02}})

2.323347796s ago: executing program 4 (id=421):
socket$inet_udp(0x2, 0x2, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f00000004c0)=ANY=[@ANYBLOB="757466383d312c726f6469722c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c636865636b3d7374726963742c756e695f786c6174653d302c6e6f636173652c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c71756965742c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c757466383d302c666c7573682c726f6469722c73686f72746e616d653d6d697865642c73686f77657865632c636865636b3d72656c617865642c726f6469722c726f6469722c007cbda5978eff1afd303a09806ce0c610fe00684c0c67004cdbbd0b9992b0bbea8911a2050000006311c61fb0edf19ed5b7f8d03bfbf22d5655a02f9c7e7307c4f0cbeda2b4e5b2821ba502f452ce09bae8f886c9b612847e26f9afb26c9805000000000000000bc8604552e1dcb75008cfdd8a85c302b83f5ba6d806e8f77268091776f01e8c0465aa4a0ac02f13f9daeab1932f5688fd0ba15f0fc0d94f21c352fe6bc02b893c57f77281db316d62c523025b2c545ab273f28000ba55a384f4ddaa65567a7eb6e51c9d5b69a84c1cec408643486d4c6a17a1fe12f05c1bf8b7494265dc0493bbc87c7f86f7e5e9ed79d5822adebabbe3c1e9320ad777219218ae6103ce6a392927ef866f4b0bcfecea44742736cfc57fe72eee93d416f6ff7da7641eb9865ee1f09a9b76f87189d2f0113ebf44794240ccdfdee8fa1eccb4abfa1d4d470623d6e1530497c7e64924d946272d4fa346cfecac39646cbbf431869c533429e09b", @ANYRES32], 0x88, 0x2a9, &(0x7f0000000c00)="$eJzs3T9rc1UYAPDnpmmSV4dkcJKCF3RwKm1XlxRpoZhJyaAOWmwL0gShhYJ/MHZydXH0EwiCm1/CxW8guApudihcuTf3mqSmaSNN9S2/39LTc89zznNOz6V0yNMPN4anR2mcXH7xa7RaSdS68SyukuhELSpfxYzuNwEAPM+usiz+yMaWiUsiorW6tACAFVr69/+PK08JAFixd959763dXm/v7TRtxf7w64t+/pd9/nX8fPckPo5BHMdWtOM6IvvbuL2fZdmonuY68dpwdNHPI4cf/FzOv/t7RBG/He3oFF2z8Qe9ve10bCp+lOfxQrl+N4/fiXa8NGf9g97ezpz46Dfi9Ven8t+MdvzyUXwSgzgqkpjEf7mdpm9m3/75+ft5enl8MrroN4txE9naI/9oAAAAAAAAAAAAAAAAAAAAAAB4wjbL2jnNKOr35F1l/Z216/yb9Ugrndn6POP4pJroRn2gURbfVfV1ttI0zcqBk/h6vFyP+n+zawAAAAAAAAAAAAAAAAAAAPh/Of/0s9PDweD47EEaVTWA6mP9/3ae7lTPK7F4cHOyVq1sLpg51qoxScTCNPJNPNCx3NV4dlvO3/+w7IStu8esLzqfh2lUt+v0MJl/hs2oelrVJflpekwj7rlW47ZHG0UC1eW4a57G3EftpffeeLFojBaMiWTRe/HGb+OEy57k5kvUKE51bvh62ZgKv3E3brvP1SnNvin/kKjWAQAAAAAAAAAAAAAAAAAAKzX5GPCch5cLQ2tZc2VpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjmvz//yUaozL4HoMbcXY+f+X6Y24TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ+6vAAAA//+lillR")
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
getegid()
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x50a10, 0x51a23}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_ROUTER={0x5, 0x16, 0x20}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000094}, 0x20040040)
socket$nl_route(0x10, 0x3, 0x0)

1.680081058s ago: executing program 6 (id=422):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x0)
sync_file_range(r0, 0x1, 0x9, 0xd)

1.577642449s ago: executing program 6 (id=423):
socket$inet_udp(0x2, 0x2, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getrlimit(0xc, &(0x7f0000000300))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f00000004c0)=ANY=[@ANYBLOB="757466383d312c726f6469722c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c636865636b3d7374726963742c756e695f786c6174653d302c6e6f636173652c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c71756965742c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c757466383d302c666c7573682c726f6469722c73686f72746e616d653d6d697865642c73686f77657865632c636865636b3d72656c617865642c726f6469722c726f6469722c007cbda5978eff1afd303a09806ce0c610fe00684c0c67004cdbbd0b9992b0bbea8911a2050000006311c61fb0edf19ed5b7f8d03bfbf22d5655a02f9c7e7307c4f0cbeda2b4e5b2821ba502f452ce09bae8f886c9b612847e26f9afb26c9805000000000000000bc8604552e1dcb75008cfdd8a85c302b83f5ba6d806e8f77268091776f01e8c0465aa4a0ac02f13f9daeab1932f5688fd0ba15f0fc0d94f21c352fe6bc02b893c57f77281db316d62c523025b2c545ab273f28000ba55a384f4ddaa65567a7eb6e51c9d5b69a84c1cec408643486d4c6a17a1fe12f05c1bf8b7494265dc0493bbc87c7f86f7e5e9ed79d5822adebabbe3c1e9320ad777219218ae6103ce6a392927ef866f4b0bcfecea44742736cfc57fe72eee93d416f6ff7da7641eb9865ee1f09a9b76f87189d2f0113ebf44794240ccdfdee8fa1eccb4abfa1d4d470623d6e1530497c7e64924d946272d4fa346cfecac39646cbbf431869c533429e09b", @ANYRES32], 0x88, 0x2a9, &(0x7f0000000c00)="$eJzs3T9rc1UYAPDnpmmSV4dkcJKCF3RwKm1XlxRpoZhJyaAOWmwL0gShhYJ/MHZydXH0EwiCm1/CxW8guApudihcuTf3mqSmaSNN9S2/39LTc89zznNOz6V0yNMPN4anR2mcXH7xa7RaSdS68SyukuhELSpfxYzuNwEAPM+usiz+yMaWiUsiorW6tACAFVr69/+PK08JAFixd959763dXm/v7TRtxf7w64t+/pd9/nX8fPckPo5BHMdWtOM6IvvbuL2fZdmonuY68dpwdNHPI4cf/FzOv/t7RBG/He3oFF2z8Qe9ve10bCp+lOfxQrl+N4/fiXa8NGf9g97ezpz46Dfi9Ven8t+MdvzyUXwSgzgqkpjEf7mdpm9m3/75+ft5enl8MrroN4txE9naI/9oAAAAAAAAAAAAAAAAAAAAAAB4wjbL2jnNKOr35F1l/Z216/yb9Ugrndn6POP4pJroRn2gURbfVfV1ttI0zcqBk/h6vFyP+n+zawAAAAAAAAAAAAAAAAAAAPh/Of/0s9PDweD47EEaVTWA6mP9/3ae7lTPK7F4cHOyVq1sLpg51qoxScTCNPJNPNCx3NV4dlvO3/+w7IStu8esLzqfh2lUt+v0MJl/hs2oelrVJflpekwj7rlW47ZHG0UC1eW4a57G3EftpffeeLFojBaMiWTRe/HGb+OEy57k5kvUKE51bvh62ZgKv3E3brvP1SnNvin/kKjWAQAAAAAAAAAAAAAAAAAAKzX5GPCch5cLQ2tZc2VpAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCjmvz//yUaozL4HoMbcXY+f+X6Y24TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ+6vAAAA//+lillR")
r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x6, 0xfffffffffffffffd, 0xe, 0xac, 0x3, 0x4, {0x0, 0xff00000000000000, 0x5, 0x40000000005, 0x85, 0x7fffffff, 0x8000, 0x7fffffff, 0xfffffffe, 0x4000, 0x0, 0xee00, 0x0, 0x3ff, 0x401}}, {0x0, 0x11}}}, 0xa0)

918.288249ms ago: executing program 6 (id=424):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@orlov}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@noblock_validity}, {@nogrpid}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000000)=""/50, 0x32)
getdents64(r0, 0xfffffffffffffffe, 0x29)

713.445381ms ago: executing program 2 (id=425):
r0 = accept$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000100)=0x6e)
recvmsg$unix(r0, &(0x7f0000000200)={&(0x7f0000000140)=@abs, 0x6e, 0x0, 0x0, &(0x7f0000000380)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x78}, 0x10100)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89b0, &(0x7f0000000140)={'vlan1\x00', &(0x7f0000000080)=@ethtool_cmd={0x0, 0x0, 0x0, 0xfff6, 0x0, 0x0, 0x0, 0xf, 0x6, 0x1, 0x0, 0x0, 0x2, 0x0, 0x44, 0x0, [0x0, 0xfffffff7]}})
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x28, 0x1, 0x1, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x2400}, @CTA_FILTER={0x4}, @CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x800)

649.653189ms ago: executing program 4 (id=426):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080)={[{@auto_da_alloc}, {@mblk_io_submit}]}, 0x1, 0x580, &(0x7f0000000440)="$eJzs3d9rW1UcAPDvTZvup66DMVRECj44mUvX1h8TfJjPOhjo+wztXRlNl9GkY60Dtwf34JMM3xyI7+Kzj+I/4IN/w0AHQ0YRxJfITW+y/kjWtMvabvl84IZz7o+cc+695+ScnIQbwMAay14KEa9GxLdJxLGISPJtw5FvHFvdb+XRzelsSaLR+OzvpLlfFm+9V+u4I3nklYj47euI04XN6daWlufKlUq6kMfH6/PXxmtLy2euzJdn09n06uTU1Ln3piY//OD9vpX17YtZRoby2PG7SZyPo3lsbTmewq21kbEYy89JMc5v2HGiD4ntJ0nHtT/vej7YnqG8nhcjawOOxVBe64EX31cR0QAGVLLt+v9H8dnkBNhdrX5Aa2zfp3Hwc+Phx6sDoM3lH179biQONsdGh1eSdSOjbLw72of0szR++eve3WyJ/n0PAbClW7cj4uzw8Ob2L8nbv50728M+G9PQ/sHu+TXr/7zTqf9TyOvmN83Xjf2fIx3q7k5sXf8LD/qQTFdZ/++jjv3f9qTV6FAee6nZ5ysml69U0qxtezkiTkXxQBZ/0nzOuZX7jW7b1vb/siVLv9UXzPPxYPjA+mNmyvXy05R5rYe3I17r2P9N2v3fZPX6r5viyc7HxR7TOJnee6Pbtq3L39FIsce0t9L4MeKtjtf/cXGT1fnJGO08PznevB/GW3fFZv/cOfl7t/R7KH+H2dP+ya7/4SeXfzRZO19b234aPxz8L432fPJ668ofvd//I8nnzfBIvu5GuV5fmIgYST5try+01k8+PrYVb+2flf/Um09q/9r3/7r8H4qIL3os/50TP73ebdsO7/++yco/0/H6t0e3G67/9gP3P/ny+27p99b+vdsMncrX9NL+9ZrBpzl3AAAAAAAAsN8UIuJoJIVSO1wolEqrv+84EYcLlWqtfvpydfHqTDT/KzsaxUJrpvvYmt9DTOQzhq345Ib4VEQcj4jvhg4146XpamVmrwsPAAAAAAAAAAAAAAAAAAAA+8SRLv//z/w5tNe5A545j/yGwbVl/e/Hk56AfcnnPwyqfj1KD3ge9fT5r5mAF5L+Pwwu9R8Gl/oPg0v9h8Gl/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfXbxwIVsaK49uTmfxmetLi3PV62dm0tpcaX5xujRdXbhWmq1WZytpabo6v9X7VarVaxOTsXhjvJ7W6uO1peVL89XFq/VLV+bLs+ml1FPEAAAAAAAAAAAAAAAAAAAAYLPa0vJcuVJJFwQGOPBvo9HY6eHDe515gWcS2OuWCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+z8AAP//V6Eyrg==")
setxattr$incfs_metadata(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280), &(0x7f00000002c0)="30573472b621739991c336124406e8a5c812ca847e3bf9b837c91d46ab", 0x1d, 0x1)
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f0000000000)=ANY=[], 0x361, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000740)=ANY=[], 0xfe37, 0x0)

0s ago: executing program 6 (id=427):
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0xe}, 0x2}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)

kernel console output (not intermixed with test programs):

lect_data cause=failed(directio) comm="syz.2.3" name="bus" dev="loop2" ino=18 res=0 errno=0
[   72.357877][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.386833][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.414210][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.445611][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.462122][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.476631][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.491325][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.503450][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.520462][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.564750][ T5003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.569862][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.588135][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.596895][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.605783][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.632001][ T5003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.911956][ T5835] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4045: comm syz.2.3: Allocating blocks 497-513 which overlap fs metadata
[   73.328085][ T5775] Bluetooth: hci3: command tx timeout
[   73.364859][ T5835] EXT4-fs (loop2): pa ffff888076ec4ae0: logic 256, phys. 385, len 8
[   73.373226][ T5835] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5386: group 0, free 0, pa_free 1
[   73.400799][ T3426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.410818][ T5775] Bluetooth: hci0: command tx timeout
[   73.416260][ T5775] Bluetooth: hci1: command tx timeout
[   73.422993][ T5777] Bluetooth: hci2: command tx timeout
[   73.479153][ T3426] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.526199][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.654346][ T3426] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.674766][ T3426] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.749250][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.757123][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.939784][ T5842] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   75.408808][ T5083] Bluetooth: hci3: command tx timeout
[   75.515553][ T5083] Bluetooth: hci2: command tx timeout
[   75.521151][ T5777] Bluetooth: hci1: command tx timeout
[   75.526649][ T5775] Bluetooth: hci0: command tx timeout
[   76.881309][ T5852] Zero length message leads to an empty skb
[   77.377045][   T28] audit: type=1326 audit(1772870359.719:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5855 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[   77.403268][ T5858] loop1: detected capacity change from 0 to 256
[   77.432622][   T28] audit: type=1326 audit(1772870359.729:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5855 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=232 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[   77.518177][ T5858] FAT-fs (loop1): Directory bread(block 64) failed
[   77.537884][ T5858] FAT-fs (loop1): Directory bread(block 65) failed
[   77.572604][ T5858] FAT-fs (loop1): Directory bread(block 66) failed
[   77.590308][ T5858] FAT-fs (loop1): Directory bread(block 67) failed
[   77.597651][ T5858] FAT-fs (loop1): Directory bread(block 68) failed
[   77.627174][   T28] audit: type=1326 audit(1772870359.979:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5855 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[   77.628679][ T5858] FAT-fs (loop1): Directory bread(block 69) failed
[   77.699455][ T5858] FAT-fs (loop1): Directory bread(block 70) failed
[   77.706044][ T5858] FAT-fs (loop1): Directory bread(block 71) failed
[   77.738200][ T5858] FAT-fs (loop1): Directory bread(block 72) failed
[   77.755637][ T5858] FAT-fs (loop1): Directory bread(block 73) failed
[   77.762872][   T28] audit: type=1326 audit(1772870359.979:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5855 comm="syz.2.6" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[   77.868963][ T5866] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11'.
