last executing test programs:

48.687269131s ago: executing program 2 (id=16):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000801004800000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

48.034266978s ago: executing program 2 (id=20):
r0 = io_uring_setup(0x3dfc, &(0x7f0000000080)={0x0, 0x9e5d, 0x80, 0x1, 0x19e})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
close_range(r0, 0xffffffffffffffff, 0x200000000000000)

47.222822899s ago: executing program 2 (id=23):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000d00)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001000)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)

46.833987345s ago: executing program 2 (id=25):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mount(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000380)='devtmpfs\x00', 0x4000, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00')

46.471683273s ago: executing program 2 (id=28):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x4c02})
readv(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000002140)=""/4096, 0x1000}], 0x2)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})

45.848598335s ago: executing program 2 (id=34):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)=ANY=[@ANYBLOB='journal_async_commit,heartbeat=none,usrquota,barrier=000000000\x000000000007,heartbeat=none,nointr,\x00'], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)
utime(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100)={0x4, 0x6})
unlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

45.321246692s ago: executing program 32 (id=34):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)=ANY=[@ANYBLOB='journal_async_commit,heartbeat=none,usrquota,barrier=000000000\x000000000007,heartbeat=none,nointr,\x00'], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)
utime(&(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100)={0x4, 0x6})
unlink(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

43.684543518s ago: executing program 0 (id=44):
sched_setscheduler(0x0, 0x5, &(0x7f0000000480))
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023892)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

43.402287531s ago: executing program 0 (id=47):
prctl$PR_SET_NAME(0xf, &(0x7f00000001c0)='w\xde\xa3\x05\xff\a\x00\x00\x00\x00\x00\x00\x8f\xc0\x9b\x86\xef\\\xc0\x89\av\x9f\xd6\xd1\x98,\xc8\x18E/\x8c\x1a\xe3\xbd')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x8, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x14, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000025000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000002280)={0x14, 0x803d, 0x107, 0x8000, 0x8, {0x3, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x4091}, 0xc000)

43.166748546s ago: executing program 0 (id=50):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x1010051, &(0x7f0000000700)={[{@errors_remount}, {@delalloc}, {@noblock_validity}, {@dioread_lock}, {@nouid32}, {@nomblk_io_submit}]}, 0x1, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'veth0_to_bridge\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="02030e00d3fc02000000ab5d71b9edd7c9560385dcb188a8", 0xfc9c, 0x2004c8a1, &(0x7f00000001c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)

42.43721405s ago: executing program 0 (id=53):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x80000, 0x0)

41.57601024s ago: executing program 0 (id=55):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x20001, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$squashfs(&(0x7f0000000400), &(0x7f0000000200)='./file0\x00', 0x4000000, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES16=0x0], 0x1, 0x1a1, &(0x7f0000000240)="$eJzs0bFrFEEUx/Hvm53b2whRT8UigjkwuO6h5HaDFlaHVYRbsLARPPS4rElwo1z2ChMSvEYCEs2/oIVoKYJWIgrWwUKw0Nikk1wRLMRCTvZuIvg3ZD7Nb99bdmfmzVzWzorAn92VFjUGHA7yCUED4zLsKTXMN6b+YXJjGFwy9brJFybHsqXl2800TRbLF8uU/msAP8vFEvxrZV2OK0aEGvJld6XVlJsx/RoLaiamVKfyCKdBO3jMmB7l2A0c+v46lxVt8etwaLLjMZktLZ+bX2jOJrPJnSiaunCfavV8vv80qb5GgoeieMIqQUwxZiRYpdDgwaY+QBkkmFNbjlR6uA02Np0zp872UMEOfYT3fo/iN+2irnIa73p+oGmOCk9xYibqHFZobs2nSXUauaJeSag/618Fhdd1HK91N51Zu6bkt/u8JjuehNsU/JCoEjKVj4YjfGBti64ZKtvfGZe3+Sp7c9WDdy9NdYKTPHO51+x0FkMXPoofE3UhKsHo4HcqZiK/YN6Zb0zwde/BsizLsizLsizL2gf+BgAA///50l2l")
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000003c0)=ANY=[@ANYBLOB="020000000000000003010040"])

37.692452828s ago: executing program 0 (id=68):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r1, 0x47fa, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r0, 0x0, 0x0, 0x0, 0x64040011, 0x1})

37.194739178s ago: executing program 33 (id=68):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x0, 0x8000021e}, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r1, 0x47fa, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r0, 0x0, 0x0, 0x0, 0x64040011, 0x1})

14.613347861s ago: executing program 6 (id=182):
mprotect(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000001800), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000003880)={0x2020}, 0x2020)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

14.389683361s ago: executing program 6 (id=184):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0x806000)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000180)=0x20)

13.589935449s ago: executing program 6 (id=188):
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x1, &(0x7f00000000c0)="39095590d3fb", 0x6)

12.402785672s ago: executing program 6 (id=192):
syz_mount_image$f2fs(&(0x7f000000e000), &(0x7f0000000080)='./file0\x00', 0x10, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f6c617a7974696d652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313235342c6661756c745f747970653d30303030303030303030303030303033323736372c6772706a71756f74613d2c6e6f666c7573685f6d657267652c6e6f636865636b706f696e745f6d657267652c61636c2c67635f6d657267652c636f6d70726573735f63616368652c616c6c6f635f6d6f64653d64656661756c742c6e6f696e6c696e655f78617474722c6261636b67726f756e645f67633d6f66662c636865636b706f696e743d64697361626c652c00cef235c93369e015a17ee2ff7fb3ad2b9406058804552c36be902e976d7836f82ef7fe1a91fd5fe53fa7c93ff6227910f46434ee3e5b851845bcaeb4a5731075f9887d22e18a989131940a04c4b9064af9cc9519dd7aa9078ad5ac798fbd81aa90dd19ce130ce6f37c3303199b6026122d39fdf5de1d4949e33dfbf7"], 0x4, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x110)
lsetxattr(&(0x7f0000000280)='./file1\x00', &(0x7f00000002c0)=@known='user.syz\x00', 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x10002, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

10.04324192s ago: executing program 3 (id=202):
r0 = socket$kcm(0x2, 0x922000000001, 0x106)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000c40), 0x12)
sendmsg$inet(r0, &(0x7f0000003080)={0x0, 0x0, 0x0}, 0x200488d5)

9.697824776s ago: executing program 6 (id=204):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fcdbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x840)
write$nci(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="50040101030d03"], 0x7)

9.019726075s ago: executing program 3 (id=207):
r0 = syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x80, 0x0, 0x1e6}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x0, 0x3, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

7.461902853s ago: executing program 3 (id=215):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x4714, &(0x7f0000000100)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000040)='./bus\x00', 0x888430, &(0x7f0000000000)=ANY=[], 0x1, 0x0, 0x0)

7.094059035s ago: executing program 1 (id=219):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000280)={@val={0xa, 0x88a8}, @void, @eth={@link_local, @random="2833b1656532", @val={@void, {0x8100, 0x3, 0x1, 0x2}}, {@ipv6={0x86dd, @generic={0x9, 0x6, "000400", 0x8, 0x2b, 0xff, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, {[@routing={0x2f, 0x0, 0x0, 0x7}]}}}}}}, 0x46)

6.59561079s ago: executing program 3 (id=222):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x100, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xfff2, 0xffff}, {0xfff3, 0xfff2}}}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="000129bd7000fbdb760567d956e2df253a"], 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x24040000)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

6.428645118s ago: executing program 6 (id=224):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x7a, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d000009040101"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000080)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0xf9, 0x718, 0x46, 0xe482, 0x6, 0x9, 0x8, 0xfff, 0x3, 0x1ec, 0x300, 0x8}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000680)={0x44, 0x0, &(0x7f0000000180)={0x0, 0xa, 0x1, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.867194387s ago: executing program 34 (id=224):
r0 = syz_usb_connect$cdc_ncm(0x2, 0x7a, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000020000402505a1a44000010203010902680002010040000904000001020e0000052406000105240000000d370f0100000000000000000006241a0000000c241b4800f3ff00050080050905810300020000000904010000020d000009040101"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000080)={0x44, 0x0, 0x0, 0x0, &(0x7f00000009c0)={0x20, 0x80, 0x1c, {0xf9, 0x718, 0x46, 0xe482, 0x6, 0x9, 0x8, 0xfff, 0x3, 0x1ec, 0x300, 0x8}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000680)={0x44, 0x0, &(0x7f0000000180)={0x0, 0xa, 0x1, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5.85940505s ago: executing program 1 (id=226):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$inet(r0, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x803e0000, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r1, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

5.859028074s ago: executing program 3 (id=227):
syz_mount_image$vfat(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x0, &(0x7f0000000d00)=ANY=[], 0x7, 0x364, &(0x7f0000000900)="$eJzs3c1rO0UYwPEnabJNU9rkIIqCdLAXvSxt9CwGaUEIWNpGbAVh2240ZE1KNlQjYtuTV/HuSfBQerPgoaD9B3rxphcRvPUieLAHdWXfkm1e+hKT5vdrvx8omczMszubmZRn02724t0vP6qUbL1kaBJPKYmJiFyKZCUuoVjwGPfKmkQdyCvTf/784tpGMeVXqOX8+qs5pdTsXKLd7XRSzrPvX/yR+/382fPnL/5d/7Bsq7KtqrWGMtRW7deGsWWZaqdsV3SlVizTsE1Vrtpm3W//LtiOVdvdbSqjujOT3q2btq2MalNVzKZq1FSj3lTGB0a5qnRdVzNpwU2KR6urRn7A4O0hDwYjUq/njQkRmepqKR6NZUAAAGCs2vl/w8v/425KP0j+vymzhcLSqnI7B/n/Dx9/dvzSWWP6nZPZIP8/1Xrl/6/94m/rSv7vnk608/+af35Qujn//1rukP93Z0SPy8D5f3YEg8Fg5rSuqtiVZ27+nw7ev57D944XvAL5PwAAAAAAAAAAAAAAAAAAAAAAT4NLx8k4jpMJH8Of9iUEwXM8SP3mf1JEUu7sO8z/Q7a2sSkp78I9d46tL/aKe0X/MehwJiKWmP84ndy1EV55pFxZ+dHaD+L394oTXku+JGU3XhYlI1lvPUXiHWf5rcLSovIF8a3LlNLR+Jxk5Jlo/Pfe6nTjc1fjg/1r8vJ8JF6XjPy0LTWxZMeLbO//80Wl3ny70BE/5fUTkd/ufVIAAAAAABgyXbX0PH/XtX7t/reM5Evex0SmLEhG/u59fr/Q8/w8kXkhMe6jBwAAAADgcbCbn1YMiZt1r2BZvQpT0rdpCIVEq2bSMetJEenZWeuoSV635YnIEd52PJr4dzD5v8f1Tfiq3iUq/EcKd+CtpuCOKjLYeMLj92piicGnKXYg3gI4iDbF5Rbhic7Bz7kVqmfn+b7bOQwOpFUTfmyk9XmdZaV7O/FrVkKyq8aJDbYAnvvq27+G9wZ5/SRYAZ/c3PnQMp19uc2kdBTcXXQ3JUf+iwcAAADAvWsn/WHNG9Hm6I1EojfL4S/3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM0Ui+0q+jMO5jBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4U/wUAAP//nVbxdQ==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x86442, 0xa4)
dup3(r1, r0, 0x0)
io_setup(0x2, &(0x7f0000000400)=<r2=>0x0)
io_submit(r2, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}])

5.50285563s ago: executing program 3 (id=228):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
setns(r2, 0x66020000)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)

3.91183984s ago: executing program 1 (id=233):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000000180)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0))
r1 = syz_open_pts(r0, 0x101000)
dup3(r1, r0, 0x0)
ioctl$TIOCGICOUNT(r0, 0x545d, 0x0)

3.145558664s ago: executing program 1 (id=236):
userfaultfd(0x1)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

2.371417382s ago: executing program 5 (id=242):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f0000000580)={&(0x7f0000000280)=[<r3=>0x0], &(0x7f0000000300), 0x1, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x201, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000040)=[0x2], &(0x7f0000000240)=[r3, r3], &(0x7f0000000340)})

2.238006069s ago: executing program 5 (id=243):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000380)={0x0, 0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000000)='/\x00\x02\x00\x00/\x00\x82q\xee\xe5\xa0\xbd\xc2\x98#YP\xee\x9c2\xbe\xf0\x81x\x97'}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000780)='./file0/../file0\x00', 0x0, 0xa06002, 0x0)

2.09786664s ago: executing program 5 (id=244):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f00000006c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2}}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000580)="b3c4", 0x2}], 0x1, &(0x7f0000000640)=ANY=[], 0xf0}}], 0x1, 0x24004c41)

1.936511007s ago: executing program 5 (id=245):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='net_prio.prioidx\x00', 0x275a, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000b, 0x12, r0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f000000f000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
read$msr(r1, &(0x7f00000012c0)=""/177, 0xb1)

1.737728808s ago: executing program 4 (id=246):
r0 = socket(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x110, &(0x7f0000000480)={0x0, 0xfad6, 0x400, 0x2}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r1, 0xdb4, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r1, 0x18, &(0x7f0000000000)={0xfeffffff, r0, 0x23, {0x3b4, 0x6d3}, 0x6}, 0x1)

1.532999222s ago: executing program 4 (id=247):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
capset(0x0, &(0x7f0000000000)={0x9, 0x1, 0x1, 0x1004, 0x1, 0x2})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000100)={{0x80a0000, 0xdddd1000, 0xa, 0x0, 0x8, 0x8, 0x1, 0x2, 0x0, 0x4, 0x9, 0x10}, {0x2000, 0x80a0000, 0xe, 0x8, 0x0, 0x0, 0x0, 0x0, 0xe, 0x7, 0x0, 0xfb}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x7f, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x100000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4}, {0xeeee8000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x0, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0xd, 0x8, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x80}, {0x0, 0x0, 0xa, 0x6, 0x5, 0x0, 0x3}, {0x80a0000, 0xdddd0000, 0x0, 0x0, 0x0, 0x1, 0x0, 0xa, 0x26}, {0x80a0000}, {0xeeef0000}, 0xfdfcffdb, 0x0, 0x0, 0x28, 0xb, 0xf801, 0x0, [0x0, 0x0, 0x1]})

