last executing test programs:

8m25.69652742s ago: executing program 1 (id=653):
socket$packet(0x11, 0x3, 0x300)
r0 = socket(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, 0x0, 0x0}, 0x20)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
finit_module(0xffffffffffffffff, 0x0, 0x2)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000100)={'bond0\x00', {0x2, 0x4e22, @multicast1}})
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400", @ANYRES16=r6, @ANYBLOB], 0x14}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r7, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
sendmsg$nl_route_sched(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x2040d0, &(0x7f0000000640), 0xfb, 0x4dd, &(0x7f0000001e80)="$eJzs3U9sFNUfAPDvbLst/360P378VJBIFY3EPwUKCgcT/yQmXjQmesCDh1oKQRZqaE2ENFINwYuJkng3Gj2YePHiwZMno55MvHjQuyESw0X0tGZmZ7fLdne7lG23pZ9PMuybmTf73ndmHjPz3u42gHVrJP0nidgSEb9GxFBEFBozjFRerl+bnfj72uxEEuXyS38m6Wbx17XZiWrWJH/dXJnpT18KF5N4qkm50+fOnxovlSbP5vP7Zk6/sW/63PlHT54ePzF5YvLM2JEjhw4eOPz42GNdifO/aV13vj21a8dzr1x+fuLo5dd++DKpq/R8HIWulBdRjLm6fdLogS6Vslr8py6d9LfN2q0dTBcMRmQNtZi1/6Hou7i1tm4onn235Yblcrm8QnUElkfajMdar54rA7exJHpdA6A3qhf69Pl3KGYn6p/n14OrT1cegNK4r+dT5aGnv/agWmx4vu2m2Yg4OvfPx+kUDf0pAADL4dv0/ueRyn1HdaqsKcQddfm2Zv3BGyqdxRGxLSL+l0Rsj4j/R2R574yIu26y/JGG+YX3P4UrNx9V59L7vyfysa3qlJdbzTLcl8+l94DDUUyOnyxN7s/3yd4oDqbzB5q+exLZIFD8/EGr8kfq7v/SKS2/ei+YGcynOsfGZ8ZvPfKKq+9E7OxvFn9SPdTZGNaOiNi5xDJOPvTFrsj6GqtL+mrrFo0/NdfijduPM3Wk/EnEg5XjPxcN8Vcl9eOTu+PG8ck/0lhKk/v3Vc+KhX786dKLrcrvKP5llB7/TU3P/1r8w0n9eO30grcoLlbGpd/ea/lMMxLxZLSNv3Clv8n5P5C8nKUH8mVvjc/MnD0wPz+/vH/mbF0Hd5ZvbD5/Gv/ePc3b/7aY3xN315V/T0Tszo/dvRFxX0TsaRP/98/c/3qb+Jdy/Dcssr5jX33e92o2Ft3J8a8eh8qJUDsj8kS6y081W9V36rtvWpW/ePzp8T+UpfbmSzr5/69ZBZsllrjbAAAAYE0pRMSWSAqjtXShMDpa+Qz/9thUKE1Nzzx8fOrNM8cq3xEYjmKh2tM1lM9H3v85XJnPnr7H8m6hC1EciIjJg/ln8D/q25j1n45OTJWO9Tp4WOc2t2j/qd/7el07YNl1YRwNWKPatf9PD69gRYAV19H1f3DJWwKr2IJWfOOvVvjBBriNuYrD+tWs/V/oQT2Aldf6+j/p1gBuc7VG/mEHmQfmk41f3gTWHhd5WL8Wb/8vLNfvXwG909GX5FdVIkluWBKfRbTfKll6WRt6t3/e7/V+XiwRhVVRjSUnxm9t88HuV2xj3iZb5env+FctzpUvjJdKv3x9K/Vp88crAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1pB/AwAA//9oid3y")

8m24.741451746s ago: executing program 0 (id=655):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = socket(0xa, 0x801, 0x0)
getsockopt(r3, 0x0, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f00000000c0)=0x54)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYRES8=0x0], 0x1, 0x5514, &(0x7f000000b2c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")

8m22.578468071s ago: executing program 1 (id=657):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r3}, 0x18)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}, {0xe}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8}]}}]}, 0x38}}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x2000000000903, 0x1, 0x1}, 0x20)
socket$netlink(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")

8m17.147760639s ago: executing program 0 (id=660):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x2000000000903, 0x1, 0x1}, 0x20)
socket$netlink(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004880)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003080)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3, 0xf9}]}}}], 0x18}}], 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e14000580"], 0x80}}, 0x0)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
fcntl$setpipe(r5, 0x407, 0x2000000)

8m16.823159004s ago: executing program 1 (id=663):
r0 = socket$packet(0x11, 0xa, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000894)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000180)=0xa, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88b81, 0x0)
getpeername$packet(r0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=ANY=[@ANYBLOB="02000000040000000400000022bf000080040000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
mmap(&(0x7f0000f9f000/0x4000)=nil, 0x4000, 0x0, 0x13, r5, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

8m13.221908212s ago: executing program 0 (id=667):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000003c0)={@cgroup, 0x1f, 0x0, 0x0, &(0x7f0000000000)=[0x0], 0x1, 0x0, &(0x7f0000000100)=[0x0], &(0x7f0000000240)=[0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0]}, 0x40)
getgroups(0x0, 0x0)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32313b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

8m12.872933528s ago: executing program 1 (id=668):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r1, 0xf50f, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x4c}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
socket(0x80000000000000a, 0x2, 0x0)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

8m10.053051114s ago: executing program 1 (id=670):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$nl_rdma(0x10, 0x3, 0x14)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000"], 0x3c}}, 0x10)

8m9.003709101s ago: executing program 1 (id=672):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000540)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @broadcast}, 0x4}}, 0x26)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="180200000000000200000000000000008500000017000000950000000000"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r7, r6, 0x25, 0x0, @val=@netkit={@void, @value=r7}}, 0x1c)

8m8.773596605s ago: executing program 0 (id=673):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ptrace$poke(0x4, r0, &(0x7f0000000300), 0x1)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x18)
r4 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r4, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

8m6.800547567s ago: executing program 0 (id=677):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0x2000018)
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x14000, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="02000000040000"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl0\x00', 0x0, 0x29, 0x0, 0x6f, 0x8, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, @local, 0x1, 0x40, 0x1000, 0x9}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r2}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x1214040, 0x0)
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

8m4.597896083s ago: executing program 0 (id=679):
syz_usb_connect$uac1(0x4, 0x99, &(0x7f0000000080)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x87, 0x3, 0x1, 0x8, 0x20, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0xaa}, [@extension_unit={0xd, 0x24, 0x8, 0x5, 0x3, 0x4, "67c05dd06dce"}, @selector_unit={0x8, 0x24, 0x5, 0x3, 0xe, "2d9e06"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xa, 0xb, 0x0, {0x7, 0x25, 0x1, 0x0, 0xc, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x0, 0x2, 0x0, 0xff}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x6, 0x4, 0xf, 0x10, "", "a8cf2d"}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x6, 0x8, 0x0, {0x7, 0x25, 0x1, 0x1, 0x5, 0x5}}}}}}}]}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x9}, 0x1c)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

7m53.946194066s ago: executing program 32 (id=672):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x275a, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000540)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @broadcast}, 0x4}}, 0x26)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r6=>0x0})
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="180200000000000200000000000000008500000017000000950000000000"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r7, r6, 0x25, 0x0, @val=@netkit={@void, @value=r7}}, 0x1c)

7m49.41687124s ago: executing program 33 (id=679):
syz_usb_connect$uac1(0x4, 0x99, &(0x7f0000000080)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x87, 0x3, 0x1, 0x8, 0x20, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0xaa}, [@extension_unit={0xd, 0x24, 0x8, 0x5, 0x3, 0x4, "67c05dd06dce"}, @selector_unit={0x8, 0x24, 0x5, 0x3, 0xe, "2d9e06"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xa, 0xb, 0x0, {0x7, 0x25, 0x1, 0x0, 0xc, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x0, 0x2, 0x0, 0xff}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x6, 0x4, 0xf, 0x10, "", "a8cf2d"}]}, {{0x9, 0x5, 0x82, 0x9, 0x10, 0x6, 0x8, 0x0, {0x7, 0x25, 0x1, 0x1, 0x5, 0x5}}}}}}}]}}, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
r1 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x2, @dev={0xfe, 0x80, '\x00', 0x1d}, 0x9}, 0x1c)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

34.48862019s ago: executing program 3 (id=1664):
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000100)=0x100, 0x4)
write$binfmt_script(r4, &(0x7f00000000c0), 0x28)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/102, 0x66}], 0x1)

31.782661784s ago: executing program 3 (id=1670):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_opts(r0, 0x29, 0x4d, 0x0, 0x8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmsg(r0, 0x0, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001500)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r2, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x84000)
syz_open_procfs$namespace(0x0, &(0x7f0000000240)='ns/user\x00')
tee(r1, r4, 0xfffffffffffffc01, 0x0)
tee(r1, r4, 0x60000000000, 0x0)

30.121144721s ago: executing program 3 (id=1672):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f00000022c0)="cbffd2b73e3ea27f49aea39a117a73e691bd2b", 0x13}], 0x1}, 0x44)
sendmsg$sock(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001040)="2eec", 0x2}], 0x1}, 0x8000)

