last executing test programs:

1m3.743118608s ago: executing program 1 (id=290):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m3.113162187s ago: executing program 1 (id=294):
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee", 0x15}], 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
setsockopt(0xffffffffffffffff, 0x800000010d, 0x2, &(0x7f0000000040)="0000e2ffffffffffe8f9b4f06a52ae1d17dbc49436d496e57f9c9d", 0x1b)
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, &(0x7f0000000180)={[0x9]}, 0x8)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m1.867325267s ago: executing program 1 (id=308):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
getgid()
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)=ANY=[@ANYBLOB="6c00000002060104db406e3e0004000200000000100003006269746d61703a706f72740005000400000000000900020073797a32"], 0x6c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x58, 0x2c, 0xd27, 0x30bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xd, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_EMATCHES={0x24, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x80}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0xfffffffffffffe94, 0x1, 0x0, 0x0, {{0x2008, 0x9, 0x40}, [@TCA_EM_IPT_HOOK={0x8}]}}]}]}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

1m0.876089803s ago: executing program 1 (id=316):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000ac0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1548f5e0b33006bd1049ca45bd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc96eb384dbb4268c50943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906bde2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5511, &(0x7f0000015b80)="$eJzs3E1rY9UfB/CTdjqdp//8i7hwNxcGoYVJmPRh0F3VGXzADsWHhStNkzRkJsktTZrWrly4FBe+Djei4Mql+BIEXbsTF4o7Qck9pzIdFdRmkqn9fOD2e+/JzS+/E0rLuQk3AGfWQvbzj6VwNVwMIcyGEK6EUOyX0lZYj/FUCOFaCGHmga2Uxn8fOB9CuBRCuDoqHmuW0kMf3RheX/vhlZ+++Hr+3OVPPv92erMGpu3pEEJ3J+7vd2PmrZj30nht2C6yuzpMGR/o3k/Hecz95lZRYb92dF6tyJVWPD/f2euPcrtTq4+y1d4uxnd68QX7w9ZRneIJ92q7xXGjuVVku58X2TqMfR0cxr9th/1BrNNI9d4tyofB4CjjePOgGeczf7/Iem+QxmPdvNE8GOUwZXq5UM87jaKPrZO804+3V9u9vYNs2Nztt/NetlapPlOp3ipXd/NGc9BcLde6jVur2WKrMzqtPGjWuuutPG91mpV63l3KFlv1erlazRZvN7fatV5WrVZWKjfLa0tp70b24t03s04jWxzl8+3e3qDd6Wfb+W4Wn7GULVdWnl3Krlez1zc2s83X7tzZ2Hzj7dtv3X1u4+UX0kl/aCtbXL65vFyu3iwvV5dO7/xH/+v/0fzfT02Pcf5wIqVpNwBw+lj/A5P28VcxT/P6P/yb9f+O9f/DrP/P9vzhRKz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrO/mPn2p2FmIx5fT+P/S0BPpuBRCmAkh/PonZsP5YzVnU525vzh/7qEeviyFosLoNebTdimEsJ62X/7/qN8FAAAA+O/67L1rH8bVevyxMO2GmKR40WbmyjtjqlcKIcwtfD+GKiFdbApPnryraPT7fS4cjKlacQHrwpiKxUtu58ZV7W+ZPRYXHohSjJmJtgMAAEzE8ZXAZFchAAAATNIH026A6Sg+aU3fxU9f4J+PkT4QvHjsCAAAADiFStNuAAAAAHjkivX/43P/v2+Kfff/AwAAgPGK9/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJSR2K4gB8Wuh7vD9GYpy7FWewDFdgHDo0LMBNsATcghtgDThzCQYMbYnWYKLhto3k+5K23Bvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCmp2Ixfbi7uD80Z705TJq7AQAAAPZZFYtp+WJcjf/V8yf11Fk9ziIij4h9vfsgfjUyB3VO8cn7iw81PEaUCdvP+F0ffyPisj5eTtv+FgAAAOB4LWfzSdWtV6dx3wXRpWrRJv9/lSgvi4hi/JwoLd+ezhOFlb/vYdwmSisXsEaJwqolt2GqtC8ZNC6jd5esuuSdlgMAAHSi2Ql024UAAADQpZu+C6AfWey2Mnd7weU/7982BP80RgAAAMAPlPVdAAAAANC6sv/3/D8AAAA4btXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTqlhMl7P5pDF5/f2c9eYw6e4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXtmfdxQIgTAIg73rO5O5/2GlQUNjkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4M3v/vJ/YmqcSeZeG0vPI8naqbF1auydG0d/GF+/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4ot/98n9iapxJ5k4bS8cjydpVY+uqsfegcfRgvP0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYud+XuOo4gCAf3dnZ2urYoySQ0QUPOjFptva2qsHJXjwTxBCuq3RrT/aHGwpQi7eJOdeRI8ighJv/R96bqGXeuthDxU89VCZ2ZnkdS24WjqzST4fePO+Mwzzvm8SQr7zZhcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+L29OCs2C5O4Wx27df/aetHfnuoLN7bvLBetiDtNJr0PPHgYr6b7naX2cgEAAODwyOr6PiLu5jurRd9dKOv/vD6nqPl/eH4S1/X8dN1f93XtX7Tff7v38u5AC5Nxioue3xgNT/wzld7Tm+V8e+Ffz+iVd7589pKVP5Duh1svjfPyfna+u3nz/X4ZHmkiWwDg/zhe91VQ/z9U9IM2EwPg0OglhXdd/2cL7eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IT+Vjxbx52IWO7txYXb96+tl/3U/o3tO8t1O3P9+nZ6zeISeUSc3xgNTzQ1kX3g8pWrn62NRsNLzQevRUR7o1fBxzOcE9FmhoInDbrV7/q85LM/gpb/MAEAcODkVSvq+rv5zmpxrLMY8fDHR+v/N5M40vp/qk/r/3ufnLmVjpXW/4PGZjj/VjYvfrly+crVtzcurl0YXhh+/s7JwbuDU2dPnz67Uj4rWfHEBAAAgCfTr1pa/3cXI8ZT6//HkjhmrP+/+n7wTTpWpv5/rL1Fv7YzAQAAONxefP2vPzuPOd7p9+Prtc3NS4PJdnf/5GTbQqr/2ZGqpfV/tth2VgAAAEATxludR9b/zyVxzLj+/9xPr/ySXjOLiKPV+v/x9S9G55qbTksezHRWEx8nfupTBQAAYK4drVq6/p+X7/93d1956EbEW29M4uprAGeq/7MPvv05HSt9//9Uc1OcS92lyf0o+6WI3lLbGQEAAHCQPVO1otj/I99Z/fTXYx/1vf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0LS/AwAA//+xhkJ5")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000980)='./file0\x00', 0x0, 0xb)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
syz_mount_image$fuse(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x2304023, &(0x7f0000000040)=ANY=[], 0x8, 0x0, 0x0)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r1, 0x2, 0x0)

59.424659286s ago: executing program 1 (id=324):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
socket$kcm(0x29, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x68b00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
pselect6(0x40, &(0x7f0000000000)={0x3, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x4}, 0x0, 0x0)

58.120208236s ago: executing program 1 (id=330):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="070000000000000000000200000014000180060001000200000008000300ac1414aa"], 0x28}}, 0x0)
close(0x4)

57.929060749s ago: executing program 32 (id=330):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001100)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="070000000000000000000200000014000180060001000200000008000300ac1414aa"], 0x28}}, 0x0)
close(0x4)

14.6548453s ago: executing program 2 (id=450):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff}, 0x106, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r4, &(0x7f0000000140)={0x14, 0x88, 0xfa00, {r5, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {}, 0x2000000000001005, 0x10001}}}, 0x90)

13.33681526s ago: executing program 2 (id=453):
socket$inet6(0xa, 0x3, 0xfffffffc)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x81}, 0x8)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20000004)
connect$bt_sco(r1, &(0x7f0000000000), 0x8)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'dummy0\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x3fe3aa0262d8c58b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))

12.234476268s ago: executing program 2 (id=456):
syz_usb_connect(0x6, 0x1b, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x8b, 0x93, 0xef, 0x8, 0xbda, 0x819a, 0xc918, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x9, 0x0, 0x41, 0x65}}]}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000003380))
r1 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

10.945799808s ago: executing program 4 (id=463):
r0 = fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
syz_open_pts(r4, 0x0)

10.911641279s ago: executing program 3 (id=464):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = inotify_init()
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r4 = inotify_add_watch(r3, &(0x7f0000000280)='.\x00', 0x25000001)
inotify_rm_watch(r3, r4)

9.988126273s ago: executing program 3 (id=466):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d00000001090224"], 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000094}, 0x880)
r3 = dup(r2)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24008040}, 0x840c0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

9.700132188s ago: executing program 4 (id=468):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)="fb6bba8839fe8bc048c0cdafd1428437b3c8ef6adfeb6db4ee9bcb25b1811d4001040000000000008a64db04ed6dd26eea2a37229c339b1f91201c2796", 0x3d}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)=""/60, 0x3c}], 0x1}, 0x40fd)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000340)=@req3={0x2, 0x0, 0x4, 0x48, 0x9, 0x9, 0xc5e}, 0x1c)
close(r2)

9.622677149s ago: executing program 4 (id=470):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x883f, 0x0)

8.468147687s ago: executing program 2 (id=471):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f329191bac0000f3066b808008ed0660f38806f008ee0", 0x3b}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x4}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x20000000, 0x440, 0x821, 0x0, 0x0, 0x2004cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], 0x0, 0x200306})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

8.386667408s ago: executing program 4 (id=472):
socket$kcm(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$CAN_RAW_JOIN_FILTERS(0xffffffffffffffff, 0x65, 0x6, 0x0, &(0x7f0000000300))
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x48, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0)
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)

6.481009738s ago: executing program 4 (id=473):
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffffed7a00000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000740)=ANY=[@ANYBLOB="5001"], 0x150)
write$FUSE_OPEN(r3, &(0x7f0000000280)={0x20}, 0x20)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="f801"], 0x1f8)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f0000000340)={0x30}, 0x30)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
chdir(&(0x7f0000000080)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)

6.439156099s ago: executing program 5 (id=474):
r0 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x3fd, @mcast1}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)
mount_setattr(0xffffffffffffff9c, 0x0, 0x0, &(0x7f0000000ac0)={0x8, 0x9, 0x3c0000}, 0x20)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {}, [@CTA_TUPLE_ORIG={0x4}, @CTA_TUPLE_REPLY={0x20, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT={0x8}, @CTA_SEQ_ADJ_REPLY={0x4, 0x4}]}, 0x44}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r1)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
chroot(&(0x7f00000001c0)='./file0\x00')
unlink(&(0x7f0000000000)='./file0\x00')
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

6.436817089s ago: executing program 0 (id=475):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
symlink(0x0, 0x0)
readlink(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28031, 0xffffffffffffffff, 0x8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000000040)='./file2\x00', 0x535682, 0x117)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x13, 0x4)
r4 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r4, 0x0, 0x40001)
openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, 0x0, 0x4)
creat(0x0, 0x0)

6.331684931s ago: executing program 2 (id=476):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$WPAN_SECURITY(0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r0, 0x3)
r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11ff, 0x3331, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000000)={0x2c, &(0x7f0000000040)={0x20, 0x12, 0x7, {0x7, 0x1, "00f4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2)
syz_usb_disconnect(r1)
poll(&(0x7f0000000200)=[{r2, 0x4080}, {r2, 0x10}], 0x2, 0x6)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

6.33118454s ago: executing program 3 (id=477):
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x20203843, 0x0, [0x2], [0x80ffff]})

5.282572737s ago: executing program 3 (id=478):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x10, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x12, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="560a0000000000007911300000000000180000000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

5.197380928s ago: executing program 4 (id=479):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00'], 0x1, 0x5d8, &(0x7f00000006c0)="$eJzs3U1vG8cdB+Df0rJsuoDDJHaSFi0q2IcWMWqLYuLoUKBuURQ6BEWAXnLJQbDpWDCtBBJTKEFR2H299hskPcjnnnooejCQnvsVBPSQQ4HedXOxyyXFWIoixbJIJc8DDGeGszs78/fuiLuEwQDfWEtv5/SjFFm68uZGWd/a7PS2Njv3huUkZ5I0kplBlmI1KT5NbmSQ8u3yzbq74ouO887Hbyx+1n74YFCbqVO1fWO//Q7mfp0yl+RUnR9Vfzefur9iNMMyYJeHgYNJe7zL/cPs/pTXLTANisHfzV1aybkkZ+vPAalXh8bxju7oHWqVAwAAgBPque1sZyPnJz0OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEnq3/8v6tQYludSDH//f7Z+L3X5RHs06QEAAAAAAAAAwBH4/na2s5Hzw/rjovrO/1JVuVC9fisfZD3drOVqNrKcfvpZSztJa6yj2Y3lfn+tfYA9F/bcc+F45gsAAAAAAAAAX1O/y9LO9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANiuTUIKvShWG5lcZMkrNJZsvt7if/HJZPskeTHgAAAAAcg+e2s52NnB/WHxfVPf9L1X3/2XyQ1fSzkn566eZW9SxgcNff2Nrs9LY2O/fKtLvfn/7vUMOoeszg2cPeR56vtrg42mMpv8ivciVzeStrWcmvs5x+upnLz6vScoq06qcXreE49x7vjc/V3vqysb5SjaSZ21mpxnY1N/NeermVRjWHapv9j/igjE7xk9oBY3SrzssZ/aXOp0OrisjpUUTm69iX0Xh+/0gc8jx58kjtNEbPoC48g5ifq/My1n+a6pgvjJ19L+0fieTSf7739zu91bt3bq9fmZ4pfUVPRqIzFomXv1GRmK2jMVhFD7daXqr2PZ+V/DLv5Va6eT2LeT0LeS2vZT6LuT4W14sHuNYah7vWLv+wLjST/LnOp0MZ1+fH4jq+0rWqtvF3dqL0wtGvSDPfqQvlMX5f59PhyUi0xyLx4v6R+Ovj8nW9t3p37c7y+wc83g/qvLxs/zhVa3N5vrxQ/mNVtc+fHWXbi3u2tau2C6O2xq62i6O2L7tSZ+vPcLt7WqjaXt6zrVO1vTLWttenHACm3rlXz802/9v8d/OT5h+ad5pvnv3ZmcUz353N6X/N/OPU3xoPGz8uXs0n+e3O/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDVrX/40d3lXq+7pqCgoDAqTHplAp61a/17719b//CjH63cW363+253tdNpX19YvL64cP3a7ZVed37wOulhAs/Azh/9SY8EAAAAAAAAAAAAOKjj+O8Ek54jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLItvZ3Tj1KkPX91vqxvbXZ6ZRqWd7acSdJIUvwmKT5NbmSQ0hrrrvii47zz8RuLn7UfPtjpa2a4fWO//Q7mfp0yl+RUnR9Vfzefur9iNMMyYJeHgYNJ+38AAAD//+NBDmE=")
signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x7fffffffffffffff]}, 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r2, &(0x7f0000000140)='./file1\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

5.178502208s ago: executing program 0 (id=480):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newtaction={0x14, 0x30, 0xffff}, 0x14}}, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x140c0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x10, 0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x3}]}}]}, 0x3c}}, 0x4004080)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048020}, 0x800)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r4, &(0x7f0000000400), 0xe)
listen(r4, 0x0)
listen(0xffffffffffffffff, 0x0)

4.936175442s ago: executing program 0 (id=481):
madvise(&(0x7f0000611000/0x2000)=nil, 0x2000, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x21, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x2}, 0xa0)