1.252698061s ago: executing program 4 (id=248):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x2, &(0x7f0000000000)=0x40000005, 0x4)
recvmmsg(r0, &(0x7f0000003900)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000f80)}, 0x2d}, {{0x0, 0x0, 0x0}, 0x5}], 0x2, 0x10002, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f00000001c0)=0x7f, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x4000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.130138987s ago: executing program 1 (id=249):
socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x35, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f00000001c0), &(0x7f0000000400)=""/198}, 0x20)

1.04717003s ago: executing program 4 (id=250):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r0, &(0x7f0000000480)=[{&(0x7f0000002640)="91eb51", 0x3}], 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x2], 0x0, 0x0, 0x1, 0x1}}, 0x40)

938.129211ms ago: executing program 5 (id=251):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x24044801}, 0x20010814)
close(r0)

937.325463ms ago: executing program 1 (id=252):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f000000040b210000"], 0x0}, 0x0)
syz_open_dev$hiddev(0x0, 0x0, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r1, 0x81044804, &(0x7f0000000080)={0x801, 0x0, 0x20000})

799.464766ms ago: executing program 4 (id=253):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
recvmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0xc8}], 0x1, 0x0, 0x0, 0x2000000}}], 0x1, 0xcb, 0x0)

709.216024ms ago: executing program 4 (id=254):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f00000000c0)=0x20)
ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000180)=0x1)
write$binfmt_elf32(r0, 0x0, 0x4cd)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)=0x1)
write$dsp(r0, &(0x7f0000000140)="755a5398d512d39077459e67ee110daaf0413bc745ef85b89f2141d513969bd8", 0xffaa)