29.874033184s ago: executing program 3 (id=1674):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f000000ad00)={[{@usrquota}, {@grpquota}, {@nodiscard}, {@noquota}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@discard_size={'discard', 0x3d, 0x6}}, {@usrquota, 0x0}, {}, {@umask={'umask', 0x3d, 0x1000000000200}}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@discard}, {@resize}, {@uid}, {@usrquota}, {@errors_continue}, {@resize_size={'resize', 0x3d, 0x4}}, {@resize_size={'resize', 0x3d, 0xb04}}, {@quota}, {}, {@discard}, {}, {@gid}], [{@fscontext={'fscontext', 0x3d, 'user_u'}}, {@fsmagic={'fsmagic', 0x3d, 0xb207}}, {@fsmagic}, {@permit_directio}]}, 0xfe, 0x612b, &(0x7f00000002c0)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0bER09FbG2vr9aLLx6yH9/9499/98Mn3vrbHwbn//unO73XJq139+6v/vPne0fbZgAAAChNVVVVJ33MP5M+33fb7hQAMBX59b9K8vJTX//6n2/9ZZb6o1ar1Wr1FOqmarx7zSIiNpq3qd8zOBwPACfMRnzcdhdokfyL1o+IJ9ruBDDTOm13gGOxtb2+2kn5dpqvB8u77flckH35b3QeXN8xaXqQ0XNMpvX42oxePDOhPwtT6sMsyfl3R/O/tts+TOsdd/7TMin/4e6lT8XJ+fdG8x9xevLvjs2/VDn//iPl35M/AAAAAADMsPz//0stH/+dO/qmHMonHf9dnlIfAAAAAAAAAOBxO+r4fw8Y/w8AAABmVv1Zvfabp/aWTfoutnr51U7EkyPrA4VJF8sstt0PAAAAAAAAAAAAAChJf/cc3qudiEFEPLm4WFVV/dM0Wj+qo97+pCt9+6FkbT/JAwDAro+eGrmWvxMxHxFX03f9DRYXF6tqfmGxWqwW5vL72eHcfLXQ+Fybp/WyueEh3hD3h1X9y+Ybt2s66PPyQe2jv6++r2HVO0THHpNB+mtOaG4pbABIdl+NtrwinTJV9fSkNx+wj/3/FFqKpbYfV8y+th+mAAAAwPGrqqrqpK/zPpOO+Xfb7hQAMBX59X/0uMCR6u6E9ojH8/vVarVarVZ/qrqpGu9es4iIjeZt6vcMhuMHgBNmIz5uuwu0SP5F60fEc213AphpnbY7wLHY2l5f7aR8O83XgzS+ez4XZF/+G52d2+Xbj5seZPQck2k9vjajF89M6M+zU+rDLMn5d0fzv7bbPkzrHXf+0zIp/+HOJXPlyfn3RvMfcXry747Nv1Q5//4j5d+TPwAAAAAAzLD8//9Ljv/mTQYAAAAAAACAE2dre301X/eaj/9/bsx6rv88nXL+nUfNfyHNy/9Ey/l3R/L/8sh6vcb8/Tf39v9/b6+v/v7Ovz6bp4fNfy7PdNIjq5MeEZ10T51+mh5l6x62OegN63sadLq9fjrnpxq8EzfiZqzFhX3rdtPfY699ZV973dPBvvaL+9r7D7Vf2tc+SN87UC3k9nOxGj+Jm/H2TnvdNnfA9s8f0F4d0J7z73n+L1LOv9/4qfNfTO2dkWnt/ofdh/b75nTc/bxx4/O/vHD8m3Ogzeg92LamevvOttCfnb/JE8P42e21W+fuXr9z59ZKpMm+pRcjTR6znP9g52du7/n/hd32/Lzf3F/vfzh85PxnxWb0J+b/QmO+3t6Xpty3NuT8h+kn5/92ah+//5/k/Cfv/y+30B8AAAAAAAAAAAAAAAD4JFVV7Vwi+kZEXE7X/7R1bSYAMF359b9K8nK1Wq1Wq9Wnr26qxnu9WUTEX5u3qd8z/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpi213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+cWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOPPx8743Ocmjf99Nh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5P98Y77zO/8zI8OsljP86OuZ9CXL+ZxuP5zr/L42s18y/+u3M5b9x2BU3o7sv//N33vvp+dvvf/DKjfeuv7v27tqPL62sXLh0+fKVK1fOv3Pj5tqF3X+Pp9czIOefx752HmhZcv45c/mXJef/hVTLvyw5/y+mWv5lyfnn93vyL0vOP3/2kX9Zcv4vpVr+Zcn5fyXV8i/L1vb6XJ3/y6mWf1ny/v/VVMu/LDn/V1It/7Lk/M+lWv5lyfmfT/Uh8vf18KdIzj8f4bL/lyXnv5Jq+Zcl538x1fIvS87/UqrlX5ac/6upln9Zcv5fS7X8y5Lzv5xq+Zcl5//1VMu/LDn/K6mWf1ly/t9ItfzLkvP/ZqrlX5ac/2upln9Zcv7fSrX8y5Lz/3aq5V+WnP93Ui3/suT8X0+1/Muy9/3/ZsyYMZNn2n5mAgAAAAAAAAAAAABGTeN04ra3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30G8DN7sdcOIQZCcFIDa8cY4yzZ9SW+0LqYcG2AUiCh0Au2612bBd/w2iVQJJsGSiSMiiqqph/aAkJtpKrCqvhAK0rzoerlU9N+oF8qqkpIjaoQBVSktqLZaua87+uZ2dmZXe94PXve309K/t6dM3POnHlndp+1nx0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3z3y+VhRF/b/G/zYVxYvqf94wvqnxuTfc6iMEAAAAVur/Gv9//o70iSNLuFLTNn/3qn/85vz8/HzxweHfHf3y/Hy6YLwoRtcXReOy6Nq/f6jWvE3wWDFWG2r6eKjH7od7XD7S4/LRHpev63H5+h6Xj/W4fMEJWGBD+fOYxo1tb/xxU3lKizuL0cZl2ztc67Ha+qGh+LOchlrjOvOjJ4vZ4nQxU0y1bF9uW2ts/+2t9X29o4j7Gmra15b6Cvnhp0/EY6iFc7y9ZV/XbzP6wZuK8R/98NMn/vjis3d3mj1PQ8vtlce5c1v9OD8bPlMea61Yn85JPM6hpuPc0uExGW45zlrjevU/tx/n80s8zuHrh7mq2h/zsWKo8eenG+dppPnHeuk8bQmf++97i6K4cv2w27dZsK9iqNjY8pmh64/PWLki67dRX0ovLUaWtU63LmGd1uf09tZ12v6ciI//1nC9kUWOoflh+sFn1i143Je7TqP6vV7sudK+Bvv9XBmUNRjXxdONO/14xzW4Pdz/T+9YfA12XDsd1mC6301rcFuvNTi0brhxzOlBqDWuc30N7m7Zfrixp1pjPrOj+xqcvHjm/OTcJz/1+tkzx0/NnJo5u3f37qm9+/cfPHhw8uTs6Zmp8v83eLYH38ZiKD0HtoVzF58Dr23btnmpzn+1f8/DsS7Pw01t2/b7eTjSfudqq/OEXLimy+fGw/WTPnZ1qFjkOdZ4fHat/HmY7nfT83Ck6XnY8WtKh+fhyBKeh/Vtzu9a2vcsI03/dTqGm/W1YFPTGmz/fqR9Dfb7+5FBWYNjYV38667FvxZsCcf7+MRyvx8ZXrAG090Nrz31z6Tv98cONkandXlP/YLb1hWX5mYu3P/o8YsXL+wuwlgVL2taK+3rdWPTfSoWrNehZa/XI7OvevyeDp/fFM7V2Ovr/xtb9LGqb7Pv/u6PVeOrW+fz2fLZPUUYfbba57PTV/P6+UxZssv5rG/z2cmVfy+ecmnT6+/oIq+/Mfe/UO4v3dRjw6Mj5fN3OJ2d0ZbX49aHaqTx2lVr7Pv5yaW9Ho+G/1b79fjOLq/Hm9u27ffr8Wj7nYuvx7VeP+1YmfbHcyysk9NT3V+P69ts3rPcNTnS9fX43jBr4fy/LiSFlIua1s5i6zbta2RkNNyvkbiH1nW6t2X70ZDN6vt6cs+NrdOd95a3NZzu3XWrtU7H27bt9zpNr1eLrdNar5++3Zj2x3MsrIs793Zfp/Vtntq38tfODfGPTa+d63qtwdHhdfVjHk2LsHy9n98Q1+D9xYniXHG6mG5cuq6xnmqNfU08sLQ1uC78t9qvlZu7rMGdbdv2ew2mr2OLrb3ayMI73wftj+dYWBdPPNB9Dda3ecuB/n7vujN8Jm3T9L1r+8/XFvuZ1z1tp+lm/syrfpx/c6D7z2br25w+uNyc2f083Rc+c1uH89T+/F3sOTVdrM552hyO89mDi5+n+vHUt/nyoSWupyNFUVz++IONn/eGv1/580vf/WbL37t0+judyx9/8LnbT/7tco4fgLXvhXJsLL/WNf3N1FL+/h8AAABYE2LuHwozkf8BAACgMmLuj/8qPJH/AQAAoDJi7h8JM8kk/29+y7OzL1wuUjN/PoiXp9PwULld7LhOhY/H56+rf/7Br8/8+C8vL23fQ0VR/OSh3+i4/eaH4nGVxsNxXntr6+cXXvHykvZ/7JHr2zX3178Sbj/en6Uug04V3KmiKL59xxcb+xn/0NXGfOqhY435viuPP1bf5vlD5cfx+s+8rNz+D0L598jJ4y3Xfyach++HOfXOzucjXu8bV1+35cAHru8vXq+27cWNu/3Eh8vbjb8n50uPldvH87zY8f/VF578Rn37R1/T+fgvD3U+/ifD7X49zP95Zbl982NQ/zhe73Ph+OP+4vXu/9p3Oh7/tc+X259/W7ndsTDj/neGj7e/7dnZ5vP1aO14y/0q3l5uF/c/9d3fblweby/efvvxjx292nI+2tfHU/9c3s5k2/bx83E/0V+07b9+O83rM+7/yd861nKee+3/2vueeWX9dtv3f1/bdsNt12//jU1/+LkvdtxfPJ4jf3a+5f4ceW94Hof9P/HhsB7D5f977Yst+42Ovbf19Sdu/5VNl1vuT/SOH5X7v/bGU435H+M//v3bXnT7i6+8un7uiuLp95e312v/p/7oXMvxf/WuXY3HI14eO/rt+19M3P+FT0ycPTd3aXa66aw2fnfOu8rjWT+2YWP9eO8Ir63tHx89d/EjMxfGp8animK8ur9C74Z9LcznynFludff9Uh4PO/5vW9v3PFPX4if/5eHy89ffWf5deu1Ybsvhc9vKh+/+doK9//E1rsaz+/aU+XHLT32Ptiy/T8PLmnDcP/bvy+I6/38yz/SOA/1yxpfN+LzeoXH/73p8na+Fc7rfPjNzNvuur6/5u3j70a4+v7y+b7i8xde5uLj+ifh8X7398vbj8cV7+/3wvcx39nc+noX18e3Lg+1337jt3hcCa8nxZXy8rhVPN9Xn7+r4+HF30NSXLm78fHvpNu5e1l3czFzn5ybPD179tKjkxdn5i5Ozn3yU0fPnLt09uLRxu/yPPrRXte//vq0sfH6ND2zf18xtaEoinPF1Cq8YN2c46//aWnHf/6RE9MHpnZMz5w8funkxUfOz1w4dWJu7sTM9NyO4ydPznyi1/Vnpw/v3nNo74E9E6dmpw8fPHRo76GJ2bPn6odRHlQP+6c+NnH2wtHGVeYO7zu0+4EH9k1NnDk3PXP4wNTUxKVe1298bZqoX/vXJy7MnD5+cfbMzMTc7KdmDu8+tH//np6/DfDM+ZNz45MXLp2dvDQ3c2GyvC/jFxufrn/t63V9qmnu38rvZ9vVyl/EV7znvv3p97PWff0zi95UuUnbLxB9Nvwumn94yfmDS/k45v7RMJNM8j8AAADkIOb+dWEm8j8AAABURsz968NM5H8AAACojJj7x8JMMsn/+v/6/0vr/5eX6//n1f8///GyV7rW+/+xP6//n4db3P9f8f71//X/q9f/X3p/fq0fv/6//j8LDVr/P+b+DUWRZf4HAACAHMTcvzHMRP4HAACAyoi5/7YwE/kfAAAAKiPm/heFmWSS//X/l9T/39OrcFX9/r/3/9f/L9Zm/z8+OPr/2Vh2//4DD7d8qP8f6P/r/+v/6//r/7Nio4tecqv6/zH33x5mkkn+BwAAgBzE3P/iMBP5HwAAACoj5v47wkzkfwAAAKiMmPs3hZlkkv/1/73/v/6//n+l+/8rff//poPR/18bvP9/d/r/Pdxw/39M/38t9v9H+3v8g93/73n4+v/cFIP2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/73f/7/8k/7/YNH/707/vwfv/59X/7/Pxz/Y/f9+v///6Fvbr6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z/nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vv/L7Sc/v/6XjdGZQxa/z/m/leGmWSS/wEAACAHMfe/KsxE/gcAAIDKiLn/1WEm8j8AAABURsz942EmmeR//f9q9f//9K+feHWh/6//32P/Fe3/x2Wg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/xXt/yf6/3nT/++g6Umq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/533r/+/Nun/d7fc/v86/X/9f/3/zPr/3v+f/hq0/n/M/a8LM8kk/wMAAEAOYu7fFWYi/wMAAEBlxH+/Wf67V/kfAAAAqijm/okwk0zyv/6//n9O/f+a/r/+v/5/5en/d+f9/3vQ/9f/1//X/6evBq3/H3P/68NMMsn/AAAAkIOY++8PM5H/AQAAoDJi7p8MM5H/AQAAoDJi7p8KM8kk/+v/6//n1P/3/v/6//r/1af/353+fw/6//r/Vev/F4X+P7fUoPX/Y+7fHWaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YifwPAAAAlRFz/74wk0zyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//X7X+v/f/5xYbtP5/zP0PhJlkkv8BAAAgBzH37w8zkf8BAACgMmLuPxBmEvJ/p3/XDQAAAKwtMfcfDDPJ5O//9f8r0v//zb9v2bf+v/5/t/33p/+/Qf8/TP3/wVLR/n/70+KG6f/3oP+v/6//r/9PXw1a/z/m/kNhJpnkfwAAAMhBzP1vCDOR/wEAAKAyYu7/6TAT+R8AAAAqI+b+nwkzyST/6/9XpP/fRv9f/7/b/r3/v/5/lVW0/983ler/D+n/6/8P1vHr/+v/s9DN7//HPy2t/x9z/+Ewk0zyPwAAAOQg5v6fDTOR/wEAAKAyYu5/Y5iJ/A8AAACVEXP/kTCTTPK//r/+v/6//v/N6f+/sWg3iP3/+uLR/68W/f/uKtX/9/7/+v8Ddvz6//r/LDRo7/8fc/+bwkwyyf8AAACQg5j7Hwwzkf8BAACgMmLuf3OYifwPAAAAlRFz/1vCTDLJ//r/+v/6//r/3v+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/1vDTDLJ/wAAAJCDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZZJL/9f/1//X/9f/1/zvvX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/Mff/XJhJJvkfAAAAchBz/0NhJvI/AAAAVEbM/e8MM5H/AQAAoDJi7n9XmEkm+V//X/9f/1//X/+/8/71/9cm/f/u9P970P/X/9f/1/+nrwat/x9z/7vDTDLJ/wAAAJCDmPt/PsxE/gcAAIDKiLn/PWEm8j8AAABURsz9vxBmkkn+1//X/x+s/v/85ebr6f/r/xf96v/Xr6T/nwX9/+70/3vo0P9fr/+v/6//r//PDRu0/n/M/e8NM8kk/wMAAEAOYu5/X5iJ/A8AAACVEXP/+8NM5H8AAACojJj7Hw4zyST/6/9n2f9Pd3nw+v/e/1//3/v/6/+vjP5/d/r/PXj/f/1//X/9f/pq0Pr/Mfc/EmaSSf4HAACAHMTc/4EwE/kfAAAAKiPm/l8MM5H/AQAAoDJi7v9gmEkm+V//P8v+/wC//3/V+v8jLesjp/7/WNPjmdal/r/+/yrQ/+9O/78H/X/9/0Hu/4fVvGGR6+v/M4gGrf8fc/+Hwkwyyf8AAACQg5j7fynMRP4HAACAyoi5/5fDTOR/AAAAqIyY+38lzCST/K//r/+v/+/9/73/f+f96/+vTfr/3en/96D/r/8/yP3/HvT/GUSD1v+Puf9Xw0wWDX7P/dcS7iYAAAAwQGLu/3CYSSZ//w8AAAA5iLn/aJiJ/A8AAACVEXP/sTCTTPK//n97/z++o6r+v/6//r/+v/7/WtS//v8rbi8K/X/9f/1//X/9f/1/VmLQ+v8x9x8PM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+E2Em8j8AAABURsz902EmmeT/W9j/Hx3M/r/3/7/R/v9P9P/1/wP9/870/1eH9//vTv+/B/1//X/9f/1/+mrQ+v8x98+EmWSS/wEAAKDC0o+DY+4/GWYi/wMAAEBlxNx/KsxE/gcAAIDKiLn/I2EmmeR/7/+v/+/9/29F/3+kZXv9/5L+v/5/P+j/d6f/34P+v/6//r/+P301aP3/mPtnw0wyyf8AAACQg5j7PxpmIv8DAABAZcTc/7EwE/kfAAAAKiPm/tNhJpnkf/1//f/c+/+1orji/f/1/zvtX/9/bdL/707/vwf9f/1//