[   77.885889][ T5864] loop3: detected capacity change from 0 to 1024
[   78.042089][ T5858] syz.1.7: attempt to access beyond end of device
[   78.042089][ T5858] loop1: rw=2049, sector=1224, nr_sectors = 8 limit=256
[   78.074294][ T5864] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.136546][ T5858] loop2: detected capacity change from 0 to 7
[   78.209611][ T5871] syz.1.7: attempt to access beyond end of device
[   78.209611][ T5871] loop1: rw=524288, sector=1192, nr_sectors = 4 limit=256
[   78.619741][ T5874] process 'syz.1.7' launched './file1' with NULL argv: empty string added
[   78.653791][ T5871] syz.1.7: attempt to access beyond end of device
[   78.653791][ T5871] loop1: rw=0, sector=1192, nr_sectors = 4 limit=256
[   78.752928][ T5858] Dev loop2: unable to read RDB block 7
[   78.787218][ T5858]  loop2: AHDI p1 p2 p3
[   78.810110][ T5858] loop2: partition table partially beyond EOD, truncated
[   78.821844][ T5858] loop2: p1 start 1601398130 is beyond EOD, truncated
[   78.832842][   T28] audit: type=1800 audit(1772870361.179:7): pid=5871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.7" name="file1" dev="loop1" ino=1048593 res=0 errno=0
[   78.854786][ T5858] loop2: p2 start 1702059890 is beyond EOD, truncated
[   79.265075][ T5866] bond0: (slave bond_slave_0): Releasing backup interface
[   79.799588][ T5138] Dev loop2: unable to read RDB block 7
[   79.832769][ T5138]  loop2: AHDI p1 p2 p3
[   79.850030][ T5138] loop2: partition table partially beyond EOD, truncated
[   79.869748][ T5138] loop2: p1 start 1601398130 is beyond EOD, truncated
[   80.022442][ T5885] loop0: detected capacity change from 0 to 256
[   80.181576][ T5885] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   80.192027][ T5885] FAT-fs (loop0): Filesystem has been set read-only
[   80.199191][ T5885] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   80.210395][ T5885] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   80.226916][ T5885] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[   80.362030][   T28] audit: type=1800 audit(1772870362.579:8): pid=5885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.12" name="file1" dev="loop0" ino=1048594 res=0 errno=0
[   80.482197][ T5138] loop2: p2 start 1702059890 is beyond EOD, truncated
[   80.680932][ T5885] syz.0.12 (5885) used greatest stack depth: 20264 bytes left
[   81.098491][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.830050][  T786] cfg80211: failed to load regulatory.db
[   82.025470][ T5898] loop3: detected capacity change from 0 to 256
[   82.060063][ T5898] exfat: Unknown parameter '@'
[   82.188103][ T5898] netlink: 'syz.3.17': attribute type 7 has an invalid length.
[   82.222589][ T5898] netlink: 20 bytes leftover after parsing attributes in process `syz.3.17'.
[   82.248322][ T5898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17'.
[   82.653857][ T5915] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.704036][ T5915] batadv_slave_0: entered promiscuous mode
[   83.215714][ T5926] loop0: detected capacity change from 0 to 1024
[   83.309653][ T5926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.481222][ T5933] loop3: detected capacity change from 0 to 256
[   83.729045][ T5933] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.739926][ T5933] FAT-fs (loop3): Filesystem has been set read-only
[   83.747561][ T5933] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.758070][ T5933] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   83.770839][ T5933] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[   83.987773][   T28] audit: type=1800 audit(1772870366.129:9): pid=5933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.23" name="file1" dev="loop3" ino=1048595 res=0 errno=0
[   85.078125][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.634979][ T5951] loop3: detected capacity change from 0 to 16
[   85.649558][ T5951] erofs: Unknown parameter '0x0000000000000003'
[   87.317727][    C0] sched: RT throttling activated
[   91.137180][ T5961] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   91.271737][ T5961] batadv_slave_0: entered promiscuous mode
[   91.568579][ T5803] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   95.025217][ T5966] loop2: detected capacity change from 0 to 256
[   95.093435][ T5966] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   95.103667][ T5966] FAT-fs (loop2): Filesystem has been set read-only
[   95.110892][ T5966] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   95.121062][ T5966] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   95.131671][   T28] audit: type=1800 audit(1772870377.489:10): pid=5966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.36" name="file1" dev="loop2" ino=1048596 res=0 errno=0
[   95.132173][ T5966] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[   95.568981][ T5979] loop3: detected capacity change from 0 to 256
[   96.082776][ T5987] loop2: detected capacity change from 0 to 16
[   96.095196][ T5987] erofs: Unknown parameter '0x0000000000000003'
[   97.828353][ T5995] loop0: detected capacity change from 0 to 1024
[   97.836400][ T5995] EXT4-fs: Ignoring removed nomblk_io_submit option
[   97.907984][ T5995] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.975902][   T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   99.123601][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.261390][   T23] usb 3-1: Using ep0 maxpacket: 16
[   99.280593][   T23] usb 3-1: config 0 has no interfaces?
[   99.294294][   T23] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   99.317819][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.336305][   T23] usb 3-1: Product: syz
[   99.340913][   T23] usb 3-1: Manufacturer: syz
[   99.345537][   T23] usb 3-1: SerialNumber: syz
[   99.370371][   T23] r8152-cfgselector 3-1: config 0 descriptor??
[   99.437131][ T5993] loop3: detected capacity change from 0 to 40427
[   99.461983][ T5993] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[   99.477904][ T5993] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   99.507081][ T5993] F2FS-fs (loop3): invalid crc value
[   99.546897][ T5993] F2FS-fs (loop3): Found nat_bits in checkpoint
[   99.557982][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   99.628923][   T23] usbip-host 3-1: 3-1 is not in match_busid table... skip!
[   99.666883][ T5993] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   99.674332][ T5993] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   99.767825][    T9] usb 1-1: Using ep0 maxpacket: 32
[   99.780397][    T9] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[   99.797817][    T9] usb 1-1: config 0 has no interface number 0
[   99.804000][    T9] usb 1-1: config 0 interface 184 has no altsetting 0
[   99.819796][    T9] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   99.837770][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.845878][    T9] usb 1-1: Product: syz
[   99.850499][    T9] usb 1-1: Manufacturer: syz
[   99.855120][    T9] usb 1-1: SerialNumber: syz
[   99.880878][ T5803] usb 3-1: USB disconnect, device number 2
[   99.913036][    T9] usb 1-1: config 0 descriptor??
[   99.940362][    T9] smsc75xx v1.0.0
[  100.151481][    T9] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  100.173102][    T9] smsc75xx: probe of 1-1:0.184 failed with error -71
[  100.208456][    T9] usb 1-1: USB disconnect, device number 2
[  100.495185][ T6014] loop3: detected capacity change from 0 to 512
[  103.381834][ T6014] EXT4-fs: error -4 creating inode table initialization thread
[  103.390295][ T6014] EXT4-fs (loop3): mount failed
[  103.948522][ T6019] loop2: detected capacity change from 0 to 4096
[  104.105895][ T6019] EXT4-fs warning (device loop2): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  104.132686][ T6019] EXT4-fs (loop2): mount failed
[  105.253213][ T6046] loop1: detected capacity change from 0 to 16
[  105.266365][ T6046] erofs: Unknown parameter '0x0000000000000003'
[  107.933002][   T23] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  108.427997][   T23] usb 4-1: Using ep0 maxpacket: 32
[  108.780668][   T23] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  108.790079][   T23] usb 4-1: config 0 has no interface number 0
[  108.796217][   T23] usb 4-1: config 0 interface 184 has no altsetting 0
[  108.815146][   T23] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  108.877058][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.892992][ T6079] loop1: detected capacity change from 0 to 256
[  108.899585][   T23] usb 4-1: Product: syz
[  108.918608][   T23] usb 4-1: Manufacturer: syz
[  108.950619][   T23] usb 4-1: SerialNumber: syz
[  109.082187][   T23] usb 4-1: config 0 descriptor??
[  109.715688][   T23] smsc75xx v1.0.0
[  109.753737][ T6079] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  109.782895][ T6079] FAT-fs (loop1): Filesystem has been set read-only
[  109.813578][ T6079] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  109.857840][ T6079] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  109.987784][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  110.119715][ T6091] loop2: detected capacity change from 0 to 16
[  110.126936][ T6091] erofs: Unknown parameter '0x0000000000000003'
[  114.306191][   T28] audit: type=1800 audit(1772870396.659:11): pid=6079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.67" name="file1" dev="loop1" ino=1048598 res=0 errno=0
[  114.329405][ T6079] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  114.517820][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  114.537825][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  114.634536][ T5757] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  114.770825][   T23] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -110
[  114.801239][   T23] smsc75xx: probe of 4-1:0.184 failed with error -110
[  114.831531][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[  114.840490][ T5806] usb 4-1: USB disconnect, device number 3
[  115.465349][ T6111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.501413][ T6111] batadv_slave_0: entered promiscuous mode
[  116.792509][ T6123] loop3: detected capacity change from 0 to 1024
[  116.896835][ T6123] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.867337][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.123420][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  118.257962][  T786] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  120.934539][  T786] usb 2-1: Using ep0 maxpacket: 32
[  121.173982][ T6157] loop2: detected capacity change from 0 to 256
[  121.255380][  T786] usb 2-1: device descriptor read/all, error -71
[  121.472933][ T6159] netlink: 8 bytes leftover after parsing attributes in process `syz.1.91'.
[  121.490735][ T6163] binder: 6162:6163 unknown command 1074553619
[  121.497080][ T6163] binder: 6162:6163 ioctl c0306201 200000000040 returned -22
[  121.511092][ T6163] binder: 6162:6163 unknown command 1074553620
[  121.531521][ T6163] binder: 6162:6163 ioctl c0306201 200000000640 returned -22
[  121.619630][ T6167] loop3: detected capacity change from 0 to 1024
[  121.638647][ T6159] loop1: detected capacity change from 0 to 256
[  121.774819][ T6167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.852747][   T28] audit: type=1800 audit(1772870404.209:12): pid=6159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.91" name="file1" dev="loop1" ino=1048600 res=0 errno=0
[  122.085986][ T6175] loop2: detected capacity change from 0 to 256
[  123.040615][ T6175] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  123.050883][ T6175] FAT-fs (loop2): Filesystem has been set read-only
[  123.057560][ T6175] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  123.068803][ T6175] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  123.079554][ T6175] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  123.094774][   T28] audit: type=1800 audit(1772870405.439:13): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.94" name="file1" dev="loop2" ino=1048601 res=0 errno=0
[  123.314039][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.586357][ T6187] loop3: detected capacity change from 0 to 512
[  124.606106][ T6187] EXT4-fs: Ignoring removed oldalloc option
[  124.634866][ T6187] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  124.718326][ T6187] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.97: inode has both inline data and extents flags
[  124.749659][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  124.758086][ T6187] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.97: couldn't read orphan inode 15 (err -117)
[  124.773223][ T6187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.011238][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.108011][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[  125.116647][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  125.946505][ T5803] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  126.138126][ T6202] fuse: Unknown parameter 'ÿ'
[  126.178086][ T5803] usb 3-1: Using ep0 maxpacket: 32
[  126.247757][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  126.257774][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  126.363883][ T5803] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  126.372424][ T5803] usb 3-1: config 0 has no interface number 0
[  126.379259][ T5803] usb 3-1: config 0 interface 184 has no altsetting 0
[  126.389167][ T5803] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  126.417837][ T5803] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.425885][ T5803] usb 3-1: Product: syz
[  126.452689][ T5803] usb 3-1: Manufacturer: syz
[  126.457344][ T5803] usb 3-1: SerialNumber: syz
[  127.266940][ T6207] loop0: detected capacity change from 0 to 1024
[  127.281037][ T5803] usb 3-1: config 0 descriptor??