0s ago: executing program 5 (id=255):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x3, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x0, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f00000003c0)={&(0x7f0000000200)=@name={0x1e, 0x2, 0x1, {{0x2}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x26040885}, 0x20000040)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.215' (ED25519) to the list of known hosts.
[   83.904411][ T5810] cgroup: Unknown subsys name 'net'
[   84.030117][ T5810] cgroup: Unknown subsys name 'cpuset'
[   84.038741][ T5810] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   85.709510][ T5810] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   87.893330][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   87.901429][ T5839] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   87.908702][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   87.909949][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   87.917012][ T5839] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   87.932174][ T5839] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   87.935512][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   87.940801][ T5839] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   87.946955][ T5841] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   87.954983][ T5839] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   87.961900][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   87.969298][ T5839] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   87.982736][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   87.991240][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   87.998739][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   87.999134][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   88.006061][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   88.013813][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   88.021534][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   88.028395][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   88.035292][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   88.042428][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   88.056353][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   88.068954][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   88.085115][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   88.549833][ T5822] chnl_net:caif_netlink_parms(): no params data found
[   88.813191][ T5824] chnl_net:caif_netlink_parms(): no params data found
[   88.875271][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.882550][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.891218][ T5822] bridge_slave_0: entered allmulticast mode
[   88.901875][ T5822] bridge_slave_0: entered promiscuous mode
[   88.916730][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.923904][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.931246][ T5822] bridge_slave_1: entered allmulticast mode
[   88.938773][ T5822] bridge_slave_1: entered promiscuous mode
[   89.066772][ T5821] chnl_net:caif_netlink_parms(): no params data found
[   89.084048][ T5828] chnl_net:caif_netlink_parms(): no params data found
[   89.100524][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.110587][ T5827] chnl_net:caif_netlink_parms(): no params data found
[   89.143155][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.274887][ T5822] team0: Port device team_slave_0 added
[   89.317005][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.324214][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.331500][ T5824] bridge_slave_0: entered allmulticast mode
[   89.338899][ T5824] bridge_slave_0: entered promiscuous mode
[   89.357868][ T5822] team0: Port device team_slave_1 added
[   89.390613][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.397897][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.405148][ T5824] bridge_slave_1: entered allmulticast mode
[   89.412612][ T5824] bridge_slave_1: entered promiscuous mode
[   89.561866][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.575459][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.585753][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.592737][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.619271][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.631098][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.638503][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.645807][ T5828] bridge_slave_0: entered allmulticast mode
[   89.653044][ T5828] bridge_slave_0: entered promiscuous mode
[   89.660869][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.668318][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.676509][ T5827] bridge_slave_0: entered allmulticast mode
[   89.683820][ T5827] bridge_slave_0: entered promiscuous mode
[   89.691715][ T5821] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.698975][ T5821] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.706407][ T5821] bridge_slave_0: entered allmulticast mode
[   89.713658][ T5821] bridge_slave_0: entered promiscuous mode
[   89.733590][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.740694][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   89.767477][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.786272][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.793440][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.800850][ T5828] bridge_slave_1: entered allmulticast mode
[   89.808326][ T5828] bridge_slave_1: entered promiscuous mode
[   89.815889][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.823047][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.830448][ T5827] bridge_slave_1: entered allmulticast mode
[   89.837720][ T5827] bridge_slave_1: entered promiscuous mode
[   89.844964][ T5821] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.852113][ T5821] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.859399][ T5821] bridge_slave_1: entered allmulticast mode
[   89.866768][ T5821] bridge_slave_1: entered promiscuous mode
[   89.889789][ T5824] team0: Port device team_slave_0 added
[   89.899980][ T5824] team0: Port device team_slave_1 added
[   90.011700][ T5821] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.038510][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.051171][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   90.055819][ T5831] Bluetooth: hci4: command tx timeout
[   90.079347][ T5821] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.090192][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.097229][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.123420][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.135164][ T5831] Bluetooth: hci0: command tx timeout
[   90.140816][ T5831] Bluetooth: hci3: command tx timeout
[   90.144210][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.148186][ T5837] Bluetooth: hci2: command tx timeout
[   90.158972][ T5144] Bluetooth: hci1: command tx timeout
[   90.158972][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.158999][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.204392][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.217239][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   90.232092][ T5822] hsr_slave_0: entered promiscuous mode
[   90.238969][ T5822] hsr_slave_1: entered promiscuous mode
[   90.319626][ T5821] team0: Port device team_slave_0 added
[   90.340981][ T5827] team0: Port device team_slave_0 added
[   90.349260][ T5828] team0: Port device team_slave_0 added
[   90.359079][ T5828] team0: Port device team_slave_1 added
[   90.382049][ T5821] team0: Port device team_slave_1 added
[   90.416208][ T5827] team0: Port device team_slave_1 added
[   90.508143][ T5824] hsr_slave_0: entered promiscuous mode
[   90.514657][ T5824] hsr_slave_1: entered promiscuous mode
[   90.521312][ T5824] debugfs: 'hsr0' already exists in 'hsr'
[   90.527915][ T5824] Cannot create hsr debugfs directory
[   90.534306][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.541467][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.567392][ T5821] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.597947][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.605068][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.631978][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.645680][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.652641][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.678959][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.701938][ T5821] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.709146][ T5821] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.735770][ T5821] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   90.747537][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.754505][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.780839][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.817824][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1
[   90.825162][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   90.851181][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.077592][ T5828] hsr_slave_0: entered promiscuous mode
[   91.084094][ T5828] hsr_slave_1: entered promiscuous mode
[   91.090711][ T5828] debugfs: 'hsr0' already exists in 'hsr'
[   91.096553][ T5828] Cannot create hsr debugfs directory
[   91.107639][ T5821] hsr_slave_0: entered promiscuous mode
[   91.114065][ T5821] hsr_slave_1: entered promiscuous mode
[   91.120691][ T5821] debugfs: 'hsr0' already exists in 'hsr'
[   91.126759][ T5821] Cannot create hsr debugfs directory
[   91.155753][ T5827] hsr_slave_0: entered promiscuous mode
[   91.162486][ T5827] hsr_slave_1: entered promiscuous mode
[   91.169847][ T5827] debugfs: 'hsr0' already exists in 'hsr'
[   91.175698][ T5827] Cannot create hsr debugfs directory
[   91.386486][ T5822] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.399473][ T5822] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.428183][ T5822] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.474551][ T5822] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.651156][ T5824] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   91.682762][ T5824] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   91.694158][ T5824] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   91.707825][ T5824] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   91.802044][ T5821] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   91.814352][ T5821] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   91.828486][ T5821] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   91.841778][ T5821] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   91.955427][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   91.986620][   T24] cfg80211: failed to load regulatory.db
[   91.998670][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   92.011182][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   92.024673][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   92.126239][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.135471][ T5840] Bluetooth: hci4: command tx timeout
[   92.169061][ T5822] 8021q: adding VLAN 0 to HW filter on device team0
[   92.186488][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.199184][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.212277][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.220651][ T5837] Bluetooth: hci3: command tx timeout
[   92.222326][ T5840] Bluetooth: hci2: command tx timeout
[   92.226381][ T5831] Bluetooth: hci1: command tx timeout
[   92.226598][ T5831] Bluetooth: hci0: command tx timeout
[   92.249276][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.256538][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.279839][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.292187][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.299425][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.340083][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.401266][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.413330][ T5824] 8021q: adding VLAN 0 to HW filter on device team0
[   92.448715][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.456191][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.499035][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   92.558359][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.565616][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.601515][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.639334][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.646567][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.658823][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.666043][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.703897][ T5828] 8021q: adding VLAN 0 to HW filter on device team0
[   92.747760][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.755032][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.804079][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.811430][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.939387][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.013992][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.108792][ T5827] 8021q: adding VLAN 0 to HW filter on device team0
[   93.146521][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.153744][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.202845][ T1151] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.210069][ T1151] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.287781][ T5822] veth0_vlan: entered promiscuous mode
[   93.339932][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.381180][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.396642][ T5822] veth1_vlan: entered promiscuous mode
[   93.557433][ T5822] veth0_macvtap: entered promiscuous mode
[   93.591213][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.630469][ T5822] veth1_macvtap: entered promiscuous mode
[   93.675329][ T5824] veth0_vlan: entered promiscuous mode
[   93.688850][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0
[   93.711589][ T5824] veth1_vlan: entered promiscuous mode
[   93.756024][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1
[   93.813849][  T151] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.833041][  T151] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.867806][  T151] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.877474][  T151] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.906262][ T5828] veth0_vlan: entered promiscuous mode
[   93.947256][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.961393][ T5828] veth1_vlan: entered promiscuous mode
[   93.991592][ T5824] veth0_macvtap: entered promiscuous mode
[   94.007501][ T5824] veth1_macvtap: entered promiscuous mode
[   94.122670][ T5828] veth0_macvtap: entered promiscuous mode
[   94.126442][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.147246][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.153527][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.192465][ T5821] veth0_vlan: entered promiscuous mode
[   94.202039][ T5828] veth1_macvtap: entered promiscuous mode
[   94.211040][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.218866][ T5840] Bluetooth: hci4: command tx timeout
[   94.241260][ T5827] veth0_vlan: entered promiscuous mode
[   94.249322][  T151] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.260915][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.282182][ T5821] veth1_vlan: entered promiscuous mode
[   94.290316][   T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.299842][   T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.310095][ T5144] Bluetooth: hci0: command tx timeout
[   94.315921][ T5144] Bluetooth: hci1: command tx timeout
[   94.321416][ T5837] Bluetooth: hci3: command tx timeout
[   94.327148][ T5840] Bluetooth: hci2: command tx timeout
[   94.337094][  T151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.346644][  T151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.403670][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.413549][ T5827] veth1_vlan: entered promiscuous mode
[   94.434451][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.449190][ T5822] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   94.537737][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.552782][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.564658][ T5821] veth0_macvtap: entered promiscuous mode
[   94.601348][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.619083][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.670917][ T5827] veth0_macvtap: entered promiscuous mode
[   94.678619][ T5945] loop0: detected capacity change from 0 to 1024
[   94.680112][ T5821] veth1_macvtap: entered promiscuous mode
[   94.688728][ T5945] =======================================================
[   94.688728][ T5945] WARNING: The mand mount option has been deprecated and
[   94.688728][ T5945]          and is ignored by this kernel. Remove the mand
[   94.688728][ T5945]          option from the mount to silence this warning.
[   94.688728][ T5945] =======================================================
[   94.729053][ T5945] EXT4-fs: Ignoring removed bh option
[   94.745538][ T5927] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.753421][ T5927] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.799562][ T5945] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.811980][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.813565][ T5827] veth1_macvtap: entered promiscuous mode