4.058372066s ago: executing program 3 (id=482):
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r2 = openat(r1, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mknodat$loop(r2, &(0x7f0000000100)='./bus\x00', 0x0, 0x0)
r3 = open(&(0x7f0000000300)='.\x00', 0x10000, 0x0)
renameat2(r3, &(0x7f00000004c0)='./bus\x00', r1, &(0x7f0000000500)='./file0\x00', 0x0)

3.232606329s ago: executing program 0 (id=483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
socket(0x28, 0x2, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1, @loopback={0xff00000000000000}}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

3.17805697s ago: executing program 2 (id=484):
syz_mount_image$jfs(&(0x7f0000005dc0), &(0x7f0000005e00)='./file1\x00', 0x208000, &(0x7f0000001d40)=ANY=[@ANYBLOB="009c1b06223d15055c6d39aecad6836294e3e1fc38b80cd5eb20b39dc7dceb316fa1203f802b4368850fdef916202a989ea54a4e800c324c19bad386d9a72fc1de2fa7f100eae8a434158d0ed0d6a9061d60971bcf895342571bae0ea58240ebdd0f6f3dd42fa0f9754224a9c2045d2e098e01000000943549e2c2e191b7da91b8645dfdb324ceaf445cdc974884e2d5ac6dbf8b92da3a8a65176db66ca798dce71880c5e6837b5a99b6696d5003a06f62bbfb0b9ba0a6ffbfc2dd37662e077430379386d8e3abf802401b0e8382824a68cf51cde62ac99470edf8c757396564c8079d89017df3182005ec9fe433b122f1c02ca72eb68e41fc7ff69975649149ff4be64bd665e56a5fe9ef4d6ee02ff30ad838a9744100d520765c83c0178534e09d2f578bd10d3bfc68d1e75d6965613448d1045b6a0298d0804f82bc984e271c346d1e30886f81feb02b8320d47dc752b2dd23b4d8e20f2bda7ff84c57d63da96f044f8daaac7cb7132ef6"], 0x1, 0x5e62, &(0x7f0000011a80)="$eJzs3cuOFNcZB/Cvunt6LsQwshTLQlmMsXMhGBguhtxtbxIpq0gRm6xA47GFgpMISBRbKIw1i7xBlCwSJfus8gTZw0N4kWWQINl4lYpq5hyoKffQYJiuYc7vJzVVX52q7lP8+zpd1ScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjxD396poqIy79JC5YjvhTDiEHEYlOvRMTiynJefxQRr8ZWc7zSrD4f0Wy/9c+RiPMRcfdwxP0Ht9aaxWefsB//PfTlI//++49O/vEff7hz/M8n3uy2/2X9X3d+djvdFgAAAPBU6rquq/Qx/2j6fD/ou1MAwEzk1/86ycvVarVarVYfvLqtnux2u4iIjfY2zXuG25OuDADYvzbis767QI/kX7RRRBzquxPAvua4+4Pp/oNba1XKt2q/Hqxst+djQXbkv1E9PL9jt+k03WNMZnX/2oxhvLxLfxZn1If9JOc/6OZ/ebt9nNbb6/xnZbf8x9unPhUn5z/s5t9xcPIfTMy/VDn/0VPlP5Q/AAAAAADsY/nv/8sz+/632nG92fzz2Z2pHvf978qM+gAAAAAAAAAAz9uzjv/3kPH/AAAAYN9qPqs3/nr40bLdPmM3yy9VES911gcKk06WWeq7HwAAAAAAAAAAAABQktH2MbyXqoi5iHhpaamu6+bS1q2f1rNu/6Irff+hZH0/yQMAwLa7hzvn8lcRCxFxKf3W39zS0lJdLywu1Uv14nx+PzueX6gXW59r87RZNj9+gjfEo3HdXNlCa7u2aZ+Xp7V3r6+5rXE9fIKOzUaPgQNARGy/Gt33inTA1PWR6PtdDi8Gj/+Dx+OfJ9H3/RQAAADYe3Vd11X6Oe+j6Tv/Qd+dAgBmIr/+d78XUKvVarVaffDqtnqy2+0iIjba2zTvGW5PujIAYP/aiM/67gI9kn/RRhHxat+dAPa1qu8OsCfuP7i1VqV8q/brQRrfPR8LsiP/jWpru7z9pOk03WNMZnX/2oxhvLxLf16ZUR/2k5z/oJv/5e32cVpvr/Ofld3yb/ZzuYf+9C3nP+zm33Fw8h9MzL9UOf/RU+U/lD8AAAAAAOxj+e//y77/zbsMAAAAAAAAAC+c+w9ureXzXvP3/1+ZsJ7zPw+mnH8l/yLl/Aed/L/RWW/Ymr/37qP8//Pg1tpP/vTp0Tx90vzn80yV7llVukdU6ZaqUZo+y9593ubccNzc0lw1GI7SMT/13PtxNa7FeqzuWHeQ/j8etZ/Z0d70dC7dlbfbz+5oH223t7Y/t6N9Lv3uQL2Y20/FWvwyrsV7W+1N2/yU/V+Y0l5Pac/5Dz3+i5TzH7UuTf5Lqb3qTBv3Phl87nHfnk66nXd+f+fu6t7vzlSbMXy4b23N/h3roT9b/yeHxvHrG+vXT/32ys2b189EmuxYejbS5DnL+c+ly8Pn/9e32/Pzfvvxeu+T8VPnv19sxmjX/F9vzTf7e3zGfetDzn+cLjn/91L75Mf/i5z/7o//Ez30BwAAAAAAAAAAAAAAAB6nruutU0TfiYgL6fyfvs7NBABmK7/+10lerlar1Wq1+uDVbfVkb7eLiPhne5vmPcPvJl0ZALCf/S8iPu27E/RG/gXLv/fXTN/ouzPATN346OOfX7l2bf36jb57AgAAAAAAAAB8UXn8z5XW+M9vRMRyZ70d47++GyvPOv7nKM88HGD0OQ/0vYvNwXg4aA03/lo8fvzvY/H48b9HU25vbkr7eEr7/JT2hSntE0/0aMn5v9Ya77zJ/2hn+PUSxn/tjnlfgpz/sdb9ucn/65312vnXf3uR8x/syP/0zQ9/dfrGRx+fvPrhlQ/WP1j/xfnV1QvnLr61enH19PtXr62nf3vs8d7K+eexrx0HWpacf85c/mXJ+X811fIvS87/a6mWf1ly/vn9nvzLkvPPn33kX5ac//FUy78sOf9vplr+Zcn5n0i1/MuS838z1fIvS87/ZKrlX5ac/6lUy78sOf/TqZZ/WXL++Rsu+Zcl55+PbJB/WXL+Z1Mt/7Lk/M+lWv5lyfmfT7X8y5LzfyvV8i9Lzv9CquVflpz/xVTLvyw5/2+lWv5lyfl/O9XyL0vO/zupln9Zcv7fTbX8y5Lz/16q5V+WnP/3Uy3/suT8f5Bq+Zcl5/92quVflke//2/GjBkzeabvZyYAAAAAAAAAAAAAoGsWhxP3vY8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb17jZHrLO8AfvbmrB0uWwjBDQE2jgkmWbLre0xrMLeSJqSlQGhLL8a118bgW702t0aKUWiJ1KiNVD7Ah3IrUvlSEQGqqEqRK7UCCSTyiVZqG1IFqohCa2g/QEXYambe592Z8V7PbOyZc34/KX7s2TMz75x5Z3b/6/zXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ7qbXzn54qCiKxn/NXyaK4hmN32+cnGj8cesrrvYKAQAAgF491fz10rPzBQdWcaW2Y776om9+cX5+fr547Lsve/5H5ufzByaLYuKaomh+LDx5z99ubT8meaAYHxpu+/PwCnc/ssLHR1f4+NgKH9+wwsevWeHj4yt8/LITcJmNre/HNG9sa/O3E61TWlxXjDU/tnWRaz0wdM3wcHwvp2moeZ35saPF8eJEMVvMdBzfOnaoefyXb2rc151F3Ndw233d2NghP7zvcKxhKJ3jrR33tXCb4QevLiZ/9MP7Dr/pY4/fsNhc8TR03F5rndu2NNb5oXRJa61DxTX5nMQ6h9vWeeMiz8lIxzqHmtdr/L57nZdWuc6RhWVeUd3P+Xgx3Pz9o83zNNr+bb18nm5Ml/345qIoLiwsu/uYy+6rGC42dVwyvPD8jLd2ZOM2GlvpOcXomvbpTavYp415ZGvnPu1+TcTzf1O63ugSa2h/mn7wwQ2XPe9r3aeh8aiXeq1078H1fq30yx6MffFo80E/uOge3Joe/323LL0HF907i+zB/Ljb9uCWlfbg8IaR5przkzDUvM7CHtzecfxI856GmvPJW5bfg9PnTp6Znnv/B15+/OShY7PHZk/tmpnZs3Pv7pm9M9NHj5+YTb+WPNv9b1MxnF8DW9K5i9fAS7uObd+q859av9fh+DKvw4muY9f7dTja/eCGrswL8vI93XptvLVx0scfGi6WeI01n59be38d5sfd9jocbXsdLvo5ZZHX4egqXoeNY87curqvWUbb/ltsDU/X54KJtj3Y/fVI9x5c769H+mUPjqd98a+3Lv254Ma03gen1vr1yMhlezA/3PTe07gkf70/fkdzLLYvb2h84NoNxfm52bO3v+/QuXNntxdpXBHPbdsr3ft1U9tjKi7br8Nr3q8HPvz1b9ywyOUT6VyNv7zxy/iSz1XjmF23L/9cNT+7LX4+Oy7dUaSxzq70+Vzss3njfOYsucz5bBzzoenevxbPubTt/XdsifffyP0/a97P1nxTD4yMjbZevyP57Ix1vB93PlWjzfeuoeZ9X5pe3fvxWPrvSr8fX7fM+/HmrmPX+/14rPvBxfvx0Erf7ehN9/M5nvbJiZnl348bx2zesdY9Obrs+/HNaQ6l8/+ylBRyLmrbO0vt23xfo6Nj6XGNxj107tOdHcePpWzWuK/P7ii3T7fd3LqtkfzoFlypfTrZdex679P8frXUPh1a6btv5XQ/n+NpX1y3c/l92jjm4q7e3zs3xm/b3js3rLQHx0Y2NNY8ljdh6/1+fmPswduLw8Xp4kRxpPnRDc39NNS8r6ndq9uDG9J/V/q9cvMye3Bb17HrvQfz57Gl9t7Q6OUPfh10P5/jaV98dPfye7BxzOv2ru/XrtvSJfmYtq9du7+/ttT3vG7oOk1P5/e8Guv8h73Lf2+2ccyJO9aaM5c/T7elS65d5Dx1v36Xek0dKa7Medqc1vn9O5Y+T431NI75yL5V7qcDRVF84e4Dze/3pr9f+fz5b32x4+9dDrQ+9qV9C7d12Vcdi/29zxfuPnDxn+/6yVoeIwD97WfNX7duan2ua/ubqdX8/T8AAAAwECL3D6eZyf8AAABQGZH74/8Kz+R/AAAAqIzI/aNpZjXJ/w/+2/Pe/dP7i9zMn0/i43EazjzROi46rp9Mf56cX9C4/DWf+cevv/3+1d33cFEUP73rXxY9/sEnYl0tD6d1Tn678/LLbP72qu7/HfcuHNfeAZxItx+Pp3sbfPm/n2heb3Jfa16862JzvvnCgw80Pn5pX+vP0Z188n9ax/15KvMeOPr3Hdff9ljr/rY+tvzjiut97o0b737B2xbuL643tOVZzYfx0Ve2bjd+7s3Dr20dfykdt9T6/+6PP/u5xvHve8ni679/ePH1P5lu9ztp/uSp1uXt57Tx57jeH6b1x/3F9W7/9FcWXf8jb2gd/0h6Xj6ZZvf6X/2nL3yq/XzF+uN+Djzeul7c/8xf/0fzenF7cfvd6x9/1RMd56P79i9+vnU7+9/zvyPtx8flcT953z3e+Tw3bqd9v4XP/tHFjvNc/Hvren/Ttf64vTOPL77+27rWeWb7pub1l6qMf3z2O4s+3ljPgb96tOPxPPK9dP5ec0/zdsd/nPZj+vj/Pdy6ve6flvDo9zrfT+L4T060Xpdxe9Nd63+4a/0XXtw4dyuv/84ftdb/yKu+2vl8/GdrHQd+0Jorrf/YJ77Zcf1Pfav1fJx979Sp03Pnj0eHeiL97J8z323d3jXjGzdd+4xnPuvZ6b2y+88HT5975+zZyZnJmaKYHMAfifd0r//Taf5Xa1xY79u/ryiK97Z9Xrv19a39V7zo0p+8+M7PvDOO+6fXtS5/6O7W562XpuMeTpdfSM933M7HP9b6fNjr+uN+lpp5vat0/msf3rOqA9Pj/+hN1zdfZUMXWxd3v1+VFa/zx5/X+bp/7K2t+aV0XufTT2becv3Xmsd133/8bISH3tJ6fcdXcnH9Xtf/l+n5vuc7rduP283rTV/HfGVz5/tjPD9fur/rJw1MtH6Kx4X0/lFcaH08joqvqR66dP1alrmkuffPTZ84fur8+6bPzc6dm557/wcOnjx9/tS5g82fzXnwXStdf+H1van5+j4yu2dX0Xy1n26Np9nVXv+Zew8f2Ttzy5HZo4fOHz1375nZs8cOz80dnj0yd8uho0dn37vS9Y8f2b99x76de3dMHTt+ZP8d+/bt3Dd1/NTpxjJai1rBnpl3T506e7B5lbn9u/Zt371718zUydNHZvfvnZmZOr/S9Zufm6Ya137P1NnZE4fOHT85OzV3/AOz+7fv27Nnx4o/3e/kmaNzk9Nnz5+aPj83e3a69VgmzzUvbnzuW+n60DD3iY2Lfp4aSl+9b79tT/75rA2f+eCSN9U6pOsHiH4//Syab/zFn+1ezZ8j94+lmdUk/wMAAEAdRO7fkGYm/wMAAEBlRO6/Js1M/gcAAIDKiNw/nmZWk/yv/6//r/+v/x/0//X/y9D/1/8vQ/9f/38Q1q//r/9P7/qt/x+5f2NR1DL/AwAAQB1E7t+UZib/AwAAQGVE7r82zUz+BwAAgMqI3P+MNLOa5H/9f/1//X/9/6D/r/9fhv6//n8Z+v/6/4Owfv1//X9612/9/8j9z0wzq0n+BwAAgDqI3P+sNDP5HwAAACojcv+z08zkfwAAAKiMyP0TaWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fy7NrCb5HwAAAOogcv9z0szkfwAAAKiMyP3PTTOT/wEAAKAyIvdfl2ZWk/yv/6//3z/9/4VarP6//r/+/+DQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf95aWY1yf8AAABQB5H7r08zk/8BAACgMiL3Pz/NTP4HAACAyojcvznNrCb5X/9f/79/+v/+/f+g/6//P0j0//X/y9D/1/8fhPXr/+v/07t+6/9H7v/5NLOa5H8AAACog8j9N6SZyf8AAABQGZH7X5BmJv8DAABAZUTuvzHNrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv8L08xqkv8BAACgDiL3vyjNTP4HAACAyojc/+I0M/kfAAAAKiNy/2SaWU3yv/6//r/+v/5/0P/X/y9D/1//vwz9f/3/QVi//r/+P73rt/5/5P6b0sxqkv8BAACgDiL3b0kzk/8BAACgMiL335xmJv8DAABAZUTu35pmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf8laWY1yf8AAABQB5H7b0kzk/8BAACgMiL3vzTNTP4HAACAyojcvy3NrCb5X/9f/1//X/8/6P/r/5eh/6//X4b+v/7/IKxf/1//n971W/8/cv/L0sxqkv8BAACgDiL335pmJv8DAABAZUTuvy3NTP4HAACAyojcP5VmVpP8r/+v/6//r/8f9P/1/8vQ/9f/L0P/X/9/ENav/6//T+/6rf8fuf/laWY1yf8AAABQB5H7b08zk/8BAACgMiL3T6eZyf8AAABQGZH7Z9LMapL/9f/1//X/9f+D/r/+fxn6//r/Zej/6/8Pwvr1//X/6V2/9f8j929PM6tJ/gcAAIA6iNy/I81M/gcAAIDKiNy/M81M/gcAAIDKiNy/K82sJvlf/1//X/9f/z/o/+v/l6H/r/9fhv6//v8grF//X/+f3vVb/z9y/+40s5rkfwAAAKiDyP170szkfwAAAKiMyP1708zkfwAAAKiMyP13pJnVJP/r/+v/6//r/wf9f/3/MvT/9f/L0P/X/x+E9ev/6//Tu37r/0fu35dmVpP8DwAAAHUQuf8VaWbyPwAAAFRG5P5fSDOT/wEAAKAyIvf/YppZTfK//r/+v/6//n/Q/9f/L0P/X/+/DP1//f9BWL/+v/4/veu3/n/k/v1pZjXJ/wAAAFAHkftfmWYm/wMAAEBlRO5/VZqZ/A8AAACVEbn/QJpZTfK//r/+v/6//n/Q/x+Q/v8frOKYK0j/X/+/DP1//f9BWL/+v/4/veu3/n/k/lenmdUk/wMAAEAdRO5/TZqZ/A8AAACVEbn/tWlm8j8AAABURuT+16WZ1ST/6//r/+v/6/8H/f8B6f/3Gf1//f8y9P/1/wdh/fr/+v/0rt/6/5H7X59mVpP8DwAAAHUQuf+X0szkfwAAAKiMyP1vSDOT/wEAAKAyIvffmWZWk/yv/6///3T1/zek29D/b9t3+v9N+v/6/2uh/6//X6yl/z+UXsH6/01Xuz8/6OvX/9f/p3f91v+P3P/LaWY1yf8AAABQB5H770ozk/8BAACgMiL3351mJv8DAABAZUTuf2OaWU3yf9/3/9Md6v8v2f9/ZmP2Y/8/6P+37Tv9/yb9f/3/tdD/1/8v/Pv/pV3t/vygr1//X/+f3vVb/z9y/z1pZjXJ/wAAAFAHkft/Jc1M/gcAAIDKiNz/q2lm8j8AAABURuT+N6WZ1ST/933/P9H/H7x//z/o/7ftO/3/Jv1//f+10P/X/y/0/0u72v35QV+//r/+P73rt/5/5P5fSzOrSf4HAACAOojc/+Y0M/kfAAAAKiNy/1vSzOR/AAAAqIzI/W9NM6tJ/tf/1//X/9f/D/r/+v9l6P/r/5eh/6//Pwjr1//X/6d3/db/j9x/b5pZTfI/AAAA1EHk/relmcn/AAAAUBmR+389zUz+BwAAgMqI3P8baWY1yf/6//r/+v/6/0H/X/+/DP1//f8y9P/1/wdh/fr/+v/0rt/6/5H7fzPNrCb5HwAAAOogcv/b08zkfwAAAKiMyP2/lWYm/wMAAEBlRO7/7TSzmuR//X/9f/1//f+g/6//X4b+v/5/Gfr/+v+DsH79f/1/etdv/f/I/b+TZlaT/A8AAAB1ELn/d9PM5H8AAACojMj9B9PM5H8AAACojMj970gzq0n+1//X/9f/1/8P+v/6/2Xo/+v/l6H/r/8/COvX/9f/p3f91v+P3H8ozawm+R8AAADqIHL/76WZyf8AAABQGZH7D6eZyf8AAABQGZH7j6SZ1ST/6//r/+v/6/8H/X/9/zL0//X/y9D/1/8Pyz0hV3v969X/Hyn0/6mvfuv/R+6fTTOrSf4HAACAOojcfzTNTP4HAACAyojcfyzNTP4HAACAyojc/840s5rkf/1//X/9f/3/oP+v/1+G/r/+fxn6//r/g7B+//6//j+967f+f+T+42lmNcn/AAAAUAeR+9+VZib/AwAAQGVE7n93mpn8DwAAAJURuf9EmllN8r/+v/6//r/+f9D/1/8vQ/9f/78M/X/9/0FYv/6//j+967f+f+T+k2lmNcn/AAAAUAeR+0+lmcn/AAAAUBmR+0+nmcn/AAAAUBmR+8+kmdUk/+v/6//r/+v/B/1//f8y9P/1/8vQ/9f/H4T16//r/9O7fuv/R+7//TSzmuR/AAAAqIPI/WfTzOR/AAAAqIzI/XNpZvI/AAAAVEbk/nNpZjXJ//r/+v/6//r/Qf9f/78M/X/9/zL0//X/B2H9/8/eXfuIkl1bHL7JkyZ6/+1jNDMzM/OYmZmZmZnZgYPea0uWx7Z8ymNXnf19yZZucHXU6qBX8FPp//X/HHe2/j+7/1/qtiH7HwAAACbI7v/Xus3+BwAAgG1k9/9b3Wb/AwAAwDay+/+9bhuy//X/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/f9RtQ/Y/AAAATJDd/591m/0PAAAA28ju/6+6zf4HAACAbWT3/3fdNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2fr/7P7/qduG7H8AAACYILv/f+s2+x8AAAC2kd3/f3Wb/Q8AAADbyO7//7ptyP7X/+v/9f/6/9D/6/9X6P/1/yv0//r/K7xf/6//57iz9f/Z/Xep24bsfwAAAJggu/+udZv9DwAAANvI7r9b3Wb/AwAAwDay++9etw3Z//p//b/+X/8f+n/9/wr9v/5/hf5f/3+F9+v/9f8cd7b+P7v/HnXbkP0PAAAAE2T337Nus/8BAABgG9n996rb7H8AAADYRnb/veu2Iftf/6//1//r/0P/r/9fof/X/6/Q/+v/r/B+/b/+n+PO1v9n99+nbhuy/wEAAGCC7P771m32PwAAAGwju/9+dZv9DwAAANvI7r9/3TZk/+v/9f/6f/1/6P/1/yv0//r/Ffp//f8V3q//1/9z3Nn6/+z+B9RtQ/Y/AAAATJDd/8C6zf4HAACAbWT3P6hus/8BAABgG9n9D67bhux//b/+X/+v/w/9v/5/hf5f/79C/6//v8L79f/6f447W/+f3f+Qum3I/gcAAIAJsvsfWrfZ/wAAALCN7P6H1W32PwAAAGwju//hdduQ/a//1//r//X/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7H1G3Ddn/AAAAMEF2/yPrNvsfAAAAtpHd/6i6zf4HAACAbWT3P7puG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv9j6rYh+x8AAAAmyO5/bN1m/wMAAMA2svsfV7fZ/wAAALCN7P7H121D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf0LdNmT/AwAAwATZ/U+s2+x/AAAA2EZ2/5PqNvsfAAAAtpHd/+S6bcj+1//r//X/+v/Q/+v/V2zY/9/8Cuj/9f/6f/2//l//z2Fn6/+z+59Stw3Z/wAAADBBdv9T6zb7HwAAALaR3f+0us3+BwAAgG1k9z+9bhuy//X/+n/9v/4/9P/6/xUb9v++/3/rb93/3/ZH/6L/1/9f4f36f/0/x52t/8/uf0bdNmT/AwAAwATZ/c+s2+x/AAAA2EZ2/7PqNvsfAAAAtpHd/+y6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f3PqduG7H8AAACYILv/uXWb/Q8AAADbyO5/Xt1m/wMAAMA2svufX7cN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/wV125D9DwAAAJf1V2z37P4X1l35PwAAAIBzy+5/Ud1m/wMAAMA2svtfXLcN2f/6f/3/Ofr/22/d0fv1//r/W/r/09P/6/9X6P/1/1d4v/5f/89xZ+v/s/tfUrcN2f8AAAAwQXb/7XWb/Q8AAADbyO5/ad1m/wMAAMA2svtfVrcN2f/6f/3/Ofr/md//v03//wc/T/2//v+O6P/1/7f0/8v+0f381d+v/9f/c9zZ+v/s/pfXbUP2PwAAAEyQ3f+Kus3+BwAAgG1k97+ybrP/AQAAYBvZ/a+q24bsf/2//l//7/v/of/X/6/Q/+v/V+j/9f9XeL/+X//PcWfr/7P7X123Ddn/AAAAMEF2/2vqNvsfAAAAtpHd/9q6zf4HAACAbWT3v65uG7L/9f/6f/2//j/0//r/Ffp//f8K/b/+/wrv1//r/znubP1/dv/r67Yh+x8AAAAmyO5/Q91m/wMAAMA2svvfWLfZ/wAAALCN7P431W1D9r/+X/+v/9f/h/5f/79C/6//X6H/1/9f4f36f/0/x52t/8/uf3PdNmT/AwAAwATZ/W+p2+x/AAAA2EZ2/1vrNvsfAAAAtpHd/7a6bcj+1//r//X/+v/Q/+v/V+j/9f8r9P/6/yu8X/+v/+e4s/X/2f1vr9uG7H8AAACYILv/HXWb/Q8AAADbyO5/Z91m/wMAAMA2svvfVbcN2f/6f/2//l//H/p//f8K/b/+f4X+X/9/hffr//X/HHe2/j+7/91125D9DwAAABNk97+nbrP/AQAAYBvZ/e+t2+x/AAAA2EZ2//vqtiH7X/+v/9f/6/9D/6//X6H/1/+v0P/r/6/wfv2//p/jztb/Z/e/v24bsv8BAABgguz+D9Rt9j8AAABsI7v/g3Wb/Q8AAADbyO7/UN02ZP/r//X/+n/9f+j/9f8r9P/6/xX6f/3/Fd6v/9f/c9zZ+v/s/g/XbUP2PwAAAEyQ3f+Rus3+BwAAgG1k93+0brP/AQAAYBvZ/R+r24bsf/2//l//r/8P/b/+f4X+X/+/Qv+v/7/C+/X/+n+OO1v/n93/8bptyP4HAACACbL7P1G32f8AAACwjez+T9Zt9j8AAABsI7v/U3XbkP2v/9f/79X/36R4+v8b+v8b+v87l/5f/79C/6//v8L79f/6f447W/+f3f/pum3I/gcAAIAJsvs/U7fZ/wAAALCN7P7P1m32PwAAAGwju/9zdduQ/a//1//v1f/f0P/f0P/f0P/fufT/+v8V+n/9/xXer//X/3Pc2fr/7P7P121D9j8AAABMkN3/hbrN/gcAAIBtZPd/sW6z/wEAAGAb2f1fqtuG7H/9v/5f/6//D/2//n+F/l//v0L/r///U/75RO/X/+v/Oe5s/X92/5frtiH7HwAAACbI7v9K3Wb/AwAAwDay+79at9n/AAAAsI3s/q/VbUP2v/5f/6//1/+H/l//v0L/r/9fof/X/1/h/fp//T/Hna3/z+7/et02ZP8DAADABNn936jb7H8AAADYRnb/N+s2+x8AAAC2kd3/rbptyP7X/+v/9f/6/9D/6/9X6P/1/yv0//r/K7xf/6//57iz9f/Z/d+u24bsfwAAAJggu/87dZv9DwAAANvI7v9u3Wb/AwAAwDay+79Xtw3Z//p//b/+X/8f+n/9/wr9v/5/hf5f/3+F9+v/9f8c9+f6//qb/+/a/2f3f79uG7L/AQAAYILs/h/UbfY/AAAAbCO7/4d1m/0PAAAA28ju/1HdNmT/6//1//p//X/o//X/K/T/+v8V+n/9/xXer//X/3Pc2b7/n93/47ptyP4HAACACbL7f1K32f8AAACwjez+n9Zt9j8AAABsI7v/Z3XbkP3/l/r/f6qr/7+h/9f/39L/N/2//v+W/l//v0j/r/+/wvv1//p/jjtb/5/d//O6bcj+BwAAgAmy+39Rt9n/AAAAsI3s/l/WbfY/AAAAbCO7/1d125D97/v/+n/9v/4/9P/6/xX6f/3/Cv2//v8K79f/6/857mz9f3b/r+u2IfsfAAAAJsju/03dZv8DAADANrL7f1u32f8AAACwjez+39VtQ/a//l//r//X/4f+X/+/Qv+v/1+h/9f/X+H9+n/9P8edrf/P7v99AAAA//8VVGrr")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f000000e0c0), 0x10010)
r1 = syz_open_dev$loop(&(0x7f0000000640), 0x0, 0x22400)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file2\x00', 0x6042, 0x0)
sendfile(r2, r1, 0x0, 0x80000002)
rename(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3.034380792s ago: executing program 3 (id=485):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4010}, 0x4080)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x20008000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x2f}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