[  127.332117][ T5803] smsc75xx v1.0.0
[  127.372843][ T6207] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  127.472613][   T28] audit: type=1800 audit(1772870409.819:14): pid=6207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.103" name="bus" dev="loop0" ino=18 res=0 errno=0
[  127.679342][ T5803] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  127.693639][ T5803] smsc75xx: probe of 3-1:0.184 failed with error -71
[  127.706895][ T5803] usb 3-1: USB disconnect, device number 3
[  127.717829][ T5826] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  127.949276][ T5826] usb 4-1: Using ep0 maxpacket: 8
[  128.150241][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.169969][ T5826] usb 4-1: unable to get BOS descriptor or descriptor too short
[  128.186072][ T5826] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  128.196610][ T5826] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  128.231126][ T5826] usb 4-1: New USB device found, idVendor=0e41, idProduct=414a, bcdDevice= 0.40
[  128.242633][ T5826] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.251016][ T5826] usb 4-1: Product: syz
[  128.255204][ T5826] usb 4-1: Manufacturer: syz
[  128.259928][ T5826] usb 4-1: SerialNumber: syz
[  129.129841][ T5826] usb 4-1: 0:2 : does not exist
[  129.491691][ T5826] usb 4-1: USB disconnect, device number 4
[  129.516434][ T6227] loop1: detected capacity change from 0 to 1024
[  129.538683][ T6227] EXT4-fs: inline encryption not supported
[  129.593985][ T6227] EXT4-fs: Ignoring removed nobh option
[  129.677100][ T6227] EXT4-fs: Ignoring removed bh option
[  130.058589][ T6227] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  130.349229][ T6227] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  131.453665][ T6252] loop2: detected capacity change from 0 to 1024
[  131.493824][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.938444][ T6252] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.337657][   T28] audit: type=1800 audit(1772870414.689:15): pid=6252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.113" name="bus" dev="loop2" ino=18 res=0 errno=0
[  133.012115][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  133.018572][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  133.192878][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.348090][ T5853] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  133.527081][ T6275] loop1: detected capacity change from 0 to 512
[  133.548460][ T5853] usb 4-1: Using ep0 maxpacket: 32
[  133.557091][ T5853] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  133.566501][ T5853] usb 4-1: config 0 has no interface number 0
[  133.573687][ T5853] usb 4-1: config 0 interface 184 has no altsetting 0
[  133.583188][ T6275] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.609018][ T5853] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  133.623617][ T5853] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.634884][ T5853] usb 4-1: Product: syz
[  133.642510][ T5853] usb 4-1: Manufacturer: syz
[  133.649649][ T5853] usb 4-1: SerialNumber: syz
[  133.663994][ T6275] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.799181][ T6275] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.823221][ T5853] usb 4-1: config 0 descriptor??
[  133.834287][ T5853] smsc75xx v1.0.0
[  133.956265][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.062386][ T5853] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  134.085595][ T5853] smsc75xx: probe of 4-1:0.184 failed with error -71
[  134.108062][ T5853] usb 4-1: USB disconnect, device number 5
[  134.446640][ T6291] loop2: detected capacity change from 0 to 256
[  134.469434][ T6291] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  134.481845][ T6291] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  134.765443][ T6291] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  135.116808][ T6295] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  135.590069][  T786] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  135.701513][ T6297] loop3: detected capacity change from 0 to 128
[  135.719320][ T6297] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  135.754133][ T6297] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  135.845311][ T6299] loop1: detected capacity change from 0 to 1024
[  135.871461][  T786] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.889366][   T12] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  135.913666][  T786] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  135.945694][  T786] usb 3-1: New USB device found, idVendor=04f9, idProduct=0755, bcdDevice= 0.00
[  135.955926][  T786] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.967496][  T786] usb 3-1: config 0 descriptor??
[  135.969393][ T6299] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.987040][  T786] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  136.086502][   T28] audit: type=1800 audit(1772870418.439:16): pid=6299 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.127" name="bus" dev="loop1" ino=18 res=0 errno=0
[  136.979377][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.069254][ T6284] loop0: detected capacity change from 0 to 131072
[  137.075806][ T6308] loop1: detected capacity change from 0 to 128
[  137.099140][ T6308] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.130136][  T786] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  137.182624][ T6308] ext4 filesystem being mounted at /27/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.320438][ T5767] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.352201][  T786] usb 4-1: unable to get BOS descriptor or descriptor too short
[  137.382317][  T786] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  137.430176][  T786] usb 4-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[  137.441407][ T5803] usb 3-1: USB disconnect, device number 4
[  137.529717][  T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.548785][  T786] usb 4-1: Product: syz
[  137.554489][  T786] usb 4-1: Manufacturer: syz
[  137.569710][  T786] usb 4-1: SerialNumber: syz
[  137.811121][ T6304] overlay: Unknown parameter ''
[  137.858760][ T6304] loop3: detected capacity change from 0 to 512
[  138.044229][  T786] usb 4-1: unit 4 not found!
[  138.174563][  T786] usb 4-1: USB disconnect, device number 6
[  138.498510][ T5756] udevd[5756]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  139.195217][ T6336] loop2: detected capacity change from 0 to 256
[  139.336441][ T6336] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.347374][ T6336] FAT-fs (loop2): Filesystem has been set read-only
[  139.355254][ T6336] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.365708][ T6336] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  139.378509][ T6336] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  139.422224][   T28] audit: type=1800 audit(1772870421.739:17): pid=6336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.136" name="file1" dev="loop2" ino=1048605 res=0 errno=0
[  141.118246][ T6354] netlink: 248 bytes leftover after parsing attributes in process `syz.1.144'.
[  142.320098][ T6369] loop0: detected capacity change from 0 to 256
[  143.305536][ T6367] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  143.315884][ T6367] FAT-fs (loop0): Filesystem has been set read-only
[  143.322687][ T6367] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  143.332868][ T6367] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  143.344630][ T6367] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000001)
[  143.412903][ T6351] loop2: detected capacity change from 0 to 4096
[  143.422576][ T6351] EXT4-fs: inline encryption not supported
[  143.434041][   T28] audit: type=1800 audit(1772870425.699:18): pid=6367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.148" name="file1" dev="loop0" ino=1048606 res=0 errno=0
[  143.716894][ T6351] EXT4-fs (loop2): Test dummy encryption mode enabled
[  143.735909][ T6379] loop0: detected capacity change from 0 to 256
[  143.761515][ T6351] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  143.787906][ T6351] System zones: 0-5
[  143.808774][ T6351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.088830][ T6399] loop0: detected capacity change from 0 to 128
[  145.107074][ T6399] EXT4-fs (loop0): Test dummy encryption mode enabled
[  145.118488][ T6399] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  145.188153][ T6399] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  145.231547][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.156672][ T5766] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  146.198275][ T6414] loop2: detected capacity change from 0 to 256
[  146.659162][ T6424] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  146.684546][ T6426] netlink: 24 bytes leftover after parsing attributes in process `syz.3.164'.
[  146.879098][ T6417] loop0: detected capacity change from 0 to 40427
[  146.900918][ T6417] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288)
[  146.939707][ T6417] F2FS-fs (loop0): invalid crc value
[  146.976239][ T6417] F2FS-fs (loop0): Found nat_bits in checkpoint
[  147.106334][ T6417] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  147.163016][   T28] audit: type=1326 audit(1772870429.509:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.237306][   T28] audit: type=1326 audit(1772870429.509:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.277902][ T5803] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  147.324470][   T28] audit: type=1326 audit(1772870429.509:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.508027][ T5803] usb 3-1: Using ep0 maxpacket: 8
[  147.529576][ T5803] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  147.553189][   T28] audit: type=1326 audit(1772870429.509:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.599878][ T5803] usb 3-1: config 179 has no interface number 0
[  147.628827][ T5803] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  147.675746][ T5803] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  147.697237][   T28] audit: type=1326 audit(1772870429.509:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.754283][ T5803] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  147.802382][   T28] audit: type=1326 audit(1772870429.509:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.827763][ T5803] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  147.881930][ T5803] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  147.918340][ T5803] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  147.939998][   T28] audit: type=1326 audit(1772870429.509:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  147.949355][ T5803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  147.993559][ T6435] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  148.079859][   T28] audit: type=1326 audit(1772870429.509:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  148.184415][   T28] audit: type=1326 audit(1772870429.509:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6416 comm="syz.0.160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fae3699c799 code=0x7ffc0000
[  148.328199][    T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input7
[  148.553777][ T5411] usb 3-1: USB disconnect, device number 5
[  148.553875][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  148.569726][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  148.594886][ T5411] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  148.651310][ T6443] loop0: detected capacity change from 0 to 256
[  148.736351][ T6443] FAT-fs (loop0): Directory bread(block 64) failed
[  148.756661][ T6443] FAT-fs (loop0): Directory bread(block 65) failed
[  148.778986][ T6443] FAT-fs (loop0): Directory bread(block 66) failed
[  148.801018][ T6443] FAT-fs (loop0): Directory bread(block 67) failed
[  148.807702][ T6443] FAT-fs (loop0): Directory bread(block 68) failed
[  148.832552][ T6443] FAT-fs (loop0): Directory bread(block 69) failed
[  148.848995][ T6443] FAT-fs (loop0): Directory bread(block 70) failed
[  148.855579][ T6443] FAT-fs (loop0): Directory bread(block 71) failed
[  148.897646][ T6443] FAT-fs (loop0): Directory bread(block 72) failed
[  148.908849][ T6443] FAT-fs (loop0): Directory bread(block 73) failed
[  148.990604][ T6443] syz.0.167: attempt to access beyond end of device
[  148.990604][ T6443] loop0: rw=2049, sector=1224, nr_sectors = 8 limit=256
[  149.038033][ T6443] loop2: detected capacity change from 0 to 7
[  149.054027][ T6443] Dev loop2: unable to read RDB block 7
[  149.064474][ T6443]  loop2: AHDI p1 p2 p3
[  149.072518][ T6443] loop2: partition table partially beyond EOD, truncated
[  149.080173][ T6443] loop2: p1 start 1601398130 is beyond EOD, truncated
[  149.087047][ T6443] loop2: p2 start 1702059890 is beyond EOD, truncated
[  149.137348][ T5766] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  149.151717][ T5766] FAT-fs (loop0): Filesystem has been set read-only
[  149.615326][ T3426] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.715956][ T3426] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.805994][ T3426] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.952204][ T3426] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.957489][ T5775] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  150.973203][ T5775] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  150.990884][ T5775] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  151.010482][ T5775] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  151.028744][ T5775] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  151.036226][ T5775] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  151.974997][ T6475] chnl_net:caif_netlink_parms(): no params data found
[  152.427111][ T3426] hsr_slave_0: left promiscuous mode
[  152.439104][ T3426] hsr_slave_1: left promiscuous mode
[  152.465731][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_0
[  152.480704][ T3426] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  152.503845][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_1
[  152.524394][ T3426] bridge_slave_1: left allmulticast mode
[  152.537943][ T3426] bridge_slave_1: left promiscuous mode
[  152.545261][ T3426] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.577392][ T3426] bridge_slave_0: left allmulticast mode
[  152.585336][ T3426] bridge_slave_0: left promiscuous mode
[  152.608866][ T3426] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.680380][ T3426] veth1_macvtap: left promiscuous mode
[  152.693216][ T6506] loop3: detected capacity change from 0 to 256
[  152.700087][ T3426] veth0_macvtap: left promiscuous mode
[  152.705756][ T3426] veth1_vlan: left promiscuous mode
[  152.724363][ T3426] veth0_vlan: left promiscuous mode
[  152.755912][ T6506] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  153.096856][ T6465] loop1: detected capacity change from 0 to 131072
[  153.158092][ T6465] F2FS-fs (loop1): Invalid log sectorsize (67108873)
[  153.168599][ T5775] Bluetooth: hci3: command tx timeout
[  153.188286][ T6465] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  153.314522][ T6465] F2FS-fs (loop1): invalid crc value
[  153.394606][ T6465] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4)
[  155.332994][ T5775] Bluetooth: hci3: command tx timeout
[  155.362010][ T6535] mmap: syz.1.190 (6535) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  155.461494][ T5803] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  156.099196][ T5803] usb 4-1: Using ep0 maxpacket: 32
[  156.136337][ T5803] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.160169][ T5803] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.210714][ T5803] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  156.232724][ T5803] usb 4-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  156.244337][ T5803] usb 4-1: Product: syz
[  156.261127][ T5803] usb 4-1: Manufacturer: syz
[  156.276176][ T5803] hub 4-1:4.0: USB hub found
[  156.427391][ T3426] team0 (unregistering): Port device team_slave_1 removed
[  156.453867][ T5853] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  156.489965][ T3426] team0 (unregistering): Port device team_slave_0 removed
[  156.502880][ T5803] hub 4-1:4.0: 3 ports detected
[  156.541515][ T3426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.586573][ T3426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.651448][ T5853] usb 3-1: Using ep0 maxpacket: 32
[  156.675568][ T5853] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  156.683917][ T5853] usb 3-1: config 0 has no interface number 0
[  156.695947][ T5853] usb 3-1: config 0 interface 184 has no altsetting 0
[  156.707083][ T5853] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  156.719520][ T5853] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.727610][ T5853] usb 3-1: Product: syz
[  156.733139][ T5853] usb 3-1: Manufacturer: syz
[  156.738155][ T5853] usb 3-1: SerialNumber: syz
[  156.752558][ T5853] usb 3-1: config 0 descriptor??