[   94.873692][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.931925][ T5927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.947813][ T5927] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.989184][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.009455][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.024548][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.033330][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.052316][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.069202][ T1151] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.079924][ T1151] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.154651][ T1151] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.185590][ T1151] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.289160][ T1151] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.333003][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.333600][ T1151] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.353852][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.380560][ T1151] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.397114][ T1151] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.450422][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.480401][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.564530][ T5956] loop0: detected capacity change from 0 to 1024
[   95.661682][ T5927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.674666][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.689008][ T5927] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.698887][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.766984][ T5960] loop2: detected capacity change from 0 to 512
[   95.783217][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.803421][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.881355][ T5960] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   95.958439][ T5960] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.039363][ T5960] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   96.059418][ T5960] EXT4-fs (loop2): 1 truncate cleaned up
[   96.080000][ T5964] loop4: detected capacity change from 0 to 1024
[   96.092573][ T5960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.201923][ T5960] EXT4-fs error (device loop2): ext4_xattr_block_list:766: inode #15: comm syz.2.10: corrupted xattr block 33: invalid header
[   96.203325][ T5960] EXT4-fs (loop2): Remounting filesystem read-only
[   96.263930][ T5964] hfsplus: xattr searching failed
[   96.266484][ T5964] process 'syz.4.5' launched './file0' with NULL argv: empty string added
[   96.267059][ T5964] hfsplus: xattr searching failed
[   96.267534][ T5964] hfsplus: xattr searching failed
[   96.298217][ T5837] Bluetooth: hci4: command tx timeout
[   96.377447][ T5837] Bluetooth: hci3: command tx timeout
[   96.377501][ T5837] Bluetooth: hci2: command tx timeout
[   96.377533][ T5837] Bluetooth: hci1: command tx timeout
[   96.377562][ T5837] Bluetooth: hci0: command tx timeout
[   96.836663][ T5824] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.317352][ T5987] syz.0.18 uses obsolete (PF_INET,SOCK_PACKET)
[   97.500375][   T24] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   97.568467][   T24] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   97.679100][ T5993] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   97.834284][ T5981] loop4: detected capacity change from 0 to 32768
[   97.868600][ T5981] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.15 (5981)
[   97.899075][ T5991] fido_id[5991]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   98.007194][ T5981] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   98.087758][ T5981] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[   98.126023][ T5981] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   98.417087][ T5981] BTRFS info (device loop4): rebuilding free space tree
[   98.524187][ T5981] BTRFS info (device loop4): disabling free space tree
[   98.555179][ T5981] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   98.574832][ T5981] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   98.602539][ T5996] loop0: detected capacity change from 0 to 32768
[   98.632827][ T5981] BTRFS info (device loop4): enabling ssd optimizations
[   98.648909][ T5981] BTRFS info (device loop4): enabling disk space caching
[   98.680656][ T6021] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[   98.704894][ T5981] BTRFS info (device loop4): force clearing of disk cache
[   98.712090][ T5981] BTRFS info (device loop4): enabling auto defrag
[   98.720316][ T5981] BTRFS info (device loop4): max_inline set to 0
[   98.748059][ T5996] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[   98.793104][ T5996] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   98.861017][ T6033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.26'.
[   98.958693][ T5996] XFS (loop0): Ending clean mount
[   99.009774][ T5996] XFS (loop0): Quotacheck needed: Please wait.
[   99.122079][ T5996] XFS (loop0): Quotacheck: Done.
[   99.251887][ T6039] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer.
[   99.377824][ T5821] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   99.395571][ T5822] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   99.545261][   T24] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   99.767642][ T5927] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.774823][   T24] usb 2-1: Using ep0 maxpacket: 8
[   99.804443][   T24] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13
[   99.851928][   T24] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[   99.880500][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.918807][   T24] usb 2-1: Product: syz
[   99.935474][   T24] usb 2-1: Manufacturer: syz
[   99.940127][   T24] usb 2-1: SerialNumber: syz
[   99.972345][   T24] usb 2-1: config 0 descriptor??
[  100.029643][ T5927] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.030978][   T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  100.161356][ T5927] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.368115][ T5927] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.465273][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  100.478408][ T5837] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  100.488725][ T5837] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  100.505297][ T5837] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  100.524213][ T5837] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  100.952945][ T5927] bridge_slave_1: left allmulticast mode
[  100.979913][ T5927] bridge_slave_1: left promiscuous mode
[  100.998262][ T5927] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.030015][   T24] gspca_zc3xx: reg_w_i err -71
[  101.054316][ T5927] bridge_slave_0: left allmulticast mode
[  101.073508][ T6075] loop4: detected capacity change from 0 to 128
[  101.080203][ T5927] bridge_slave_0: left promiscuous mode
[  101.088561][ T5927] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.103474][ T6075] EXT4-fs: Ignoring removed nobh option
[  101.152169][ T6075] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  101.208312][ T6075] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  101.517168][ T5821] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  101.656784][   T24] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  101.664849][   T24] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  101.710854][ T6087] Bluetooth: MGMT ver 1.23
[  101.740229][   T24] usb 2-1: USB disconnect, device number 2
[  101.747284][ T6087] Bluetooth: hci0: unsupported parameter 178
[  101.753423][ T6087] Bluetooth: hci0: invalid length 0, exp 2 for type 12
[  102.073259][ T6096] loop4: detected capacity change from 0 to 128
[  102.098420][ T6096] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  102.206981][ T6096] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  102.401766][   T36] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  102.470654][ T6110] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  102.472451][ T6108] loop0: detected capacity change from 0 to 512
[  102.509469][ T6109] block nbd1: shutting down sockets
[  102.516204][ T6108] EXT4-fs: Ignoring removed nomblk_io_submit option
[  102.538030][ T6110] loop3: detected capacity change from 0 to 64
[  102.584644][ T6108] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  102.587990][ T6110] MINIX-fs: bad superblock
[  102.605440][ T6108] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c800e028, mo2=0003]
[  102.614937][ T5840] Bluetooth: hci2: command tx timeout
[  102.655749][ T6108] EXT4-fs (loop0): orphan cleanup on readonly fs
[  102.679669][ T5927] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.712529][ T6108] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  102.748618][ T5927] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.791182][ T6108] EXT4-fs warning (device loop0): ext4_enable_quotas:7181: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  102.818623][ T5927] bond0 (unregistering): Released all slaves
[  102.825409][ T6108] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  102.833784][ T6108] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.50: bg 0: block 40: padding at end of block bitmap is not set
[  102.884804][ T6108] EXT4-fs (loop0): Remounting filesystem read-only
[  102.891525][ T6108] EXT4-fs (loop0): 1 truncate cleaned up
[  102.924784][ T6108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  102.981040][   T24] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  103.063279][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.215469][   T24] usb 4-1: config 0 has an invalid interface number: 120 but max is 0
[  103.223720][   T24] usb 4-1: config 0 has no interface number 0
[  103.252037][ T6118] loop0: detected capacity change from 0 to 512
[  103.259970][ T6118] EXT4-fs: Ignoring removed oldalloc option
[  103.282892][ T6118] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  103.294806][   T24] usb 4-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 63725, setting to 64
[  103.346172][   T24] usb 4-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  103.377939][   T24] usb 4-1: New USB device strings: Mfr=32, Product=0, SerialNumber=0
[  103.390403][ T6118] EXT4-fs (loop0): 1 truncate cleaned up
[  103.434804][   T24] usb 4-1: Manufacturer: syz
[  103.447144][ T6118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.494194][   T24] usb 4-1: config 0 descriptor??
[  103.546407][ T6110] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  103.590596][   T24] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.120/input/input5
[  103.662418][ T6118] loop0: detected capacity change from 512 to 64
[  103.680159][ T6125] syz.0.53: attempt to access beyond end of device
[  103.680159][ T6125] loop0: rw=524288, sector=54, nr_sectors = 18 limit=64
[  103.707071][ T6125] syz.0.53: attempt to access beyond end of device
[  103.707071][ T6125] loop0: rw=0, sector=62, nr_sectors = 8 limit=64
[  103.721942][   T30] audit: type=1800 audit(1762777082.601:2): pid=6125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.53" name="file2" dev="loop0" ino=16 res=0 errno=0
[  103.897254][   T24] usb 4-1: USB disconnect, device number 2
[  103.938440][ T5822] EXT4-fs error (device loop0): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  103.969609][ T6129] loop1: detected capacity change from 0 to 512
[  103.979413][ T6063] udevd[6063]: setting owner of /dev/input/mouse1 to uid=0, gid=104 failed: No such file or directory
[  103.987277][ T5822] EXT4-fs error (device loop0): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  103.991630][ T5927] hsr_slave_0: left promiscuous mode
[  104.054245][ T6129] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.090711][ T5927] hsr_slave_1: left promiscuous mode
[  104.120212][ T6129] ext4 filesystem being mounted at /7/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.132150][ T5927] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.171515][ T5927] batman_adv: batadv0: Removing interface: batadv_slave_0
[  104.181922][ T6129] EXT4-fs error (device loop1): ext4_do_update_inode:5636: inode #2: comm syz.1.54: corrupted inode contents
[  104.208933][ T5927] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.234826][ T5927] batman_adv: batadv0: Removing interface: batadv_slave_1
[  104.239966][ T6129] EXT4-fs error (device loop1): ext4_dirty_inode:6521: inode #2: comm syz.1.54: mark_inode_dirty error
[  104.277739][ T6129] EXT4-fs error (device loop1): ext4_do_update_inode:5636: inode #2: comm syz.1.54: corrupted inode contents
[  104.303859][ T6129] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #2: comm syz.1.54: mark_inode_dirty error
[  104.315725][ T5927] veth1_macvtap: left promiscuous mode
[  104.315876][ T5927] veth0_macvtap: left promiscuous mode
[  104.316124][ T5927] veth1_vlan: left promiscuous mode
[  104.316311][ T5927] veth0_vlan: left promiscuous mode
[  104.418805][ T6113] loop4: detected capacity change from 0 to 40427
[  104.452796][ T6113] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  104.504673][ T6113] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  104.548930][ T5827] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.566924][ T6113] F2FS-fs (loop4): invalid crc value
[  104.612488][ T6141] input: syz0 as /devices/virtual/input/input6
[  104.695514][ T5840] Bluetooth: hci2: command tx timeout
[  104.938443][ T6113] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  104.990494][ T6113] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  104.998302][ T6113] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  105.178333][ T5821] syz-executor: attempt to access beyond end of device
[  105.178333][ T5821] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  105.209012][ T6151] loop3: detected capacity change from 0 to 512
[  105.228820][ T5821] CPU: 0 UID: 0 PID: 5821 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  105.228849][ T5821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  105.228870][ T5821] Call Trace:
[  105.228883][ T5821]  <TASK>
[  105.228892][ T5821]  dump_stack_lvl+0x189/0x250
[  105.228933][ T5821]  ? __pfx_dump_stack_lvl+0x10/0x10
[  105.228964][ T5821]  ? __pfx_queue_work_on+0x10/0x10
[  105.228990][ T5821]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  105.229020][ T5821]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  105.229064][ T5821]  f2fs_handle_critical_error+0x37c/0x540
[  105.229111][ T5821]  f2fs_write_end_io+0x886/0xb60
[  105.229158][ T5821]  __submit_merged_bio+0x27a/0x6a0
[  105.229187][ T5821]  ? up_write+0x1c4/0x420
[  105.229214][ T5821]  __submit_merged_write_cond+0x44c/0x530
[  105.229255][ T5821]  f2fs_sync_node_pages+0x1479/0x15e0
[  105.229312][ T5821]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  105.229380][ T5821]  ? f2fs_write_checkpoint+0xdad/0x2440
[  105.229411][ T5821]  ? up_write+0x1c4/0x420
[  105.229426][ T5821]  ? do_raw_spin_unlock+0x122/0x240
[  105.229454][ T5821]  f2fs_write_checkpoint+0xdde/0x2440
[  105.229477][ T5821]  ? __lock_acquire+0xab9/0xd20
[  105.229558][ T5821]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  105.229661][ T5821]  kill_f2fs_super+0x2cc/0x6d0
[  105.229694][ T5821]  ? __pfx_kill_f2fs_super+0x10/0x10
[  105.229743][ T5821]  ? shrinker_free+0x2ce/0x3e0
[  105.229774][ T5821]  deactivate_locked_super+0xbc/0x130
[  105.229802][ T5821]  cleanup_mnt+0x425/0x4c0
[  105.229824][ T5821]  ? lockdep_hardirqs_on+0x9c/0x150
[  105.229860][ T5821]  task_work_run+0x1d4/0x260
[  105.229887][ T5821]  ? __pfx_task_work_run+0x10/0x10
[  105.229917][ T5821]  ? exit_to_user_mode_loop+0x55/0x4f0
[  105.229950][ T5821]  exit_to_user_mode_loop+0xff/0x4f0
[  105.229976][ T5821]  ? rcu_is_watching+0x15/0xb0
[  105.230014][ T5821]  do_syscall_64+0x2e9/0xfa0
[  105.230047][ T5821]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.230068][ T5821]  ? clear_bhb_loop+0x60/0xb0
[  105.230102][ T5821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.230123][ T5821] RIP: 0033:0x7f87247909f7
[  105.230147][ T5821] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  105.230164][ T5821] RSP: 002b:00007ffe434006c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  105.230185][ T5821] RAX: 0000000000000000 RBX: 00007f8724811d7d RCX: 00007f87247909f7
[  105.230199][ T5821] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe43400780
[  105.230211][ T5821] RBP: 00007ffe43400780 R08: 0000000000000000 R09: 0000000000000000
[  105.230223][ T5821] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe43401810
[  105.230236][ T5821] R13: 00007f8724811d7d R14: 0000000000019a73 R15: 00007ffe43401850
[  105.230277][ T5821]  </TASK>
[  105.230286][ T5821] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  105.537161][ T6151] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.59: inode has both inline data and extents flags
[  105.586236][ T6151] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.59: couldn't read orphan inode 15 (err -117)
[  105.644359][ T6151] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.658079][ T6146] loop1: detected capacity change from 0 to 40427
[  105.881177][ T6146] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  105.907708][ T6146] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  105.940973][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.945358][   T30] audit: type=1800 audit(1762777084.821:3): pid=6146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.57" name="file1" dev="loop1" ino=10 res=0 errno=0
[  106.113403][ T5827] syz-executor: attempt to access beyond end of device
[  106.113403][ T5827] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  106.163092][ T5827] CPU: 0 UID: 0 PID: 5827 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  106.163122][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  106.163134][ T5827] Call Trace:
[  106.163143][ T5827]  <TASK>
[  106.163153][ T5827]  dump_stack_lvl+0x189/0x250
[  106.163193][ T5827]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.163224][ T5827]  ? __pfx_queue_work_on+0x10/0x10
[  106.163250][ T5827]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  106.163278][ T5827]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  106.163318][ T5827]  f2fs_handle_critical_error+0x37c/0x540
[  106.163357][ T5827]  f2fs_write_end_io+0x886/0xb60