2.893149285s ago: executing program 5 (id=486):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000180)=0x86)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r1 = syz_open_pts(r0, 0x0)
epoll_create1(0x0)
ioctl$TIOCVHANGUP(r1, 0x540b, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r2, 0x400454d4, &(0x7f0000000000)=0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.648032488s ago: executing program 5 (id=487):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$NL80211_CMD_STOP_AP(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x2, 0x3}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x4a0}, 0x8084)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x3}, 0x4)
r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$x25(r5, &(0x7f0000000e00), 0x12)
bind$x25(r4, &(0x7f0000000080), 0x12)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000700)={'bond0\x00'})

2.464054331s ago: executing program 5 (id=488):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r3, 0x0, 0x0)

2.275598934s ago: executing program 0 (id=489):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = socket$packet(0x11, 0x2, 0x300)
open_tree(0xffffffffffffffff, 0x0, 0x8000)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, 0x0, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)

1.27842262s ago: executing program 0 (id=490):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
symlink(0x0, 0x0)
readlink(0x0, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x1ff, 0x402)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28031, 0xffffffffffffffff, 0x8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000000040)='./file2\x00', 0x535682, 0x117)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000000)=0x13, 0x4)
r3 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r3, 0x0, 0x40001)
openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, 0x0, 0x4)
creat(0x0, 0x0)

1.23792044s ago: executing program 5 (id=491):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20088004, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @mcast2, 0x7}, 0x1c)
sendto$inet6(r0, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
syz_socket_connect_nvme_tcp()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000080), 0x4)