[  156.774897][ T5853] smsc75xx v1.0.0
[  157.016003][ T5853] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  157.033631][ T3426] bond0 (unregistering): Released all slaves
[  157.043548][ T5853] smsc75xx: probe of 3-1:0.184 failed with error -71
[  157.072108][ T5853] usb 3-1: USB disconnect, device number 6
[  157.159689][ T6475] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.166914][ T6475] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.174395][ T6475] bridge_slave_0: entered allmulticast mode
[  157.181641][ T6475] bridge_slave_0: entered promiscuous mode
[  157.235990][ T6475] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.243842][ T6475] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.253797][ T6475] bridge_slave_1: entered allmulticast mode
[  157.262937][ T6475] bridge_slave_1: entered promiscuous mode
[  157.437249][ T6475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.447097][ T5775] Bluetooth: hci3: command tx timeout
[  157.562586][ T6475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.593460][ T5803] hub 4-1:4.0: hub_hub_status failed (err = -32)
[  157.613312][ T5803] hub 4-1:4.0: config failed, can't get hub status (err -32)
[  157.667210][ T6548] loop1: detected capacity change from 0 to 256
[  158.379064][ T6546] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  158.390247][ T6546] FAT-fs (loop1): Filesystem has been set read-only
[  158.396946][ T6546] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  158.407156][ T6546] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  158.419220][ T6546] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  158.427864][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  158.427877][   T28] audit: type=1800 audit(1772870440.779:39): pid=6546 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.192" name="file1" dev="loop1" ino=1048641 res=0 errno=0
[  158.568951][ T5853] usb 4-1: USB disconnect, device number 7
[  158.621473][ T6554] loop2: detected capacity change from 0 to 512
[  158.649555][ T6475] team0: Port device team_slave_0 added
[  158.740150][ T6475] team0: Port device team_slave_1 added
[  158.840209][ T6554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.889790][ T6475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.908194][ T6554] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  158.921571][ T6475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.948644][ T6475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.969749][ T6475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.976739][ T6475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.004318][ T6475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.123052][   T28] audit: type=1800 audit(1772870441.469:40): pid=6554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.193" name="file1" dev="loop2" ino=15 res=0 errno=0
[  159.181875][ T6475] hsr_slave_0: entered promiscuous mode
[  159.210871][ T6475] hsr_slave_1: entered promiscuous mode
[  159.219545][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.228853][ T6475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.247566][ T6475] Cannot create hsr debugfs directory
[  159.414775][ T6573] xt_hashlimit: size too large, truncated to 1048576
[  159.513837][ T5775] Bluetooth: hci3: command tx timeout
[  160.515541][ T6567] loop1: detected capacity change from 0 to 40427
[  160.542903][ T6567] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288)
[  160.567631][ T6567] F2FS-fs (loop1): invalid crc value
[  160.601000][ T6567] F2FS-fs (loop1): Found nat_bits in checkpoint
[  160.778670][ T6567] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  160.838615][   T28] audit: type=1326 audit(1772870443.199:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  160.921757][   T28] audit: type=1326 audit(1772870443.199:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.032645][   T28] audit: type=1326 audit(1772870443.199:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.056245][ T6475] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  161.077260][ T6475] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  161.090073][ T6475] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  161.109494][ T6475] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  161.172825][   T28] audit: type=1326 audit(1772870443.199:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.195685][   T28] audit: type=1326 audit(1772870443.199:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.237412][   T28] audit: type=1326 audit(1772870443.199:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.355278][   T28] audit: type=1326 audit(1772870443.199:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.458480][   T28] audit: type=1326 audit(1772870443.199:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6565 comm="syz.1.195" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b6b39c799 code=0x7ffc0000
[  161.569104][ T6475] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.635821][ T6475] 8021q: adding VLAN 0 to HW filter on device team0
[  161.710279][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.717498][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.780279][ T5003] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.787437][ T5003] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.931059][ T6612] loop1: detected capacity change from 0 to 256
[  163.253990][ T6475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.547867][  T786] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  163.757830][  T786] usb 2-1: Using ep0 maxpacket: 32
[  163.770084][  T786] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  163.806905][  T786] usb 2-1: config 0 has no interface number 0
[  163.827202][  T786] usb 2-1: config 0 interface 184 has no altsetting 0
[  163.862566][  T786] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  163.874244][  T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.894410][  T786] usb 2-1: Product: syz
[  163.902795][  T786] usb 2-1: Manufacturer: syz
[  163.907443][  T786] usb 2-1: SerialNumber: syz
[  163.970332][  T786] usb 2-1: config 0 descriptor??
[  163.990843][ T6475] veth0_vlan: entered promiscuous mode
[  164.005523][  T786] smsc75xx v1.0.0
[  164.038807][ T6475] veth1_vlan: entered promiscuous mode
[  164.113487][ T6475] veth0_macvtap: entered promiscuous mode
[  164.148825][ T6475] veth1_macvtap: entered promiscuous mode
[  164.201611][ T6475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.228205][  T786] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  164.232861][ T6475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.267927][  T786] smsc75xx: probe of 2-1:0.184 failed with error -71
[  164.283088][ T6475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.313965][  T786] usb 2-1: USB disconnect, device number 4
[  164.319809][ T6475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.319828][ T6475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.319836][ T6475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.319847][ T6475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.319855][ T6475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.319865][ T6475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.322285][ T6475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.400671][ T6475] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.412413][ T6475] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.457846][ T6475] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.488905][ T6475] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.710673][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.739288][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.808404][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.861938][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.982274][ T6642] loop2: detected capacity change from 0 to 7
[  165.022855][ T6642] Dev loop2: unable to read RDB block 7
[  165.058758][ T6645] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  165.066347][ T6645] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  165.067864][ T6642]  loop2: AHDI p1 p2 p3
[  165.111058][ T6642] loop2: partition table partially beyond EOD, truncated
[  165.123119][ T6642] loop2: p1 start 1601398130 is beyond EOD, truncated
[  165.143682][ T6642] loop2: p2 start 1702059890 is beyond EOD, truncated
[  165.306131][ T6655] loop3: detected capacity change from 0 to 1024
[  165.338760][ T6655] EXT4-fs: Ignoring removed nomblk_io_submit option
[  165.429030][ T6655] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.459035][ T6661] loop1: detected capacity change from 0 to 256
[  165.466371][ T6661] exfat: Deprecated parameter 'utf8'
[  165.473487][ T6661] exfat: Deprecated parameter 'utf8'
[  165.556651][ T6661] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x22bddf5f, utbl_chksum : 0xe619d30d)
[  165.982709][ T6667] netlink: 140 bytes leftover after parsing attributes in process `syz.3.205'.
[  166.646598][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.803209][ T6654] loop2: detected capacity change from 0 to 40427
[  166.837526][ T6654] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288)
[  166.883019][ T6654] F2FS-fs (loop2): invalid crc value
[  167.016259][ T6679] loop1: detected capacity change from 0 to 16
[  167.027884][ T6679] erofs: Unknown parameter '0x0000000000000003'
[  167.065642][ T6654] F2FS-fs (loop2): Found nat_bits in checkpoint
[  167.738601][ T6681] loop3: detected capacity change from 0 to 512
[  167.837904][ T6681] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  167.920553][ T6654] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  167.978996][ T6681] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  168.060139][ T6681] EXT4-fs (loop3): 1 truncate cleaned up
[  168.088036][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  168.088051][   T28] audit: type=1326 audit(1772870450.439:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.446699][ T6681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.537367][   T28] audit: type=1326 audit(1772870450.439:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.680919][   T28] audit: type=1326 audit(1772870450.439:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.703867][   T28] audit: type=1326 audit(1772870450.489:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.735002][   T28] audit: type=1326 audit(1772870450.489:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.842503][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.849484][ T6692] loop1: detected capacity change from 0 to 256
[  168.889985][   T28] audit: type=1326 audit(1772870450.489:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.920974][ T6692] exfat: Deprecated parameter 'namecase'
[  168.938372][   T28] audit: type=1326 audit(1772870450.489:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  168.960925][   T28] audit: type=1326 audit(1772870450.489:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  169.070015][ T6692] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  169.102146][   T28] audit: type=1326 audit(1772870450.499:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  169.264858][ T6702] loop4: detected capacity change from 0 to 256
[  169.345481][ T6702] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  169.355761][ T6702] FAT-fs (loop4): Filesystem has been set read-only
[  169.363008][ T6702] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  169.373392][ T6702] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  169.386423][ T6702] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  169.554266][   T28] audit: type=1326 audit(1772870450.499:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6652 comm="syz.2.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  170.362307][ T6715] loop4: detected capacity change from 0 to 4096
[  170.373146][ T6715] EXT4-fs: inline encryption not supported
[  170.380998][ T6715] ext4: Unknown parameter 'nouser_xattr'
[  172.095487][ T6723] loop1: detected capacity change from 0 to 256
[  172.203466][ T6723] FAT-fs (loop1): Directory bread(block 64) failed
[  172.254465][ T6723] FAT-fs (loop1): Directory bread(block 65) failed
[  172.288347][ T6723] FAT-fs (loop1): Directory bread(block 66) failed
[  172.317937][ T6723] FAT-fs (loop1): Directory bread(block 67) failed
[  172.387342][ T6731] loop2: detected capacity change from 0 to 128
[  173.309097][ T6723] FAT-fs (loop1): Directory bread(block 68) failed
[  173.384956][ T6723] FAT-fs (loop1): Directory bread(block 69) failed
[  173.454860][ T6723] FAT-fs (loop1): Directory bread(block 70) failed
[  173.509071][ T6723] FAT-fs (loop1): Directory bread(block 71) failed
[  173.614028][ T6723] FAT-fs (loop1): Directory bread(block 72) failed
[  173.648613][ T6723] FAT-fs (loop1): Directory bread(block 73) failed
[  174.472573][ T6746] loop3: detected capacity change from 0 to 2048
[  174.874674][ T6750] loop2: detected capacity change from 0 to 16
[  174.977153][ T6750] erofs: Unknown parameter '0x0000000000000003'
[  179.352055][ T6751] loop1: detected capacity change from 0 to 40427
[  180.724213][ T6760] loop2: detected capacity change from 0 to 512
[  180.792818][ T6760] EXT4-fs: quotafile must be on filesystem root
[  182.028303][  T787] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  182.256655][  T787] usb 5-1: Using ep0 maxpacket: 32
[  182.291664][  T787] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  182.321877][  T787] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.421149][  T787] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  183.089685][ T6787] loop3: detected capacity change from 0 to 256
[  183.421303][ T6787] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  183.432780][ T6787] FAT-fs (loop3): Filesystem has been set read-only
[  183.440133][ T6787] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  183.450478][ T6787] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  183.463345][ T6787] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  183.487989][   T28] kauditd_printk_skb: 31 callbacks suppressed
[  183.488002][   T28] audit: type=1800 audit(1772870465.819:124): pid=6787 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.224" name="file1" dev="loop3" ino=1048651 res=0 errno=0
[  183.636418][  T787] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  183.644939][  T787] usb 5-1: Product: syz
[  183.747885][  T787] usb 5-1: Manufacturer: syz
[  183.779376][  T787] hub 5-1:4.0: USB hub found
[  184.061845][  T787] hub 5-1:4.0: 2 ports detected
[  185.537445][ T6800] loop3: detected capacity change from 0 to 256
[  185.544765][ T6800] exfat: Deprecated parameter 'utf8'
[  185.550182][ T6800] exfat: Deprecated parameter 'namecase'
[  185.555846][ T6800] exfat: Deprecated parameter 'utf8'
[  185.612379][ T6800] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  185.806326][ T6805] syzkaller0: entered promiscuous mode
[  185.840073][ T6805] syzkaller0: entered allmulticast mode
[  185.905292][ T6808] loop2: detected capacity change from 0 to 512
[  185.932958][  T787] usb 5-1: USB disconnect, device number 2
[  186.023419][ T6808] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.145493][ T6808] ext4 filesystem being mounted at /60/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.486259][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.039683][ T6827] loop1: detected capacity change from 0 to 16
[  187.047085][ T6827] erofs: Unknown parameter '0x0000000000000003'
[  187.337403][ T5757] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  188.734571][ T6840] loop1: detected capacity change from 0 to 4096
[  188.762588][ T6840] EXT4-fs: Ignoring removed mblk_io_submit option
[  188.857492][ T6840] EXT4-fs (loop1): Test dummy encryption mode enabled
[  188.892501][ T6835] loop2: detected capacity change from 0 to 40427
[  188.899584][ T6840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.914977][ T6835] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  188.923325][ T6835] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  188.953626][ T6835] F2FS-fs (loop2): invalid crc value
[  188.989801][ T5767] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.197118][ T6835] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  189.228000][ T6835] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  190.627612][ T5763] syz-executor: attempt to access beyond end of device
[  190.627612][ T5763] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  190.669150][ T5763] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  191.408021][ T5769] Bluetooth: hci2: command 0x0406 tx timeout
[  191.415093][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  191.422747][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  191.592954][ T6874] loop2: detected capacity change from 0 to 512
[  191.653799][ T6874] EXT4-fs warning (device loop2): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  191.697387][ T6874] EXT4-fs warning (device loop2): dx_probe:881: Enable large directory feature to access it
[  191.708087][ T6874] EXT4-fs warning (device loop2): dx_probe:966: inode #2: comm syz.2.246: Corrupt directory, running e2fsck is recommended
[  191.725242][ T6874] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  191.735155][ T6874] EXT4-fs error (device loop2): ext4_iget_extra_inode:4732: inode #15: comm syz.2.246: corrupted in-inode xattr: e_name out of bounds
[  191.749556][ T6874] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.246: couldn't read orphan inode 15 (err -117)
[  191.778037][ T6874] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.854337][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.431917][ T6881] overlayfs: missing 'lowerdir'
[  193.513770][ T6889] loop2: detected capacity change from 0 to 16
[  193.525424][ T6889] erofs: Unknown parameter '0x0000000000000003'
[  194.508359][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  194.514699][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  194.635958][ T6895] loop1: detected capacity change from 0 to 256
[  194.785681][ T6895] FAT-fs (loop1): Directory bread(block 64) failed
[  194.811316][ T6895] FAT-fs (loop1): Directory bread(block 65) failed
[  194.831758][ T6895] FAT-fs (loop1): Directory bread(block 66) failed
[  194.864152][ T6895] FAT-fs (loop1): Directory bread(block 67) failed
[  194.892467][ T6895] FAT-fs (loop1): Directory bread(block 68) failed
[  194.922076][ T6895] FAT-fs (loop1): Directory bread(block 69) failed
[  194.942479][ T6895] FAT-fs (loop1): Directory bread(block 70) failed
[  194.969269][ T6895] FAT-fs (loop1): Directory bread(block 71) failed
[  194.998828][ T6895] FAT-fs (loop1): Directory bread(block 72) failed
[  195.005405][ T6895] FAT-fs (loop1): Directory bread(block 73) failed
[  195.279410][ T6895] syz.1.249: attempt to access beyond end of device
[  195.279410][ T6895] loop1: rw=524288, sector=1768, nr_sectors = 4 limit=256
[  195.309265][ T6895] syz.1.249: attempt to access beyond end of device
[  195.309265][ T6895] loop1: rw=0, sector=1768, nr_sectors = 4 limit=256
[  195.332916][   T28] audit: type=1800 audit(1772870477.689:125): pid=6895 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.249" name="file1" dev="loop1" ino=1048653 res=0 errno=0
[  195.748285][ T6895] loop1: detected capacity change from 256 to 0
[  196.543837][ T5806] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[  196.617833][ T5802] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  196.779380][ T6916] loop3: detected capacity change from 0 to 4096
[  201.233262][ T5806] usb 2-1: device descriptor read/all, error -71
[  201.287448][ T5767] syz-executor: attempt to access beyond end of device
[  201.287448][ T5767] loop1: rw=0, sector=20, nr_sectors = 4 limit=0
[  201.336635][ T6916] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  201.507098][ T5767] fat__get_entry: 1052 callbacks suppressed
[  201.507113][ T5767] FAT-fs (loop1): Directory bread(block 5) failed
[  201.555343][ T5767] syz-executor: attempt to access beyond end of device
[  201.555343][ T5767] loop1: rw=0, sector=24, nr_sectors = 4 limit=0
[  201.617868][ T5767] FAT-fs (loop1): Directory bread(block 6) failed
[  201.624386][ T5767] syz-executor: attempt to access beyond end of device
[  201.624386][ T5767] loop1: rw=0, sector=28, nr_sectors = 4 limit=0
[  201.704268][ T5767] FAT-fs (loop1): Directory bread(block 7) failed
[  201.743421][ T5767] syz-executor: attempt to access beyond end of device
[  201.743421][ T5767] loop1: rw=0, sector=32, nr_sectors = 4 limit=0
[  201.812052][ T5767] FAT-fs (loop1): Directory bread(block 8) failed
[  201.836274][ T5767] syz-executor: attempt to access beyond end of device
[  201.836274][ T5767] loop1: rw=0, sector=36, nr_sectors = 4 limit=0
[  201.913198][ T5767] FAT-fs (loop1): Directory bread(block 9) failed
[  201.942649][ T5767] syz-executor: attempt to access beyond end of device
[  201.942649][ T5767] loop1: rw=0, sector=40, nr_sectors = 4 limit=0
[  202.007809][ T5767] FAT-fs (loop1): Directory bread(block 10) failed
[  202.015528][ T5767] syz-executor: attempt to access beyond end of device
[  202.015528][ T5767] loop1: rw=0, sector=44, nr_sectors = 4 limit=0
[  202.127873][ T5767] FAT-fs (loop1): Directory bread(block 11) failed
[  202.134586][ T5767] syz-executor: attempt to access beyond end of device
[  202.134586][ T5767] loop1: rw=0, sector=48, nr_sectors = 4 limit=0
[  202.171345][ T5767] FAT-fs (loop1): Directory bread(block 12) failed
[  202.199031][ T5767] syz-executor: attempt to access beyond end of device
[  202.199031][ T5767] loop1: rw=0, sector=52, nr_sectors = 4 limit=0
[  202.227394][ T5767] FAT-fs (loop1): Directory bread(block 13) failed
[  202.440102][ T5767] syz-executor: attempt to access beyond end of device
[  202.440102][ T5767] loop1: rw=0, sector=56, nr_sectors = 4 limit=0
[  202.459361][ T5767] FAT-fs (loop1): Directory bread(block 14) failed
[  202.547853][ T6936] loop2: detected capacity change from 0 to 16
[  202.559432][ T6936] erofs: Unknown parameter '0x0000000000000003'
[  203.461752][   T11] FAT-fs (loop1): unable to read inode block for updating (i_pos 324)
[  203.533101][ T5767] FAT-fs (loop1): unable to read boot sector to mark fs as dirty
[  205.761774][ T3426] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.189920][ T3426] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.364702][ T3426] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.530373][ T3426] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.542380][ T6968] loop4: detected capacity change from 0 to 8192
[  206.897994][ T5827] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  207.157822][ T5827] usb 3-1: Using ep0 maxpacket: 32
[  207.165043][ T5827] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  207.204563][ T5827] usb 3-1: config 0 has no interface number 0
[  207.267912][ T5827] usb 3-1: config 0 interface 184 has no altsetting 0
[  207.347874][ T5827] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  207.377854][ T5827] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.396167][ T5827] usb 3-1: Product: syz
[  207.413004][ T5827] usb 3-1: Manufacturer: syz
[  207.417667][ T5827] usb 3-1: SerialNumber: syz
[  207.461702][ T5827] usb 3-1: config 0 descriptor??