[  106.163398][ T5827]  __submit_merged_bio+0x27a/0x6a0
[  106.163435][ T5827]  __submit_merged_write_cond+0x255/0x530
[  106.163473][ T5827]  f2fs_write_data_pages+0x261d/0x3000
[  106.163493][ T5827]  ? __lock_acquire+0xab9/0xd20
[  106.163541][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  106.163594][ T5827]  ? lockdep_unlock+0x89/0x120
[  106.163612][ T5827]  ? validate_chain+0x897/0x2140
[  106.163654][ T5827]  ? __lock_acquire+0xab9/0xd20
[  106.163682][ T5827]  ? do_raw_spin_lock+0x121/0x290
[  106.163707][ T5827]  ? do_raw_spin_unlock+0x122/0x240
[  106.163724][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  106.163742][ T5827]  do_writepages+0x32e/0x550
[  106.163777][ T5827]  ? do_raw_spin_unlock+0x122/0x240
[  106.163797][ T5827]  filemap_fdatawrite+0x199/0x240
[  106.163823][ T5827]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  106.163886][ T5827]  ? do_raw_spin_unlock+0x122/0x240
[  106.163906][ T5827]  f2fs_sync_dirty_inodes+0x31f/0x830
[  106.163937][ T5827]  f2fs_write_checkpoint+0x93e/0x2440
[  106.163956][ T5827]  ? __lock_acquire+0xab9/0xd20
[  106.163999][ T5827]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  106.164070][ T5827]  kill_f2fs_super+0x2cc/0x6d0
[  106.164094][ T5827]  ? __pfx_kill_f2fs_super+0x10/0x10
[  106.164127][ T5827]  ? shrinker_free+0x2ce/0x3e0
[  106.164151][ T5827]  deactivate_locked_super+0xbc/0x130
[  106.164172][ T5827]  cleanup_mnt+0x425/0x4c0
[  106.164190][ T5827]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.164217][ T5827]  task_work_run+0x1d4/0x260
[  106.164248][ T5827]  ? __pfx_task_work_run+0x10/0x10
[  106.164268][ T5827]  ? exit_to_user_mode_loop+0x55/0x4f0
[  106.164292][ T5827]  exit_to_user_mode_loop+0xff/0x4f0
[  106.164312][ T5827]  ? rcu_is_watching+0x15/0xb0
[  106.164340][ T5827]  do_syscall_64+0x2e9/0xfa0
[  106.164365][ T5827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.164381][ T5827]  ? clear_bhb_loop+0x60/0xb0
[  106.164400][ T5827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.164416][ T5827] RIP: 0033:0x7f08703909f7
[  106.164430][ T5827] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  106.164443][ T5827] RSP: 002b:00007ffd684b41c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  106.164461][ T5827] RAX: 0000000000000000 RBX: 00007f0870411d7d RCX: 00007f08703909f7
[  106.164472][ T5827] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd684b4280
[  106.164481][ T5827] RBP: 00007ffd684b4280 R08: 0000000000000000 R09: 0000000000000000
[  106.164491][ T5827] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd684b5310
[  106.164501][ T5827] R13: 00007f0870411d7d R14: 0000000000019dff R15: 00007ffd684b5350
[  106.164546][ T5827]  </TASK>
[  106.164557][ T5827] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  106.519759][ T5927] team0 (unregistering): Port device team_slave_1 removed
[  106.602997][ T6162] loop4: detected capacity change from 0 to 4096
[  106.656468][ T5927] team0 (unregistering): Port device team_slave_0 removed
[  106.749258][ T6165] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  106.782576][ T5840] Bluetooth: hci2: command tx timeout
[  107.315239][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  107.404827][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  107.479016][    T9] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  107.507809][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.527290][    T9] usb 2-1: Product: syz
[  107.531516][    T9] usb 2-1: Manufacturer: syz
[  107.556062][    T9] usb 2-1: SerialNumber: syz
[  107.577750][    T9] usb 2-1: config 0 descriptor??
[  107.588505][   T10] usb 5-1: Using ep0 maxpacket: 32
[  107.611317][   T10] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  107.621643][   T10] usb 5-1: config 0 has no interface number 0
[  107.648504][ T6057] chnl_net:caif_netlink_parms(): no params data found
[  107.659280][   T10] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  107.697690][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.708020][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.727013][   T10] usb 5-1: Product: syz
[  107.743313][   T10] usb 5-1: Manufacturer: syz
[  107.766050][   T10] usb 5-1: SerialNumber: syz
[  107.789826][   T10] usb 5-1: config 0 descriptor??
[  107.826277][   T10] smsc95xx v2.0.0
[  108.037084][ T6057] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.061817][ T6057] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.075036][ T6057] bridge_slave_0: entered allmulticast mode
[  108.102748][ T6057] bridge_slave_0: entered promiscuous mode
[  108.121528][ T6057] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.140634][ T6057] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.159548][ T6057] bridge_slave_1: entered allmulticast mode
[  108.182290][ T6057] bridge_slave_1: entered promiscuous mode
[  108.248687][   T10] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  108.274817][   T10] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  108.329703][ T6057] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.360789][ T6057] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.592121][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  108.604607][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  108.613425][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  108.627550][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  108.635751][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  108.826303][    T9] usb 2-1: f81604_read: reg: 100e failed: -EPROTO
[  108.845406][ T6057] team0: Port device team_slave_0 added
[  108.854996][ T5840] Bluetooth: hci2: command tx timeout
[  108.861496][ T6057] team0: Port device team_slave_1 added
[  108.884470][    T9] usb 2-1: f81604_read: reg: 200f failed: -EPROTO
[  108.895260][   T10] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  108.908151][   T10] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -71
[  108.937282][    T9] usb 2-1: USB disconnect, device number 3
[  108.959740][   T10] usb 5-1: USB disconnect, device number 2
[  108.972383][ T6189] loop3: detected capacity change from 0 to 32768
[  108.981238][ T6189] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.70 (6189)
[  108.999332][ T6189] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  109.037966][ T6189] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  109.101946][    T9] usb 2-1: f81604_read: reg: 100f failed: -ENODEV
[  109.128929][ T6057] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.145356][ T6057] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.173512][ T6057] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.188196][ T6189] BTRFS info (device loop3): allowing degraded mounts
[  109.195477][ T6189] BTRFS info (device loop3): enabling ssd optimizations
[  109.206276][ T6189] BTRFS info (device loop3): turning on async discard
[  109.216328][ T6057] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.223315][ T6057] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  109.249809][ T6189] BTRFS info (device loop3): enabling free space tree
[  109.273276][ T6189] BTRFS info (device loop3): force zlib compression, level 3
[  109.284024][ T6057] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.362420][    T9] usb 2-1: f81604_read: reg: 200f failed: -ENODEV
[  109.554584][ T5828] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  109.577171][ T5927] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  109.625142][ T6216] Bluetooth: hci0: invalid length 0, exp 2 for type 16
[  110.047979][ T5927] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.133652][ T6057] hsr_slave_0: entered promiscuous mode
[  110.177008][ T6057] hsr_slave_1: entered promiscuous mode
[  110.195132][ T6057] debugfs: 'hsr0' already exists in 'hsr'
[  110.211445][ T6057] Cannot create hsr debugfs directory
[  110.261694][ T6213] loop1: detected capacity change from 0 to 32768
[  110.280106][ T6213] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.71 (6213)
[  110.316717][ T6213] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  110.344934][ T6213] BTRFS info (device loop1): using blake2b (blake2b-256-lib) checksum algorithm
[  110.401214][ T6213] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  110.402841][ T5927] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.434646][ T6213] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  110.559584][ T6213] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  110.610276][ T6213] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  110.668333][ T6213] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  110.694858][ T5840] Bluetooth: hci1: command tx timeout
[  110.752439][ T6213] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  110.856216][ T5927] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  110.899466][ T6213] BTRFS info (device loop1): enabling ssd optimizations
[  110.943943][ T6213] BTRFS info (device loop1): using spread ssd allocation scheme
[  110.964831][ T6213] BTRFS info (device loop1): turning off barriers
[  110.971317][ T6213] BTRFS info (device loop1): enabling free space tree
[  111.015996][ T6213] BTRFS info (device loop1): force zlib compression, level 3
[  111.301168][ T6213] BTRFS info (device loop1 state M): resize thread pool 2097158 -> 4
[  111.356423][ T6213] BTRFS info (device loop1 state M): force  compression, level 0
[  111.621675][ T5827] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  112.151912][ T6193] chnl_net:caif_netlink_parms(): no params data found
[  112.221627][ T5927] bridge_slave_1: left allmulticast mode
[  112.259067][ T5927] bridge_slave_1: left promiscuous mode
[  112.275024][ T5927] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.300113][ T5927] bridge_slave_0: left allmulticast mode
[  112.306236][ T5927] bridge_slave_0: left promiscuous mode
[  112.326674][ T5927] bridge0: port 1(bridge_slave_0) entered disabled state
[  112.472675][ T6275] loop3: detected capacity change from 0 to 64
[  112.775144][ T5840] Bluetooth: hci1: command tx timeout
[  113.007198][ T6270] loop4: detected capacity change from 0 to 32768
[  113.096666][ T6270] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  113.216723][ T6270] XFS (loop4): Ending clean mount
[  113.237240][ T6270] XFS (loop4): Quotacheck needed: Please wait.
[  113.273099][ T6270] XFS (loop4): Quotacheck: Done.
[  113.373842][ T6289] loop1: detected capacity change from 0 to 32768
[  113.388471][ T6289] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.85 (6289)
[  113.397791][ T5821] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  113.424321][ T6289] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.434658][ T6289] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  113.443476][ T6289] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  113.596027][ T5927] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  113.610706][ T6289] BTRFS info (device loop1): rebuilding free space tree
[  113.632852][ T6289] BTRFS info (device loop1): disabling free space tree
[  113.641080][ T6289] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  113.650854][ T6289] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  113.672222][ T5927] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  113.687264][ T6289] BTRFS info (device loop1): setting nodatasum
[  113.693483][ T6289] BTRFS info (device loop1): setting nodatacow
[  113.701442][ T6289] BTRFS info (device loop1): enabling ssd optimizations
[  113.708563][ T6289] BTRFS info (device loop1): using spread ssd allocation scheme
[  113.716274][ T6289] BTRFS info (device loop1): turning on async discard
[  113.724612][ T6289] BTRFS info (device loop1): enabling disk space caching
[  113.731775][ T6289] BTRFS info (device loop1): force clearing of disk cache
[  113.769354][ T5927] bond0 (unregistering): Released all slaves
[  114.315328][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  114.357684][ T6289] BTRFS warning (device loop1 state M): remount supports changing free space tree only from RO to RW
[  114.369065][ T6289] BTRFS info (device loop1 state M): turning off barriers
[  114.382412][ T6289] BTRFS info (device loop1 state M): turning on flush-on-commit
[  114.390467][ T6289] BTRFS info (device loop1 state M): turning on sync discard
[  114.397955][ T6289] BTRFS info (device loop1 state M): force clearing of disk cache
[  114.405849][ T6289] BTRFS info (device loop1 state M): enabling auto defrag
[  114.413000][ T6289] BTRFS info (device loop1 state M): not using ssd optimizations
[  114.420822][ T6289] BTRFS info (device loop1 state M): not using spread ssd allocation scheme
[  114.452534][ T6057] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  114.478856][ T5827] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  114.505807][   T10] usb 5-1: Using ep0 maxpacket: 32
[  114.513883][ T6057] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  114.544334][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.557755][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.577596][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  114.587522][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.610706][ T6057] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  114.638294][   T10] usb 5-1: config 0 descriptor??
[  114.674229][ T6057] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  114.855928][ T5840] Bluetooth: hci1: command tx timeout
[  114.977597][ T6329] loop1: detected capacity change from 0 to 256
[  114.993061][ T6193] bridge0: port 1(bridge_slave_0) entered blocking state
[  115.005248][ T6193] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.019858][ T6193] bridge_slave_0: entered allmulticast mode
[  115.038652][ T6193] bridge_slave_0: entered promiscuous mode
[  115.122649][ T5927] hsr_slave_0: left promiscuous mode
[  115.132332][ T5927] hsr_slave_1: left promiscuous mode
[  115.149192][   T10] savu 0003:1E7D:2D5A.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  115.175647][ T5927] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  115.203901][ T5927] batman_adv: batadv0: Removing interface: batadv_slave_0
[  115.253751][ T5927] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  115.274789][ T5927] batman_adv: batadv0: Removing interface: batadv_slave_1
[  115.334676][ T5927] veth1_macvtap: left promiscuous mode
[  115.357487][    T9] usb 5-1: USB disconnect, device number 3
[  115.358916][ T5927] veth0_macvtap: left promiscuous mode
[  115.428557][ T5927] veth1_vlan: left promiscuous mode
[  115.433969][ T5927] veth0_vlan: left promiscuous mode
[  116.386468][ T6345] loop3: detected capacity change from 0 to 32768
[  116.423185][ T6351] netlink: 4 bytes leftover after parsing attributes in process `syz.4.97'.
[  116.436806][ T6345] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  116.445274][ T6345] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  116.514645][ T6345] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  116.526686][ T5898] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  116.533754][ T5898] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  116.645456][ T5898] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 111ms
[  116.654568][ T5898] gfs2: fsid=syz:syz.0: jid=0: Done
[  116.672891][ T6345] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  116.884038][ T5927] team0 (unregistering): Port device team_slave_1 removed
[  116.936568][ T5840] Bluetooth: hci1: command tx timeout
[  116.944883][ T5927] team0 (unregistering): Port device team_slave_0 removed
[  117.349570][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  117.371940][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  117.582127][ T6193] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.601557][ T6193] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.614405][ T6193] bridge_slave_1: entered allmulticast mode
[  117.624843][ T6193] bridge_slave_1: entered promiscuous mode
[  117.869974][ T6193] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.934311][ T6193] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  118.140306][ T6193] team0: Port device team_slave_0 added
[  118.197222][ T6370] loop4: detected capacity change from 0 to 256
[  118.246992][ T6193] team0: Port device team_slave_1 added
[  118.428120][ T6193] batman_adv: batadv0: Adding interface: batadv_slave_0
[  118.456104][ T6376] loop1: detected capacity change from 0 to 128
[  118.456701][ T6193] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  118.541747][   T30] audit: type=1800 audit(1762777097.421:4): pid=6376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.105" name="bus" dev="loop1" ino=1048610 res=0 errno=0
[  118.563681][ T6193] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  118.614545][ T6193] batman_adv: batadv0: Adding interface: batadv_slave_1
[  118.649005][ T6193] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  118.683872][ T6379] syz.1.105: attempt to access beyond end of device
[  118.683872][ T6379] loop1: rw=2049, sector=945, nr_sectors = 96 limit=128
[  118.686454][ T6193] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  118.779179][ T6193] hsr_slave_0: entered promiscuous mode
[  118.785958][ T6193] hsr_slave_1: entered promiscuous mode
[  119.009010][ T6057] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.151324][ T6057] 8021q: adding VLAN 0 to HW filter on device team0
[  119.197333][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.204608][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.400818][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.408067][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.447657][ T6399] Zero length message leads to an empty skb
[  119.924243][ T6193] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  120.017666][ T6193] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  120.071012][ T6193] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  120.094331][ T6193] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  120.447385][ T6193] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.531944][ T6057] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.577553][ T6193] 8021q: adding VLAN 0 to HW filter on device team0