0s ago: executing program 5 (id=492):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000004d80), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r2, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0xa}]}]}, 0x30}}, 0x10)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
accept$inet6(r0, 0x0, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, r2, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x20008410)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r5, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0)

kernel console output (not intermixed with test programs):

tooth: hci1: command 0x0409 tx timeout
[   62.428568][ T4167] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.441423][ T4157] Bluetooth: hci4: command 0x0409 tx timeout
[   62.442904][ T4167] Cannot create hsr debugfs directory
[   62.448318][ T4157] Bluetooth: hci2: command 0x0409 tx timeout
[   62.547356][ T4177] device hsr_slave_0 entered promiscuous mode
[   62.554486][ T4177] device hsr_slave_1 entered promiscuous mode
[   62.561105][ T4177] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   62.568758][ T4177] Cannot create hsr debugfs directory
[   62.807372][ T4174] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   62.820116][ T4174] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   62.834078][ T4174] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   62.849761][ T4174] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   62.893920][ T4171] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   62.920303][ T4171] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   62.929601][ T4171] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   62.941955][ T4171] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   62.988616][ T4166] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   63.019620][ T4166] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   63.029521][ T4166] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   63.039718][ T4166] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   63.100552][ T4177] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   63.111555][ T4177] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   63.121767][ T4177] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   63.139336][ T4177] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   63.232427][ T4167] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   63.253521][ T4171] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.264528][ T4167] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   63.274718][ T4167] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   63.285741][ T4167] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   63.319902][ T4174] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.330251][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.343811][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.360865][ T4171] 8021q: adding VLAN 0 to HW filter on device team0
[   63.387296][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.395581][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.415069][ T4166] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.426504][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.436292][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.447707][  T437] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.455049][  T437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.464960][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.474380][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.483195][  T437] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.490282][  T437] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.498133][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.511222][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.539195][ T4174] 8021q: adding VLAN 0 to HW filter on device team0
[   63.546489][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   63.556739][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   63.565078][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.576406][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   63.586264][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   63.595564][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   63.607057][ T4166] 8021q: adding VLAN 0 to HW filter on device team0
[   63.628137][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   63.637176][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   63.650220][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.660549][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.673357][  T437] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.680431][  T437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.700242][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.709207][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   63.718876][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   63.728460][  T437] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.735639][  T437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   63.744477][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   63.753643][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   63.761929][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.770804][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.779395][  T437] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.786508][  T437] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.795062][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   63.811198][ T4171] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   63.822797][ T4171] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   63.849124][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   63.858362][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   63.869532][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   63.878969][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   63.889468][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.896605][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   63.905500][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.914812][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   63.923930][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.934582][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   63.943507][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   63.954798][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   63.963845][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   63.986422][ T4177] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.008057][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   64.019549][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.028580][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   64.038467][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.047486][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   64.056505][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.080136][ T4177] 8021q: adding VLAN 0 to HW filter on device team0
[   64.097468][ T4174] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   64.109234][ T4174] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   64.133579][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   64.142800][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   64.151463][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.170886][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.180129][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.188745][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   64.199086][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.209104][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.218046][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.226862][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.237041][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.246254][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   64.264749][ T4166] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   64.288442][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   64.299401][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   64.317460][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.324604][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.342361][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   64.351274][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   64.367082][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.374215][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.383314][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   64.395003][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   64.432210][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   64.450330][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   64.460418][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   64.476016][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   64.484400][ T4214] Bluetooth: hci2: command 0x041b tx timeout
[   64.488748][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   64.491067][ T4214] Bluetooth: hci4: command 0x041b tx timeout
[   64.505667][ T4214] Bluetooth: hci1: command 0x041b tx timeout
[   64.511783][ T4214] Bluetooth: hci0: command 0x041b tx timeout
[   64.518786][ T4214] Bluetooth: hci3: command 0x041b tx timeout
[   64.520994][ T4171] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.547258][ T4174] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.557611][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   64.567073][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   64.580811][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   64.589739][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   64.600752][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   64.608607][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   64.617602][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   64.626352][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   64.635827][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   64.656835][ T4177] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   64.681984][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   64.689659][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   64.731980][ T4166] 8021q: adding VLAN 0 to HW filter on device batadv0
[   64.744840][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   64.754571][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   64.798451][ T4167] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.820101][ T4174] device veth0_vlan entered promiscuous mode
[   64.870559][ T4167] 8021q: adding VLAN 0 to HW filter on device team0
[   64.881987][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   64.894841][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   64.905053][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   64.914552][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   64.924354][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   64.932445][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   64.940343][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   64.948811][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   64.972196][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   64.980526][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   64.997296][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   65.006715][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   65.029225][ T4171] device veth0_vlan entered promiscuous mode
[   65.040679][ T4174] device veth1_vlan entered promiscuous mode
[   65.050173][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.059017][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.068568][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   65.078541][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   65.087700][ T4221] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.095034][ T4221] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.119820][ T4177] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.138026][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   65.146674][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   65.156638][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   65.165292][ T4221] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.172400][ T4221] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.180422][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   65.189800][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   65.203611][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   65.214414][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   65.238168][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   65.265226][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   65.275357][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   65.284947][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   65.294025][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   65.302992][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   65.311668][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   65.321837][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   65.330858][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   65.342842][ T4171] device veth1_vlan entered promiscuous mode
[   65.355325][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   65.364828][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   65.375836][ T4174] device veth0_macvtap entered promiscuous mode
[   65.386616][ T4174] device veth1_macvtap entered promiscuous mode
[   65.408644][ T4167] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.420738][ T4167] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   65.439509][ T4177] device veth0_vlan entered promiscuous mode
[   65.453818][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   65.461949][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   65.470410][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   65.479729][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   65.488711][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   65.497078][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   65.506497][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   65.515253][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   65.536790][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   65.546759][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   65.573621][ T4171] device veth0_macvtap entered promiscuous mode
[   65.586656][ T4174] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.602553][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   65.612790][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   65.621706][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   65.640261][ T4171] device veth1_macvtap entered promiscuous mode
[   65.651126][ T4177] device veth1_vlan entered promiscuous mode
[   65.668204][ T4174] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.686602][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   65.704132][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   65.713670][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   65.721941][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   65.731907][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   65.741026][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   65.750513][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   65.760253][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   65.779194][ T4166] device veth0_vlan entered promiscuous mode
[   65.788881][ T4174] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.797927][ T4174] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.807579][ T4174] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.816357][ T4174] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.857201][ T4166] device veth1_vlan entered promiscuous mode
[   65.866459][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   65.877714][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   65.892759][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.904115][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   65.913594][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   65.922607][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   65.930081][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   65.937855][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   65.946991][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   65.956338][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   65.965833][  T437] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   65.979041][ T4167] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.992711][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.012788][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.026554][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.040959][ T4171] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.050372][ T4171] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.059209][ T4171] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.069070][ T4171] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.092864][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.101849][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   66.113016][ T4177] device veth0_macvtap entered promiscuous mode
[   66.146686][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   66.157793][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   66.169760][ T4177] device veth1_macvtap entered promiscuous mode
[   66.283603][ T4166] device veth0_macvtap entered promiscuous mode
[   66.294208][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.304964][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.315564][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.327943][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.339624][ T4177] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.351634][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   66.361038][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   66.371158][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   66.381031][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   66.390905][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.401245][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.413370][ T4167] device veth0_vlan entered promiscuous mode
[   66.425063][ T4166] device veth1_macvtap entered promiscuous mode
[   66.448321][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.460767][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.470846][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.481985][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.493621][ T4177] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.502808][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   66.510812][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   66.519766][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   66.528386][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   66.536776][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.546834][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   66.555590][ T4214] Bluetooth: hci3: command 0x040f tx timeout
[   66.561728][ T4214] Bluetooth: hci0: command 0x040f tx timeout
[   66.567219][ T4167] device veth1_vlan entered promiscuous mode
[   66.568227][ T4214] Bluetooth: hci1: command 0x040f tx timeout
[   66.579896][ T4214] Bluetooth: hci4: command 0x040f tx timeout
[   66.586302][ T4214] Bluetooth: hci2: command 0x040f tx timeout
[   66.618818][ T4177] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.627818][ T4177] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.638007][ T4177] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.646885][ T4177] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.673681][ T4221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.681875][ T4221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.692343][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.700391][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.710489][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   66.722844][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   66.731530][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.742337][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.753542][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.763420][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.773886][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.784032][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.795572][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.807015][ T4166] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.837972][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.847197][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   66.856854][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   66.867780][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.880343][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.890548][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.901261][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.911174][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.922071][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.933432][ T4166] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.983171][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   66.993307][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   67.005433][ T4166] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.015556][ T4166] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.024998][ T4166] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.034902][ T4166] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.061976][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   67.063491][ T1243] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.077738][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   67.088355][ T1243] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.105716][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   67.117569][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.119395][ T4167] device veth0_macvtap entered promiscuous mode
[   67.133042][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.159056][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   67.168920][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   67.190677][ T4167] device veth1_macvtap entered promiscuous mode
[   67.246515][ T1243] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.265220][ T1243] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.289646][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   67.309298][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.319385][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   67.330988][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.341076][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   67.351560][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.362306][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   67.373502][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.385393][ T4167] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.408327][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   67.423252][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.435111][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   67.446034][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.456519][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   67.467346][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.477380][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   67.487942][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.499215][ T4167] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.508430][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   67.518197][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   67.527055][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   67.538068][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   67.547908][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   67.557492][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   67.587649][ T4167] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.599045][ T4167] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.648488][ T4167] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.674886][ T4167] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.880415][ T1243] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.942128][ T1243] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.965628][ T1243] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   68.864502][ T4213] Bluetooth: hci2: command 0x0419 tx timeout
[   68.870895][ T4213] Bluetooth: hci4: command 0x0419 tx timeout
[   68.877461][ T4213] Bluetooth: hci1: command 0x0419 tx timeout
[   68.883556][ T4213] Bluetooth: hci0: command 0x0419 tx timeout
[   68.889603][ T4213] Bluetooth: hci3: command 0x0419 tx timeout
[   68.901269][ T4221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.929316][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.967184][ T4254] loop0: detected capacity change from 0 to 32768
[   68.987685][ T4221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.004322][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.040847][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.054355][ T4254] =======================================================
[   69.054355][ T4254] WARNING: The mand mount option has been deprecated and
[   69.054355][ T4254]          and is ignored by this kernel. Remove the mand
[   69.054355][ T4254]          option from the mount to silence this warning.
[   69.054355][ T4254] =======================================================
[   69.204452][ T4221] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.307031][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.311579][  T437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.329475][ T4254] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   69.330678][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.277977][  T437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.313290][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   70.355592][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   70.394826][ T4174] ocfs2: Unmounting device (7,0) on (node local)
[   70.407396][ T4267] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5'.
[   70.451868][ T4265] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   70.706603][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!!
[   70.802840][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   70.882865][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   70.953636][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   70.962800][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!!
[   70.971856][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!!
[   71.032281][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   73.311928][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[   73.325300][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[   73.453604][ T4280] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   73.527723][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   75.341926][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   75.350935][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!!
[   75.696390][ T4306] loop1: detected capacity change from 0 to 64
[   76.332878][ T4315] Zero length message leads to an empty skb
[   79.035741][ T4322] loop2: detected capacity change from 0 to 2048
[   79.076324][ T4324] loop4: detected capacity change from 0 to 2048
[   79.440285][ T4322] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   79.452688][ T4324] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   79.474328][   T26] audit: type=1800 audit(1742977415.431:2): pid=4324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.19" name="file2" dev="loop4" ino=16 res=0 errno=0
[   79.529722][ T4335] loop3: detected capacity change from 0 to 32768
[   79.834710][ T4343] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   80.355181][   T26] audit: type=1800 audit(1742977416.311:3): pid=4322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.17" name="file2" dev="loop2" ino=16 res=0 errno=0
[   80.664154][ T4346] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   81.035749][  T437] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 0 with max blocks 1 with error 28
[   81.071390][  T437] EXT4-fs (loop2): This should not happen!! Data will be lost
[   81.071390][  T437] 
[   81.071438][  T437] EXT4-fs (loop2): Total free blocks count 0
[   81.071457][  T437] EXT4-fs (loop2): Free/Dirty block details
[   81.071507][  T437] EXT4-fs (loop2): free_blocks=2415919120
[   81.071570][  T437] EXT4-fs (loop2): dirty_blocks=16
[   81.071587][  T437] EXT4-fs (loop2): Block reservation details
[   81.071602][  T437] EXT4-fs (loop2): i_reserved_data_blocks=1
[   81.113324][ T4331] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[   81.128757][ T4350] loop4: detected capacity change from 0 to 128
[   81.194042][ T4350] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,. Quota mode: none.
[   81.289618][ T4350] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   81.321488][    C1] vkms_vblank_simulate: vblank timer overrun
[   81.604659][ T1108] cfg80211: failed to load regulatory.db
[   82.078298][ T4331] usb 1-1: config index 0 descriptor too short (expected 63524, got 36)
[   82.456233][ T4331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 23, changing to 4
[   82.467200][ T4331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 52925, setting to 1023
[   82.557579][ T4331] usb 1-1: string descriptor 0 read error: -71
[   82.812264][   T26] audit: type=1326 audit(1742977418.581:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   82.852140][ T4331] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[   83.147584][ T4331] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.416856][ T4363] loop0: detected capacity change from 0 to 128
[   83.423267][   T26] audit: type=1326 audit(1742977418.581:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   84.602017][    C0] sched: RT throttling activated
[   84.613785][ T4331] usb 1-1: config 0 descriptor??
[   84.624547][   T26] audit: type=1326 audit(1742977418.591:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   84.648600][ T4331] usb 1-1: can't set config #0, error -71
[   84.690358][ T4331] usb 1-1: USB disconnect, device number 2
[   84.863080][ T4363] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   84.961921][ T4363] ext4 filesystem being mounted at /5/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   84.994112][    C1] vkms_vblank_simulate: vblank timer overrun
[   85.035515][   T26] audit: type=1326 audit(1742977418.591:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   85.108175][   T26] audit: type=1326 audit(1742977418.591:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   85.235033][   T26] audit: type=1326 audit(1742977418.601:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   85.257048][    C1] vkms_vblank_simulate: vblank timer overrun
[   85.303735][   T26] audit: type=1326 audit(1742977418.601:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   85.480211][ T4382] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   85.491601][ T4382] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[   86.507870][   T26] audit: type=1326 audit(1742977418.601:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   86.618671][   T26] audit: type=1326 audit(1742977418.611:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   86.640753][   T26] audit: type=1326 audit(1742977418.611:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   87.573017][   T26] audit: type=1326 audit(1742977418.611:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   87.801842][   T26] audit: type=1326 audit(1742977418.611:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4355 comm="syz.1.26" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fa8c8904169 code=0x7ffc0000
[   89.482193][ T4212] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   89.768309][ T4411] bad cache= option: none

[   89.768309][ T4411] 
[   89.775239][ T4411] CIFS: VFS: bad cache= option: none