[  207.481661][ T5827] smsc75xx v1.0.0
[  207.736686][ T5827] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  207.763602][ T5827] smsc75xx: probe of 3-1:0.184 failed with error -71
[  207.848577][ T5827] usb 3-1: USB disconnect, device number 8
[  208.846500][ T5803] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  208.926645][ T5775] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  208.944770][ T5775] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  208.961107][ T5775] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  208.977571][ T5775] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  208.998083][ T5775] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  209.005560][ T5775] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  209.088036][ T5803] usb 3-1: Using ep0 maxpacket: 16
[  209.096159][ T5803] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.108981][ T5803] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.118821][ T5803] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  209.131655][ T5803] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  209.149865][ T5803] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.172446][ T5803] usb 3-1: config 0 descriptor??
[  209.399124][ T3426] hsr_slave_0: left promiscuous mode
[  209.426124][ T3426] hsr_slave_1: left promiscuous mode
[  209.438747][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.458833][ T3426] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.466323][ T3426] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.492822][ T3426] bridge_slave_1: left allmulticast mode
[  209.504958][ T3426] bridge_slave_1: left promiscuous mode
[  209.515028][ T3426] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.540965][ T3426] bridge_slave_0: left allmulticast mode
[  209.546716][ T3426] bridge_slave_0: left promiscuous mode
[  209.568080][ T3426] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.608513][ T5803] microsoft 0003:045E:07DA.0001: item fetching failed at offset 33/34
[  209.653495][ T5803] microsoft 0003:045E:07DA.0001: parse failed
[  209.669967][ T5803] microsoft: probe of 0003:045E:07DA.0001 failed with error -22
[  209.679010][ T3426] veth1_macvtap: left promiscuous mode
[  209.684577][ T3426] veth0_macvtap: left promiscuous mode
[  209.711894][ T3426] veth1_vlan: left promiscuous mode
[  209.717295][ T3426] veth0_vlan: left promiscuous mode
[  209.799595][ T5803] usb 3-1: USB disconnect, device number 9
[  210.448448][ T7026] loop3: detected capacity change from 0 to 256
[  210.478532][ T7026] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  210.488974][ T7026] FAT-fs (loop3): Filesystem has been set read-only
[  210.495655][ T7026] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  210.505957][ T7026] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  210.517278][ T7026] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  210.525172][   T28] audit: type=1800 audit(1772870492.879:126): pid=7026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.274" name="file1" dev="loop3" ino=1048655 res=0 errno=0
[  210.609995][ T7029] loop2: detected capacity change from 0 to 512
[  210.690778][ T7029] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  210.792465][ T7029] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  210.814654][ T7029] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.894492][   T28] audit: type=1800 audit(1772870493.249:127): pid=7029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.275" name=0AF301 dev="loop2" ino=18 res=0 errno=0
[  210.974285][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.088346][ T5083] Bluetooth: hci1: command tx timeout
[  212.272866][ T3426] team0 (unregistering): Port device team_slave_1 removed
[  212.382824][ T3426] team0 (unregistering): Port device team_slave_0 removed
[  212.390174][  T786] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  212.479137][ T3426] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.556993][ T3426] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.589816][  T786] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  212.598401][  T786] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  212.606524][  T786] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  212.617252][  T786] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  212.633349][  T786] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  212.645832][  T786] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  212.681185][  T786] usb 4-1: string descriptor 0 read error: -22
[  212.690371][  T786] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  212.703580][  T786] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.744436][  T786] usb 4-1: config 0 descriptor??
[  212.769057][  T786] hub 4-1:0.0: bad descriptor, ignoring hub
[  212.776197][  T786] hub: probe of 4-1:0.0 failed with error -5
[  213.197023][ T5083] Bluetooth: hci1: command tx timeout
[  213.243376][  T786] usb 4-1: USB disconnect, device number 8
[  214.204863][ T7053] loop4: detected capacity change from 0 to 16
[  214.250240][ T7053] erofs: (device loop4): mounted with root inode @ nid 36.
[  214.311004][ T7053] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  214.333917][ T3426] bond0 (unregistering): Released all slaves
[  214.370768][ T7053] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[1851]
[  214.409099][ T7054] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  214.411702][ T7053] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  214.424360][ T7054] erofs: (device loop4): z_erofs_lz4_decompress_mem: failed to decompress -3 in[47, 4049] out[1851]
[  214.447381][ T7054] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  214.570411][ T7058] loop2: detected capacity change from 0 to 512
[  214.661921][ T7058] EXT4-fs error (device loop2): ext4_quota_enable:7136: comm syz.2.282: Bad quota inum: 50331652, type: 1
[  214.703647][ T7058] EXT4-fs (loop2): Remounting filesystem read-only
[  214.741213][ T7058] EXT4-fs warning (device loop2): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-117, ino=50331652). Please run e2fsck to fix.
[  214.758576][ T7058] EXT4-fs (loop2): mount failed
[  215.257981][ T5083] Bluetooth: hci1: command tx timeout
[  215.590996][ T7004] chnl_net:caif_netlink_parms(): no params data found
[  215.825764][ T7073] loop3: detected capacity change from 0 to 256
[  215.891106][ T7072] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  215.901429][ T7072] FAT-fs (loop3): Filesystem has been set read-only
[  215.908342][ T7072] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  215.918949][ T7072] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  215.929521][ T7072] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  215.938760][   T28] audit: type=1800 audit(1772870498.289:128): pid=7072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.284" name="file1" dev="loop3" ino=1048656 res=0 errno=0
[  216.123909][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.181221][ T7004] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.209305][ T7004] bridge_slave_0: entered allmulticast mode
[  216.226991][ T7004] bridge_slave_0: entered promiscuous mode
[  216.250386][ T7004] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.277909][ T7004] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.298462][ T7004] bridge_slave_1: entered allmulticast mode
[  216.305793][ T7004] bridge_slave_1: entered promiscuous mode
[  216.398304][ T7004] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.434924][ T7004] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.510500][ T7004] team0: Port device team_slave_0 added
[  216.533169][ T7004] team0: Port device team_slave_1 added
[  216.606736][ T7004] batman_adv: batadv0: Adding interface: batadv_slave_0
[  216.634933][ T7004] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  216.725531][ T7004] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  216.814711][ T7101] loop3: detected capacity change from 0 to 16
[  216.826312][ T7101] erofs: Unknown parameter '0x0000000000000003'
[  216.930973][ T7004] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.056309][ T7004] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.383091][ T5083] Bluetooth: hci1: command tx timeout
[  217.497913][ T7004] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.766274][ T7004] hsr_slave_0: entered promiscuous mode
[  217.811473][ T7004] hsr_slave_1: entered promiscuous mode
[  217.835902][ T7004] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.884590][ T7004] Cannot create hsr debugfs directory
[  218.785149][ T7004] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  218.818985][ T7004] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  218.843516][ T7004] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  218.875439][ T7004] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  219.142499][ T7004] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.232245][ T7004] 8021q: adding VLAN 0 to HW filter on device team0
[  219.280221][ T6788] bridge0: port 1(bridge_slave_0) entered blocking state
[  219.288347][ T6788] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.364181][ T1135] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.371418][ T1135] bridge0: port 2(bridge_slave_1) entered forwarding state
[  219.381961][ T7127] loop2: detected capacity change from 0 to 256
[  219.469520][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.507298][ T7127] FAT-fs (loop2): Filesystem has been set read-only
[  219.555713][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.627663][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.651552][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.681188][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.714433][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.747910][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.776914][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.807646][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.834468][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.867947][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.894197][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.920880][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.948070][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.966864][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  219.997982][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.017584][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.043930][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.074382][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.105265][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.106497][ T7004] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.145511][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.157897][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.166706][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.212988][ T7127] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 198)
[  220.243907][   T28] audit: type=1800 audit(1772870502.599:129): pid=7127 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.290" name="file2" dev="loop2" ino=1048657 res=0 errno=0
[  220.919892][ T7161] capability: warning: `syz.3.293' uses 32-bit capabilities (legacy support in use)
[  220.993653][ T7004] veth0_vlan: entered promiscuous mode
[  221.052003][ T7004] veth1_vlan: entered promiscuous mode
[  221.275471][ T7004] veth0_macvtap: entered promiscuous mode
[  221.324875][ T7004] veth1_macvtap: entered promiscuous mode
[  221.388610][ T7004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  221.465517][ T7176] loop3: detected capacity change from 0 to 16
[  221.477325][ T7176] erofs: Unknown parameter '0x0000000000000003'
[  221.723828][ T7004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.017339][ T7004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.254074][ T7004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.526794][ T7004] batman_adv: batadv0: Interface activated: batadv_slave_0
[  222.923482][ T7004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.115284][ T7004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.172597][ T7004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.183424][ T5757] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  223.193660][ T7004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.367874][ T7004] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  223.420692][ T7004] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.491980][ T7004] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.556642][ T7004] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.794472][ T7004] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.803500][ T7004] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.822225][ T7004] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.943183][ T7182] loop3: detected capacity change from 0 to 4096
[  224.069552][ T7182] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.137168][ T5003] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.202018][ T5003] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.295791][ T5003] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.328651][ T5003] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.670935][ T7197] loop5: detected capacity change from 0 to 512
[  224.754924][ T7197] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.787640][ T7197] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  224.820179][ T5768] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.102922][ T7209] loop3: detected capacity change from 0 to 256
[  225.961440][ T7209] FAT-fs (loop3): Directory bread(block 64) failed
[  225.977876][ T7209] FAT-fs (loop3): Directory bread(block 65) failed
[  225.984569][ T7209] FAT-fs (loop3): Directory bread(block 66) failed
[  225.991250][ T7209] FAT-fs (loop3): Directory bread(block 67) failed
[  225.997930][ T7209] FAT-fs (loop3): Directory bread(block 68) failed
[  226.008756][ T7209] FAT-fs (loop3): Directory bread(block 69) failed
[  226.063509][ T7209] FAT-fs (loop3): Directory bread(block 70) failed
[  226.098014][ T7209] FAT-fs (loop3): Directory bread(block 71) failed
[  226.115149][ T7209] FAT-fs (loop3): Directory bread(block 72) failed
[  226.130431][ T7004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.158117][ T7209] FAT-fs (loop3): Directory bread(block 73) failed
[  226.562821][ T7219] loop2: detected capacity change from 0 to 2048
[  226.645663][ T7219]  loop2: p1 < >
[  226.747471][ T5138]  loop2: p1 < >
[  226.932761][ T7209] loop3: detected capacity change from 256 to 0
[  226.973538][ T7228] bio_check_eod: 405 callbacks suppressed
[  226.973555][ T7228] syz.3.298: attempt to access beyond end of device
[  226.973555][ T7228] loop3: rw=0, sector=20, nr_sectors = 4 limit=0
[  227.046204][ T5757] udevd[5757]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  227.065371][ T7228] syz.3.298: attempt to access beyond end of device
[  227.065371][ T7228] loop3: rw=0, sector=24, nr_sectors = 4 limit=0
[  227.195978][ T7228] syz.3.298: attempt to access beyond end of device
[  227.195978][ T7228] loop3: rw=0, sector=28, nr_sectors = 4 limit=0
[  227.224277][ T7228] syz.3.298: attempt to access beyond end of device
[  227.224277][ T7228] loop3: rw=0, sector=32, nr_sectors = 4 limit=0
[  227.261558][ T7228] syz.3.298: attempt to access beyond end of device
[  227.261558][ T7228] loop3: rw=0, sector=36, nr_sectors = 4 limit=0
[  227.540607][ T7228] syz.3.298: attempt to access beyond end of device
[  227.540607][ T7228] loop3: rw=0, sector=40, nr_sectors = 4 limit=0
[  227.982368][ T7228] syz.3.298: attempt to access beyond end of device
[  227.982368][ T7228] loop3: rw=0, sector=44, nr_sectors = 4 limit=0
[  228.044799][ T7228] syz.3.298: attempt to access beyond end of device
[  228.044799][ T7228] loop3: rw=0, sector=48, nr_sectors = 4 limit=0
[  228.134096][ T7228] syz.3.298: attempt to access beyond end of device
[  228.134096][ T7228] loop3: rw=0, sector=52, nr_sectors = 4 limit=0
[  228.215844][ T7228] syz.3.298: attempt to access beyond end of device
[  228.215844][ T7228] loop3: rw=0, sector=56, nr_sectors = 4 limit=0
[  229.039157][ T7248] loop5: detected capacity change from 0 to 256
[  229.261896][ T7248] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  229.272237][ T7248] FAT-fs (loop5): Filesystem has been set read-only
[  229.279475][ T7248] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  229.289779][ T7248] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  229.303417][ T7248] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001)
[  229.437853][   T28] audit: type=1800 audit(1772870511.659:130): pid=7248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.307" name="file1" dev="loop5" ino=1048662 res=0 errno=0
[  229.838499][ T5768] FAT-fs (loop3): unable to read boot sector to mark fs as dirty
[  230.057384][ T6725] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  230.327978][ T6725] usb 3-1: Using ep0 maxpacket: 32
[  230.432823][ T6725] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  230.601642][ T6725] usb 3-1: config 0 has no interface number 0
[  230.823847][ T6725] usb 3-1: config 0 interface 184 has no altsetting 0
[  230.847925][ T6725] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  230.862294][ T6725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.871419][ T6725] usb 3-1: Product: syz
[  230.875618][ T6725] usb 3-1: Manufacturer: syz
[  230.978445][ T6725] usb 3-1: SerialNumber: syz
[  230.988850][ T6725] usb 3-1: config 0 descriptor??