[  120.638729][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.646103][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.733559][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.740921][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.867416][ T6443] loop3: detected capacity change from 0 to 1024
[  120.905810][ T6443] EXT4-fs: Ignoring removed orlov option
[  120.911535][ T6443] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.098354][ T6443] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.291764][ T6443] capability: warning: `syz.3.120' uses deprecated v2 capabilities in a way that may be insecure
[  121.365594][ T6456] loop1: detected capacity change from 0 to 512
[  121.405143][ T6456] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  121.561846][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.591769][ T6456] EXT4-fs (loop1): 1 truncate cleaned up
[  121.646741][ T6456] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.742369][ T6057] veth0_vlan: entered promiscuous mode
[  121.809457][ T6057] veth1_vlan: entered promiscuous mode
[  121.960818][ T5827] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.007454][ T6057] veth0_macvtap: entered promiscuous mode
[  122.076806][ T6057] veth1_macvtap: entered promiscuous mode
[  122.245008][ T6193] 8021q: adding VLAN 0 to HW filter on device batadv0
[  122.279169][ T6057] batman_adv: batadv0: Interface activated: batadv_slave_0
[  122.383691][ T6057] batman_adv: batadv0: Interface activated: batadv_slave_1
[  122.468353][ T5927] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.505792][ T5927] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.570601][ T5927] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.626480][ T6294] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.791811][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.823922][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.894866][ T1215] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  122.933902][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.954443][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  123.081481][ T1215] usb 4-1: config 0 has no interfaces?
[  123.106967][ T1215] usb 4-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  123.144144][ T1215] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.164413][ T1215] usb 4-1: Product: syz
[  123.168934][ T1215] usb 4-1: Manufacturer: syz
[  123.184141][ T1215] usb 4-1: SerialNumber: syz
[  123.206183][ T1215] usb 4-1: config 0 descriptor??
[  123.347267][ T6193] veth0_vlan: entered promiscuous mode
[  123.389121][ T6193] veth1_vlan: entered promiscuous mode
[  123.464578][ T5941] usb 4-1: USB disconnect, device number 3
[  123.513532][ T6193] veth0_macvtap: entered promiscuous mode
[  123.528882][ T6193] veth1_macvtap: entered promiscuous mode
[  123.591197][ T6193] batman_adv: batadv0: Interface activated: batadv_slave_0
[  123.639328][ T6193] batman_adv: batadv0: Interface activated: batadv_slave_1
[  123.676584][ T5927] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  123.697985][ T5927] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  123.707088][ T6477] loop1: detected capacity change from 0 to 40427
[  123.712133][ T6477] F2FS-fs (loop1): invalid crc value
[  123.779739][ T5927] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  123.812005][ T5927] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  123.990063][ T6477] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.038078][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.057271][ T6477] F2FS-fs (loop1): Start checkpoint disabled!
[  124.072795][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.095004][ T6477] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  124.174200][ T6477] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  124.196313][ T5927] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  124.209094][ T5927] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  124.313768][   T30] audit: type=1800 audit(1762777103.191:5): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.125" name="file1" dev="loop1" ino=10 res=0 errno=0
[  124.637572][ T6505] loop5: detected capacity change from 0 to 32768
[  124.755983][   T30] audit: type=1800 audit(1762777103.641:6): pid=6505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.35" name="file1" dev="loop5" ino=4 res=0 errno=0
[  124.984942][ T6536] netlink: 8 bytes leftover after parsing attributes in process `syz.3.135'.
[  125.214087][ T6516] loop4: detected capacity change from 0 to 32768
[  125.278553][ T6516] ERROR: (device loop4): diAllocAG: numfree > numinos
[  125.278553][ T6516] 
[  125.297389][ T6516] ialloc: diAlloc returned -5!
[  125.336912][   T30] audit: type=1800 audit(1762777104.221:7): pid=6477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.125" name="file1" dev="loop1" ino=10 res=0 errno=0
[  125.507828][ T6477] syz.1.125: attempt to access beyond end of device
[  125.507828][ T6477] loop1: rw=2049, sector=45096, nr_sectors = 2088 limit=40427
[  125.604396][ T6477] syz.1.125: attempt to access beyond end of device
[  125.604396][ T6477] loop1: rw=2049, sector=47184, nr_sectors = 480 limit=40427
[  126.180582][ T5927] kworker/u8:7: attempt to access beyond end of device
[  126.180582][ T5927] loop1: rw=2049, sector=47664, nr_sectors = 8 limit=40427
[  126.256722][ T5927] CPU: 1 UID: 0 PID: 5927 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  126.256749][ T5927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  126.256762][ T5927] Workqueue: writeback wb_workfn (flush-7:1)
[  126.256797][ T5927] Call Trace:
[  126.256806][ T5927]  <TASK>
[  126.256816][ T5927]  dump_stack_lvl+0x189/0x250
[  126.256852][ T5927]  ? __pfx_dump_stack_lvl+0x10/0x10
[  126.256883][ T5927]  ? __pfx_queue_work_on+0x10/0x10
[  126.256909][ T5927]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  126.256938][ T5927]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  126.256980][ T5927]  f2fs_handle_critical_error+0x37c/0x540
[  126.257021][ T5927]  f2fs_write_end_io+0x886/0xb60
[  126.257066][ T5927]  __submit_merged_bio+0x27a/0x6a0
[  126.257106][ T5927]  __submit_merged_write_cond+0x255/0x530
[  126.257147][ T5927]  f2fs_write_data_pages+0x261d/0x3000
[  126.257213][ T5927]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  126.257253][ T5927]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  126.257323][ T5927]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  126.257372][ T5927]  ? trace_f2fs_writepages+0x7f/0x200
[  126.257416][ T5927]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  126.257463][ T5927]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  126.257486][ T5927]  do_writepages+0x32e/0x550
[  126.257523][ T5927]  ? reacquire_held_locks+0x127/0x1d0
[  126.257551][ T5927]  ? writeback_sb_inodes+0x3bc/0x1950
[  126.257588][ T5927]  __writeback_single_inode+0x143/0x12d0
[  126.257616][ T5927]  ? do_raw_spin_unlock+0x122/0x240
[  126.257649][ T5927]  writeback_sb_inodes+0x984/0x1950
[  126.257716][ T5927]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  126.257799][ T5927]  ? rcu_is_watching+0x15/0xb0
[  126.257839][ T5927]  wb_writeback+0x43b/0xaf0
[  126.257874][ T5927]  ? queue_io+0x3c1/0x590
[  126.257905][ T5927]  ? __pfx_wb_writeback+0x10/0x10
[  126.257943][ T5927]  ? _raw_spin_unlock_irq+0x23/0x50
[  126.257975][ T5927]  wb_workfn+0x409/0xef0
[  126.258016][ T5927]  ? __pfx_wb_workfn+0x10/0x10
[  126.258043][ T5927]  ? __lock_acquire+0xab9/0xd20
[  126.258081][ T5927]  ? process_one_work+0x868/0x15d0
[  126.258115][ T5927]  ? _raw_spin_unlock_irq+0x23/0x50
[  126.258146][ T5927]  ? process_one_work+0x868/0x15d0
[  126.258169][ T5927]  process_one_work+0x94a/0x15d0
[  126.258193][ T5927]  ? __lock_acquire+0xab9/0xd20
[  126.258245][ T5927]  ? __pfx_process_one_work+0x10/0x10
[  126.258283][ T5927]  ? assign_work+0x3a1/0x410
[  126.258314][ T5927]  worker_thread+0x9b0/0xee0
[  126.258372][ T5927]  kthread+0x711/0x8a0
[  126.258396][ T5927]  ? __pfx_worker_thread+0x10/0x10
[  126.258422][ T5927]  ? __pfx_kthread+0x10/0x10
[  126.258443][ T5927]  ? _raw_spin_unlock_irq+0x23/0x50
[  126.258487][ T5927]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.258515][ T5927]  ? __pfx_kthread+0x10/0x10
[  126.258536][ T5927]  ret_from_fork+0x599/0xb30
[  126.258565][ T5927]  ? __pfx_ret_from_fork+0x10/0x10
[  126.258604][ T5927]  ? __switch_to_asm+0x39/0x70
[  126.258624][ T5927]  ? __switch_to_asm+0x33/0x70
[  126.258660][ T5927]  ? __pfx_kthread+0x10/0x10
[  126.258682][ T5927]  ret_from_fork_asm+0x1a/0x30
[  126.258728][ T5927]  </TASK>
[  126.258737][ T5927] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  126.776104][ T6580] netlink: 'syz.5.140': attribute type 1 has an invalid length.
[  126.817898][ T6580] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  126.825541][ T6580] IPv6: NLM_F_CREATE should be set when creating new route
[  126.829305][ T6575] loop6: detected capacity change from 0 to 8192
[  126.832806][ T6580] IPv6: NLM_F_CREATE should be set when creating new route
[  126.932838][ T6580] netlink: 'syz.5.140': attribute type 1 has an invalid length.
[  126.944539][ T6580] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  126.951877][ T6580] IPv6: NLM_F_CREATE should be set when creating new route
[  127.407332][ T6593] Illegal XDP return value 4294967274 on prog  (id 16) dev syz_tun, expect packet loss!
[  127.646854][ T6602] autofs4:pid:6602:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(0.0), cmd(0xc018937d)
[  127.690625][ T6602] autofs4:pid:6602:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937d)
[  128.062924][ T6621] loop4: detected capacity change from 0 to 1024
[  128.131000][ T6621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.172168][ T6621] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  128.192384][ T6621] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  128.205219][ T6621] EXT4-fs (loop4): This should not happen!! Data will be lost
[  128.205219][ T6621] 
[  128.215626][ T6621] EXT4-fs (loop4): Total free blocks count 0
[  128.221744][ T6621] EXT4-fs (loop4): Free/Dirty block details
[  128.228564][ T6621] EXT4-fs (loop4): free_blocks=68451041280
[  128.234511][ T6621] EXT4-fs (loop4): dirty_blocks=32
[  128.240275][ T6621] EXT4-fs (loop4): Block reservation details
[  128.246626][ T6621] EXT4-fs (loop4): i_reserved_data_blocks=2
[  128.261073][ T6621] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 1 with error 28
[  129.007825][ T6648] loop5: detected capacity change from 0 to 512
[  129.042794][ T6648] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  129.150362][ T6648] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.227179][ T6648] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.280837][ T6648] EXT4-fs (loop5): shut down requested (2)
[  129.426288][ T6057] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.580608][ T6657] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  129.623059][ T6640] loop3: detected capacity change from 0 to 40427
[  129.700506][ T6640] F2FS-fs (loop3): invalid crc value
[  130.084688][ T6640] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  130.133248][ T6640] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  130.274344][ T6640] syz.3.167: attempt to access beyond end of device
[  130.274344][ T6640] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  130.372477][ T5828] syz-executor: attempt to access beyond end of device
[  130.372477][ T5828] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  130.395223][ T5828] CPU: 0 UID: 0 PID: 5828 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  130.395250][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  130.395262][ T5828] Call Trace:
[  130.395270][ T5828]  <TASK>
[  130.395279][ T5828]  dump_stack_lvl+0x189/0x250
[  130.395319][ T5828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  130.395350][ T5828]  ? __pfx_queue_work_on+0x10/0x10
[  130.395376][ T5828]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  130.395413][ T5828]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  130.395456][ T5828]  f2fs_handle_critical_error+0x37c/0x540
[  130.395497][ T5828]  f2fs_write_end_io+0x886/0xb60
[  130.395543][ T5828]  __submit_merged_bio+0x27a/0x6a0
[  130.395583][ T5828]  __submit_merged_write_cond+0x255/0x530
[  130.395623][ T5828]  f2fs_write_data_pages+0x261d/0x3000
[  130.395689][ T5828]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  130.395768][ T5828]  ? __mod_zone_page_state+0xd7/0x140
[  130.395811][ T5828]  ? unwind_next_frame+0xa5/0x2390
[  130.395838][ T5828]  ? rcu_is_watching+0x15/0xb0
[  130.395864][ T5828]  ? __kasan_check_byte+0x12/0x40
[  130.395903][ T5828]  ? is_bpf_text_address+0x26/0x2b0
[  130.395923][ T5828]  ? rcu_is_watching+0x15/0xb0
[  130.395956][ T5828]  ? rcu_is_watching+0x15/0xb0
[  130.395987][ T5828]  ? lock_release+0x4b/0x3e0
[  130.396010][ T5828]  ? lock_release+0x4b/0x3e0
[  130.396055][ T5828]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  130.396078][ T5828]  do_writepages+0x32e/0x550
[  130.396122][ T5828]  ? do_raw_spin_unlock+0x122/0x240
[  130.396150][ T5828]  filemap_fdatawrite+0x199/0x240
[  130.396198][ T5828]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  130.396294][ T5828]  ? do_raw_spin_unlock+0x122/0x240
[  130.396322][ T5828]  f2fs_sync_dirty_inodes+0x31f/0x830
[  130.396366][ T5828]  f2fs_write_checkpoint+0x93e/0x2440
[  130.396395][ T5828]  ? __lock_acquire+0xab9/0xd20
[  130.396460][ T5828]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  130.396562][ T5828]  kill_f2fs_super+0x2cc/0x6d0
[  130.396607][ T5828]  ? __pfx_kill_f2fs_super+0x10/0x10
[  130.396654][ T5828]  ? shrinker_free+0x2ce/0x3e0
[  130.396683][ T5828]  deactivate_locked_super+0xbc/0x130
[  130.396710][ T5828]  cleanup_mnt+0x425/0x4c0
[  130.396732][ T5828]  ? lockdep_hardirqs_on+0x9c/0x150
[  130.396766][ T5828]  task_work_run+0x1d4/0x260
[  130.396792][ T5828]  ? __pfx_task_work_run+0x10/0x10
[  130.396820][ T5828]  ? exit_to_user_mode_loop+0x55/0x4f0
[  130.396851][ T5828]  exit_to_user_mode_loop+0xff/0x4f0
[  130.396876][ T5828]  ? rcu_is_watching+0x15/0xb0
[  130.396912][ T5828]  do_syscall_64+0x2e9/0xfa0
[  130.396943][ T5828]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.396963][ T5828]  ? clear_bhb_loop+0x60/0xb0
[  130.396989][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.397008][ T5828] RIP: 0033:0x7fbd8fb909f7
[  130.397040][ T5828] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  130.397056][ T5828] RSP: 002b:00007ffefbb17f48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  130.397077][ T5828] RAX: 0000000000000000 RBX: 00007fbd8fc11d7d RCX: 00007fbd8fb909f7
[  130.397090][ T5828] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffefbb18000
[  130.397102][ T5828] RBP: 00007ffefbb18000 R08: 0000000000000000 R09: 0000000000000000
[  130.397114][ T5828] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffefbb19090
[  130.397127][ T5828] R13: 00007fbd8fc11d7d R14: 000000000001fcc3 R15: 00007ffefbb190d0
[  130.397185][ T5828]  </TASK>
[  130.397193][ T5828] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  130.427363][ T6687] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  130.750857][ T6687] IPv6: NLM_F_CREATE should be set when creating new route
[  130.766871][   T79] nci: nci_extract_activation_params_iso_dep: unsupported activation_rf_tech_and_mode 0x2
[  131.173673][ T6646] loop1: detected capacity change from 0 to 65536
[  131.287141][ T6646] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  131.388206][ T6710] loop4: detected capacity change from 0 to 64
[  131.415363][ T6646] XFS (loop1): Ending clean mount
[  131.468492][ T6646] XFS (loop1): Quotacheck needed: Please wait.
[  131.604309][ T6646] XFS (loop1): Quotacheck: Done.
[  131.656396][ T5821] syz-executor: attempt to access beyond end of device
[  131.656396][ T5821] loop4: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  131.722970][ T5821] Buffer I/O error on dev loop4, logical block 134217734, async page read
[  131.773498][ T5821] syz-executor: attempt to access beyond end of device
[  131.773498][ T5821] loop4: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  131.827239][ T5821] Buffer I/O error on dev loop4, logical block 134217734, async page read
[  131.858186][ T5827] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  131.868662][ T5821] Trying to free block not in datazone
[  132.113705][ T6677] loop5: detected capacity change from 0 to 32768
[  132.182540][ T6677] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  132.308045][ T6677] XFS (loop5): Ending clean mount
[  132.706730][ T6057] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  132.943608][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  132.955117][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  133.114933][ T6743] netlink: 12 bytes leftover after parsing attributes in process `syz.1.187'.
[  133.374913][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  133.565339][   T24] usb 6-1: Using ep0 maxpacket: 16
[  133.587119][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.609692][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.633896][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  133.677407][   T24] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  133.705721][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.745369][   T24] usb 6-1: config 0 descriptor??
[  134.183923][   T24] HID 045e:07da: Invalid code 65791 type 1
[  134.235986][   T24] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0004/input/input7
[  134.285973][   T24] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  134.433352][ T6748] loop3: detected capacity change from 0 to 32768
[  134.484170][ T6748] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.193 (6748)