[   90.656303][ T4411] block device autoloading is deprecated. It will be removed in Linux 5.19
[   90.678250][ T4407] Set syz1 is full, maxelem 0 reached
[   90.900064][ T4417] overlayfs: missing 'lowerdir'
[   91.439374][ T4418] loop4: detected capacity change from 0 to 4096
[   91.714996][ T4418] UDF-fs: bad mount option "s%Ý6˜Âèçw" or missing value
[   91.724484][ T4420] loop3: detected capacity change from 0 to 4096
[   92.838086][ T4420] ntfs: volume version 3.1.
[   93.274750][ T1108] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   93.402097][ T4444] netlink: 16 bytes leftover after parsing attributes in process `syz.4.46'.
[   93.530893][ T4446] bridge0: port 3(gretap0) entered blocking state
[   93.537857][ T4446] bridge0: port 3(gretap0) entered disabled state
[   93.548315][ T4446] device gretap0 entered promiscuous mode
[   93.556835][ T4446] bridge0: port 3(gretap0) entered blocking state
[   93.563712][ T4446] bridge0: port 3(gretap0) entered forwarding state
[   95.501320][ T4444] loop4: detected capacity change from 0 to 32768
[   95.694353][ T1108] usb 3-1: Using ep0 maxpacket: 16
[   96.238620][ T4450] loop0: detected capacity change from 0 to 1024
[   96.312952][ T1108] usb 3-1: unable to read config index 0 descriptor/all
[   96.331143][ T1108] usb 3-1: can't read configurations, error -71
[   96.621309][ T4444] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by syz.4.46 (4444)
[   96.692250][ T4444] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[   96.702131][ T4444] BTRFS info (device loop4): using free space tree
[   96.708687][ T4444] BTRFS info (device loop4): has skinny extents
[   97.239045][ T4444] BTRFS error (device loop4): open_ctree failed: -12
[   97.268196][ T4258] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by udevd (4258)
[   97.979016][ T4482] ieee802154 phy0 wpan0: encryption failed: -22
[  100.744143][ T4491] loop1: detected capacity change from 0 to 2048
[  101.140376][ T4505] loop3: detected capacity change from 0 to 64
[  103.437293][ T4518] netlink: 224 bytes leftover after parsing attributes in process `syz.2.63'.
[  103.447028][ T4518] netlink: 16 bytes leftover after parsing attributes in process `syz.2.63'.
[  105.062806][   T26] kauditd_printk_skb: 26 callbacks suppressed
[  105.062845][   T26] audit: type=1326 audit(1742977441.001:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.3.64" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbf97e37169 code=0x0
[  105.821326][ T4537] netlink: 72 bytes leftover after parsing attributes in process `syz.4.66'.
[  107.617943][ T4562] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  108.199784][ T4214] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  108.662133][ T4214] usb 3-1: Using ep0 maxpacket: 8
[  108.715972][ T4567] loop3: detected capacity change from 0 to 2048
[  108.780118][ T4258] udevd[4258]: incorrect nilfs2 checksum on /dev/loop3
[  108.787318][ T4214] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  108.798708][ T4567] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  108.875810][ T4214] usb 3-1: config 0 has no interface number 0
[  108.939465][ T4570] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  109.030649][ T4567] NILFS (loop3): DAT doesn't have a block to manage vblocknr = 8796093022222
[  109.030766][ T4567] NILFS error (device loop3): nilfs_bmap_truncate: broken bmap (inode number=16)
[  109.038938][ T4567] Remounting filesystem read-only
[  109.058596][ T4214] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  109.072637][ T4214] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.098830][ T4214] usb 3-1: Product: syz
[  109.108189][ T4567] NILFS (loop3): error -5 truncating bmap (ino=16)
[  109.117606][ T4214] usb 3-1: Manufacturer: syz
[  109.143684][ T4214] usb 3-1: SerialNumber: syz
[  109.246237][ T4214] usb 3-1: config 0 descriptor??
[  110.227347][ T4177] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  110.301933][ T4588] loop4: detected capacity change from 0 to 64
[  110.392957][ T4214] usb 3-1: USB disconnect, device number 5
[  111.714554][ T4604] loop0: detected capacity change from 0 to 4096
[  112.016884][ T4605] loop4: detected capacity change from 0 to 2048
[  112.050400][ T4604] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  112.159336][ T4605] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  112.446052][ T4478] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  113.476175][ T4621] loop2: detected capacity change from 0 to 1024
[  113.549091][ T4618] loop3: detected capacity change from 0 to 4096
[  113.686423][ T4618] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  113.698707][ T4550] hfsplus: b-tree write err: -5, ino 4
[  115.007674][ T4660] loop2: detected capacity change from 0 to 64
[  115.122309][ T4648] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  116.142205][ T4673] loop2: detected capacity change from 0 to 2048
[  116.245674][ T4667] loop3: detected capacity change from 0 to 131072
[  116.282345][ T4676] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  116.327186][ T4667] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  116.333666][ T4673] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  116.342716][ T4667] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  116.368472][ T4667] F2FS-fs (loop3): invalid crc value
[  116.382299][ T4676] device batadv_slave_0 entered promiscuous mode
[  116.422251][ T4648] usb 1-1: config 1 has an invalid descriptor of length 112, skipping remainder of the config
[  116.441262][   T26] audit: type=1800 audit(1742977452.391:43): pid=4673 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.110" name="file1" dev="loop2" ino=1346 res=0 errno=0
[  116.447630][ T4648] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  116.483375][ T4667] F2FS-fs (loop3): Found nat_bits in checkpoint
[  116.573794][ T4667] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  116.581141][ T4667] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  116.707102][ T4683] loop6: detected capacity change from 0 to 524287999
[  116.726014][    C0] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  116.737241][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.766003][    C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  116.776969][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.785259][    C0] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  116.796242][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.833327][ T4648] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  116.838662][ T4645] loop4: detected capacity change from 0 to 32768
[  116.844366][ T4648] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.874417][    C0] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  116.885404][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.897930][    C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  116.908960][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.961561][ T4648] usb 1-1: Product: syz
[  116.982455][ T4648] usb 1-1: Manufacturer: syz
[  116.991188][    C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.002206][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.029450][ T4648] usb 1-1: SerialNumber: syz
[  117.044477][    C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.055509][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.092526][    C0] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.103490][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.112447][ T4683] ldm_validate_partition_table(): Disk read failed.
[  117.145768][    C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.156951][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.183235][    C1] blk_update_request: I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  117.194233][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  117.256723][ T4683] Dev loop6: unable to read RDB block 0
[  117.275607][ T4683]  loop6: unable to read partition table
[  117.281438][ T4683] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  117.352735][ T4648] usb 1-1: 0:2 : does not exist
[  117.401386][ T3545] ldm_validate_partition_table(): Disk read failed.
[  117.422836][ T3545] Dev loop6: unable to read RDB block 0
[  117.480176][ T4648] usb 1-1: USB disconnect, device number 3
[  117.492178][ T3545]  loop6: unable to read partition table
[  118.075220][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  118.137856][ T4717] loop4: detected capacity change from 0 to 32768
[  118.363802][ T4717] ERROR: (device loop4): dbAlloc: the hint is outside the map
[  118.363802][ T4717] 
[  118.377518][ T4717] ERROR: (device loop4): remounting filesystem as read-only
[  118.476379][ T4428] read_mapping_page failed!
[  118.697253][ T4428] ERROR: (device loop4): txCommit: 
[  118.697253][ T4428] 
[  118.768486][ T4428] jfs_write_inode: jfs_commit_inode failed!
[  118.856720][ T4717] ERROR: (device loop4): dbAlloc: the hint is outside the map
[  118.856720][ T4717] 
[  118.867341][ T4717] ERROR: (device loop4): remounting filesystem as read-only
[  119.024512][ T4728] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  119.146282][ T4737] loop4: detected capacity change from 0 to 512
[  119.480859][ T4741] loop2: detected capacity change from 0 to 256
[  119.556511][ T4741] exfat: Deprecated parameter 'utf8'
[  119.605375][ T4741] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  119.879007][ T4755] loop2: detected capacity change from 0 to 256
[  119.902790][ T4761] netlink: 'syz.4.137': attribute type 29 has an invalid length.
[  119.911091][ T4761] netlink: 'syz.4.137': attribute type 29 has an invalid length.
[  119.921808][ T4761] netlink: 'syz.4.137': attribute type 29 has an invalid length.
[  119.933560][ T4761] netlink: 'syz.4.137': attribute type 29 has an invalid length.
[  119.943094][ T4761] netlink: 'syz.4.137': attribute type 29 has an invalid length.
[  120.152143][ T4648] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  120.174978][ T4766] loop2: detected capacity change from 0 to 4096
[  120.242161][ T4214] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  120.275937][ T4766] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  120.512303][ T4648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.534884][ T4648] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.550956][ T4648] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  120.570560][ T4648] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  120.581359][ T4648] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.600586][ T4648] usb 1-1: config 0 descriptor??
[  120.662271][ T4214] usb 4-1: config 1 has an invalid descriptor of length 112, skipping remainder of the config
[  120.672778][ T4214] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  120.919007][ T4770] loop2: detected capacity change from 0 to 32768
[  120.962254][ T4214] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  120.971317][ T4214] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.057381][ T4770] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  121.076969][ T4214] usb 4-1: Product: syz
[  121.081187][ T4214] usb 4-1: Manufacturer: syz
[  121.098171][ T4775] loop1: detected capacity change from 0 to 8192
[  121.109855][ T4214] usb 4-1: SerialNumber: syz
[  121.135887][ T4648] plantronics 0003:047F:FFFF.0001: No inputs registered, leaving
[  121.161797][ T4648] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  121.174318][ T4775] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  121.270033][ T4775] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  121.319661][ T4775] ntfs3: loop1: Failed to load $Extend.
[  121.377533][ T4167] ocfs2: Unmounting device (7,2) on (node local)
[  121.463608][ T4783] loop4: detected capacity change from 0 to 64
[  121.472520][ T4214] usb 4-1: 0:2 : does not exist
[  121.531614][ T4214] usb 4-1: USB disconnect, device number 2
[  121.546837][ T4783] hfs: unable to locate alternate MDB
[  121.581626][ T4783] hfs: continuing without an alternate MDB
[  121.704571][ T4788] ieee802154 phy0 wpan0: encryption failed: -22
[  122.602398][ T4648] usb 1-1: reset high-speed USB device number 4 using dummy_hcd
[  122.667612][ T4260] udevd[4260]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  122.923872][ T4814] loop1: detected capacity change from 0 to 512
[  123.011956][ T4814] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.095505][ T4814] fs-verity: sha256 using implementation "sha256-avx2"
[  123.182286][ T4478] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  123.255187][ T4828] ieee802154 phy0 wpan0: encryption failed: -22
[  123.566783][ T4211] usb 1-1: USB disconnect, device number 4
[  124.444255][ T4478] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  124.471283][ T4478] usb 3-1: config 1 has no interface number 1
[  124.496936][ T4478] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  124.517980][ T4478] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  124.584849][ T4873] loop1: detected capacity change from 0 to 128
[  124.595102][ T4875] ieee802154 phy0 wpan0: encryption failed: -22
[  124.675927][   T26] audit: type=1800 audit(1742977460.631:44): pid=4873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.171" name="bus" dev="loop1" ino=1048598 res=0 errno=0
[  124.718178][ T4211] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  124.762903][ T4478] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  124.772292][ T4478] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.780724][ T4478] usb 3-1: Product: syz
[  124.785678][ T4478] usb 3-1: Manufacturer: syz
[  124.790313][ T4478] usb 3-1: SerialNumber: syz
[  124.832504][ T4811] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  124.902210][ T4215] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  125.043927][ T4888] loop4: detected capacity change from 0 to 1024
[  125.088785][ T4211] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.098949][ T4211] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  125.116400][ T4211] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.141337][ T4211] usb 1-1: config 0 descriptor??
[  125.196018][ T4888] attempt to access beyond end of device
[  125.196018][ T4888] loop4: rw=0, want=201326594, limit=1024
[  125.212847][ T4888] buffer_io_error: 24 callbacks suppressed
[  125.212866][ T4888] Buffer I/O error on dev loop4, logical block 100663296, async page read
[  125.239412][ T4888] hfsplus: unable to mark blocks free: error -5
[  125.252912][ T4888] hfsplus: can't free extent
[  126.017942][ T4211] usbhid 1-1:0.0: can't add hid device: -71
[  126.043049][ T4211] usbhid: probe of 1-1:0.0 failed with error -71
[  126.052063][ T4215] usb 4-1: Using ep0 maxpacket: 8
[  126.127709][ T4211] usb 1-1: USB disconnect, device number 5
[  126.130778][ T4895] loop4: detected capacity change from 0 to 4096
[  126.140873][ T4478] usb 3-1: 2:1: cannot set freq 1 to ep 0x82
[  126.158569][ T4897] loop1: detected capacity change from 0 to 8
[  126.198222][ T4215] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[  126.236657][ T4478] usb 3-1: USB disconnect, device number 6
[  126.247705][ T4215] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  126.273052][ T4215] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  126.472396][ T4166] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  126.479387][ T4166] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  126.512385][ T4215] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.549060][ T4215] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.560816][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  126.682312][ T4215] usb 4-1: Product: syz
[  126.694492][ T4215] usb 4-1: Manufacturer: syz
[  127.524505][ T4215] usb 4-1: SerialNumber: syz
[  127.583299][ T4908] af_packet: tpacket_rcv: packet too big, clamped from 4087 to 3944. macoff=96
[  127.612389][ T4215] usb 4-1: can't set config #1, error -71
[  127.622460][ T4215] usb 4-1: USB disconnect, device number 3
[  127.711192][ T4922] loop4: detected capacity change from 0 to 256
[  127.723306][   T26] audit: type=1326 audit(1742977463.681:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  127.807688][ T4923] loop3: detected capacity change from 0 to 4096
[  127.808335][ T4922] MINIX-fs: mounting file system with errors, running fsck is recommended
[  127.824925][   T26] audit: type=1326 audit(1742977463.701:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  127.830986][ T4918] loop2: detected capacity change from 0 to 4096
[  127.866031][   T26] audit: type=1326 audit(1742977463.701:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  127.900206][   T26] audit: type=1326 audit(1742977463.711:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  127.976314][ T4932] loop1: detected capacity change from 0 to 512
[  127.992224][   T26] audit: type=1326 audit(1742977463.711:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  128.077855][ T4932] EXT4-fs (loop1): mounted filesystem without journal. Opts: barrier=0x00000000000003ff,noload,noblock_validity,,errors=continue. Quota mode: none.
[  128.111589][   T26] audit: type=1326 audit(1742977463.711:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  128.136789][   T26] audit: type=1326 audit(1742977463.711:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  128.161840][   T26] audit: type=1326 audit(1742977463.721:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  128.185567][   T26] audit: type=1326 audit(1742977463.721:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4924 comm="syz.0.190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f254b3af169 code=0x7ffc0000
[  128.263118][ T4932] EXT4-fs warning (device loop1): dx_probe:869: inode #2: comm syz.1.193: Unimplemented hash flags: 0x0001
[  128.346465][ T4932] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.193: Corrupt directory, running e2fsck is recommended
[  128.474975][ T4932] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.193: path /48/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  128.845623][ T4954] syz.0.200 uses obsolete (PF_INET,SOCK_PACKET)
[  129.798063][ T4966] device ipip0 entered promiscuous mode
[  129.876338][ T4972] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  129.961409][ T4971] loop0: detected capacity change from 0 to 4096
[  130.030430][ T4973] loop3: detected capacity change from 0 to 4096
[  130.190110][ T4971] NILFS (loop0): invalid segment: Checksum error in segment payload
[  130.207903][ T4971] NILFS (loop0): trying rollback from an earlier position
[  130.249553][ T4971] NILFS (loop0): recovery complete
[  130.280548][ T4973] __ntfs_error: 4 callbacks suppressed
[  130.280567][ T4973] ntfs: (device loop3): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  130.307010][ T4978] loop2: detected capacity change from 0 to 32768
[  130.318582][ T4973] ntfs: (device loop3): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  130.333618][ T4980] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  130.336962][ T4973] ntfs: (device loop3): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  130.366305][ T4978] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.208 (4978)
[  130.381757][ T4973] ntfs: (device loop3): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  130.402650][ T4973] ntfs: (device loop3): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  130.417021][ T4973] ntfs: volume version 3.1.
[  130.429588][ T4978] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  130.438359][ T4978] BTRFS info (device loop2): using free space tree
[  130.445802][ T4978] BTRFS info (device loop2): has skinny extents