X/9f/pq0Pr/MfefCTPJJP8DAABADmLuPxtmIv8DAABAZcTcfy7MRP4HgP9n7y6aJDuvPA7naKSG1cxHmPWsZjmz0nwEb71zhNeOMMgMksxsy8wgMzOTzMzMMjPKKDuiHao+53RXV/a9DdlV977neTbH3aFyZqlTcvxd8YsLADCM3P13j1ua7H/9v/6/e/+/OZLn/+//6/X/p+n/9f+7cKC/v3r7X3e+KPy8/f///O91d9H/6//1/5P0//p//T/nWlr/n7v/HnFLk/0PAAAAHeTuv2fcYv8DAADAMHL33ytusf8BAABgGLn7r4tbmux//b/+X/+v/9/X/9+i/9f/r5vn/0/T/8/Q/+v/9f/6f3Zqaf1/7v57xy1N9j8AAAB0kLv/PnGL/Q8AAADDyN1/37jF/gcAAIBh5O6/X9zSZP/r//X/+v+19P/HPP//nO9H/6//30b/P03/P0P/r//X/+v/2aml9f+5++8ftzTZ/wAAANBB7v4HxC32PwAAAAwjd/8D4xb7HwAAAIaRu/9BcUuT/a//1//r/9fS/x/S8//1//r/lbt5c+bfCfr/g/T/M2b6/81G/z/lgvv57d/eet7/eej/9f8ctLT+P3f/g+OW/99sjl3qNwkAAAAsSu7+h8QtTX7+DwAAAB3k7r8+brH/AQAAYBi5+2+IW5rsf/2//l//r//X/29/ff3/Onn+/7TL7///+z/vdte+/b/n/0/z/P9d9/93fDL0/6zb0vr/3P03xi1N9j8AAAB0kLv/oXGL/Q8AAADDyN3/sLjF/gcAAIBh5O5/eNzSZP/r/0fr//9939ed1f/v1S76f/2//l//Pzr9/zTP/5+x96+5k/VL/b/+3/P/9f9cnqX1/7n7HxG3NNn/AAAA0EHu/kfGLfY/AAAADCN3/6PiFvsfAAAAhpG7/9FxS5P9r/8frf/f/3We/6//3/b6+n/9/8j0/9P0/zNGef7/JX5qjrqfv1xH/f71//p/Dlpa/5+7/zFxS5P9DwAAAB3k7n9s3GL/AwAAwDBy9z8ubrH/AQAAYBi5+x8ftzTZ//p//f86+v98Bf2//v/K9/9J/79O+v9p+v8Zo/T/l+io+/m1v3/9v/6fg5bW/+fuf0Lc0mT/AwAAQAe5+58Yt9j/AAAAMIzc/U+KW+x/AAAAGEbu/ifHLU32v/5f/7+O/t/z//X/nv+v/78w+v9p+v8Z+n/9v/5f/89OLa3/z91/U9zSZP8DAABAB7n7nxK32P8AAAAwjNz9T41b7H8AAAAYRu7+p8UtTfa//l//r//X/+v/t7++/n+d9P/T9P8z9P/6f/2//p+dWlD/f9ZXndg8PW5psv8BAACgg9z9z4hb7H8AAAAYRu7+Z8Yt9j8AAAAMI3f/s+KWJvtf/7+Y/n8v5xur/z+52Wz0/5um/f/Js/4863Op/9f/HwL9/zT9/wz9v/5f/6//Z6cW1P/v/Tp3/7Pjlib7HwAAADrI3f+cuMX+BwAAgGHk7n9u3GL/AwAAwDBy9z8vbmmy//X/i+n/94zV/3v+/7mfj079v+f/H6T/Pxz6/2n6/xn6f/2//l//z04trf/P3f/8uOnYNZf8LQIAAAALk7v/BXFLk5//AwAAQAe5+18Yt9j/AAAAsFI3Hfid3P0vilua7H/9/277/2Nn/Z7+X/9/7udD/6//1/9fefr/afr/Gfp//b/+X//PTi2t/8/d/+K4pcn+BwAAgA5y998ct9j/AAAAMIzc/S+JW+x/AAAAGEbu/pfGLU32v/7f8//1//p//f/219f/r5P+f5r+f4b+X/9/tP3/8TP/Uf/PGC6i/z916tT1V7z/z93/srilyf4HAACADnL3vzxusf8BAABgGLn7XxG32P8AAAAwjNz9r4xbmux//X/T/j8/6uvq/2/YbPT/+n/9v/5/mv5/mv5/hv5f/+/5//p/dmppz//P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAYuftfE7fY/wAAADCM3P2vjVua7H/9f9P+3/P/9f/6/8Pu/2/f6P8PxSr6/5Pnf/2l9/836v/1/xPa9f93+r99v9T/6/85aGn9f+7+18UtTfY/AAAAdJC7//Vxi/0PAAAAw8jd/4a4xf4HAACAYeTuf2PcdHWT/a//1//r//X/+v/tr3/Iz/8/ttls9P87sIr+f8LS+//dPP//3H/Kz9D/6//X/P71//p/Dlpa/5+7/01xS5P9DwAAAB3k7n9z3GL/AwAAwDBy978lbrH/AQAAYBi5+98atzTZ//p//b/+X/8/fP9/4yr6f8//3xH9/7Rl9P/np//X/6/5/ev/9f9cuKPq/3P3vy1uabL/AQAAoIPc/W+PW+x/AAAAGEbu/nfELfY/AAAADCN3/zvjlib7X/+v/7+Y/j/fp/5/rP7/+OL6/xP7/vuaPP9f/78j+v9p+v8Z+n/9v/7/Jv0/u7S05//n7n9X3NJk/wMAAEAHufvfHbf+r1v7HwAAAIaRu/89cYv9DwAAAMPI3f/euKXJ/tf/6/89/1//P/zz//X/rej/p+n/Z+j/9f/6f8//Z6eW1v/n7n9f3NJk/wMAAEAHufvfH7fY/wAAADCM3P0fiFvsfwAAABhG7v5b4pYm+1//r//X/+v/9f+n/wz1/2PQ/087nP7/pP5f/1/9/L/FPwX6f/3/3NczpqX1/7n7Pxi3NNn/AAAA0EHu/g/FLfY/AAAADCN3/4fjFvsfAAAAVunqLb+Xu/8jcUuT/a//1//r//X/+v/tr6//X6cj6f/zQ6H/9/z/0Kf//699v1rb8//P/d8v/b/+n91bWv+fu/+jcUuT/Q8AAAAd5O7/WNxi/wMAAMAwcvd/PG6x/wEAAGAYufs/Ebc02f/6f/2//l//r//f/vr6/3Xy/P9p+v8Z+v8jfX7+2t+//l//z0FL6/9z938ybmmy/wEAAKCD3P2filvsfwAAABhG7v5Pxy32PwAAAAxjb/dnXNZw/+v/9f/6f/2//n/76+v/10n/P03/P0P/r//X/+v/2aml9f+f2fuqE5vPxi1N9j8AAAB0kLv/c3GL/Q8AAADDyN3/+bjF/gcAAIBh5O7/QtzSZP/r//X/6+j/T506db3+X/+///s50//fqv+n6P+n6f9n6P/1//p//T87tbT+P3f/F+OWJvsfAAAAOsjd/6W4xf4HAACAYeTu/3LcYv8DAADAMHL3fyVuabL/9f8L6P9P6P89/1//v/H8f/3/juj/p+n/Z4zY/5+48G//qPv5y3XU71//r//noKX1/7n7vxq3NNn/AAAA0EHu/q/FLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P9r/8/vP7/jr93XZ7/f3Kz/f3r//X/+n/9/5Wm/5+m/58xYv9/EY66n1/7+9f/6/85aGn9f+7+b8Yt+4ffNRf3XQIAAABLkrv/W3FLk5//AwAAQAe5+78dt9j/AAAAMIzc/d+JW5rsf/3/Ap7/P2D/7/n/2z8f+v9F9/9X6f/HoP+fpv+fof/X/+v/d9T/56dZ/9/d0vr/3P3fjVua7H8AAADoIHf/9+IW+x8AAACGkbv/+3GL/Q8AAADDyN1/a9xy1v7f1naPQv+v/9f/6//1/9tfX/+/Tvr/aRfa/x/fXF7/n/T/+n/9f9f+3/P/OW1p/X/u/h/ELX7+DwAAAKtzzXl+P3f/D+MW+x8AAACGkbv/R3GL/Q8AAADDyN3/47jltquO6i0dKv2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+Wv1/2P0/5uN/p/Lt7T+P3f/T+IWP/8HAACAYeTu/2ncYv8DAADAMHL3/yxusf8BAABgGLn7fx63NNn/+n/9/2X2/3tppv7/NP3/afr/7fT/h0P/P03/P0P/7/n/+n/P/2enltb/5+7/RdzSZP8DAABAB7n7fxm32P8AAAAwjNz9v4pb7H8AAAAYRu7+X8ctTfb/kfX/8bda/7/6/t/z//X/+n/9/6Lo/6fp/2fo//X/+n/9Pzu1tP4/d/9v4pYm+x8AAAA6yN3/27jF/gcAAIBh5O7/Xdxi/wMAAMAwcvf/Pm5psv89/1//r//X/+v/t7++/n+d9P/T9P/b1R+U/l//r//X/7NTS+v/c/f/IW5psv8BAACgg9z9f4xb7H8AAAAYRu7+2+IW+x8AAACGkbv/T3FLk/2v/9f/6//1//r/7a+v/18n/f+0o+z/7/wf8y/r+f9H3v/nW9D/6//1/+zE0vr/3P1/jlua7H8AAADoIHf/X+IW+x8AAACGkbv/r3GL/Q8AAADDyN3/t7ilyf6f6f+P11+o/5+k/9///vX/2z8f+n/9v/7/ytP/T/P8/xn6f8//1//r/9mppfX/ufv/Hrc02f8AAADQQe7+2+MW+x8AAACGkbv/H3GL/Q8AAADDyN3/z7ilyf73/P819f/X6v/1//p//b/+f4b+f5r+f4b+X/+v/9f/s1NL6/9z9/8rAAD//z66VbA=")