[  134.504491][ T5898] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  134.545657][ T6748] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  134.574917][ T6748] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  134.610416][ T6746] loop6: detected capacity change from 0 to 40427
[  134.635593][ T6746] F2FS-fs (loop6): Image doesn't support compression
[  134.652403][ T6746] F2FS-fs (loop6): build fault injection rate: 684
[  134.659850][ T6746] F2FS-fs (loop6): build fault injection type: 0x35f7
[  134.672263][ T6746] F2FS-fs (loop6): invalid crc value
[  134.718484][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.799440][ T5898] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.815390][ T6748] BTRFS info (device loop3): setting nodatasum
[  134.839358][ T6748] BTRFS info (device loop3): turning off barriers
[  134.853475][ T5898] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  134.871407][ T6748] BTRFS info (device loop3): turning on async discard
[  134.893005][ T5898] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  134.913212][ T5898] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.914809][ T6748] BTRFS info (device loop3): enabling free space tree
[  134.957174][ T5898] usb 5-1: config 0 descriptor??
[  134.985181][ T6748] BTRFS info (device loop3): enabling auto defrag
[  135.003104][ T6746] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  135.022974][ T6748] BTRFS info (device loop3): use zlib compression, level 3
[  135.047163][ T6746] F2FS-fs (loop6): Start checkpoint disabled!
[  135.080913][ T6746] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  135.145852][ T6746] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  135.399247][ T6746] F2FS-fs (loop6): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x18b/0xa40
[  135.415814][   T24] usb 6-1: reset high-speed USB device number 2 using dummy_hcd
[  135.475080][ T6746] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only
[  135.492472][ T5898] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  135.524292][ T6746] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  135.555586][ T5828] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  135.722738][ T6800] loop1: detected capacity change from 0 to 512
[  135.794324][ T6193] F2FS-fs (loop6): access invalid blkaddr:4043309056
[  135.830907][ T6193] CPU: 0 UID: 0 PID: 6193 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  135.830936][ T6193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  135.830948][ T6193] Call Trace:
[  135.830957][ T6193]  <TASK>
[  135.830966][ T6193]  dump_stack_lvl+0x189/0x250
[  135.831005][ T6193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.831033][ T6193]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.831063][ T6193]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  135.831105][ T6193]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  135.831135][ T6193]  f2fs_map_blocks+0xda8/0x4100
[  135.831212][ T6193]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  135.831245][ T6193]  ? xa_load+0x60/0x210
[  135.831290][ T6193]  ? xa_load+0x1ea/0x210
[  135.831330][ T6193]  f2fs_mpage_readpages+0xd25/0x1b80
[  135.831379][ T6193]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  135.831409][ T6193]  ? __folio_batch_add_and_move+0x192/0xc60
[  135.831455][ T6193]  ? f2fs_readahead+0x177/0x330
[  135.831479][ T6193]  read_pages+0x17a/0x580
[  135.831505][ T6193]  ? __pfx_read_pages+0x10/0x10
[  135.831532][ T6193]  ? filemap_add_folio+0x35f/0x540
[  135.831569][ T6193]  page_cache_ra_unbounded+0x760/0x9b0
[  135.831611][ T6193]  f2fs_readdir+0x49b/0xa60
[  135.831655][ T6193]  ? __pfx_f2fs_readdir+0x10/0x10
[  135.831673][ T6193]  ? lock_acquire+0x175/0x360
[  135.831716][ T6193]  ? down_read_killable+0x1d1/0x350
[  135.831754][ T6193]  iterate_dir+0x399/0x570
[  135.831786][ T6193]  __se_sys_getdents64+0xe4/0x260
[  135.831814][ T6193]  ? __pfx___se_sys_getdents64+0x10/0x10
[  135.831837][ T6193]  ? __pfx_filldir64+0x10/0x10
[  135.831872][ T6193]  ? do_syscall_64+0xbe/0xfa0
[  135.831906][ T6193]  do_syscall_64+0xfa/0xfa0
[  135.831936][ T6193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.831956][ T6193]  ? clear_bhb_loop+0x60/0xb0
[  135.831980][ T6193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.832000][ T6193] RIP: 0033:0x7f15b89c2033
[  135.832019][ T6193] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 32 3d f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  135.832035][ T6193] RSP: 002b:00007fff6184be38 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  135.832057][ T6193] RAX: ffffffffffffffda RBX: 000055556f34b600 RCX: 00007f15b89c2033
[  135.832071][ T6193] RDX: 0000000000008000 RSI: 000055556f34b600 RDI: 0000000000000005
[  135.832083][ T6193] RBP: 000055556f34b5d4 R08: 0000000000000000 R09: 0000000000000000
[  135.832095][ T6193] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  135.832108][ T6193] R13: 0000000000000010 R14: 000055556f34b5d0 R15: 00007fff6184e0f0
[  135.832141][ T6193]  </TASK>
[  136.136622][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  136.235672][ T6193] syz-executor: attempt to access beyond end of device
[  136.235672][ T6193] loop6: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  136.277797][ T6193] syz-executor: attempt to access beyond end of device
[  136.277797][ T6193] loop6: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  136.291622][ T6800] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.347608][ T6800] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.370589][ T6800] syz.1.203 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  136.495806][ T5827] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.864352][ T6294] kworker/u8:8: attempt to access beyond end of device
[  136.864352][ T6294] loop6: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  136.888109][    C0] plantronics 0003:047F:FFFF.0005: usb_submit_urb(ctrl) failed: -1
[  136.923956][ T6294] CPU: 0 UID: 0 PID: 6294 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  136.923983][ T6294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  136.923996][ T6294] Workqueue: writeback wb_workfn (flush-7:6)
[  136.924026][ T6294] Call Trace:
[  136.924034][ T6294]  <TASK>
[  136.924043][ T6294]  dump_stack_lvl+0x189/0x250
[  136.924079][ T6294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.924109][ T6294]  ? __pfx_queue_work_on+0x10/0x10
[  136.924134][ T6294]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  136.924163][ T6294]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  136.924213][ T6294]  f2fs_handle_critical_error+0x37c/0x540
[  136.924248][ T6294]  f2fs_write_end_io+0x886/0xb60
[  136.924287][ T6294]  __submit_merged_bio+0x27a/0x6a0
[  136.924321][ T6294]  __submit_merged_write_cond+0x255/0x530
[  136.924356][ T6294]  f2fs_write_data_pages+0x261d/0x3000
[  136.924373][ T6294]  ? kasan_quarantine_put+0xdd/0x220
[  136.924424][ T6294]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  136.924486][ T6294]  ? __lock_acquire+0xab9/0xd20
[  136.924551][ T6294]  ? __set_next_task_fair+0x135/0x390
[  136.924585][ T6294]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  136.924606][ T6294]  do_writepages+0x32e/0x550
[  136.924637][ T6294]  ? reacquire_held_locks+0x127/0x1d0
[  136.924663][ T6294]  ? writeback_sb_inodes+0x3bc/0x1950
[  136.924695][ T6294]  __writeback_single_inode+0x143/0x12d0
[  136.924724][ T6294]  ? do_raw_spin_unlock+0x122/0x240
[  136.924748][ T6294]  writeback_sb_inodes+0x984/0x1950
[  136.924801][ T6294]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  136.924866][ T6294]  ? rcu_is_watching+0x15/0xb0
[  136.924899][ T6294]  wb_writeback+0x43b/0xaf0
[  136.924927][ T6294]  ? queue_io+0x3c1/0x590
[  136.924960][ T6294]  ? __pfx_wb_writeback+0x10/0x10
[  136.924990][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  136.925020][ T6294]  wb_workfn+0x409/0xef0
[  136.925055][ T6294]  ? __pfx_wb_workfn+0x10/0x10
[  136.925080][ T6294]  ? __lock_acquire+0xab9/0xd20
[  136.925114][ T6294]  ? process_one_work+0x868/0x15d0
[  136.925143][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  136.925171][ T6294]  ? process_one_work+0x868/0x15d0
[  136.925192][ T6294]  process_one_work+0x94a/0x15d0
[  136.925214][ T6294]  ? __lock_acquire+0xab9/0xd20
[  136.925258][ T6294]  ? __pfx_process_one_work+0x10/0x10
[  136.925291][ T6294]  ? assign_work+0x3a1/0x410
[  136.925319][ T6294]  worker_thread+0x9b0/0xee0
[  136.925370][ T6294]  kthread+0x711/0x8a0
[  136.925390][ T6294]  ? __pfx_worker_thread+0x10/0x10
[  136.925413][ T6294]  ? __pfx_kthread+0x10/0x10
[  136.925432][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  136.925455][ T6294]  ? lockdep_hardirqs_on+0x9c/0x150
[  136.925494][ T6294]  ? __pfx_kthread+0x10/0x10
[  136.925511][ T6294]  ret_from_fork+0x599/0xb30
[  136.925535][ T6294]  ? __pfx_ret_from_fork+0x10/0x10
[  136.925566][ T6294]  ? __switch_to_asm+0x39/0x70
[  136.925582][ T6294]  ? __switch_to_asm+0x33/0x70
[  136.925597][ T6294]  ? __pfx_kthread+0x10/0x10
[  136.925614][ T6294]  ret_from_fork_asm+0x1a/0x30
[  136.925649][ T6294]  </TASK>
[  137.364820][ T1215] usb 6-1: USB disconnect, device number 2
[  137.399691][ T6294] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  137.411486][ T6294] CPU: 0 UID: 0 PID: 6294 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  137.411511][ T6294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  137.411523][ T6294] Workqueue: writeback wb_workfn (flush-7:6)
[  137.411551][ T6294] Call Trace:
[  137.411559][ T6294]  <TASK>
[  137.411567][ T6294]  dump_stack_lvl+0x189/0x250
[  137.411601][ T6294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.411630][ T6294]  ? __pfx_queue_work_on+0x10/0x10
[  137.411654][ T6294]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  137.411689][ T6294]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  137.411730][ T6294]  f2fs_handle_critical_error+0x37c/0x540
[  137.411769][ T6294]  f2fs_write_end_io+0x886/0xb60
[  137.411811][ T6294]  __submit_merged_bio+0x27a/0x6a0
[  137.411849][ T6294]  __submit_merged_write_cond+0x255/0x530
[  137.411887][ T6294]  f2fs_write_data_pages+0x261d/0x3000
[  137.411905][ T6294]  ? kasan_quarantine_put+0xdd/0x220
[  137.411964][ T6294]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.412037][ T6294]  ? __lock_acquire+0xab9/0xd20
[  137.412132][ T6294]  ? __set_next_task_fair+0x135/0x390
[  137.412172][ T6294]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.412195][ T6294]  do_writepages+0x32e/0x550
[  137.412232][ T6294]  ? reacquire_held_locks+0x127/0x1d0
[  137.412260][ T6294]  ? writeback_sb_inodes+0x3bc/0x1950
[  137.412297][ T6294]  __writeback_single_inode+0x143/0x12d0
[  137.412326][ T6294]  ? do_raw_spin_unlock+0x122/0x240
[  137.412353][ T6294]  writeback_sb_inodes+0x984/0x1950
[  137.412419][ T6294]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  137.412502][ T6294]  ? rcu_is_watching+0x15/0xb0
[  137.412545][ T6294]  wb_writeback+0x43b/0xaf0
[  137.412582][ T6294]  ? queue_io+0x3c1/0x590
[  137.412613][ T6294]  ? __pfx_wb_writeback+0x10/0x10
[  137.412651][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.412694][ T6294]  wb_workfn+0x409/0xef0
[  137.412736][ T6294]  ? __pfx_wb_workfn+0x10/0x10
[  137.412766][ T6294]  ? __lock_acquire+0xab9/0xd20
[  137.412806][ T6294]  ? process_one_work+0x868/0x15d0
[  137.412841][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.412873][ T6294]  ? process_one_work+0x868/0x15d0
[  137.412897][ T6294]  process_one_work+0x94a/0x15d0
[  137.412921][ T6294]  ? __lock_acquire+0xab9/0xd20
[  137.412976][ T6294]  ? __pfx_process_one_work+0x10/0x10
[  137.413015][ T6294]  ? assign_work+0x3a1/0x410
[  137.413048][ T6294]  worker_thread+0x9b0/0xee0
[  137.413110][ T6294]  kthread+0x711/0x8a0
[  137.413134][ T6294]  ? __pfx_worker_thread+0x10/0x10
[  137.413160][ T6294]  ? __pfx_kthread+0x10/0x10
[  137.413182][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.413209][ T6294]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.413236][ T6294]  ? __pfx_kthread+0x10/0x10
[  137.413258][ T6294]  ret_from_fork+0x599/0xb30
[  137.413286][ T6294]  ? __pfx_ret_from_fork+0x10/0x10
[  137.413327][ T6294]  ? __switch_to_asm+0x39/0x70
[  137.413345][ T6294]  ? __switch_to_asm+0x33/0x70
[  137.413363][ T6294]  ? __pfx_kthread+0x10/0x10
[  137.413384][ T6294]  ret_from_fork_asm+0x1a/0x30
[  137.413429][ T6294]  </TASK>
[  137.413438][ T6294] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  137.723526][ T6294] CPU: 0 UID: 0 PID: 6294 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  137.723553][ T6294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  137.723565][ T6294] Workqueue: writeback wb_workfn (flush-7:6)
[  137.723590][ T6294] Call Trace:
[  137.723597][ T6294]  <TASK>
[  137.723603][ T6294]  dump_stack_lvl+0x189/0x250
[  137.723634][ T6294]  ? __pfx_dump_stack_lvl+0x10/0x10
[  137.723658][ T6294]  ? __pfx_queue_work_on+0x10/0x10
[  137.723678][ T6294]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  137.723700][ T6294]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  137.723734][ T6294]  f2fs_handle_critical_error+0x37c/0x540
[  137.723767][ T6294]  f2fs_write_end_io+0x886/0xb60
[  137.723803][ T6294]  __submit_merged_bio+0x27a/0x6a0
[  137.723833][ T6294]  __submit_merged_write_cond+0x255/0x530
[  137.723864][ T6294]  f2fs_write_data_pages+0x261d/0x3000
[  137.723888][ T6294]  ? kasan_quarantine_put+0xdd/0x220
[  137.723941][ T6294]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.724010][ T6294]  ? __lock_acquire+0xab9/0xd20
[  137.724089][ T6294]  ? __set_next_task_fair+0x135/0x390
[  137.724124][ T6294]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  137.724145][ T6294]  do_writepages+0x32e/0x550
[  137.724179][ T6294]  ? reacquire_held_locks+0x127/0x1d0
[  137.724204][ T6294]  ? writeback_sb_inodes+0x3bc/0x1950
[  137.724238][ T6294]  __writeback_single_inode+0x143/0x12d0
[  137.724265][ T6294]  ? do_raw_spin_unlock+0x122/0x240
[  137.724291][ T6294]  writeback_sb_inodes+0x984/0x1950
[  137.724353][ T6294]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  137.724430][ T6294]  ? rcu_is_watching+0x15/0xb0
[  137.724472][ T6294]  wb_writeback+0x43b/0xaf0
[  137.724507][ T6294]  ? queue_io+0x3c1/0x590
[  137.724535][ T6294]  ? __pfx_wb_writeback+0x10/0x10
[  137.724571][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.724620][ T6294]  wb_workfn+0x409/0xef0
[  137.724664][ T6294]  ? __pfx_wb_workfn+0x10/0x10
[  137.724693][ T6294]  ? __lock_acquire+0xab9/0xd20
[  137.724735][ T6294]  ? process_one_work+0x868/0x15d0
[  137.724769][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.724801][ T6294]  ? process_one_work+0x868/0x15d0
[  137.724820][ T6294]  process_one_work+0x94a/0x15d0
[  137.724839][ T6294]  ? __lock_acquire+0xab9/0xd20
[  137.724886][ T6294]  ? __pfx_process_one_work+0x10/0x10
[  137.724916][ T6294]  ? assign_work+0x3a1/0x410
[  137.724942][ T6294]  worker_thread+0x9b0/0xee0
[  137.724990][ T6294]  kthread+0x711/0x8a0
[  137.725009][ T6294]  ? __pfx_worker_thread+0x10/0x10
[  137.725030][ T6294]  ? __pfx_kthread+0x10/0x10
[  137.725047][ T6294]  ? _raw_spin_unlock_irq+0x23/0x50
[  137.725068][ T6294]  ? lockdep_hardirqs_on+0x9c/0x150
[  137.725090][ T6294]  ? __pfx_kthread+0x10/0x10
[  137.725106][ T6294]  ret_from_fork+0x599/0xb30
[  137.725129][ T6294]  ? __pfx_ret_from_fork+0x10/0x10
[  137.725160][ T6294]  ? __switch_to_asm+0x39/0x70
[  137.725175][ T6294]  ? __switch_to_asm+0x33/0x70
[  137.725189][ T6294]  ? __pfx_kthread+0x10/0x10
[  137.725205][ T6294]  ret_from_fork_asm+0x1a/0x30
[  137.725240][ T6294]  </TASK>
[  138.087300][ T6294] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  138.126487][ T6831] loop3: detected capacity change from 0 to 512
[  138.135847][ T6831] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  138.144568][ T6831] EXT4-fs (loop3): Test dummy encryption mode enabled
[  138.161491][ T6831] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.215: inode has both inline data and extents flags
[  138.175160][ T6831] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.215: couldn't read orphan inode 15 (err -117)
[  138.239866][ T6831] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.298492][ T5941] usb 5-1: USB disconnect, device number 4
[  138.343893][ T6831] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  138.483730][ T6831] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  139.001388][ T5828] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.156805][ T6861] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.222'.
[  139.360486][   T50] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.461762][   T50] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.590935][   T50] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.721434][ T6872] loop3: detected capacity change from 0 to 128
[  139.812729][   T30] audit: type=1800 audit(1762777118.691:8): pid=6872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.227" name="file1" dev="loop3" ino=1048627 res=0 errno=0
[  139.859878][   T50] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.001383][ T6854] loop5: detected capacity change from 0 to 40427
[  140.078518][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  140.096281][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  140.105059][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  140.130172][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  140.145277][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  140.190945][ T6886] netlink: 'syz.4.229': attribute type 4 has an invalid length.
[  140.503804][   T50] bridge_slave_1: left allmulticast mode
[  140.524788][   T50] bridge_slave_1: left promiscuous mode
[  140.530645][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.540175][ T6854] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  140.568256][   T50] bridge_slave_0: left allmulticast mode
[  140.573960][   T50] bridge_slave_0: left promiscuous mode