[  130.446273][ T4973] ntfs: (device loop3): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  130.465013][ T4973] ntfs: (device loop3): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  130.479749][ T4973] ntfs: (device loop3): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  130.492616][ T4973] ntfs: (device loop3): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  130.506456][ T4973] ntfs: (device loop3): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  130.567123][ T4978] BTRFS info (device loop2): enabling ssd optimizations
[  132.428246][ T5029] netlink: 96 bytes leftover after parsing attributes in process `syz.4.218'.
[  132.480760][ T5032] loop1: detected capacity change from 0 to 2048
[  132.508342][ T5034] loop0: detected capacity change from 0 to 1024
[  132.612651][ T5034] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  132.795419][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.801868][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  133.244100][ T5036] loop4: detected capacity change from 0 to 32768
[  133.274633][ T5056] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  133.308794][ T5056] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  133.353337][ T5036] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.222 (5036)
[  133.441275][ T5036] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  133.462056][ T4478] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  133.478903][ T5036] BTRFS info (device loop4): enabling auto defrag
[  133.533895][ T5036] BTRFS info (device loop4): doing ref verification
[  133.669043][ T5036] BTRFS info (device loop4): max_inline at 4096
[  133.762272][ T5036] BTRFS info (device loop4): enabling ssd optimizations
[  133.802289][ T5036] BTRFS info (device loop4): using spread ssd allocation scheme
[  134.120979][ T5036] BTRFS info (device loop4): using free space tree
[  134.245484][ T5036] BTRFS info (device loop4): has skinny extents
[  134.612243][ T4478] usb 4-1: Using ep0 maxpacket: 8
[  134.711128][ T5087] loop2: detected capacity change from 0 to 4096
[  134.742617][ T4478] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  134.764916][ T5087] NILFS (loop2): invalid segment: Checksum error in segment payload
[  134.773700][ T5087] NILFS (loop2): trying rollback from an earlier position
[  134.774462][ T4478] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.825544][ T5063] loop1: detected capacity change from 0 to 32768
[  134.839002][ T5087] NILFS (loop2): recovery complete
[  134.882732][ T5094] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  134.884081][ T4478] usb 4-1: config 0 descriptor??
[  135.159251][ T4478] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  135.324374][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  135.324389][   T26] audit: type=1326 audit(1742977471.281:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5103 comm="syz.4.231" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8bc15d6169 code=0x0
[  135.424855][ T5107] device wg2 entered promiscuous mode
[  135.555260][ T5112] loop0: detected capacity change from 0 to 128
[  135.765464][ T4401] attempt to access beyond end of device
[  135.765464][ T4401] loop0: rw=1, want=657, limit=128
[  135.924110][ T5121] block device autoloading is deprecated. It will be removed in Linux 5.19
[  136.170443][ T5128] loop1: detected capacity change from 0 to 256
[  136.220784][ T5133] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  136.229718][ T5128] MINIX-fs: mounting file system with errors, running fsck is recommended
[  136.672305][ T5047] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  136.696012][ T4478] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  136.718657][ T4478] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  136.734641][ T4478] asix: probe of 4-1:0.0 failed with error -71
[  136.751312][ T4478] usb 4-1: USB disconnect, device number 4
[  136.933567][ T5101] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  137.042480][ T5047] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.078803][ T5047] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.090237][ T5047] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  137.105816][ T5047] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  137.117192][ T5047] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.199905][ T5047] usb 3-1: config 0 descriptor??
[  137.492392][ T5101] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.568586][ T5101] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.642149][ T5101] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  137.662999][ T5101] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  137.688218][ T5101] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.709378][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.719776][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.731399][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.742378][ T5101] usb 2-1: config 0 descriptor??
[  137.750476][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.758114][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.766070][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.773663][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.783609][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.791090][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.805050][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.813202][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.820989][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.829028][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.837169][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.845570][ T5047] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  137.853932][ T5047] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  137.909215][ T5047] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  138.216612][ T5101] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  138.264826][ T5101] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  138.343048][ T5101] plantronics 0003:047F:FFFF.0003: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  138.820879][ T5187] loop4: detected capacity change from 0 to 512
[  138.883124][ T5187] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_dir_size_kb=0x0000000000004739,inode_readahead_blks=0x0000000000000800,norecovery,,errors=continue. Quota mode: writeback.
[  138.902628][ T5187] ext4 filesystem being mounted at /65/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  138.947599][   T26] audit: type=1800 audit(1742977474.901:59): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.262" name="file1" dev="loop4" ino=15 res=0 errno=0
[  138.978562][   T26] audit: type=1800 audit(1742977474.911:60): pid=5187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.262" name="file2" dev="loop4" ino=16 res=0 errno=0
[  139.072873][ T5101] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  139.370420][ T5102] usb 3-1: USB disconnect, device number 7
[  139.472359][ T5101] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  139.482455][ T5101] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  139.491508][ T5101] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.502721][ T5101] usb 4-1: config 0 descriptor??
[  139.637952][ T5048] usb 2-1: USB disconnect, device number 3
[  140.062262][ T5101] usbhid 4-1:0.0: can't add hid device: -71
[  140.068292][ T5101] usbhid: probe of 4-1:0.0 failed with error -71
[  140.076672][ T5101] usb 4-1: USB disconnect, device number 5
[  141.594321][ T5214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.269'.
[  141.877654][ T5225] ieee802154 phy0 wpan0: encryption failed: -22
[  142.912076][ T4478] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  143.332386][ T4478] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.356216][ T4478] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  143.409041][ T4478] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.442367][ T4478] usb 3-1: config 0 descriptor??
[  143.858043][ T4478] usbhid 3-1:0.0: can't add hid device: -71
[  143.867091][ T4478] usbhid: probe of 3-1:0.0 failed with error -71
[  143.883498][ T4478] usb 3-1: USB disconnect, device number 8
[  143.923649][ T5261] loop0: detected capacity change from 0 to 64
[  144.053361][ T5261] hfs: unable to locate alternate MDB
[  144.069675][ T5261] hfs: continuing without an alternate MDB
[  145.659155][ T5274] syz.4.289[5274] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.659270][ T5274] syz.4.289[5274] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.668639][ T5277] loop1: detected capacity change from 0 to 1024
[  145.754551][ T5281] loop0: detected capacity change from 0 to 512
[  145.779419][ T5277] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  145.791508][ T5277] ext4 filesystem being mounted at /67/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.818708][ T5279] loop2: detected capacity change from 0 to 1024
[  145.853416][ T5281] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  145.899199][ T5277] kvm: emulating exchange as write
[  145.901899][ T5281] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  145.930867][ T5290] bridge0: port 3(vlan2) entered blocking state
[  145.938463][ T5290] bridge0: port 3(vlan2) entered disabled state
[  146.002743][ T4286] hfsplus: b-tree write err: -5, ino 3
[  146.045817][ T5279] hfsplus: xattr searching failed
[  146.052358][   T26] audit: type=1800 audit(1742977482.001:61): pid=5279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.291" name="file1" dev="loop2" ino=6 res=0 errno=0
[  146.095868][ T5291] hfsplus: xattr searching failed
[  146.112970][ T5279] hfsplus: xattr searching failed
[  146.227661][   T26] audit: type=1804 audit(1742977482.081:62): pid=5281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.292" name="/newroot/57/file0/file1" dev="loop0" ino=15 res=1 errno=0
[  146.250663][ T5281] syz.0.292 (5281) used greatest stack depth: 19512 bytes left
[  146.368726][ T5296] overlayfs: failed to resolve './file0': -2
[  146.922968][ T5308] loop3: detected capacity change from 0 to 8192
[  146.954146][ T5318] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  146.997213][ T5318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  147.006415][ T5318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  147.023595][ T5308] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  147.027124][ T5318] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  147.054048][ T5308] REISERFS (device loop3): using ordered data mode
[  147.061307][ T5308] reiserfs: using flush barriers
[  147.070537][ T5308] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  147.088692][ T5308] REISERFS (device loop3): checking transaction log (loop3)
[  147.113246][ T5308] REISERFS (device loop3): Using r5 hash to sort names
[  147.145787][ T5308] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  147.234306][ T5308] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 1 0(1) DIR], item_len 35, item_location 4029, free_space(entry_count) 2
[  147.262578][ T5308] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 540. Fsck?
[  147.283146][ T5308] REISERFS (device loop3): Remounting filesystem read-only
[  147.545649][ T4179] Bluetooth: hci5: sending frame failed (-49)
[  147.561746][ T5332] Bluetooth: hci5: Frame reassembly failed (-90)
[  147.955153][ T5341] bridge0: port 3(vlan2) entered blocking state
[  147.963198][ T5341] bridge0: port 3(vlan2) entered disabled state
[  148.625990][ T5361] loop3: detected capacity change from 0 to 128
[  148.731618][ T5361] EXT4-fs (loop3): Ignoring removed nobh option
[  148.772722][ T5361] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  148.809272][ T5361] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  149.119062][ T5356] loop1: detected capacity change from 0 to 40427
[  149.208103][ T5356] F2FS-fs (loop1): invalid crc value
[  149.272217][ T5356] F2FS-fs (loop1): Found nat_bits in checkpoint
[  149.390659][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  149.419179][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  149.434402][ T5374] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  149.466555][ T5356] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  149.483864][ T5374] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  149.605341][ T5040] Bluetooth: hci5: command 0x1003 tx timeout
[  149.606644][ T5378] netlink: 116 bytes leftover after parsing attributes in process `syz.0.322'.
[  149.623305][ T4179] Bluetooth: hci5: sending frame failed (-49)
[  149.649707][ T5366] loop2: detected capacity change from 0 to 32768
[  149.689872][ T5366] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.319 (5366)
[  149.754833][ T5366] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  149.796513][ T5366] BTRFS info (device loop2): setting nodatacow, compression disabled
[  149.824850][ T5366] BTRFS info (device loop2): setting datacow
[  149.839011][ T5366] BTRFS info (device loop2): doing ref verification
[  149.841626][ T4171] attempt to access beyond end of device
[  149.841626][ T4171] loop1: rw=524288, want=45072, limit=40427
[  149.866508][ T5366] BTRFS info (device loop2): force clearing of disk cache
[  149.883799][ T5366] BTRFS info (device loop2): turning off barriers
[  149.884286][ T4171] attempt to access beyond end of device
[  149.884286][ T4171] loop1: rw=0, want=45072, limit=40427
[  149.890624][ T5366] BTRFS info (device loop2): enabling ssd optimizations
[  149.918906][ T5366] BTRFS info (device loop2): using spread ssd allocation scheme
[  149.931921][ T5366] BTRFS info (device loop2): using free space tree
[  149.943667][ T5366] BTRFS info (device loop2): has skinny extents
[  150.080170][ T5396] tipc: Started in network mode
[  150.090198][ T5396] tipc: Node identity 4, cluster identity 4711
[  150.099599][ T5396] tipc: Node number set to 4
[  150.119081][ T4370] attempt to access beyond end of device
[  150.119081][ T4370] loop1: rw=2049, want=41088, limit=40427
[  150.182998][ T5366] BTRFS info (device loop2): clearing free space tree
[  150.190764][ T5366] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  150.202563][ T5366] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  150.264158][ T5366] BTRFS info (device loop2): creating free space tree
[  150.290133][ T5366] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  150.306832][ T5366] BTRFS info (device loop2): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  150.384714][   T26] audit: type=1800 audit(1742977486.341:63): pid=5366 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.319" name="file0" dev="loop2" ino=258 res=0 errno=0
[  150.708261][  T437] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.033456][  T437] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.119146][ T4171] syz-executor (4171) used greatest stack depth: 18904 bytes left
[  151.215775][  T437] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.246678][ T5048] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  151.333431][  T437] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.431387][ T5419] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4017050179 (64272802864 ns) > initial count (43813986880 ns). Using initial count to start timer.
[  151.459736][ T5419] kvm: pic: single mode not supported
[  151.460015][ T5419] kvm: pic: level sensitive irq not supported
[  151.622522][ T5048] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  151.682672][ T5048] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  151.712121][ T5048] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.805985][ T5047] Bluetooth: hci5: command 0x1001 tx timeout
[  151.823409][ T5048] usb 4-1: config 0 descriptor??
[  151.829007][  T146] Bluetooth: hci5: sending frame failed (-49)
[  151.875701][ T5048] pwc: Askey VC010 type 2 USB webcam detected.
[  151.989469][ T5427] device pim6reg1 entered promiscuous mode
[  152.041019][ T5416] loop0: detected capacity change from 0 to 32768
[  152.147591][ T5416] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.331 (5416)
[  152.241155][ T5416] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  152.276704][ T5416] BTRFS info (device loop0): setting nodatacow, compression disabled
[  152.320731][ T5416] BTRFS info (device loop0): max_inline at 0
[  152.381435][ T5416] BTRFS info (device loop0): enabling disk space caching
[  152.401696][ T5416] BTRFS info (device loop0): turning off barriers
[  152.418797][ T5416] BTRFS info (device loop0): turning on flush-on-commit
[  152.450074][ T5416] BTRFS info (device loop0): doing ref verification
[  152.503525][ T5416] BTRFS info (device loop0): force clearing of disk cache
[  152.513325][ T5416] BTRFS info (device loop0): enabling ssd optimizations
[  152.520471][ T5416] BTRFS info (device loop0): max_inline at 4096
[  152.531288][ T5416] BTRFS info (device loop0): disk space caching is enabled
[  152.532176][ T5048] pwc: recv_control_msg error -32 req 02 val 2700
[  152.538935][ T5416] BTRFS info (device loop0): has skinny extents
[  152.715858][ T5048] pwc: recv_control_msg error -32 req 02 val 2c00
[  152.902680][ T5048] pwc: recv_control_msg error -32 req 04 val 1000
[  152.991439][ T5048] pwc: recv_control_msg error -32 req 04 val 1300
[  153.038972][ T5423] chnl_net:caif_netlink_parms(): no params data found
[  153.052311][ T5048] pwc: recv_control_msg error -32 req 04 val 1400
[  153.060360][ T5416] BTRFS info (device loop0): clearing free space tree
[  153.068545][ T5416] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  153.085310][ T5416] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  153.123308][ T5048] pwc: recv_control_msg error -32 req 02 val 2000
[  153.172698][   T26] audit: type=1800 audit(1742977489.131:64): pid=5416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.331" name="file1" dev="loop0" ino=260 res=0 errno=0
[  153.277913][ T5423] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.280280][ T5472] overlayfs: cleanup linked index (index/#353, ino=353, nlink=2)
[  153.285183][ T5423] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.305618][   T26] audit: type=1800 audit(1742977489.261:65): pid=5476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.331" name="file1" dev="loop0" ino=260 res=0 errno=0
[  153.362648][ T5423] device bridge_slave_0 entered promiscuous mode
[  153.404950][ T5048] pwc: recv_control_msg error -71 req 04 val 1500
[  153.432199][ T5048] pwc: recv_control_msg error -71 req 02 val 2500
[  153.452163][ T5048] pwc: recv_control_msg error -71 req 02 val 2400
[  153.482377][ T5048] pwc: recv_control_msg error -71 req 02 val 2600
[  153.510571][ T5048] pwc: recv_control_msg error -71 req 02 val 2900
[  153.540750][ T5423] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.552142][ T5048] pwc: recv_control_msg error -71 req 02 val 2800
[  153.569331][ T5423] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.579400][ T5048] pwc: recv_control_msg error -71 req 04 val 1100
[  153.596328][ T5423] device bridge_slave_1 entered promiscuous mode
[  153.612380][ T5048] pwc: recv_control_msg error -71 req 04 val 1200
[  153.688128][ T5048] pwc: Registered as video103.
[  153.701589][ T5048] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input9
[  153.778955][ T5048] usb 4-1: USB disconnect, device number 6
[  153.832984][ T5096] Bluetooth: hci2: command 0x0409 tx timeout
[  153.914254][ T5097] Bluetooth: hci5: command 0x1009 tx timeout
[  153.921776][ T5485] netlink: 28 bytes leftover after parsing attributes in process `syz.2.338'.
[  153.960110][ T5485] netlink: 8 bytes leftover after parsing attributes in process `syz.2.338'.