26.256848133s ago: executing program 3 (id=1679):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r4, &(0x7f0000000400)='ns\x00')

25.079557522s ago: executing program 3 (id=1680):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000000340)=ANY=[], 0x0, 0x86}, 0x28)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0}, 0x38)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22ff892f"], 0xffbf)

20.29318994s ago: executing program 5 (id=1691):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x2000000000903, 0x1, 0x1}, 0x20)
r0 = socket$netlink(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004880)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003080)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3, 0xf9}]}}}], 0x18}}], 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e14000580"], 0x80}}, 0x0)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
fcntl$setpipe(r5, 0x407, 0x2000000)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0xfd, [0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffff]}})

14.031535212s ago: executing program 4 (id=1700):
r0 = socket$packet(0x11, 0xa, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000894)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000180)=0xa, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88b81, 0x0)
getpeername$packet(r0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=ANY=[@ANYBLOB="02000000040000000400000022bf000080040000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
mmap(&(0x7f0000f9f000/0x4000)=nil, 0x4000, 0x0, 0x13, r5, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

11.413483105s ago: executing program 2 (id=1705):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001cc0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000fefffe7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe0000000085000000c0000000b7000000000000009500000000000000c9be17044171e1d3d7b1efd036d7af273bce36015779c4cef58fa35d17c668a4b63e069efb29797573b8538e31ec24925095a163b9d4e76be2661f2a395e41f7e31a8021e00b00104e0801d4de36e5fdc6c42a7b3ff13f2360a6e231fd223bc33091dd61258a1fda45991fbdce6793c8a4785ee8b60092659b941bbd694dff0f0000000000003a45404b04bf97c4fea679c032b363956cd8bac9626b5db1b07a0bd7cc85e961506a35a04617dc0200379e731d3a8d8feac94a4ee293001f6ce7d5b40bf2a7f9be8173a9639a79fae885d05afe042c0e7821d406c967379e7521292d24d6c8034f2fc7c855a8945e9bce678ee9a015abc9daac8876623db56346916674ceb55f60b493f2f4d736acb2f206fc538450a676d71c01175b8454eb92567e8f8a707b590d7219288e23ee0800000000000010a49fc8f4ff0300000000000000000000cb947d6017ad27714772ad790af252e648ef8c313c604324f5b306000000000000cf327a8f5dd89315b8c8650a70162bba30ad7804fa4140f1a754ffff000000ab744d306619dfb3a37d897662bee00189f43da46a908a235c84cbad335fd1d2f2ef93a6a70c8b8ece0e243eab05a34ab0a7e7e497065e5e282e284f8d5e8852a265d528075214af000000000070d42182d8f3a347d48289a824e5b7b238e27263a23c0b865f75331d888c72df1da4b290582f00024227f03204add786a87b23ceb17c25810e769fe2d6a7bd8e504843b66b1a8c7b364bd2194ba9c8f60ac0c9b18d8c1b9e1a736825c91b4dff0000c1c5dcffa295c2930000000000235d84b0193a5ea7c77cdb7de8ce1a59ab4158097b4dd13ebfaf4425c6855530b56a3320d85c8fe85f667998b1a7e589f486c107761108e4e230419fd27b6ad9c10b25c6b6ed84badbb970dcf133279dd355e41de944564bdab99c5c712a9fbc8e9691c775bb94f746505e1e748cf1710d52468b4b1625ce21612ed5e807dfb5f19f3267e5366b2c0b2a0be49ae476263c9407ac6c596bf3cf66204984f5aebf93d1caa220ea6969cea852fe9a7d1eee13f1f48722a69ad9fb850bd093a302b9250245900ad5c8e5f20ddf77ee3d5a168964fad1aa7347d36c502d02b1d96d753ef6fc354fc126070060c65c147651fca62c0a06939f40c90ebc3042e753fe91b5770b24f25c558736dd7e1e9fb214cbb04c5c6ee4c970b320ba6fb6ef4615f4092de54c519f4622e1224153463ea80248a45a95a189958f586d606dcaa9aac656cf95a2d35225cfb0e6f47486d5cbb04a590116d4de92e203e107d68728a189b0d537d2442beab2f8ce7b2dd357200dcd139e47267012fc2a2b6bad79be429d1ddaccbe0139f16ca1b9bc1103000000ed1ece54cfdbe04670bee9b42fe3dc42033997e2e700b6edb2b49b5f2f6001ee0a9e5d1bee199ce9124a5cb479040000000000000049ead5b02d5ea1dcf6cdcf332fe94b3c1932d8d391754774a32c9b7e6ca4023bce2c7281d27a2cb62383ab3a3bb535650fbfb96c89936855eb7a485698f0d20c3eedd6123ef8f218d52ea2c346f80acb8b9a71856d2f2d1a7c6f45ee127b6a1d1ac1e243ed02e49e8aafe835919564af915965a050c37ceff855bd2dec3452c7c38f5dbf1ff1ff00020000000000006a1a029ea6540b40b2f797813af2c7d4ed235c2dc5f1dbbfcc52b2f55fd3f9f100c4891d0cb4c10ed01489bf235c45822594842da1b411346297a40bbf221bbf63ad3822575dcc01a3c34b5aa4e3750400000000000000fc0fd9c746cf0ed4b0343d00a154e6a869346256ffbd666a34414ab0f40bec45b1c24f02ac9bc20e69201968537dd4dc61323c8b6d3643183631664eeca616696fb30fe89c8bdb15037c801fca4a9c220fec5d14582a00b62548ddf2599e5ffc5330cefb8903d276eae21b0b4b20100ead8256636c7e754185e815dd21445cc965a0526da38021a3e540949494ef3041cfa5067f556a0af5c19d27ff4f61fa7762d7963c96853709e773f14c47eef784cb145ae9d6d37fc7b5d83e05ac773fcc429eae6826a9d207d4c39df8eed9cc2ae3f68df1c6495a82d02939b448bf8038521057714e6e644d633d2abe9e0b0025d16b7eff573f78364ed70a62a7b1e55311dc0193d47f9ecc8c7ad268dc6e2e75f8cc83315411bd6c6b88e1850ee757ac2f9e4d6ac510003717d5847a19e750db92d33d6bdc434d0b52b2eb4b1790459e35122f46b205120a54bf657da9fd55d43a89e333481de468f5984a69509e9eac5a5b39c004396e8cb3ab037fd62fa43f259f13ebc4b590e9ea07ea37689049c799cd444d45dabe3e3cf086768daa6816c37793d17a284d2828f5eab2d3f0bedd5334b7bb4c983fa9cd4bd86f0ad227901e83ef4871695380d25bea2929fa66382af6ddb89917ab100046151bd08fce74247955247daa1ea75139b9ce3771526503c7db3a4b3ff39301986c1fd9b5c42d39e768946c9a7ee8dd081bfb6ea5fa132ebdbe72d02ce9f2000000006f63ae8311afc4943c963d39e42c54a3f52d121bfb425fe268892f654febdaee43e95b5ae6749275e1ad8b8b279e1ae296e03a8d9386d8e199dc1f00000008000000000000000026c43493c622f041b47d329b248e8ccd92e9b17007ba2578eefcb59f50343722e6cba3be72fd037eb5fa243a395b5c83376a14414b32c2e8a33de8000000003927da2bec76f4e15c8bf3715c5bfe7b3617d0fcf9b5861554b5b76b8ae69c644a48931306a16cff8a38ea95553867e2c5fb1e99b1802e616345871b4611627874cfbe30fa5793c873ae6f75427f3eeda690147b9615b096d967c2d7f5ddf725f0544f8750a5ed04d6ca0f223506fec5d5e65b467c59459f6113cf41c174a63a17fc79d0b777a0c903c0d2e7f79b6f9ce68a3b72315407040f6a09cadc25e87b7c6b4a3079c7989b4cf04b251fb555fa9a2d74392939b4dbaa9e620e22ab975ac3a5a329157762c1f29075fbdd39451a56b97c90e4fde6782a7c78e7fbe8400054dcafcd51e9eef2d2ea10a3f2636ac2239cef5d8505060de55f472aa89cb8e0188f2ee96cb1ae8dee3c03d0a942c6289cbc4499cea402bd0550520f4aae98c436f18a667ae4efeb5e6a4b1b3f53536145a87578eac8bfc1037acd9d9629449714ed1302714c3519fdd8529b5a86ce2fabb7f285fe73730000000000000000000000000000000073b6f8e9255567374cb2cc80be58fca5b1dc50d85342e56beda632edb7f0a4abcabae102fadfbffecc6b1549315dda8e09d18a7fe5e1574e4fad426b6ca211da39a16dffdd661a20b20c390e00004b002cd83b754c3d32819c823027b3cf8f8da6e63d099712be370bb2aa06debff931ea0a2e7aa0390000000000000045b6720d74c470d49e1e97d1668bb75ad994089d723c2eeaad3f857937fa3df615121a1841ed452dd395788e1a82efda18b41c06c948ef44af8500fbe1ee0828a3b047afb80435935b0f99b381dcf101e9a1593bdaab3bc88c70bf56995a4790a339e1b62516356644ed7df6db419d0976a5169e68e8bd4712552c5ec03f2818c17c4a5bf1e5ecd9bb40074a63c66b61f4779226a99dc5ff9c442e93991570797493569e6f9ccd6d73bcbce41022d4731fc61b6bf0188c74a21471332a546ffe8e9dd738aa2ca782ff5a547a1ad7c348c59ff99d1496404eafcd0333df8f2801d39ad0c82735af24b819efc2fd67c6a53835f0af6a51d1b9123f4b9af7fa2ee2ebf4bc2973cf04380b41aa7577e35bcd28446bfcea19aa85440fe0fdce12e53da7b8842b7527a34d1bcb16fcdc84f2c46a78c01c2ff463cdd0d65267b0822e899e893514a02acd8c21583d181208175d08ff75223da84d53656eb7ab46ad442d70c67a6010029329aaf116308d57e77065464eb94ba18e680c2030b4212c135a3c3bbce5e911453b9e35e5b2a0390ebeb084988880a7b07435188680ce166b8858f00876c191fd4df2c32440ddcce4410199080009ad86d35168a442cfb9d399172c436a744649c810ce30505348d6f7bc87f0c202ab626acfaf0c732a3536fd46796b1bb6a2217834db8066789735a67dc95c679d02e0eaf743911bde21ffe0b6ccda73dee5694020544392d0538a8075706b26b2680555bd5dd1b4e2f59275c02372ff99d5f1066d018016c43541c6374be429d483f513c84a7dc1aced670625a93082a9bfaa86b2aa73ada8945b088d9ec0aa549a8ec8e50060fcace5e89ee1ffc1dc0f8a87"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x13, 0x0, &(0x7f00000000c0)="b9ff0303000d698cb89e40f086dd6000000e00", 0x0, 0x100, 0x2000000, 0x0, 0x0, &(0x7f0000000440)}, 0x50)

11.254030217s ago: executing program 2 (id=1706):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = inotify_init()
inotify_add_watch(r0, 0x0, 0x2000018)
bpf$MAP_CREATE(0x0, &(0x7f0000001780)=ANY=[], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'syztnl0\x00', <r1=>0x0, 0x29, 0x0, 0x6f, 0x8, 0x0, @dev={0xfe, 0x80, '\x00', 0xb}, @local, 0x1, 0x40, 0x1000, 0x9}})
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r2}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRES16, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