[  231.011017][ T6725] smsc75xx v1.0.0
[  231.450805][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.595702][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  231.760183][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.050326][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.441710][ T6725] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[  232.734443][ T6725] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  232.816374][ T6725] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  232.884759][ T6725] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  232.956083][ T6725] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  233.048391][ T6725] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  233.127190][ T6725] smsc75xx: probe of 3-1:0.184 failed with error -71
[  233.221923][ T6725] usb 3-1: USB disconnect, device number 10
[  233.875449][ T5775] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  233.886739][ T5775] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  233.894752][ T5775] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  233.906669][ T5775] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  233.914401][ T5775] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  233.921830][ T5775] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  233.998935][ T7305] loop5: detected capacity change from 0 to 1024
[  234.108244][ T7305] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.672348][ T7004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.971472][ T5775] Bluetooth: hci2: command tx timeout
[  235.972357][ T7316] loop4: detected capacity change from 0 to 256
[  236.008147][ T7316] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  236.019040][ T7316] FAT-fs (loop4): Filesystem has been set read-only
[  236.026200][ T7316] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  236.036470][ T7316] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  236.042988][ T7321] loop2: detected capacity change from 0 to 512
[  236.047050][ T7316] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  236.061590][   T28] audit: type=1800 audit(1772870518.409:131): pid=7316 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.322" name="file1" dev="loop4" ino=1048663 res=0 errno=0
[  236.091717][ T7321] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000001)
[  236.195695][ T5974] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  236.309259][ T7325] loop5: detected capacity change from 0 to 256
[  236.538590][ T7325] FAT-fs (loop5): Directory bread(block 64) failed
[  236.564689][ T7325] FAT-fs (loop5): Directory bread(block 65) failed
[  236.593019][ T7325] FAT-fs (loop5): Directory bread(block 66) failed
[  236.609936][ T7325] FAT-fs (loop5): Directory bread(block 67) failed
[  236.628667][ T7325] FAT-fs (loop5): Directory bread(block 68) failed
[  236.642340][ T7325] FAT-fs (loop5): Directory bread(block 69) failed
[  236.655678][ T7325] FAT-fs (loop5): Directory bread(block 70) failed
[  236.674787][ T7325] FAT-fs (loop5): Directory bread(block 71) failed
[  236.696911][ T7325] FAT-fs (loop5): Directory bread(block 72) failed
[  236.706739][ T7325] FAT-fs (loop5): Directory bread(block 73) failed
[  236.793891][   T28] audit: type=1800 audit(1772870519.149:132): pid=7325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.325" name="file2" dev="loop5" ino=1048664 res=0 errno=0
[  236.828702][   T28] audit: type=1800 audit(1772870519.159:133): pid=7325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.325" name="bus" dev="loop5" ino=1048665 res=0 errno=0
[  236.884857][ T7300] chnl_net:caif_netlink_parms(): no params data found
[  237.173787][ T7349] loop5: detected capacity change from 0 to 1024
[  237.219857][ T7349] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.668243][ T7004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.056390][ T5775] Bluetooth: hci2: command tx timeout
[  238.109476][ T7372] tipc: Enabling of bearer <eth:s> rejected, failed to enable media
[  238.118180][ T7377] tipc: Enabling of bearer <eth:s> rejected, failed to enable media
[  238.178104][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  238.295380][ T7300] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.343555][ T7300] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.377860][    T9] usb 5-1: Using ep0 maxpacket: 32
[  238.378610][ T7300] bridge_slave_0: entered allmulticast mode
[  238.421388][ T7300] bridge_slave_0: entered promiscuous mode
[  238.438158][    T9] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  238.458590][ T7300] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.465708][    T9] usb 5-1: config 0 has no interface number 0
[  238.465754][    T9] usb 5-1: config 0 interface 184 has no altsetting 0
[  238.484983][    T9] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  238.495718][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.508822][ T7300] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.512158][    T9] usb 5-1: Product: syz
[  238.523390][    T9] usb 5-1: Manufacturer: syz
[  238.525445][ T7300] bridge_slave_1: entered allmulticast mode
[  238.537537][    T9] usb 5-1: SerialNumber: syz
[  238.543773][ T7300] bridge_slave_1: entered promiscuous mode
[  238.562095][    T9] usb 5-1: config 0 descriptor??
[  238.598597][    T9] smsc75xx v1.0.0
[  238.745185][   T12] hsr_slave_0: left promiscuous mode
[  238.777298][   T12] hsr_slave_1: left promiscuous mode
[  238.838017][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  238.845345][    T9] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  238.865680][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  238.878561][    T9] smsc75xx: probe of 5-1:0.184 failed with error -71
[  238.919531][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  238.924762][    T9] usb 5-1: USB disconnect, device number 3
[  238.939699][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  238.950446][   T12] bridge_slave_1: left allmulticast mode
[  238.956432][   T12] bridge_slave_1: left promiscuous mode
[  238.977601][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  239.002899][   T12] bridge_slave_0: left allmulticast mode
[  239.015361][   T12] bridge_slave_0: left promiscuous mode
[  239.038193][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  239.143268][   T12] veth1_macvtap: left promiscuous mode
[  239.158518][   T12] veth0_macvtap: left promiscuous mode
[  239.170351][   T12] veth1_vlan: left promiscuous mode
[  239.185445][   T12] veth0_vlan: left promiscuous mode
[  239.439421][   T28] audit: type=1326 audit(1772870521.799:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7400 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914239c799 code=0x7ffc0000
[  239.471468][   T27] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  239.512133][   T28] audit: type=1326 audit(1772870521.799:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7400 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914239c799 code=0x7ffc0000
[  239.578078][   T28] audit: type=1326 audit(1772870521.799:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7400 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f914239c799 code=0x7ffc0000
[  239.616404][   T28] audit: type=1326 audit(1772870521.799:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7400 comm="syz.4.336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f914239c799 code=0x7ffc0000
[  239.685796][ T7405] loop4: detected capacity change from 0 to 2048
[  239.687816][   T27] usb 3-1: Using ep0 maxpacket: 16
[  239.719058][ T7405] EXT4-fs: Ignoring removed i_version option
[  239.736451][   T27] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  239.750056][   T27] usb 3-1: config 1 has no interface number 0
[  239.778326][   T27] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  239.807298][   T27] usb 3-1: config 1 interface 105 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  239.833966][   T27] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  239.835094][ T7405] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.856213][   T27] usb 3-1: config 1 interface 105 has no altsetting 0
[  239.869171][   T27] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  239.882910][   T27] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  239.897916][   T27] usb 3-1: Product: syz
[  239.902965][   T27] usb 3-1: Manufacturer: syz
[  239.907593][   T27] usb 3-1: SerialNumber: syz
[  239.916661][ T7394] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  239.926134][ T7405] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.127927][ T5775] Bluetooth: hci2: command tx timeout
[  240.139893][   T27] aqc111: probe of 3-1:1.105 failed with error -22
[  240.160114][ T7411] EXT4-fs warning (device loop4): ext4_dirblock_csum_verify:406: inode #2: comm syz.4.337: No space for directory leaf checksum. Please run e2fsck -D.
[  240.200580][ T7411] EXT4-fs error (device loop4): __ext4_find_entry:1696: inode #2: comm syz.4.337: checksumming directory block 0
[  240.360374][ T6475] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.557241][ T7416] loop4: detected capacity change from 0 to 1024
[  240.576126][ T5806] usb 3-1: USB disconnect, device number 11
[  240.643847][ T7416] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.266456][   T12] team0 (unregistering): Port device team_slave_1 removed
[  241.400491][   T12] team0 (unregistering): Port device team_slave_0 removed
[  241.561827][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  241.617024][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.211357][ T5775] Bluetooth: hci2: command tx timeout
[  242.334156][ T7413] loop5: detected capacity change from 0 to 131072
[  242.370070][ T7413] F2FS-fs (loop5): invalid crc value
[  242.395123][ T7413] F2FS-fs (loop5): Found nat_bits in checkpoint
[  242.517928][ T7413] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  242.602031][   T12] bond0 (unregistering): Released all slaves
[  242.742000][ T7300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.789464][ T7300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.882133][ T6475] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.917014][ T7300] team0: Port device team_slave_0 added
[  242.967118][ T7300] team0: Port device team_slave_1 added
[  243.121398][ T7300] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.137818][ T7300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.218077][ T7300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.244517][ T7300] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.295998][ T7300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.363563][ T7300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.393244][ T7438] loop2: detected capacity change from 0 to 1024
[  243.438639][ T7438] EXT4-fs: Ignoring removed bh option
[  243.444143][ T7438] ext4: Unknown parameter 'noacl'
[  243.646472][ T7300] hsr_slave_0: entered promiscuous mode
[  243.698408][ T7300] hsr_slave_1: entered promiscuous mode
[  243.718648][ T7300] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.739971][ T7300] Cannot create hsr debugfs directory
[  244.844965][ T7457] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  245.299648][ T7300] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  245.369705][ T7300] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  245.395550][ T7300] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  245.437988][ T7300] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  245.668386][  T786] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  245.818983][ T7300] 8021q: adding VLAN 0 to HW filter on device bond0
[  245.897986][ T7300] 8021q: adding VLAN 0 to HW filter on device team0
[  245.939493][  T786] usb 6-1: Using ep0 maxpacket: 32
[  245.951346][ T5021] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.958506][ T5021] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.000015][  T786] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  246.029000][  T786] usb 6-1: config 0 has no interface number 0
[  246.044362][ T5021] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.051589][ T5021] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.059349][  T786] usb 6-1: config 0 interface 184 has no altsetting 0
[  246.099494][  T786] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  246.136346][  T786] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.176705][  T786] usb 6-1: Product: syz
[  246.225381][  T786] usb 6-1: Manufacturer: syz
[  246.254617][  T786] usb 6-1: SerialNumber: syz
[  246.284254][  T786] usb 6-1: config 0 descriptor??
[  246.287558][ T7300] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  246.310309][  T786] smsc75xx v1.0.0
[  246.456611][ T7487] hub 8-0:1.0: USB hub found
[  246.463512][ T7487] hub 8-0:1.0: 1 port detected
[  247.288015][  T786] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  247.318054][  T786] smsc75xx: probe of 6-1:0.184 failed with error -71
[  247.345359][  T786] usb 6-1: USB disconnect, device number 2
[  247.555747][ T7501] netlink: 'syz.2.359': attribute type 15 has an invalid length.