[  153.987249][ T5423] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.016326][ T5423] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.360798][ T5423] team0: Port device team_slave_0 added
[  154.400426][ T5423] team0: Port device team_slave_1 added
[  154.640507][ T5423] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.649993][ T5423] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.685375][ T5423] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.891089][ T5423] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.907888][ T5423] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.962143][ T5423] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.968486][ T5515] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  154.987173][ T5514] netlink: 'syz.0.339': attribute type 10 has an invalid length.
[  154.990899][ T5515] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  155.006846][ T5514] bridge0: port 3(gretap0) entered disabled state
[  155.013945][ T5514] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.022981][ T5514] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.099841][ T5514] bridge0: port 3(gretap0) entered blocking state
[  155.107635][ T5514] bridge0: port 3(gretap0) entered forwarding state
[  155.118330][ T5514] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.125720][ T5514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.133772][ T5514] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.143053][ T5514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.239917][ T5514] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  155.277977][ T5520] netlink: 4 bytes leftover after parsing attributes in process `syz.0.339'.
[  155.289596][ T5520] device gretap0 left promiscuous mode
[  155.295759][ T5520] bridge0: port 3(gretap0) entered disabled state
[  155.304713][ T5520] device bridge_slave_1 left promiscuous mode
[  155.311033][ T5520] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.319816][ T5520] device bridge_slave_0 left promiscuous mode
[  155.326710][ T5520] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.389822][ T5520] bond0: (slave bridge0): Releasing backup interface
[  155.585064][ T5423] device hsr_slave_0 entered promiscuous mode
[  155.611595][ T5423] device hsr_slave_1 entered promiscuous mode
[  155.634565][ T5423] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.648371][ T5423] Cannot create hsr debugfs directory
[  155.896645][  T437] device hsr_slave_0 left promiscuous mode
[  155.919740][ T4216] Bluetooth: hci2: command 0x041b tx timeout
[  155.946829][  T437] device hsr_slave_1 left promiscuous mode
[  155.971460][  T437] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.000847][  T437] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.027605][  T437] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.049156][  T437] device bridge_slave_1 left promiscuous mode
[  156.073864][  T437] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.181386][  T437] device bridge_slave_0 left promiscuous mode
[  156.265751][ T5557] ieee802154 phy0 wpan0: encryption failed: -22
[  156.427291][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060171800: rx timeout, send abort
[  156.926307][  T437] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.937820][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060171800: abort rx timeout. Force session deactivation
[  157.052795][  T437] device veth1_macvtap left promiscuous mode
[  157.059949][  T437] device veth0_macvtap left promiscuous mode
[  157.066991][  T437] device veth1_vlan left promiscuous mode
[  157.073832][  T437] device veth0_vlan left promiscuous mode
[  157.370955][ T5571] loop2: detected capacity change from 0 to 1024
[  157.453135][ T5571] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  157.472520][ T5571] EXT4-fs (loop2): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  157.507811][ T5571] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[  157.519040][ T5571] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  157.536934][ T5571] EXT4-fs (loop2): Cannot use DAX on a filesystem that may contain inline data
[  157.667917][  T437] team0 (unregistering): Port device team_slave_1 removed
[  157.687648][  T437] team0 (unregistering): Port device team_slave_0 removed
[  157.701204][  T437] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.719491][  T437] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.802416][ T5578] ieee802154 phy0 wpan0: encryption failed: -22
[  158.373398][   T13] Bluetooth: hci2: command 0x040f tx timeout
[  159.678229][  T437] bond0 (unregistering): Released all slaves
[  160.014780][ T5598] loop0: detected capacity change from 0 to 32768
[  160.027414][ T5556] netlink: 116 bytes leftover after parsing attributes in process `syz.3.352'.
[  160.109794][ T5598] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.364 (5598)
[  160.167767][ T5423] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  160.185336][ T5598] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  160.194322][ T5598] BTRFS info (device loop0): max_inline at 0
[  160.200437][ T5598] BTRFS info (device loop0): enabling disk space caching
[  160.208349][ T5598] BTRFS info (device loop0): setting nodatasum
[  160.215909][ T5598] BTRFS info (device loop0): turning off barriers
[  160.218599][ T5423] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  160.222426][ T5598] BTRFS info (device loop0): turning on flush-on-commit
[  160.236479][ T5598] BTRFS info (device loop0): doing ref verification
[  160.243239][ T5598] BTRFS info (device loop0): force clearing of disk cache
[  160.250461][ T5598] BTRFS info (device loop0): enabling ssd optimizations
[  160.257530][ T5598] BTRFS info (device loop0): max_inline at 4096
[  160.259717][ T5423] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  160.263833][ T5598] BTRFS info (device loop0): disk space caching is enabled
[  160.263855][ T5598] BTRFS info (device loop0): has skinny extents
[  160.421641][ T5423] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  160.482797][ T4216] Bluetooth: hci2: command 0x0419 tx timeout
[  160.604919][ T5598] BTRFS info (device loop0): clearing free space tree
[  160.611781][ T5598] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  160.622029][ T5598] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  160.818396][ T5598] BTRFS info (device loop0): balance: start -sdrange=5..255
[  160.842758][ T5598] BTRFS info (device loop0): relocating block group 1048576 flags system
[  160.903937][ T5598] BTRFS info (device loop0): balance: ended with status: 0
[  161.128978][ T5423] 8021q: adding VLAN 0 to HW filter on device bond0
[  161.234211][ T4550] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  161.243496][ T4550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  161.362906][ T5423] 8021q: adding VLAN 0 to HW filter on device team0
[  161.489848][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  161.507691][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  161.569670][ T4401] bridge0: port 1(bridge_slave_0) entered blocking state
[  161.576854][ T4401] bridge0: port 1(bridge_slave_0) entered forwarding state
[  161.607083][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  161.691916][ T5605] loop3: detected capacity change from 0 to 32768
[  161.741783][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  161.806747][ T4401] bridge0: port 2(bridge_slave_1) entered blocking state
[  161.813909][ T4401] bridge0: port 2(bridge_slave_1) entered forwarding state
[  161.901286][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  161.913999][ T5605] JBD2: Ignoring recovery information on journal
[  161.986978][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  162.091782][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  162.115072][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  162.140022][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  162.172442][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  162.187451][ T5605] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  162.191084][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  162.216393][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  162.271001][ T5423] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  162.331325][ T5423] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  162.343694][ T5605] Invalid ELF header len 16
[  162.398746][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  162.417975][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  162.448763][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  162.477468][ T4177] ocfs2: Unmounting device (7,3) on (node local)
[  162.502953][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  162.553700][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  162.740799][ T5653] loop2: detected capacity change from 0 to 40427
[  162.822232][ T5047] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  162.843448][ T5653] F2FS-fs (loop2): invalid crc value
[  162.864236][ T5653] F2FS-fs (loop2): Found nat_bits in checkpoint
[  162.955609][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  162.969117][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  163.005754][ T5423] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.051188][ T5679] ubi31: attaching mtd0
[  163.072101][ T5047] usb 1-1: Using ep0 maxpacket: 16
[  163.077781][ T5679] ubi31: scanning is finished
[  163.092994][ T5653] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  163.123466][ T5679] ubi31: empty MTD device detected
[  163.192496][ T5047] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  163.201361][ T5047] usb 1-1: config 0 has no interface number 0
[  163.235154][ T4167] attempt to access beyond end of device
[  163.235154][ T4167] loop2: rw=2049, want=45104, limit=40427
[  163.362561][ T5679] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  163.370159][ T5679] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  163.402373][ T5047] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  163.408243][ T5679] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  163.427160][ T5047] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.439241][ T5679] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  163.475811][ T5047] usb 1-1: Product: syz
[  163.482257][ T5679] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  163.489237][ T5679] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  163.493461][ T5047] usb 1-1: Manufacturer: syz
[  163.529363][ T5047] usb 1-1: SerialNumber: syz
[  163.542519][ T5679] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1696227071
[  163.559775][ T5047] usb 1-1: config 0 descriptor??
[  163.592083][ T5679] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  163.624616][ T5047] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  163.654385][ T5691] ubi31: background thread "ubi_bgt31d" started, PID 5691
[  163.755899][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  163.783973][ T4428] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  163.904053][ T4550] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  163.941921][ T4550] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  163.971117][ T4550] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  163.990447][ T4550] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  164.027427][ T5423] device veth0_vlan entered promiscuous mode
[  164.093201][ T5423] device veth1_vlan entered promiscuous mode
[  164.142181][ T5047] gspca_spca1528: reg_w err -71
[  164.162324][ T4211] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  164.172321][ T5047] spca1528: probe of 1-1:0.1 failed with error -71
[  164.191330][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  164.195022][ T5047] usb 1-1: USB disconnect, device number 6
[  164.224883][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  164.270352][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  164.296599][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  164.339719][ T5423] device veth0_macvtap entered promiscuous mode
[  164.355511][ T5423] device veth1_macvtap entered promiscuous mode
[  164.390316][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.451654][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.476763][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.513910][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.548836][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.578706][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.615133][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.661295][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.712530][ T4211] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.730264][ T4211] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.740322][ T4211] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  164.787582][ T5423] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.799161][ T4211] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  164.828054][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  164.834243][ T4211] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  164.847957][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  164.880706][ T4211] usb 4-1: config 0 descriptor??
[  164.887757][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  164.924339][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  164.978132][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.001639][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.042206][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.096936][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.140550][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.180873][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.219748][ T5423] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.251281][ T5423] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.283642][ T5423] batman_adv: batadv0: Interface activated: batadv_slave_1
[  165.312166][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  165.329075][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  165.402318][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.409773][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.427975][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.436885][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.449115][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.458352][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.470926][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.471108][ T5423] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  165.494067][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.501796][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.516188][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.522056][ T5423] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  165.525810][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.542036][ T5423] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  165.549125][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.550849][ T5423] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.559213][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.581679][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.590175][ T4211] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  165.605703][ T4211] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  165.627017][ T4211] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  165.880138][ T5734] netlink: 4 bytes leftover after parsing attributes in process `syz.0.379'.
[  165.970310][ T4286] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.000883][ T4286] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.060455][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  166.094624][ T4286] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  166.122471][ T4286] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  166.171937][ T4286] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  166.732124][   T13] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  166.794305][ T4211] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  167.032320][   T13] usb 5-1: Using ep0 maxpacket: 32
[  167.222679][ T5042] usb 4-1: reset high-speed USB device number 7 using dummy_hcd
[  167.322515][ T4211] usb 6-1: unable to get BOS descriptor or descriptor too short
[  167.542656][ T4211] usb 6-1: unable to read config index 0 descriptor/start: -71
[  167.625770][ T4211] usb 6-1: can't read configurations, error -71
[  167.907460][   T13] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  167.978119][   T13] usb 5-1: config 0 has no interface number 0
[  168.024822][   T13] usb 5-1: config 0 interface 12 has no altsetting 0
[  168.275607][   T13] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  168.305382][   T13] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.376535][   T13] usb 5-1: Product: syz
[  168.380743][   T13] usb 5-1: Manufacturer: syz
[  168.425105][   T13] usb 5-1: SerialNumber: syz
[  168.463203][   T13] usb 5-1: config 0 descriptor??
[  169.267907][ T5798] ieee802154 phy0 wpan0: encryption failed: -22
[  170.822124][ T5042] usb 4-1: device descriptor read/64, error -71
[  171.029581][ T5811] loop6: detected capacity change from 0 to 16384
[  171.196885][ T5820] loop5: detected capacity change from 0 to 2048
[  171.220402][  T263] print_req_error: 24 callbacks suppressed
[  171.220420][  T263] blk_update_request: I/O error, dev loop6, sector 256 op 0x1:(WRITE) flags 0x8800 phys_seg 16 prio class 0
[  171.292258][   T13] f81534 5-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71
[  171.315003][   T13] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71
[  171.362833][   T13] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  171.371404][   T13] f81534: probe of 5-1:0.12 failed with error -71
[  171.406749][   T13] usb 5-1: USB disconnect, device number 2
[  171.684985][ T5820] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000007,mb_optimize_scan=0x0000000000000001,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  171.786626][ T5047] usb 4-1: USB disconnect, device number 7
[  173.388216][ T5423] EXT4-fs warning (device loop5): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 1768304430
[  173.482271][ T5423] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6183: Out of memory
[  173.527993][ T5423] EXT4-fs warning (device loop5): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 3171692
[  173.552822][ T5845] loop2: detected capacity change from 0 to 1024
[  173.561457][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  173.600603][ T5423] EXT4-fs warning (device loop5): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 1768304430
[  173.670836][ T5423] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6183: Out of memory
[  173.780274][ T5423] EXT4-fs warning (device loop5): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 3171692
[  173.832404][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  173.860251][ T5423] EXT4-fs warning (device loop5): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 3171692
[  175.812224][ T5853] ieee802154 phy0 wpan0: encryption failed: -22
[  176.165850][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  176.232316][ T5827] EXT4-fs warning (device loop5): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 1768304430
[  176.256149][ T5423] EXT4-fs warning (device loop5): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 3171692
[  176.269576][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  176.313034][ T5423] EXT4-fs warning (device loop5): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 3171692