10.229293393s ago: executing program 4 (id=1707):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb0100180000000000000060000000600000000700000005000000030000130c00000008000000040000000900000008000000d0290000080000000d00000007000000080000000000000000000003000000000200000002000000030000000e0000000000000af8000000080000000000000a0100000000613e302e0000"], &(0x7f0000001200)=""/4096, 0x7f, 0x1000, 0x0, 0x4b, 0x10000}, 0x28)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x15, 0x1d, &(0x7f0000000580)=ANY=[@ANYBLOB="1000000000000000000000000101000026110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000b90900000000000055090100000008009500000000000000183700000400000000000000000400000000000000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000008510000004000000185400000a000000000000000000000085200000010000000869040003000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x2b, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000080000000000000000000850000007d00000095", @ANYBLOB="3b2b36a210a7827610208c8c3095fe61197afc664245d24d127a62c0cac9034fd5d6ee73ff2b3853a3bf0b65ec3f9eae259b4fb17e5e47e6e0089fc9c468d087eca8a9bb1feefed702ec9694d53eef8dddc06e41df"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$BINDER_THREAD_EXIT(r7, 0x40046208, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r9 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r9, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010300000000030000f11c000000180001801400020076657468305f766c616e"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)

10.081687186s ago: executing program 2 (id=1708):
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x3}}, 0x20)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r2, 0xc0984124, 0x0)

9.448185556s ago: executing program 2 (id=1709):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, 0x0, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x24008844, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r6}, 0x10)
r7 = getpgid(0x0)
r8 = syz_pidfd_open(r7, 0x0)
r9 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0xac63094eb3328933, 0x0)
r10 = pidfd_getfd(r8, r9, 0x0)
readlinkat(r10, &(0x7f0000000100)='\x00', &(0x7f0000000140)=""/189, 0xbd)

9.386103617s ago: executing program 34 (id=1680):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001580)={&(0x7f0000000340)=ANY=[], 0x0, 0x86}, 0x28)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0}, 0x38)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="8fedcb5d07081196f37538e486dd6372ce22ff892f"], 0xffbf)

9.107353472s ago: executing program 5 (id=1711):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, 0x0, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x24008844, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
readlinkat(0xffffffffffffffff, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000440)=""/163, 0xa3)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r6}, 0x10)
r7 = getpgid(0x0)
r8 = syz_pidfd_open(r7, 0x0)
r9 = pidfd_getfd(r8, 0xffffffffffffffff, 0x0)
readlinkat(r9, &(0x7f0000000100)='\x00', &(0x7f0000000140)=""/189, 0xbd)

8.718947388s ago: executing program 4 (id=1712):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ptrace$poke(0x4, r0, &(0x7f0000000300), 0x1)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x18)
r2 = syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
pread64(r2, &(0x7f0000002240)=""/237, 0xed, 0x4eb)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

7.874446492s ago: executing program 5 (id=1713):
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r3, 0x10e, 0x3, &(0x7f00000000c0)=0xffff, 0x4)
recvmmsg(r3, &(0x7f0000001dc0), 0x0, 0x0, 0x0)
unshare(0x2000400)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

7.408806779s ago: executing program 4 (id=1714):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001cc0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000fefffe7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe0000000085000000c0000000b7000000000000009500000000000000c9be17044171e1d3d7b1efd036d7af273bce36015779c4cef58fa35d17c668a4b63e069efb29797573b8538e31ec24925095a163b9d4e76be2661f2a395e41f7e31a8021e00b00104e0801d4de36e5fdc6c42a7b3ff13f2360a6e231fd223bc33091dd61258a1fda45991fbdce6793c8a4785ee8b60092659b941bbd694dff0f0000000000003a45404b04bf97c4fea679c032b363956cd8bac9626b5db1b07a0bd7cc85e961506a35a04617dc0200379e731d3a8d8feac94a4ee293001f6ce7d5b40bf2a7f9be8173a9639a79fae885d05afe042c0e7821d406c967379e7521292d24d6c8034f2fc7c855a8945e9bce678ee9a015abc9daac8876623db56346916674ceb55f60b493f2f4d736acb2f206fc538450a676d71c01175b8454eb92567e8f8a707b590d7219288e23ee0800000000000010a49fc8f4ff0300000000000000000000cb947d6017ad27714772ad790af252e648ef8c313c604324f5b306000000000000cf327a8f5dd89315b8c8650a70162bba30ad7804fa4140f1a754ffff000000ab744d306619dfb3a37d897662bee00189f43da46a908a235c84cbad335fd1d2f2ef93a6a70c8b8ece0e243eab05a34ab0a7e7e497065e5e282e284f8d5e8852a265d528075214af000000000070d42182d8f3a347d48289a824e5b7b238e27263a23c0b865f75331d888c72df1da4b290582f00024227f03204add786a87b23ceb17c25810e769fe2d6a7bd8e504843b66b1a8c7b364bd2194ba9c8f60ac0c9b18d8c1b9e1a736825c91b4dff0000c1c5dcffa295c2930000000000235d84b0193a5ea7c77cdb7de8ce1a59ab4158097b4dd13ebfaf4425c6855530b56a3320d85c8fe85f667998b1a7e589f486c107761108e4e230419fd27b6ad9c10b25c6b6ed84badbb970dcf133279dd355e41de944564bdab99c5c712a9fbc8e9691c775bb94f746505e1e748cf1710d52468b4b1625ce21612ed5e807dfb5f19f3267e5366b2c0b2a0be49ae476263c9407ac6c596bf3cf66204984f5aebf93d1caa220ea6969cea852fe9a7d1eee13f1f48722a69ad9fb850bd093a302b9250245900ad5c8e5f20ddf77ee3d5a168964fad1aa7347d36c502d02b1d96d753ef6fc354fc126070060c65c147651fca62c0a06939f40c90ebc3042e753fe91b5770b24f25c558736dd7e1e9fb214cbb04c5c6ee4c970b320ba6fb6ef4615f4092de54c519f4622e1224153463ea80248a45a95a189958f586d606dcaa9aac656cf95a2d35225cfb0e6f47486d5cbb04a590116d4de92e203e107d68728a189b0d537d2442beab2f8ce7b2dd357200dcd139e47267012fc2a2b6bad79be429d1ddaccbe0139f16ca1b9bc1103000000ed1ece54cfdbe04670bee9b42fe3dc42033997e2e700b6edb2b49b5f2f6001ee0a9e5d1bee199ce9124a5cb479040000000000000049ead5b02d5ea1dcf6cdcf332fe94b3c1932d8d391754774a32c9b7e6ca4023bce2c7281d27a2cb62383ab3a3bb535650fbfb96c89936855eb7a485698f0d20c3eedd6123ef8f218d52ea2c346f80acb8b9a71856d2f2d1a7c6f45ee127b6a1d1ac1e243ed02e49e8aafe835919564af915965a050c37ceff855bd2dec3452c7c38f5dbf1ff1ff00020000000000006a1a029ea6540b40b2f797813af2c7d4ed235c2dc5f1dbbfcc52b2f55fd3f9f100c4891d0cb4c10ed01489bf235c45822594842da1b411346297a40bbf221bbf63ad3822575dcc01a3c34b5aa4e3750400000000000000fc0fd9c746cf0ed4b0343d00a154e6a869346256ffbd666a34414ab0f40bec45b1c24f02ac9bc20e69201968537dd4dc61323c8b6d3643183631664eeca616696fb30fe89c8bdb15037c801fca4a9c220fec5d14582a00b62548ddf2599e5ffc5330cefb8903d276eae21b0b4b20100ead8256636c7e754185e815dd21445cc965a0526da38021a3e540949494ef3041cfa5067f556a0af5c19d27ff4f61fa7762d7963c96853709e773f14c47eef784cb145ae9d6d37fc7b5d83e05ac773fcc429eae6826a9d207d4c39df8eed9cc2ae3f68df1c6495a82d02939b448bf8038521057714e6e644d633d2abe9e0b0025d16b7eff573f78364ed70a62a7b1e55311dc0193d47f9ecc8c7ad268dc6e2e75f8cc83315411bd6c6b88e1850ee757ac2f9e4d6ac510003717d5847a19e750db92d33d6bdc434d0b52b2eb4b1790459e35122f46b205120a54bf657da9fd55d43a89e333481de468f5984a69509e9eac5a5b39c004396e8cb3ab037fd62fa43f259f13ebc4b590e9ea07ea37689049c799cd444d45dabe3e3cf086768daa6816c37793d17a284d2828f5eab2d3f0bedd5334b7bb4c983fa9cd4bd86f0ad227901e83ef4871695380d25bea2929fa66382af6ddb89917ab100046151bd08fce74247955247daa1ea75139b9ce3771526503c7db3a4b3ff39301986c1fd9b5c42d39e768946c9a7ee8dd081bfb6ea5fa132ebdbe72d02ce9f2000000006f63ae8311afc4943c963d39e42c54a3f52d121bfb425fe268892f654febdaee43e95b5ae6749275e1ad8b8b279e1ae296e03a8d9386d8e199dc1f00000008000000000000000026c43493c622f041b47d329b248e8ccd92e9b17007ba2578eefcb59f50343722e6cba3be72fd037eb5fa243a395b5c83376a14414b32c2e8a33de8000000003927da2bec76f4e15c8bf3715c5bfe7b3617d0fcf9b5861554b5b76b8ae69c644a48931306a16cff8a38ea95553867e2c5fb1e99b1802e616345871b4611627874cfbe30fa5793c873ae6f75427f3eeda690147b9615b096d967c2d7f5ddf725f0544f8750a5ed04d6ca0f223506fec5d5e65b467c59459f6113cf41c174a63a17fc79d0b777a0c903c0d2e7f79b6f9ce68a3b72315407040f6a09cadc25e87b7c6b4a3079c7989b4cf04b251fb555fa9a2d74392939b4dbaa9e620e22ab975ac3a5a329157762c1f29075fbdd39451a56b97c90e4fde6782a7c78e7fbe8400054dcafcd51e9eef2d2ea10a3f2636ac2239cef5d8505060de55f472aa89cb8e0188f2ee96cb1ae8dee3c03d0a942c6289cbc4499cea402bd0550520f4aae98c436f18a667ae4efeb5e6a4b1b3f53536145a87578eac8bfc1037acd9d9629449714ed1302714c3519fdd8529b5a86ce2fabb7f285fe73730000000000000000000000000000000073b6f8e9255567374cb2cc80be58fca5b1dc50d85342e56beda632edb7f0a4abcabae102fadfbffecc6b1549315dda8e09d18a7fe5e1574e4fad426b6ca211da39a16dffdd661a20b20c390e00004b002cd83b754c3d32819c823027b3cf8f8da6e63d099712be370bb2aa06debff931ea0a2e7aa0390000000000000045b6720d74c470d49e1e97d1668bb75ad994089d723c2eeaad3f857937fa3df615121a1841ed452dd395788e1a82efda18b41c06c948ef44af8500fbe1ee0828a3b047afb80435935b0f99b381dcf101e9a1593bdaab3bc88c70bf56995a4790a339e1b62516356644ed7df6db419d0976a5169e68e8bd4712552c5ec03f2818c17c4a5bf1e5ecd9bb40074a63c66b61f4779226a99dc5ff9c442e93991570797493569e6f9ccd6d73bcbce41022d4731fc61b6bf0188c74a21471332a546ffe8e9dd738aa2ca782ff5a547a1ad7c348c59ff99d1496404eafcd0333df8f2801d39ad0c82735af24b819efc2fd67c6a53835f0af6a51d1b9123f4b9af7fa2ee2ebf4bc2973cf04380b41aa7577e35bcd28446bfcea19aa85440fe0fdce12e53da7b8842b7527a34d1bcb16fcdc84f2c46a78c01c2ff463cdd0d65267b0822e899e893514a02acd8c21583d181208175d08ff75223da84d53656eb7ab46ad442d70c67a6010029329aaf116308d57e77065464eb94ba18e680c2030b4212c135a3c3bbce5e911453b9e35e5b2a0390ebeb084988880a7b07435188680ce166b8858f00876c191fd4df2c32440ddcce4410199080009ad86d35168a442cfb9d399172c436a744649c810ce30505348d6f7bc87f0c202ab626acfaf0c732a3536fd46796b1bb6a2217834db8066789735a67dc95c679d02e0eaf743911bde21ffe0b6ccda73dee5694020544392d0538a8075706b26b2680555bd5dd1b4e2f59275c02372ff99d5f1066d018016c43541c6374be429d483f513c84a7dc1aced670625a93082a9bfaa86b2aa73ada8945b088d9ec0aa549a8ec8e50060fcace5e89ee1ffc1dc0f8a87"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x16, 0x0, &(0x7f00000000c0)="b9ff0303000d698cb89e40f086dd6000000e00ff8900", 0x0, 0x100, 0x2000000, 0x0, 0x0, &(0x7f0000000440)}, 0x50)