[  140.590968][ T6854] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  140.626179][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.697523][   T30] audit: type=1800 audit(1762777119.581:9): pid=6854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.221" name="file1" dev="loop5" ino=10 res=0 errno=0
[  140.827809][ T6057] syz-executor: attempt to access beyond end of device
[  140.827809][ T6057] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  140.903338][ T6057] CPU: 1 UID: 0 PID: 6057 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  140.903365][ T6057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  140.903377][ T6057] Call Trace:
[  140.903385][ T6057]  <TASK>
[  140.903392][ T6057]  dump_stack_lvl+0x189/0x250
[  140.903430][ T6057]  ? __pfx_dump_stack_lvl+0x10/0x10
[  140.903473][ T6057]  ? __pfx_queue_work_on+0x10/0x10
[  140.903496][ T6057]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  140.903521][ T6057]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.903559][ T6057]  f2fs_handle_critical_error+0x37c/0x540
[  140.903594][ T6057]  f2fs_write_end_io+0x886/0xb60
[  140.903634][ T6057]  __submit_merged_bio+0x27a/0x6a0
[  140.903668][ T6057]  __submit_merged_write_cond+0x255/0x530
[  140.903705][ T6057]  f2fs_write_data_pages+0x261d/0x3000
[  140.903764][ T6057]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  140.903798][ T6057]  ? is_bpf_text_address+0x292/0x2b0
[  140.903817][ T6057]  ? is_bpf_text_address+0x26/0x2b0
[  140.903869][ T6057]  ? stack_trace_save+0x9c/0xe0
[  140.903889][ T6057]  ? __pfx_stack_trace_save+0x10/0x10
[  140.903933][ T6057]  ? __lock_acquire+0xab9/0xd20
[  140.903965][ T6057]  ? do_raw_spin_lock+0x121/0x290
[  140.903996][ T6057]  ? do_raw_spin_unlock+0x122/0x240
[  140.904020][ T6057]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  140.904040][ T6057]  do_writepages+0x32e/0x550
[  140.904079][ T6057]  ? do_raw_spin_unlock+0x122/0x240
[  140.904102][ T6057]  filemap_fdatawrite+0x199/0x240
[  140.904129][ T6057]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  140.904209][ T6057]  ? do_raw_spin_unlock+0x122/0x240
[  140.904233][ T6057]  f2fs_sync_dirty_inodes+0x31f/0x830
[  140.904271][ T6057]  f2fs_write_checkpoint+0x93e/0x2440
[  140.904290][ T6057]  ? __lock_acquire+0xab9/0xd20
[  140.904345][ T6057]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  140.904430][ T6057]  kill_f2fs_super+0x2cc/0x6d0
[  140.904464][ T6057]  ? __pfx_kill_f2fs_super+0x10/0x10
[  140.904506][ T6057]  ? shrinker_free+0x2ce/0x3e0
[  140.904531][ T6057]  deactivate_locked_super+0xbc/0x130
[  140.904554][ T6057]  cleanup_mnt+0x425/0x4c0
[  140.904573][ T6057]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.904602][ T6057]  task_work_run+0x1d4/0x260
[  140.904624][ T6057]  ? __pfx_task_work_run+0x10/0x10
[  140.904649][ T6057]  ? exit_to_user_mode_loop+0x55/0x4f0
[  140.904676][ T6057]  exit_to_user_mode_loop+0xff/0x4f0
[  140.904699][ T6057]  ? rcu_is_watching+0x15/0xb0
[  140.904732][ T6057]  do_syscall_64+0x2e9/0xfa0
[  140.904762][ T6057]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.904781][ T6057]  ? clear_bhb_loop+0x60/0xb0
[  140.904806][ T6057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.904825][ T6057] RIP: 0033:0x7f1c859909f7
[  140.904844][ T6057] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  140.904859][ T6057] RSP: 002b:00007ffe37e8ba98 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  140.904879][ T6057] RAX: 0000000000000000 RBX: 00007f1c85a11d7d RCX: 00007f1c859909f7
[  140.904892][ T6057] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe37e8bb50
[  140.904905][ T6057] RBP: 00007ffe37e8bb50 R08: 0000000000000000 R09: 0000000000000000
[  140.904916][ T6057] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe37e8cbe0
[  140.904929][ T6057] R13: 00007f1c85a11d7d R14: 00000000000225ac R15: 00007ffe37e8cc20
[  140.904969][ T6057]  </TASK>
[  141.331723][ T6057] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  142.190855][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.215338][ T5837] Bluetooth: hci1: command tx timeout
[  142.232227][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.256937][   T50] bond0 (unregistering): Released all slaves
[  142.334382][ T6915] dvmrp0: entered allmulticast mode
[  142.894820][ T5941] kernel write not supported for file bpf-prog (pid: 5941 comm: kworker/0:6)
[  143.051111][   T50] hsr_slave_0: left promiscuous mode
[  143.070933][   T50] hsr_slave_1: left promiscuous mode
[  143.095057][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.114934][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[  143.146537][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.162672][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[  143.213994][   T50] veth1_macvtap: left promiscuous mode
[  143.235397][   T50] veth0_macvtap: left promiscuous mode
[  143.241271][   T50] veth1_vlan: left promiscuous mode
[  143.253875][   T50] veth0_vlan: left promiscuous mode
[  144.294960][ T5837] Bluetooth: hci1: command tx timeout
[  144.753485][   T50] team0 (unregistering): Port device team_slave_1 removed
[  144.831023][   T50] team0 (unregistering): Port device team_slave_0 removed
[  144.874800][ T5898] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  145.047255][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.059882][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.069756][ T5898] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  145.083828][ T5898] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  145.093043][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.108541][ T5898] usb 2-1: config 0 descriptor??
[  145.343325][ T6979] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  145.528686][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.562044][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.585133][    C0] ------------[ cut here ]------------
[  145.590968][    C0] WARNING: ./include/linux/ns_common.h:255 at put_cred_rcu+0x2c5/0x340, CPU#0: kworker/u8:2/36
[  145.601427][    C0] Modules linked in:
[  145.605668][    C0] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  145.615047][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  145.625182][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  145.631488][    C0] RIP: 0010:put_cred_rcu+0x2c5/0x340
[  145.636868][    C0] Code: 5c 41 5d 41 5e 41 5f 5d e9 48 e1 8d 00 e8 03 8c 32 00 4c 89 e7 be 03 00 00 00 e8 d6 27 00 03 e9 b8 fe ff ff e8 ec 8b 32 00 90 <0f> 0b 90 eb 9f e8 e1 8b 32 00 4c 89 ff be 03 00 00 00 e8 b4 27 00
[  145.637113][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.656568][    C0] RSP: 0018:ffffc90000007c48 EFLAGS: 00010246
[  145.656605][    C0] RAX: ffffffff818e8124 RBX: ffff8880272390a0 RCX: ffff88801d2c1e80
[  145.656622][    C0] RDX: 0000000000000100 RSI: 0000000000000004 RDI: 0000000000000000
[  145.656636][    C0] RBP: 0000000000000004 R08: ffff88805d690193 R09: 1ffff1100bad2032
[  145.656651][    C0] R10: dffffc0000000000 R11: ffffed100bad2033 R12: dffffc0000000000
[  145.656667][    C0] R13: ffff888027239000 R14: ffff88805d690000 R15: ffff88805d690190
[  145.656683][    C0] FS:  0000000000000000(0000) GS:ffff888125ecd000(0000) knlGS:0000000000000000
[  145.656702][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  145.656718][    C0] CR2: 00007f9cc1db9e9c CR3: 0000000078ed2000 CR4: 00000000003526f0
[  145.656738][    C0] Call Trace:
[  145.656747][    C0]  <IRQ>
[  145.656758][    C0]  ? __pfx_put_cred_rcu+0x10/0x10
[  145.656785][    C0]  ? rcu_core+0xc37/0x1770
[  145.656818][    C0]  rcu_core+0xcab/0x1770
[  145.656868][    C0]  ? __pfx_rcu_core+0x10/0x10
[  145.656911][    C0]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  145.656960][    C0]  ? clockevents_program_event+0x24d/0x360
[  145.657004][    C0]  handle_softirqs+0x286/0x870
[  145.657039][    C0]  ? do_softirq+0xec/0x180
[  145.657076][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  145.684895][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.686738][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[  145.710032][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.710753][    C0]  do_softirq+0xec/0x180
[  145.720106][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.726338][    C0]  </IRQ>
[  145.726352][    C0]  <TASK>
[  145.726363][    C0]  ? __pfx_do_softirq+0x10/0x10
[  145.799493][ T6878] chnl_net:caif_netlink_parms(): no params data found
[  145.806387][    C0]  ? ieee80211_inform_bss+0xbd9/0x10a0
[  145.806433][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  145.806465][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  145.806495][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  145.806530][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[  145.806560][    C0]  cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[  145.806598][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  145.806649][    C0]  ? __lock_acquire+0xab9/0xd20
[  145.806679][    C0]  ? cfg80211_inform_bss_data+0x1f0/0x3b40
[  145.853693][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.857700][    C0]  cfg80211_inform_bss_data+0x203/0x3b40
[  145.857747][    C0]  ? finish_task_switch+0x266/0x960
[  145.897741][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.901100][    C0]  ? finish_task_switch+0x266/0x960
[  145.918970][    C0]  ? rcu_is_watching+0x15/0xb0
[  145.923872][    C0]  ? trace_sched_exit_tp+0x36/0x110
[  145.924499][ T5898] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  145.929142][    C0]  ? __schedule+0x185e/0x4ec0
[  145.929178][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  145.929229][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  145.953317][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.958593][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  145.964529][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  145.970978][    C0]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  145.977154][    C0]  ? ieee80211_bss_info_update+0x2df/0x9e0
[  145.983017][    C0]  ieee80211_bss_info_update+0x749/0x9e0
[  145.988746][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  145.994981][    C0]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  145.999803][ T5898] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  146.000494][    C0]  ieee80211_ibss_rx_queued_mgmt+0xa4e/0x2af0
[  146.018973][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xfab/0x2af0
[  146.025299][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  146.031852][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.036818][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.041828][    C0]  ? kcov_remote_start+0x18e/0x810
[  146.047065][    C0]  ieee80211_iface_work+0x85f/0x12d0
[  146.052506][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[  146.057719][    C0]  ? process_one_work+0x868/0x15d0
[  146.062881][    C0]  process_one_work+0x94a/0x15d0
[  146.067920][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.072837][    C0]  ? __pfx_process_one_work+0x10/0x10
[  146.078320][    C0]  ? assign_work+0x3a1/0x410
[  146.082961][    C0]  worker_thread+0x9b0/0xee0
[  146.087661][    C0]  kthread+0x711/0x8a0
[  146.091766][    C0]  ? __pfx_worker_thread+0x10/0x10
[  146.096954][    C0]  ? __pfx_kthread+0x10/0x10
[  146.101594][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  146.106889][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.112133][    C0]  ? __pfx_kthread+0x10/0x10
[  146.114057][ T5898] usb 2-1: USB disconnect, device number 4
[  146.116794][    C0]  ret_from_fork+0x599/0xb30
[  146.116830][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  146.132416][    C0]  ? __switch_to_asm+0x39/0x70
[  146.137269][    C0]  ? __switch_to_asm+0x33/0x70
[  146.142092][    C0]  ? __pfx_kthread+0x10/0x10
[  146.146752][    C0]  ret_from_fork_asm+0x1a/0x30
[  146.151569][    C0]  </TASK>
[  146.154623][    C0] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  146.161918][    C0] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  146.171228][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  146.181323][    C0] Workqueue: events_unbound cfg80211_wiphy_work
[  146.187712][    C0] Call Trace:
[  146.191016][    C0]  <IRQ>
[  146.193888][    C0]  dump_stack_lvl+0x99/0x250
[  146.198512][    C0]  ? __asan_memcpy+0x40/0x70
[  146.203147][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.208377][    C0]  ? __pfx__printk+0x10/0x10
[  146.212992][    C0]  vpanic+0x237/0x6d0
[  146.216979][    C0]  ? __pfx_vpanic+0x10/0x10
[  146.221484][    C0]  ? is_bpf_text_address+0x292/0x2b0
[  146.226779][    C0]  ? is_bpf_text_address+0x26/0x2b0
[  146.231991][    C0]  panic+0xb9/0xc0
[  146.235721][    C0]  ? __pfx_panic+0x10/0x10
[  146.240150][    C0]  ? ret_from_fork_asm+0x1a/0x30
[  146.245097][    C0]  __warn+0x334/0x4c0
[  146.249079][    C0]  ? put_cred_rcu+0x2c5/0x340
[  146.253760][    C0]  ? put_cred_rcu+0x2c5/0x340
[  146.258440][    C0]  report_bug+0x2be/0x4f0
[  146.262783][    C0]  ? put_cred_rcu+0x2c5/0x340
[  146.267468][    C0]  ? put_cred_rcu+0x2c5/0x340
[  146.272152][    C0]  ? put_cred_rcu+0x2c7/0x340
[  146.276832][    C0]  handle_bug+0x84/0x160
[  146.281085][    C0]  exc_invalid_op+0x1a/0x50
[  146.285601][    C0]  asm_exc_invalid_op+0x1a/0x20
[  146.290461][    C0] RIP: 0010:put_cred_rcu+0x2c5/0x340
[  146.295757][    C0] Code: 5c 41 5d 41 5e 41 5f 5d e9 48 e1 8d 00 e8 03 8c 32 00 4c 89 e7 be 03 00 00 00 e8 d6 27 00 03 e9 b8 fe ff ff e8 ec 8b 32 00 90 <0f> 0b 90 eb 9f e8 e1 8b 32 00 4c 89 ff be 03 00 00 00 e8 b4 27 00
[  146.315373][    C0] RSP: 0018:ffffc90000007c48 EFLAGS: 00010246
[  146.321461][    C0] RAX: ffffffff818e8124 RBX: ffff8880272390a0 RCX: ffff88801d2c1e80
[  146.329447][    C0] RDX: 0000000000000100 RSI: 0000000000000004 RDI: 0000000000000000
[  146.337430][    C0] RBP: 0000000000000004 R08: ffff88805d690193 R09: 1ffff1100bad2032
[  146.345408][    C0] R10: dffffc0000000000 R11: ffffed100bad2033 R12: dffffc0000000000
[  146.353383][    C0] R13: ffff888027239000 R14: ffff88805d690000 R15: ffff88805d690190
[  146.361368][    C0]  ? put_cred_rcu+0x2c4/0x340
[  146.366089][    C0]  ? put_cred_rcu+0x2c4/0x340
[  146.370771][    C0]  ? __pfx_put_cred_rcu+0x10/0x10
[  146.375819][    C0]  ? rcu_core+0xc37/0x1770
[  146.380254][    C0]  rcu_core+0xcab/0x1770
[  146.384542][    C0]  ? __pfx_rcu_core+0x10/0x10
[  146.389250][    C0]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  146.394917][    C0]  ? clockevents_program_event+0x24d/0x360
[  146.400757][    C0]  handle_softirqs+0x286/0x870
[  146.405547][    C0]  ? do_softirq+0xec/0x180
[  146.409990][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  146.415304][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[  146.421819][    C0]  do_softirq+0xec/0x180
[  146.426072][    C0]  </IRQ>
[  146.429007][    C0]  <TASK>
[  146.431942][    C0]  ? __pfx_do_softirq+0x10/0x10
[  146.436799][    C0]  ? ieee80211_inform_bss+0xbd9/0x10a0
[  146.442278][    C0]  ? lockdep_softirqs_on+0x13b/0x1c0
[  146.447581][    C0]  __local_bh_enable_ip+0x17d/0x1c0
[  146.452793][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  146.458639][    C0]  ? cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[  146.465178][    C0]  cfg80211_inform_single_bss_data+0x13d2/0x1ac0
[  146.471534][    C0]  ? __pfx_cfg80211_inform_single_bss_data+0x10/0x10
[  146.478326][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.483189][    C0]  ? cfg80211_inform_bss_data+0x1f0/0x3b40
[  146.489007][    C0]  cfg80211_inform_bss_data+0x203/0x3b40
[  146.494653][    C0]  ? finish_task_switch+0x266/0x960
[  146.499865][    C0]  ? finish_task_switch+0x266/0x960
[  146.505081][    C0]  ? rcu_is_watching+0x15/0xb0
[  146.509860][    C0]  ? trace_sched_exit_tp+0x36/0x110
[  146.515067][    C0]  ? __schedule+0x185e/0x4ec0
[  146.519754][    C0]  ? __pfx_cfg80211_inform_bss_data+0x10/0x10
[  146.525848][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  146.531772][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.537008][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  146.542914][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  146.549279][    C0]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  146.555367][    C0]  ? ieee80211_bss_info_update+0x2df/0x9e0
[  146.561187][    C0]  ieee80211_bss_info_update+0x749/0x9e0
[  146.566836][    C0]  ? __pfx_ieee80211_bss_info_update+0x10/0x10
[  146.572998][    C0]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  146.578484][    C0]  ieee80211_ibss_rx_queued_mgmt+0xa4e/0x2af0
[  146.584575][    C0]  ? ieee80211_ibss_rx_queued_mgmt+0xfab/0x2af0
[  146.590828][    C0]  ? __pfx_ieee80211_ibss_rx_queued_mgmt+0x10/0x10
[  146.597354][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.602228][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.607108][    C0]  ? kcov_remote_start+0x18e/0x810
[  146.612239][    C0]  ieee80211_iface_work+0x85f/0x12d0
[  146.617551][    C0]  cfg80211_wiphy_work+0x2bb/0x470
[  146.622687][    C0]  ? process_one_work+0x868/0x15d0
[  146.627817][    C0]  process_one_work+0x94a/0x15d0
[  146.632766][    C0]  ? __lock_acquire+0xab9/0xd20
[  146.637665][    C0]  ? __pfx_process_one_work+0x10/0x10
[  146.643062][    C0]  ? assign_work+0x3a1/0x410
[  146.647668][    C0]  worker_thread+0x9b0/0xee0
[  146.652293][    C0]  kthread+0x711/0x8a0
[  146.656374][    C0]  ? __pfx_worker_thread+0x10/0x10
[  146.661494][    C0]  ? __pfx_kthread+0x10/0x10
[  146.666088][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  146.671294][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.676502][    C0]  ? __pfx_kthread+0x10/0x10
[  146.681095][    C0]  ret_from_fork+0x599/0xb30
[  146.685698][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  146.690824][    C0]  ? __switch_to_asm+0x39/0x70
[  146.695595][    C0]  ? __switch_to_asm+0x33/0x70
[  146.700368][    C0]  ? __pfx_kthread+0x10/0x10
[  146.704966][    C0]  ret_from_fork_asm+0x1a/0x30
[  146.709799][    C0]  </TASK>
[  146.713204][    C0] Kernel Offset: disabled
[  146.717534][    C0] Rebooting in 86400 seconds..