[  176.365922][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  176.414884][ T5423] EXT4-fs warning (device loop5): ext4_read_block_bitmap_nowait:485: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 1768304430
[  176.451914][ T5423] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6183: Out of memory
[  176.468126][ T5423] EXT4-fs warning (device loop5): ext4_read_inode_bitmap:149: Cannot read inode bitmap - block_group = 0, inode_bitmap = 3171692
[  176.509117][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  176.518996][ T5423] EXT4-fs error (device loop5) in ext4_free_inode:362: Out of memory
[  176.552486][ T5865] loop2: detected capacity change from 0 to 256
[  176.685083][ T5865] FAT-fs (loop2): Directory bread(block 64) failed
[  176.693981][ T5865] FAT-fs (loop2): Directory bread(block 65) failed
[  176.700899][ T5865] FAT-fs (loop2): Directory bread(block 66) failed
[  176.707675][ T5865] FAT-fs (loop2): Directory bread(block 67) failed
[  176.714780][ T5865] FAT-fs (loop2): Directory bread(block 68) failed
[  176.722281][ T5865] FAT-fs (loop2): Directory bread(block 69) failed
[  176.729498][ T5865] FAT-fs (loop2): Directory bread(block 70) failed
[  176.736278][ T5865] FAT-fs (loop2): Directory bread(block 71) failed
[  176.743032][ T5865] FAT-fs (loop2): Directory bread(block 72) failed
[  176.749591][ T5865] FAT-fs (loop2): Directory bread(block 73) failed
[  177.932231][ T5042] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  178.312608][ T5042] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  178.321573][ T5042] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  178.337078][ T5042] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  178.346483][ T5042] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  178.361644][ T5042] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  178.492964][ T5042] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  178.503213][ T5042] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  178.511288][ T5042] usb 4-1: Product: syz
[  178.515639][ T5042] usb 4-1: Manufacturer: syz
[  178.532123][ T5095] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  178.563204][ T5042] cdc_wdm 4-1:1.0: skipping garbage
[  178.570260][ T5042] cdc_wdm 4-1:1.0: skipping garbage
[  178.604403][ T5042] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  178.610509][ T5042] cdc_wdm 4-1:1.0: Unknown control protocol
[  178.793393][ T5042] usb 4-1: USB disconnect, device number 8
[  179.124545][ T5095] usb 5-1: Using ep0 maxpacket: 32
[  181.142316][ T5902] ieee802154 phy0 wpan0: encryption failed: -22
[  181.563825][ T4216] Bluetooth: hci2: command 0x0405 tx timeout
[  181.585904][ T5905] tipc: Started in network mode
[  181.590827][ T5905] tipc: Node identity 7f000001, cluster identity 4711
[  181.620734][ T5909] loop5: detected capacity change from 0 to 8
[  181.641544][ T5905] tipc: Enabled bearer <udp:syz2>, priority 10
[  181.682376][ T5095] usb 5-1: device descriptor read/all, error -71
[  181.723040][ T5899] loop0: detected capacity change from 0 to 8192
[  181.744177][ T5909] SQUASHFS error: Failed to read block 0x62b: -5
[  181.771759][ T5909] SQUASHFS error: Unable to read metadata cache entry [629]
[  181.820892][ T5909] SQUASHFS error: Unable to read inode 0x11f
[  181.945589][ T5918] loop4: detected capacity change from 0 to 2048
[  182.395745][ T5042] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  182.518072][ T5918] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  182.705778][ T5097] tipc: Node number set to 2130706433
[  183.412397][ T5042] usb 3-1: config 0 has an invalid interface number: 217 but max is 0
[  183.451110][ T5042] usb 3-1: config 0 has no interface number 0
[  183.632437][ T5042] usb 3-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  183.672635][ T5042] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.681513][ T5954] process 'syz.5.423' launched './file0' with NULL argv: empty string added
[  183.705456][ T5042] usb 3-1: Product: syz
[  183.721828][ T5042] usb 3-1: Manufacturer: syz
[  183.757344][ T5042] usb 3-1: SerialNumber: syz
[  183.800388][ T5042] usb 3-1: config 0 descriptor??
[  183.854599][ T5042] hub 3-1:0.217: bad descriptor, ignoring hub
[  183.876863][ T5042] hub: probe of 3-1:0.217 failed with error -5
[  185.038716][ T5977] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  185.082221][ T5042] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in cold state, will try to load a firmware
[  185.212807][ T5042] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  185.236249][ T5042] dib0700: firmware download failed at 7 with -22
[  185.307963][ T5042] usb 3-1: USB disconnect, device number 9
[  186.082590][ T5095] Bluetooth: hci1: command 0x0406 tx timeout
[  186.121656][ T5095] Bluetooth: hci4: command 0x0406 tx timeout
[  186.182520][ T5095] Bluetooth: hci0: command 0x0406 tx timeout
[  186.263379][ T5095] Bluetooth: hci3: command 0x0406 tx timeout
[  187.565443][ T6002] ieee802154 phy0 wpan0: encryption failed: -22
[  188.547603][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.2.434'.
[  189.877096][ T6029] loop2: detected capacity change from 0 to 256
[  190.101566][ T6029] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  191.477700][ T6045] loop3: detected capacity change from 0 to 512
[  192.589775][ T6045] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  192.613204][ T6051] loop0: detected capacity change from 0 to 512
[  192.682023][ T6045] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  192.787467][ T6045] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  192.847492][ T6051] EXT4-fs (loop0): Mount option "data_err=abort" incompatible with ext2
[  193.769374][ T6045] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  193.844793][ T6045] System zones: 0-2, 18-18, 34-34
[  193.906290][ T6051] loop0: detected capacity change from 0 to 128
[  193.923927][ T6045] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  193.960213][ T6074] netlink: 120 bytes leftover after parsing attributes in process `syz.5.447'.
[  193.975603][ T6051] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  194.011890][ T6074] Invalid option length (1047411) for dns_resolver key
[  194.028892][ T6051] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  194.041101][ T6045] EXT4-fs (loop3): 1 truncate cleaned up
[  194.058591][ T6045] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  194.070641][  T146] block nbd2: Receive control failed (result -107)
[  194.110673][ T6079] nbd2: detected capacity change from 0 to 72456
[  194.162248][   T26] audit: type=1800 audit(1742977530.111:66): pid=6045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.440" name="file1" dev="loop3" ino=15 res=0 errno=0
[  194.185935][  T150] block nbd2: Dead connection, failed to find a fallback
[  194.193713][  T150] block nbd2: shutting down sockets
[  194.201684][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.214451][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.224773][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.246912][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.253022][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  194.260936][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  194.283310][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.294228][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.302615][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.313605][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.321694][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.332603][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.340538][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.341699][   T26] audit: type=1800 audit(1742977530.181:67): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.440" name="file2" dev="loop3" ino=16 res=0 errno=0
[  194.351541][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.384752][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.395665][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.404048][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.415379][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.423670][ T6076] ldm_validate_partition_table(): Disk read failed.
[  194.432037][  T263] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.443163][  T263] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.455210][  T150] blk_update_request: I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  194.466205][  T150] Buffer I/O error on dev nbd2, logical block 0, async page read
[  194.476258][ T6076] Dev nbd2: unable to read RDB block 0
[  194.506760][ T6076]  nbd2: unable to read partition table
[  194.544699][ T4428] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  194.715891][ T5048] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  194.972181][ T5048] usb 6-1: Using ep0 maxpacket: 8
[  195.842699][   T26] audit: type=1800 audit(1742977531.781:68): pid=6045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.440" name="file1" dev="loop3" ino=15 res=0 errno=0
[  196.374003][ T5048] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  196.504928][ T5048] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.744536][ T5048] usb 6-1: Product: syz
[  196.944858][ T5048] usb 6-1: Manufacturer: syz
[  196.949498][ T5048] usb 6-1: SerialNumber: syz
[  196.957594][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.0.455'.
[  197.041914][ T5048] usb 6-1: config 0 descriptor??
[  197.267859][ T5048] dvb_usb_rtl28xxu 6-1:0.0: chip type detection failed -71
[  197.281553][ T5048] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -71
[  197.326328][ T5048] usb 6-1: USB disconnect, device number 4
[  198.075553][ T5095] Bluetooth: hci2: command 0x0405 tx timeout
[  198.290154][ T6148] netlink: 72 bytes leftover after parsing attributes in process `syz.5.461'.
[  198.589961][   T26] audit: type=1326 audit(1742977534.541:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.672372][   T26] audit: type=1326 audit(1742977534.541:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.734053][   T26] audit: type=1326 audit(1742977534.541:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.802037][   T26] audit: type=1326 audit(1742977534.541:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.845545][   T26] audit: type=1326 audit(1742977534.541:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.883635][   T26] audit: type=1326 audit(1742977534.571:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.918877][   T26] audit: type=1326 audit(1742977534.571:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6153 comm="syz.3.464" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf97e37169 code=0x7ffc0000
[  198.952908][ T5097] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  199.452351][ T5097] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  199.492008][ T5097] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  199.512771][ T5097] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  199.570556][ T5097] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.642690][ T6161] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  199.958200][ T6189] loop5: detected capacity change from 0 to 40427
[  200.654038][ T4212] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  200.672341][ T5097] usb 1-1: USB disconnect, device number 7
[  200.875778][ T6198] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  200.927160][ T6189] F2FS-fs (loop5): invalid crc value
[  201.008318][ T6189] F2FS-fs (loop5): Found nat_bits in checkpoint
[  201.063520][ T6189] F2FS-fs (loop5): Start checkpoint disabled!
[  201.095573][ T6189] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  201.118974][ T6206] kvm: pic: non byte read
[  201.124883][ T6206] kvm: pic: level sensitive irq not supported
[  201.124965][ T6206] kvm: pic: non byte read
[  201.136508][ T6206] kvm: pic: level sensitive irq not supported
[  201.136612][ T6206] kvm: pic: non byte read
[  202.676133][ T6210] ODEBUG: Out of memory. ODEBUG disabled
[  202.774601][ T6210] syz.5.469 (6210): drop_caches: 2
[  203.014310][  T437] attempt to access beyond end of device
[  203.014310][  T437] loop5: rw=2049, want=40976, limit=40427
[  203.152099][ T4212] usb 4-1: unable to read config index 0 descriptor/start: -71
[  203.183304][ T4212] usb 4-1: can't read configurations, error -71
[  204.220849][ T4258] udevd[4258]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  205.170778][ T5095] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  205.603064][ T5095] usb 3-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.00
[  205.719700][ T5095] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.005583][ T5095] usb 3-1: config 0 descriptor??
[  206.112233][ T5095] usb 3-1: can't set config #0, error -71
[  206.178835][ T5095] usb 3-1: USB disconnect, device number 10
[  206.330161][ T6254] capability: warning: `syz.0.483' uses deprecated v2 capabilities in a way that may be insecure
[  206.471299][ T6262] device syzkaller0 entered promiscuous mode
[  208.134547][ T6253] loop2: detected capacity change from 0 to 32768
[  208.365855][ T6291] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  209.372580][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  209.372601][   T26] audit: type=1800 audit(1742977545.301:77): pid=6253 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.484" name="file2" dev="loop2" ino=13 res=0 errno=0
[  209.407929][ T6253] ================================================================================
[  209.459849][ T6253] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dtree.c:1598:11
[  209.496283][ T6253] index 27 is out of range for type 'struct lv[20]'
[  209.536859][ T6253] CPU: 0 PID: 6253 Comm: syz.2.484 Not tainted 5.15.179-syzkaller #0
[  209.544982][ T6253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  209.555080][ T6253] Call Trace:
[  209.558380][ T6253]  <TASK>
[  209.561330][ T6253]  dump_stack_lvl+0x1e3/0x2d0
[  209.566061][ T6253]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  209.571728][ T6253]  ? panic+0x860/0x860
[  209.575832][ T6253]  ? dtInsert+0x6b00/0x6b00
[  209.580362][ T6253]  __ubsan_handle_out_of_bounds+0x118/0x140
[  209.586297][ T6253]  dtSplitPage+0x3e56/0x3ec0
[  209.590985][ T6253]  ? dtSplitRoot+0x1920/0x1920
[  209.595787][ T6253]  ? dbNextAG+0x630/0x630
[  209.600240][ T6253]  ? dtInsert+0x881/0x6b00
[  209.604698][ T6253]  dtInsert+0x14fc/0x6b00
[  209.609054][ T6253]  ? kfree+0xf1/0x270
[  209.613107][ T6253]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  209.619127][ T6253]  ? UniStrupr+0x2c0/0x2c0
[  209.623584][ T6253]  ? kasan_quarantine_put+0xd4/0x220
[  209.628900][ T6253]  ? lockdep_hardirqs_on+0x94/0x130
[  209.634144][ T6253]  ? dtSearch+0x1d56/0x2500
[  209.638688][ T6253]  ? kfree+0xf1/0x270
[  209.642765][ T6253]  jfs_rename+0xafa/0x1cb0
[  209.647216][ T6253]  ? __lock_acquire+0x1295/0x1ff0
[  209.652275][ T6253]  ? jfs_mknod+0xa50/0xa50
[  209.656796][ T6253]  ? do_raw_spin_unlock+0x137/0x8b0
[  209.662023][ T6253]  ? memcpy+0x3c/0x60
[  209.666040][ T6253]  vfs_rename+0xd32/0x10f0
[  209.670505][ T6253]  ? __ia32_sys_link+0x90/0x90
[  209.675317][ T6253]  ? security_path_rename+0x207/0x2a0
[  209.680737][ T6253]  do_renameat2+0xe0f/0x1700
[  209.685409][ T6253]  ? fsnotify_move+0x4f0/0x4f0
[  209.690225][ T6253]  ? __virt_addr_valid+0x3bb/0x460
[  209.695373][ T6253]  ? 0xffffffff81000000
[  209.699656][ T6253]  ? __check_object_size+0x300/0x410
[  209.705001][ T6253]  ? getname_flags+0x1ec/0x4e0
[  209.709805][ T6253]  ? lockdep_hardirqs_on+0x94/0x130
[  209.715044][ T6253]  __x64_sys_rename+0x82/0x90
[  209.719751][ T6253]  do_syscall_64+0x3b/0xb0
[  209.724195][ T6253]  ? clear_bhb_loop+0x15/0x70
[  209.728900][ T6253]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  209.734818][ T6253] RIP: 0033:0x7f5ae8e61169
[  209.739256][ T6253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.758885][ T6253] RSP: 002b:00007f5ae6cca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  209.767332][ T6253] RAX: ffffffffffffffda RBX: 00007f5ae9079fa0 RCX: 00007f5ae8e61169
[  209.775332][ T6253] RDX: 0000000000000000 RSI: 0000200000000f40 RDI: 0000200000000300
[  209.783330][ T6253] RBP: 00007f5ae8ee22a0 R08: 0000000000000000 R09: 0000000000000000
[  209.791327][ T6253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  209.799323][ T6253] R13: 0000000000000000 R14: 00007f5ae9079fa0 R15: 00007ffc005adf98
[  209.807337][ T6253]  </TASK>
[  209.884607][ T6253] ================================================================================
[  209.912004][ T6253] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  209.919240][ T6253] CPU: 0 PID: 6253 Comm: syz.2.484 Not tainted 5.15.179-syzkaller #0
[  209.927331][ T6253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  209.937515][ T6253] Call Trace:
[  209.940816][ T6253]  <TASK>
[  209.943765][ T6253]  dump_stack_lvl+0x1e3/0x2d0
[  209.948486][ T6253]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  209.954143][ T6253]  ? panic+0x860/0x860
[  209.958250][ T6253]  panic+0x318/0x860
[  209.962166][ T6253]  ? check_panic_on_warn+0x1d/0xa0
[  209.967306][ T6253]  ? fb_is_primary_device+0xd0/0xd0
[  209.972532][ T6253]  ? dump_stack_lvl+0x24f/0x2d0
[  209.977426][ T6253]  check_panic_on_warn+0x7e/0xa0
[  209.982391][ T6253]  __ubsan_handle_out_of_bounds+0x138/0x140
[  209.988318][ T6253]  dtSplitPage+0x3e56/0x3ec0
[  209.993006][ T6253]  ? dtSplitRoot+0x1920/0x1920
[  209.997795][ T6253]  ? dbNextAG+0x630/0x630
[  210.002159][ T6253]  ? dtInsert+0x881/0x6b00
[  210.006698][ T6253]  dtInsert+0x14fc/0x6b00
[  210.011048][ T6253]  ? kfree+0xf1/0x270
[  210.015089][ T6253]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  210.021092][ T6253]  ? UniStrupr+0x2c0/0x2c0
[  210.025534][ T6253]  ? kasan_quarantine_put+0xd4/0x220
[  210.030842][ T6253]  ? lockdep_hardirqs_on+0x94/0x130
[  210.036086][ T6253]  ? dtSearch+0x1d56/0x2500
[  210.040616][ T6253]  ? kfree+0xf1/0x270
[  210.044689][ T6253]  jfs_rename+0xafa/0x1cb0
[  210.049224][ T6253]  ? __lock_acquire+0x1295/0x1ff0
[  210.054272][ T6253]  ? jfs_mknod+0xa50/0xa50
[  210.058760][ T6253]  ? do_raw_spin_unlock+0x137/0x8b0
[  210.063983][ T6253]  ? memcpy+0x3c/0x60
[  210.068080][ T6253]  vfs_rename+0xd32/0x10f0
[  210.072536][ T6253]  ? __ia32_sys_link+0x90/0x90
[  210.077329][ T6253]  ? security_path_rename+0x207/0x2a0
[  210.082736][ T6253]  do_renameat2+0xe0f/0x1700
[  210.087379][ T6253]  ? fsnotify_move+0x4f0/0x4f0
[  210.092187][ T6253]  ? __virt_addr_valid+0x3bb/0x460
[  210.097415][ T6253]  ? 0xffffffff81000000
[  210.101599][ T6253]  ? __check_object_size+0x300/0x410
[  210.106934][ T6253]  ? getname_flags+0x1ec/0x4e0
[  210.111731][ T6253]  ? lockdep_hardirqs_on+0x94/0x130
[  210.116967][ T6253]  __x64_sys_rename+0x82/0x90
[  210.121685][ T6253]  do_syscall_64+0x3b/0xb0
[  210.126120][ T6253]  ? clear_bhb_loop+0x15/0x70
[  210.130826][ T6253]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  210.136755][ T6253] RIP: 0033:0x7f5ae8e61169
[  210.141211][ T6253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.160867][ T6253] RSP: 002b:00007f5ae6cca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  210.169313][ T6253] RAX: ffffffffffffffda RBX: 00007f5ae9079fa0 RCX: 00007f5ae8e61169
[  210.177312][ T6253] RDX: 0000000000000000 RSI: 0000200000000f40 RDI: 0000200000000300
[  210.185308][ T6253] RBP: 00007f5ae8ee22a0 R08: 0000000000000000 R09: 0000000000000000
[  210.193300][ T6253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.201293][ T6253] R13: 0000000000000000 R14: 00007f5ae9079fa0 R15: 00007ffc005adf98
[  210.209326][ T6253]  </TASK>
[  210.212640][ T6253] Kernel Offset: disabled
[  210.217410][ T6253] Rebooting in 86400 seconds..