[  247.592217][ T7300] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.812823][ T5803] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  248.028080][ T5803] usb 5-1: Using ep0 maxpacket: 32
[  248.058273][ T5803] usb 5-1: unable to get BOS descriptor or descriptor too short
[  248.113844][ T7516] tipc: Started in network mode
[  248.128034][ T7516] tipc: Node identity 5a10beb5bc2, cluster identity 4711
[  248.148177][ T7516] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  248.245263][ T7516] syzkaller0: entered promiscuous mode
[  248.253275][ T7516] syzkaller0: entered allmulticast mode
[  248.262389][ T7516] tipc: Resetting bearer <eth:syzkaller0>
[  248.290207][ T5803] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  248.302565][ T5803] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  248.328237][ T5803] usb 5-1: New USB device found, idVendor=0499, idProduct=1054, bcdDevice= 0.40
[  248.337329][ T5803] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.359260][ T5803] usb 5-1: Product: syz
[  248.363478][ T5803] usb 5-1: Manufacturer: syz
[  248.378140][ T5803] usb 5-1: SerialNumber: syz
[  248.446994][ T7515] tipc: Resetting bearer <eth:syzkaller0>
[  248.625398][ T5803] usb 5-1: unit 37 not found!
[  248.634035][ T5803] usb 5-1: unit 0 not found!
[  248.691910][ T5803] usb 5-1: USB disconnect, device number 4
[  248.758568][ T5757] udevd[5757]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  249.581345][ T7528] loop4: detected capacity change from 0 to 16
[  249.592847][ T7528] erofs: Unknown parameter '0x0000000000000003'
[  251.756476][ T7515] tipc: Disabling bearer <eth:syzkaller0>
[  251.768626][ T6725] tipc: Node number set to 3861954229
[  251.923934][ T7300] veth0_vlan: entered promiscuous mode
[  251.964297][ T7300] veth1_vlan: entered promiscuous mode
[  253.508558][ T7544] loop5: detected capacity change from 0 to 40427
[  254.149400][ T7300] veth0_macvtap: entered promiscuous mode
[  254.214233][ T7300] veth1_macvtap: entered promiscuous mode
[  254.373640][ T7300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  254.443271][ T7300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.487767][ T7300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  254.542000][ T7300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.599573][ T7300] batman_adv: batadv0: Interface activated: batadv_slave_0
[  254.657170][ T7300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  254.737935][ T7300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.758150][ T7300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  254.805093][ T7300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  254.847801][ T7300] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  254.967857][ T7300] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  255.023099][ T7300] batman_adv: batadv0: Interface activated: batadv_slave_1
[  255.100280][ T7300] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.100302][ T7561] loop2: detected capacity change from 0 to 16
[  255.101167][ T7561] erofs: Unknown parameter '0x0000000000000003'
[  255.137192][ T7559] loop5: detected capacity change from 0 to 2048
[  255.156597][ T7300] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.182230][ T7300] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.192647][ T7300] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.209111][ T5974] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  255.245489][ T7559] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.597699][ T1035] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.622222][ T7572] loop4: detected capacity change from 0 to 1024
[  255.632294][ T1035] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.633071][ T7572] EXT4-fs: Ignoring removed nomblk_io_submit option
[  255.721365][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.744874][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.830661][ T7572] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.894902][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  255.901524][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  256.291180][ T7587] netlink: 140 bytes leftover after parsing attributes in process `syz.4.375'.
[  256.523668][ T7586] loop6: detected capacity change from 0 to 1024
[  256.607891][ T7586] EXT4-fs: Ignoring removed orlov option
[  256.653201][ T7586] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  256.779420][ T6475] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.816123][ T7586] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.269628][ T7566] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1229: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  259.589014][ T7300] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.659773][ T7004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.869636][ T7618] loop4: detected capacity change from 0 to 16
[  259.876786][ T7618] erofs: Unknown parameter '0x0000000000000003'
[  260.156535][ T7626] loop6: detected capacity change from 0 to 1024
[  260.194442][ T7626] EXT4-fs: Ignoring removed nomblk_io_submit option
[  260.247541][ T7626] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.590860][ T7612] loop2: detected capacity change from 0 to 40427
[  261.120512][ T7612] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288)
[  261.178572][ T7612] F2FS-fs (loop2): invalid crc value
[  261.249472][ T7612] F2FS-fs (loop2): Found nat_bits in checkpoint
[  261.273473][ T7300] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.497623][ T7612] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  261.603226][   T28] audit: type=1326 audit(1772870543.959:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  261.658925][   T28] audit: type=1326 audit(1772870543.959:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  261.751932][   T28] audit: type=1326 audit(1772870543.989:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  261.835514][   T28] audit: type=1326 audit(1772870543.989:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  261.873286][ T7623] loop5: detected capacity change from 0 to 40427
[  261.898415][   T28] audit: type=1326 audit(1772870543.989:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  261.951900][   T28] audit: type=1326 audit(1772870543.989:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  261.974267][ T7623] F2FS-fs (loop5): invalid crc value
[  262.008349][ T7623] F2FS-fs (loop5): Found nat_bits in checkpoint
[  262.047859][   T28] audit: type=1326 audit(1772870543.989:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  262.148186][   T28] audit: type=1326 audit(1772870543.989:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  262.198835][ T7623] F2FS-fs (loop5): Start checkpoint disabled!
[  262.227072][   T28] audit: type=1326 audit(1772870544.009:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  262.286853][ T7623] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  262.296447][   T28] audit: type=1326 audit(1772870544.009:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7610 comm="syz.2.381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa32bf9c799 code=0x7ffc0000
[  262.365188][ T7623] capability: warning: `syz.5.385' uses deprecated v2 capabilities in a way that may be insecure
[  263.446634][ T7677] loop5: detected capacity change from 0 to 2048
[  263.541412][ T7677]  loop5: p1 < >
[  263.614788][ T5138]  loop5: p1 < >
[  263.821335][ T5757] udevd[5757]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  263.988820][ T7685] loop6: detected capacity change from 0 to 256
[  264.120471][ T7685] Invalid ELF header len 10
[  265.308730][ T7698] loop5: detected capacity change from 0 to 1024
[  265.316096][ T7698] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.431174][ T7698] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.330565][ T7715] loop6: detected capacity change from 0 to 16
[  266.337829][ T7715] erofs: Unknown parameter '0x0000000000000003'
[  266.434966][ T7004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.470411][ T5757] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  266.627383][ T7718] loop4: detected capacity change from 0 to 128
[  266.711267][ T7718] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  266.752883][ T7718] ext4 filesystem being mounted at /53/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  266.918857][ T5802] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  266.954659][ T6475] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  267.119612][ T5802] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.150315][ T5802] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.163282][ T5802] usb 6-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  267.186035][ T5802] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.208575][ T5802] usb 6-1: config 0 descriptor??
[  267.245076][ T7730] loop6: detected capacity change from 0 to 2048
[  267.504219][ T7730] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.526763][ T7730] ext4 filesystem being mounted at /7/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.626671][ T7730] EXT4-fs (loop6): Online resizing not supported with bigalloc
[  267.645291][ T7735] loop2: detected capacity change from 0 to 16
[  267.668668][ T7735] erofs: (device loop2): mounted with root inode @ nid 36.
[  267.756621][ T5802] hid-steam 0003:28DE:1102.0002: hidraw0: USB HID v0.00 Device [HID 28de:1102] on usb-dummy_hcd.5-1/input0
[  267.781005][ T7300] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.957646][ T5763] erofs: (device loop2): erofs_fill_dentries: bogus dirent @ nid 46
[  267.990963][ T5763] erofs: (device loop2): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  268.024924][ T5763] erofs: (device loop2): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  268.098147][   T27] usb 6-1: USB disconnect, device number 3
[  268.135578][ T7737] fido_id[7737]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  269.332378][ T7764] loop4: detected capacity change from 0 to 128
[  269.486083][ T7765] loop5: detected capacity change from 0 to 256
[  269.500419][ T7765] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  269.500449][ T7758] bio_check_eod: 1643 callbacks suppressed
[  269.500460][ T7758] syz.4.409: attempt to access beyond end of device
[  269.500460][ T7758] loop4: rw=2049, sector=154, nr_sectors = 96 limit=128
[  269.510564][ T7765] FAT-fs (loop5): Filesystem has been set read-only
[  269.510662][ T7765] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  269.510696][ T7765] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  269.511098][ T7765] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001)
[  269.516635][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  269.516647][   T28] audit: type=1800 audit(1772870551.869:156): pid=7765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.408" name="file1" dev="loop5" ino=1048671 res=0 errno=0
[  269.604372][ T7758] syz.4.409: attempt to access beyond end of device
[  269.604372][ T7758] loop4: rw=2049, sector=138, nr_sectors = 12 limit=128
[  270.018488][ T7775] loop4: detected capacity change from 0 to 512
[  270.070921][ T7775] EXT4-fs: Ignoring removed mblk_io_submit option
[  270.087807][ T7775] EXT4-fs: inline encryption not supported
[  270.098588][ T7775] EXT4-fs: Ignoring removed mblk_io_submit option
[  270.148218][ T7775] EXT4-fs (loop4): Test dummy encryption mode enabled
[  270.155883][ T7775] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  270.217914][ T7775] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  270.309844][ T7775] EXT4-fs (loop4): 1 truncate cleaned up
[  270.317532][ T7775] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.537593][ T7747] loop2: detected capacity change from 0 to 40427
[  270.587938][ T7747] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x7ffff
[  270.595585][ T7790] loop5: detected capacity change from 0 to 512
[  270.607241][ T7747] F2FS-fs (loop2): heap/no_heap options were deprecated
[  270.660530][ T7790] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.677575][ T7747] F2FS-fs (loop2): invalid crc value
[  270.712803][ T7747] F2FS-fs (loop2): Found nat_bits in checkpoint
[  270.725004][ T7790] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.814315][ T7775] fscrypt (loop4): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  271.178937][ T6475] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.181066][ T7747] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  271.285998][ T7807] fs-verity (loop5, inode 15): Unrecognized descriptor size: 0 bytes
[  271.910943][ T7004] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.022808][ T5763] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x516/0x19c0
[  272.022918][ T5763] F2FS-fs (loop2): invalid blkaddr: 1535, type: 10, run fsck to fix.