6.670475311s ago: executing program 5 (id=1715):
r0 = userfaultfd(0x80001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000100)=0x100, 0x4)
write$binfmt_script(r4, &(0x7f00000000c0), 0x28)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000180)=""/102, 0x66}], 0x1)

6.488893264s ago: executing program 4 (id=1716):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = open(&(0x7f00000000c0)='./file0\x00', 0x14000, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chroot(&(0x7f0000000000)='./bus\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYRESOCT], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.236138525s ago: executing program 5 (id=1717):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000894)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000180)=0xa, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88b81, 0x0)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=ANY=[@ANYBLOB="02000000040000000400000022bf000080040000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
mmap(&(0x7f0000f9f000/0x4000)=nil, 0x4000, 0x0, 0x13, r4, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

4.496337207s ago: executing program 4 (id=1718):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x2000000000903, 0x1, 0x1}, 0x20)
r0 = socket$netlink(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000004880)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000003080)=[@ip_retopts={{0x14, 0x0, 0x7, {[@lsrr={0x83, 0x3, 0xf9}]}}}], 0x18}}], 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e14000580"], 0x80}}, 0x0)
pipe2(&(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$FUSE_INIT(r5, &(0x7f0000000400)={0x6f, 0x0, 0x0, {0x7, 0x28, 0x80000001, 0x0, 0x0, 0x0, 0x2, 0x1}}, 0xfffffede)
fcntl$setpipe(r5, 0x407, 0x2000000)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000080)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0xfd, [0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffff]}})

3.68663994s ago: executing program 5 (id=1719):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000010000000000000000000000850000005300000085000000050000009500000000000000a94be0c51261be6a99fe3d0000a232d5e1f59f18f845f82e9a7bde9e8f4b9197701b547edf612a03f1737d95"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000003840)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000380)="fbe6bd8dfcdda5a210b8cfefbd66f459c7261b927d25d3cf74d2f7c97735eba47f606a290d18492592230700000000000000081fdbd921ed4db0e67c9d5ab1452445a1e0da5ac68b13f4afe2712eeaad350d07", 0x53}], 0x1}, 0x0)
close(r1)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f00000008c0), 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="78cafb73fc02010700000000ef02258f2e", 0x11}], 0x1}, 0x4000000)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)

1.262910629s ago: executing program 2 (id=1720):
r0 = socket$packet(0x11, 0xa, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000894)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000180)=0xa, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x88b81, 0x0)
getpeername$packet(r0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000004080)=ANY=[@ANYBLOB="02000000040000000400000022bf000080040000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
mmap(&(0x7f0000f9f000/0x4000)=nil, 0x4000, 0x0, 0x13, r5, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)

0s ago: executing program 2 (id=1721):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x3200004, &(0x7f0000000900)={[{@nls={'nls', 0x3d, 'macinuit'}}, {@gid}, {@umask={'umask', 0x3d, 0x1000}}, {@uid}, {@type={'type', 0x3d, "8cc687ef"}}, {@force}, {@nodecompose}, {@type={'type', 0x3d, "664b981f"}}]}, 0x3, 0x6b9, &(0x7f0000000240)="$eJzs3U1sHGcZB/D/bJx1Nkip26ZtQEi1GqmCRiR2ViVBQmpACOUQoQguvVqJ01jZpJXtorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHh5BuHSNw45AAYzezsem1vHDuOvab9/aTJvLPv1zOP52N37GgDfGpdfD2Huyly8dSl2+X2yr12Z+Ve+2a/nGQySSOZ6K1StJLi4+RCeks+W75YD1c8bJ5X739UTLz/Ybu3NVEvVfvGVv02GdmymxwZbBxKMt0r/nvbw24ar1qqca6sjfeYikHcZcJO9hMH47a6SXetsvHI7ts/b4ED607vvrnJVHI0vbtr+T4g9dXh0VeG8dvy2tTdvzgAAABgr4z8LD/sqQd5kNs5tj/hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwCdD0fvOwKJeGv3ydIr+9/83h75TvznmcHfpvWvV6ttPjTsQAAAAAAAAANiVFx/kQW7nWH97tah+5/9StXG8+vczeTtLmc9iTud25rKc5SxmNsnU0EDN23PLy4uzwz2rPxJY+nnKnqurq3fqnmdH9jy7Pq7uxkBH/aXBpkYAAAAAAAAA8Kn1g1xc+/0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBEVyqLeqluP98lQaE0mOJGkW04PmzbEG+wT8cdwBAAAAwN5r1etjxX97hdWi+sz/fPW5/0jezq0sZyHL6WQ+V6tnAb1P/Y2/dtudlXvtm+WyeeCv/XNHcVQjpvfsYfTMM1WL5wY9Luab+U5OZTqXs5iFfDdzWc58pvONqjSXIlP104uplXut9GPdHO+FdVuXN8b24lC5jO9EFUkr17JQxXY6V5r90Bt1uxNDs/2+mWyY8W6ZneK12jZzdLVel3v0s3p9MExVe354kJGZOvdlNp4ezvvm3O/wONk402wag2dQx9dmKTc3zvRYOT9ar8tc/3hvc77DR2nrM9H9abnVP/qe3zrnyRf/9qfL1xu3bly/tnTq4BxGj2njMdEeysQL28pEp8xEdxeZOLKb+J+cZp2N3lV0Z1fLl6q+x7KQb+XNXM18zmUmszmfmXwlZ9PO2aG8Prd1XqtzrbGzc+3kF+pCeU/6ydC9ad9MPqyizOvTQ3kdvtJNVXXDr6xl6ZltZKloZnSW/j4ylInP1YVyjh8O3XHGb5CJxtq1uR/ds1tn4pf/WU2y1Ll1Y/H63FvbnO/lel2etu+tvzb/6ons0M7Vu1seL8+UP6z0bhvDR0dZ92y/bt2RM1vVHR/Urb/PNZupzude3aPO1HKk5++OGqlX98LIWdpV3YmhunXvcvJmOoN3IQAcYEdfOdps3W/9pfVB60et661LR74+eX7y880c/vPEHw79pvHrxleLV/JBvp9j444UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+CZbeeffGXKczv3gAC2k84QHvjqzqp6L3SvNg7PtWhcP7O+mhnTSe3OqI+m2SLbo3x5HMVpID8DOd62RiH+aazIiqS4NXWkljEE+SGwfkC+6AvXBm+eZbZ5beefdLCzfn3ph/Y/7W2fPnXjvX/vLsnTPXFjrzM71/xx0lsBfW3gaMOxIAAAAAAAAAAABgu3bz3wn+cWl7jUdMW3THsK8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/6eLr+dwN0VmZ07PlNsr99qdcumX11pOJGkkKb6XFB8nF9JbMjU0XPGweV69/9EvXn7/w/baWBP99o0N/X73r9XVHe5Ft14yneRQvX60yW2Nd2VovO4OA+spBntYJuxkP3Ewbv8LAAD///zfBvQ=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1fe)
llistxattr(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