[  273.333513][ T5083] Bluetooth: hci3: command 0x0406 tx timeout
[  273.607301][ T7833] loop2: detected capacity change from 0 to 1024
[  273.629337][ T7833] EXT4-fs: Ignoring removed nomblk_io_submit option
[  273.780128][ T7833] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.841735][ T7838] loop4: detected capacity change from 0 to 256
[  273.863971][ T7841] loop6: detected capacity change from 0 to 256
[  273.879735][ T7838] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  273.883757][ T7841] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  273.890269][ T7838] FAT-fs (loop4): Filesystem has been set read-only
[  273.901055][ T7841] FAT-fs (loop6): Filesystem has been set read-only
[  273.907692][ T7838] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  273.914381][ T7841] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  273.924421][ T7838] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  273.934513][ T7841] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  273.944947][ T7838] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  273.955104][ T7841] FAT-fs (loop6): error, invalid access to FAT (entry 0x00000001)
[  273.978442][   T28] audit: type=1800 audit(1772870556.309:157): pid=7838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.421" name="file1" dev="loop4" ino=1048672 res=0 errno=0
[  274.022525][   T28] audit: type=1800 audit(1772870556.319:158): pid=7841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.423" name="file1" dev="loop6" ino=1048673 res=0 errno=0
[  274.407692][ T7820] loop5: detected capacity change from 0 to 40427
[  274.459052][ T7820] F2FS-fs (loop5): Invalid segment/section count (31, 24 x 1)
[  274.524881][ T7820] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  274.581759][ T7820] F2FS-fs (loop5): invalid crc value
[  274.587166][ T7820] F2FS-fs (loop5): Ignore s_resuid=0, s_resgid=60928 w/o reserve_root
[  274.607016][ T7850] loop6: detected capacity change from 0 to 512
[  274.619904][ T7850] EXT4-fs: Ignoring removed orlov option
[  274.625818][ T7850] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.639356][ T5763] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.667391][ T7850] EXT4-fs error (device loop6): ext4_iget_extra_inode:4732: inode #15: comm syz.6.424: corrupted in-inode xattr: e_value size too large
[  274.805942][ T7820] F2FS-fs (loop5): Found nat_bits in checkpoint
[  274.875825][ T7850] EXT4-fs error (device loop6): ext4_orphan_get:1403: comm syz.6.424: couldn't read orphan inode 15 (err -117)
[  274.885382][ T7859] loop4: detected capacity change from 0 to 1024
[  274.929201][ T7859] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.961784][ T7850] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  274.968745][ T7820] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  275.061834][ T7820] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  275.183195][ T7859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.220027][ T7300] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.749200][ T7859] ==================================================================
[  275.757318][ T7859] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90
[  275.765064][ T7859] Read of size 18446744073709551588 at addr ffff88802c2d8840 by task syz.4.426/7859
[  275.774451][ T7859] 
[  275.776800][ T7859] CPU: 0 PID: 7859 Comm: syz.4.426 Not tainted syzkaller #0
[  275.784098][ T7859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  275.794188][ T7859] Call Trace:
[  275.797495][ T7859]  <TASK>
[  275.800447][ T7859]  dump_stack_lvl+0x18c/0x250
[  275.805148][ T7859]  ? read_lock_is_recursive+0x20/0x20
[  275.810564][ T7859]  ? show_regs_print_info+0x20/0x20
[  275.815812][ T7859]  ? load_image+0x400/0x400
[  275.820338][ T7859]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  275.825814][ T7859]  ? __virt_addr_valid+0x18c/0x540
[  275.830945][ T7859]  ? __virt_addr_valid+0x469/0x540
[  275.836075][ T7859]  print_report+0xa8/0x210
[  275.840510][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.845981][ T7859]  kasan_report+0x117/0x150
[  275.850485][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.855939][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.861392][ T7859]  kasan_check_range+0x241/0x290
[  275.866328][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.871785][ T7859]  __asan_memmove+0x29/0x70
[  275.876280][ T7859]  ext4_xattr_set_entry+0x94b/0x1e90
[  275.881562][ T7859]  ext4_xattr_block_set+0xae8/0x32b0
[  275.886837][ T7859]  ? ext4_destroy_inode+0x200/0x200
[  275.892068][ T7859]  ? proc_nr_inodes+0x230/0x230
[  275.896908][ T7859]  ? do_raw_spin_unlock+0x121/0x230
[  275.902103][ T7859]  ? _raw_spin_unlock+0x28/0x40
[  275.906949][ T7859]  ? ext4_xattr_block_find+0x350/0x350
[  275.912405][ T7859]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  275.917787][ T7859]  ext4_xattr_set_handle+0x1280/0x14c0
[  275.923246][ T7859]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  275.929219][ T7859]  ? mark_lock+0x94/0x320
[  275.933543][ T7859]  ? __ext4_journal_start_sb+0x259/0x560
[  275.939171][ T7859]  ext4_xattr_set+0x252/0x340
[  275.943846][ T7859]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  275.949475][ T7859]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  275.955020][ T7859]  ? ext4_xattr_trusted_set+0x23/0x50
[  275.960389][ T7859]  ? ext4_xattr_trusted_get+0x40/0x40
[  275.965763][ T7859]  __vfs_setxattr+0x431/0x470
[  275.970437][ T7859]  __vfs_setxattr_noperm+0x12d/0x5e0
[  275.975714][ T7859]  vfs_setxattr+0x16b/0x2f0
[  275.980209][ T7859]  ? preempt_schedule_thunk+0x1a/0x30
[  275.985578][ T7859]  ? xattr_permission+0x470/0x470
[  275.990595][ T7859]  ? __mnt_want_write+0x23f/0x2a0
[  275.995613][ T7859]  ? path_setxattr+0x3a1/0x5d0
[  276.000457][ T7859]  path_setxattr+0x3f3/0x5d0
[  276.005042][ T7859]  ? simple_xattrs_free+0x150/0x150
[  276.010241][ T7859]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  276.016215][ T7859]  ? lock_chain_count+0x20/0x20
[  276.021062][ T7859]  __x64_sys_lsetxattr+0xb8/0xd0
[  276.026015][ T7859]  do_syscall_64+0x55/0xa0
[  276.030447][ T7859]  ? clear_bhb_loop+0x40/0x90
[  276.035128][ T7859]  ? clear_bhb_loop+0x40/0x90
[  276.039806][ T7859]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  276.045700][ T7859] RIP: 0033:0x7f914239c799
[  276.050128][ T7859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.069732][ T7859] RSP: 002b:00007f9143342028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  276.078143][ T7859] RAX: ffffffffffffffda RBX: 00007f9142615fa0 RCX: 00007f914239c799
[  276.086133][ T7859] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0
[  276.094095][ T7859] RBP: 00007f9142432bd9 R08: 0000000000000000 R09: 0000000000000000
[  276.102062][ T7859] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  276.110065][ T7859] R13: 00007f9142616038 R14: 00007f9142615fa0 R15: 00007ffc641c16a8
[  276.118052][ T7859]  </TASK>
[  276.121058][ T7859] 
[  276.123370][ T7859] Allocated by task 7859:
[  276.127682][ T7859]  kasan_set_track+0x4e/0x70
[  276.132317][ T7859]  __kasan_kmalloc+0x8f/0xa0
[  276.136893][ T7859]  __kmalloc_node_track_caller+0xb2/0x230
[  276.142610][ T7859]  kmemdup+0x2b/0x70
[  276.146493][ T7859]  ext4_xattr_block_set+0x9ea/0x32b0
[  276.151775][ T7859]  ext4_xattr_set_handle+0x1280/0x14c0
[  276.157223][ T7859]  ext4_xattr_set+0x252/0x340
[  276.161893][ T7859]  __vfs_setxattr+0x431/0x470
[  276.166561][ T7859]  __vfs_setxattr_noperm+0x12d/0x5e0
[  276.171834][ T7859]  vfs_setxattr+0x16b/0x2f0
[  276.176326][ T7859]  path_setxattr+0x3f3/0x5d0
[  276.180911][ T7859]  __x64_sys_lsetxattr+0xb8/0xd0
[  276.185838][ T7859]  do_syscall_64+0x55/0xa0
[  276.190246][ T7859]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  276.196128][ T7859] 
[  276.198457][ T7859] Last potentially related work creation:
[  276.204154][ T7859]  kasan_save_stack+0x3e/0x60
[  276.208817][ T7859]  __kasan_record_aux_stack+0xaf/0xc0
[  276.214177][ T7859]  call_rcu+0x153/0x950
[  276.218337][ T7859]  dev_shutdown+0x34f/0x440
[  276.222838][ T7859]  unregister_netdevice_many_notify+0x8e0/0x1900
[  276.229164][ T7859]  default_device_exit_batch+0x9ee/0xa80
[  276.234792][ T7859]  cleanup_net+0x795/0xbb0
[  276.239201][ T7859]  process_scheduled_works+0xa5d/0x15d0
[  276.244735][ T7859]  worker_thread+0xa55/0xfc0
[  276.249313][ T7859]  kthread+0x2fa/0x390
[  276.253371][ T7859]  ret_from_fork+0x48/0x80
[  276.257786][ T7859]  ret_from_fork_asm+0x11/0x20
[  276.262548][ T7859] 
[  276.264858][ T7859] The buggy address belongs to the object at ffff88802c2d8800
[  276.264858][ T7859]  which belongs to the cache kmalloc-1k of size 1024
[  276.278900][ T7859] The buggy address is located 64 bytes inside of
[  276.278900][ T7859]  1024-byte region [ffff88802c2d8800, ffff88802c2d8c00)
[  276.292162][ T7859] 
[  276.294475][ T7859] The buggy address belongs to the physical page:
[  276.300878][ T7859] page:ffffea0000b0b600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2c2d8
[  276.311064][ T7859] head:ffffea0000b0b600 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  276.320017][ T7859] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  276.328431][ T7859] page_type: 0xffffffff()
[  276.332746][ T7859] raw: 00fff00000000840 ffff888017c41dc0 0000000000000000 dead000000000001
[  276.341316][ T7859] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  276.349886][ T7859] page dumped because: kasan: bad access detected
[  276.356300][ T7859] page_owner tracks the page as allocated
[  276.362003][ T7859] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5767, tgid 5767 (syz-executor), ts 69031767572, free_ts 68737345448
[  276.381272][ T7859]  post_alloc_hook+0x1c1/0x200
[  276.386036][ T7859]  get_page_from_freelist+0x1951/0x19e0
[  276.391580][ T7859]  __alloc_pages+0x1f0/0x460
[  276.396243][ T7859]  alloc_slab_page+0x5d/0x160
[  276.400905][ T7859]  new_slab+0x87/0x2d0
[  276.404965][ T7859]  ___slab_alloc+0xc5d/0x12f0
[  276.409637][ T7859]  __kmem_cache_alloc_node+0x19e/0x250
[  276.415146][ T7859]  kmalloc_trace+0x2a/0xe0
[  276.419557][ T7859]  batadv_hard_if_event+0xde9/0x15b0
[  276.424836][ T7859]  notifier_call_chain+0x197/0x380
[  276.429937][ T7859]  register_netdevice+0x16a5/0x1bb0
[  276.435128][ T7859]  veth_newlink+0x7f4/0xc30
[  276.439621][ T7859]  rtnl_newlink+0x1542/0x20a0
[  276.444290][ T7859]  rtnetlink_rcv_msg+0x869/0xfa0
[  276.449214][ T7859]  netlink_rcv_skb+0x241/0x4d0
[  276.454002][ T7859]  netlink_unicast+0x751/0x8d0
[  276.458759][ T7859] page last free stack trace:
[  276.463416][ T7859]  free_unref_page_prepare+0x7b2/0x8c0
[  276.468870][ T7859]  free_unref_page+0x32/0x2e0
[  276.473555][ T7859]  __unfreeze_partials+0x1cf/0x210
[  276.478670][ T7859]  put_cpu_partial+0x17c/0x250
[  276.483442][ T7859]  __slab_free+0x319/0x400
[  276.487866][ T7859]  qlist_free_all+0x75/0xd0
[  276.492379][ T7859]  kasan_quarantine_reduce+0x143/0x160
[  276.497839][ T7859]  __kasan_slab_alloc+0x22/0x80
[  276.502681][ T7859]  slab_post_alloc_hook+0x6e/0x4b0
[  276.507788][ T7859]  __kmem_cache_alloc_node+0x13a/0x250
[  276.513238][ T7859]  __kmalloc+0xa4/0x230
[  276.517396][ T7859]  ethnl_default_notify+0x1b2/0x790
[  276.522601][ T7859]  ethnl_netdev_event+0x58/0x70
[  276.527452][ T7859]  notifier_call_chain+0x197/0x380
[  276.532565][ T7859]  netdev_change_features+0x96/0xd0
[  276.537762][ T7859]  team_add_slave+0x1b60/0x29a0
[  276.542607][ T7859] 
[  276.544915][ T7859] Memory state around the buggy address:
[  276.550534][ T7859]  ffff88802c2d8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  276.558588][ T7859]  ffff88802c2d8780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  276.566640][ T7859] >ffff88802c2d8800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  276.574778][ T7859]                                            ^
[  276.580914][ T7859]  ffff88802c2d8880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  276.588960][ T7859]  ffff88802c2d8900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  276.597001][ T7859] ==================================================================
[  276.736265][ T7859] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  276.737402][ T7004] syz-executor: attempt to access beyond end of device
[  276.737402][ T7004] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  276.738709][ T7004] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  276.764203][ T7859] CPU: 1 PID: 7859 Comm: syz.4.426 Not tainted syzkaller #0
[  276.771498][ T7859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  276.781557][ T7859] Call Trace:
[  276.784830][ T7859]  <TASK>
[  276.787754][ T7859]  dump_stack_lvl+0x18c/0x250
[  276.792433][ T7859]  ? show_regs_print_info+0x20/0x20
[  276.797622][ T7859]  ? load_image+0x400/0x400
[  276.802119][ T7859]  panic+0x2dc/0x730
[  276.806001][ T7859]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  276.812147][ T7859]  ? bpf_jit_dump+0xd0/0xd0
[  276.816642][ T7859]  ? _raw_spin_unlock_irqrestore+0x111/0x120
[  276.822608][ T7859]  ? _raw_spin_unlock+0x40/0x40
[  276.827450][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  276.832898][ T7859]  check_panic_on_warn+0x84/0xa0
[  276.837829][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  276.843283][ T7859]  end_report+0x6f/0x130
[  276.847514][ T7859]  kasan_report+0x128/0x150
[  276.852009][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  276.857461][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  276.862911][ T7859]  kasan_check_range+0x241/0x290
[  276.867842][ T7859]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  276.873295][ T7859]  __asan_memmove+0x29/0x70
[  276.877792][ T7859]  ext4_xattr_set_entry+0x94b/0x1e90
[  276.883081][ T7859]  ext4_xattr_block_set+0xae8/0x32b0
[  276.888356][ T7859]  ? ext4_destroy_inode+0x200/0x200
[  276.893543][ T7859]  ? proc_nr_inodes+0x230/0x230
[  276.898383][ T7859]  ? do_raw_spin_unlock+0x121/0x230
[  276.903575][ T7859]  ? _raw_spin_unlock+0x28/0x40
[  276.908413][ T7859]  ? ext4_xattr_block_find+0x350/0x350
[  276.913861][ T7859]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  276.919223][ T7859]  ext4_xattr_set_handle+0x1280/0x14c0
[  276.924679][ T7859]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  276.930650][ T7859]  ? mark_lock+0x94/0x320
[  276.934971][ T7859]  ? __ext4_journal_start_sb+0x259/0x560
[  276.940596][ T7859]  ext4_xattr_set+0x252/0x340
[  276.945261][ T7859]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  276.950890][ T7859]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  276.956435][ T7859]  ? ext4_xattr_trusted_set+0x23/0x50
[  276.961797][ T7859]  ? ext4_xattr_trusted_get+0x40/0x40
[  276.967165][ T7859]  __vfs_setxattr+0x431/0x470
[  276.971845][ T7859]  __vfs_setxattr_noperm+0x12d/0x5e0
[  276.977124][ T7859]  vfs_setxattr+0x16b/0x2f0
[  276.981616][ T7859]  ? preempt_schedule_thunk+0x1a/0x30
[  276.986999][ T7859]  ? xattr_permission+0x470/0x470
[  276.992029][ T7859]  ? __mnt_want_write+0x23f/0x2a0
[  276.997063][ T7859]  ? path_setxattr+0x3a1/0x5d0
[  277.001827][ T7859]  path_setxattr+0x3f3/0x5d0
[  277.006432][ T7859]  ? simple_xattrs_free+0x150/0x150
[  277.011637][ T7859]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  277.017610][ T7859]  ? lock_chain_count+0x20/0x20
[  277.022458][ T7859]  __x64_sys_lsetxattr+0xb8/0xd0
[  277.027390][ T7859]  do_syscall_64+0x55/0xa0
[  277.031799][ T7859]  ? clear_bhb_loop+0x40/0x90
[  277.036464][ T7859]  ? clear_bhb_loop+0x40/0x90
[  277.041129][ T7859]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  277.047008][ T7859] RIP: 0033:0x7f914239c799
[  277.051411][ T7859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  277.071022][ T7859] RSP: 002b:00007f9143342028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  277.079435][ T7859] RAX: ffffffffffffffda RBX: 00007f9142615fa0 RCX: 00007f914239c799
[  277.087402][ T7859] RDX: 0000200000000000 RSI: 0000200000000180 RDI: 00002000000001c0
[  277.095376][ T7859] RBP: 00007f9142432bd9 R08: 0000000000000000 R09: 0000000000000000
[  277.103339][ T7859] R10: 0000000000000361 R11: 0000000000000246 R12: 0000000000000000
[  277.111299][ T7859] R13: 00007f9142616038 R14: 00007f9142615fa0 R15: 00007ffc641c16a8
[  277.119272][ T7859]  </TASK>
[  277.122601][ T7859] Kernel Offset: disabled
[  277.126910][ T7859] Rebooting in 86400 seconds..