amps until 2038-01-19 (0x7fffffff)
[  124.611254][ T6654] netlink: 12 bytes leftover after parsing attributes in process `syz.1.305'.
[  124.699799][ T6645] serio: Serial port ptm0
[  124.771162][ T6656] loop0: detected capacity change from 0 to 2048
[  124.918340][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.962622][ T6656] EXT4-fs (loop0): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.220978][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  126.701726][ T6684] netlink: 16 bytes leftover after parsing attributes in process `syz.2.314'.
[  126.709547][ T6686] loop0: detected capacity change from 0 to 1024
[  126.725289][ T6686] EXT4-fs: Ignoring removed orlov option
[  126.799018][ T6686] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.975174][   T28] audit: type=1800 audit(1753179919.054:2): pid=6686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.315" name="bus" dev="loop0" ino=18 res=0 errno=0
[  126.979250][ T6691] netlink: 4 bytes leftover after parsing attributes in process `syz.2.316'.
[  127.039330][ T6692] netlink: 12 bytes leftover after parsing attributes in process `syz.2.316'.
[  127.087920][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.085352][ T6715] netlink: 16 bytes leftover after parsing attributes in process `syz.3.325'.
[  128.228011][ T6719] netlink: 4 bytes leftover after parsing attributes in process `syz.3.327'.
[  128.242017][ T6719] netlink: 12 bytes leftover after parsing attributes in process `syz.3.327'.
[  130.255296][ T6743] netlink: 16 bytes leftover after parsing attributes in process `syz.1.335'.
[  130.386704][ T6747] netlink: 4 bytes leftover after parsing attributes in process `syz.3.337'.
[  130.412711][ T6747] netlink: 12 bytes leftover after parsing attributes in process `syz.3.337'.
[  130.704561][ T6751] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  132.499262][ T6775] netlink: 'syz.2.346': attribute type 72 has an invalid length.
[  132.517781][ T6775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.346'.
[  132.538225][ T6778] netlink: 4 bytes leftover after parsing attributes in process `syz.0.347'.
[  132.555368][ T6778] netlink: 12 bytes leftover after parsing attributes in process `syz.0.347'.
[  133.108711][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  133.125619][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  133.248699][ T6791] loop0: detected capacity change from 0 to 512
[  133.291895][ T6791] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.361044][ T6791] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.349: casefold flag without casefold feature
[  133.452088][ T6791] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.349: couldn't read orphan inode 15 (err -117)
[  133.509656][ T6791] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.941524][ T6806] netlink: 'syz.3.356': attribute type 72 has an invalid length.
[  133.959670][ T6806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.356'.
[  133.982170][ T6808] netlink: 4 bytes leftover after parsing attributes in process `syz.1.357'.
[  133.993129][ T6808] netlink: 12 bytes leftover after parsing attributes in process `syz.1.357'.
[  136.109968][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.135316][ T6830] loop3: detected capacity change from 0 to 16
[  136.158507][ T6830] erofs: (device loop3): mounted with root inode @ nid 36.
[  136.172169][ T6830] syz.3.365: attempt to access beyond end of device
[  136.172169][ T6830] loop3: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  136.190032][ T6830] netlink: 12 bytes leftover after parsing attributes in process `syz.3.365'.
[  136.340846][ T6836] netlink: 4 bytes leftover after parsing attributes in process `syz.1.368'.
[  136.424828][ T6836] netlink: 12 bytes leftover after parsing attributes in process `syz.1.368'.
[  136.602131][ T6839] netlink: 'syz.0.366': attribute type 72 has an invalid length.
[  136.642462][ T6839] netlink: 8 bytes leftover after parsing attributes in process `syz.0.366'.
[  137.680378][ T6851] loop2: detected capacity change from 0 to 2048
[  137.828058][ T6854] syzkaller0: entered promiscuous mode
[  137.847746][ T6851] EXT4-fs (loop2): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.860176][ T6854] syzkaller0: entered allmulticast mode
[  139.656636][ T6867] loop1: detected capacity change from 0 to 16
[  139.781773][ T6867] erofs: (device loop1): mounted with root inode @ nid 36.
[  139.838531][ T6867] syz.1.377: attempt to access beyond end of device
[  139.838531][ T6867] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  140.853599][    C0] sched: RT throttling activated
[  141.015491][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  142.803368][ T6869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.378'.
[  142.815734][ T6870] netlink: 12 bytes leftover after parsing attributes in process `syz.3.378'.
[  143.334269][ T5864] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  144.441457][ T5864] usb 3-1: unable to get BOS descriptor or descriptor too short
[  144.453480][ T5864] usb 3-1: config 1 has an invalid interface number: 38 but max is 0
[  144.462237][ T5864] usb 3-1: config 1 has no interface number 0
[  144.470753][ T5864] usb 3-1: config 1 interface 38 has no altsetting 0
[  144.482258][ T5864] usb 3-1: string descriptor 0 read error: -22
[  144.489095][ T5864] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=fd.63
[  144.498552][ T5864] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.537872][ T5864] snd-usb-audio: probe of 3-1:1.38 failed with error -22
[  144.734503][ T6904] netlink: 4 bytes leftover after parsing attributes in process `syz.3.390'.
[  144.753411][ T5864] usb 3-1: USB disconnect, device number 2
[  144.763869][ T6904] netlink: 12 bytes leftover after parsing attributes in process `syz.3.390'.
[  145.661160][ T6907] syzkaller0: entered promiscuous mode
[  145.713248][ T6907] syzkaller0: entered allmulticast mode
[  145.928620][ T6897] loop0: detected capacity change from 0 to 40427
[  145.946823][ T6897] =======================================================
[  145.946823][ T6897] WARNING: The mand mount option has been deprecated and
[  145.946823][ T6897]          and is ignored by this kernel. Remove the mand
[  145.946823][ T6897]          option from the mount to silence this warning.
[  145.946823][ T6897] =======================================================
[  145.993781][ T6897] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  146.002773][ T6897] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  146.019672][ T6897] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x7ffff
[  146.080822][ T6897] F2FS-fs (loop0): invalid crc value
[  146.139799][ T6897] F2FS-fs (loop0): Found nat_bits in checkpoint
[  146.311279][ T6897] F2FS-fs (loop0): Start checkpoint disabled!
[  146.370473][ T6897] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  146.384783][ T6897] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  149.668903][ T6949] netlink: 4 bytes leftover after parsing attributes in process `syz.0.403'.
[  149.684887][ T6949] netlink: 12 bytes leftover after parsing attributes in process `syz.0.403'.
[  149.699185][   T28] audit: type=1800 audit(1753179941.784:3): pid=6946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.401" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  149.699696][ T6946] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  149.728750][ T6946] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  149.738429][ T6946] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  149.865577][ T6946] syz.3.401 (6946) used greatest stack depth: 20688 bytes left
[  149.933328][ T6935] kvm: kvm [6934]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x81
[  149.976373][ T6935] kvm: kvm [6934]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x1
[  149.996737][ T6951] netlink: 28 bytes leftover after parsing attributes in process `syz.3.405'.
[  150.016103][ T6935] kvm: kvm [6934]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x81
[  150.030680][ T6935] kvm: kvm [6934]: vcpu1, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  150.051411][ T6935] kvm: kvm [6934]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x1
[  150.060223][ T6935] kvm: kvm [6934]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x81
[  151.134915][ T6957] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  151.182160][ T6956] tipc: Disabling bearer <eth:syzkaller0>
[  151.877245][ T6978] loop3: detected capacity change from 0 to 16
[  152.087068][ T6978] erofs: (device loop3): mounted with root inode @ nid 36.
[  152.150996][ T6978] syz.3.411: attempt to access beyond end of device
[  152.150996][ T6978] loop3: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  152.731125][ T6979] netlink: 28 bytes leftover after parsing attributes in process `syz.0.414'.
[  155.709543][ T6994] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  155.727314][ T6992] tipc: Disabling bearer <eth:syzkaller0>
[  156.145058][ T7007] netlink: 28 bytes leftover after parsing attributes in process `syz.3.424'.
[  156.419221][ T7001] kvm: kvm [7000]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x81
[  156.430812][ T7001] kvm: kvm [7000]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x1
[  157.199042][ T7001] kvm: kvm [7000]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0x81
[  157.214655][ T7001] kvm: kvm [7000]: vcpu1, guest rIP: 0x1b8 Unhandled WRMSR(0x11e) = 0xbe702111
[  157.230617][ T7001] kvm: kvm [7000]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x1
[  157.260689][ T7001] kvm: kvm [7000]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0x187) = 0x81
[  157.523039][ T7004] loop2: detected capacity change from 0 to 40427
[  157.538667][ T7004] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  157.548809][ T7004] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  157.562050][ T7004] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x7ffff
[  157.587453][ T7004] F2FS-fs (loop2): invalid crc value
[  157.662054][ T7004] F2FS-fs (loop2): Found nat_bits in checkpoint
[  157.866768][ T7004] F2FS-fs (loop2): Start checkpoint disabled!
[  158.823844][ T7025] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  158.867251][ T7004] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  158.890194][ T7004] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  159.035848][ T7024] tipc: Disabling bearer <eth:syzkaller0>
[  160.623444][ T7046] overlayfs: overlapping lowerdir path
[  163.841192][ T7068] loop1: detected capacity change from 0 to 40427
[  164.187835][ T7068] F2FS-fs (loop1): Found nat_bits in checkpoint
[  164.393440][ T7068] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  165.155459][ T7076] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  165.551021][ T7076] syzkaller0: entered promiscuous mode
[  165.593912][ T7076] syzkaller0: entered allmulticast mode
[  165.631569][ T7076] tipc: Resetting bearer <eth:syzkaller0>
[  165.791480][ T7070] tipc: Resetting bearer <eth:syzkaller0>
[  166.248965][  T786] tipc: Node number set to 1153174750
[  166.854937][ T7098] loop1: detected capacity change from 0 to 2048
[  166.925250][ T7098] EXT4-fs (loop1): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.172857][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  169.406220][ T7070] tipc: Disabling bearer <eth:syzkaller0>
[  169.423403][ T7087] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  170.757357][ T7123] netlink: 12 bytes leftover after parsing attributes in process `syz.3.455'.
[  170.798720][ T7123] netlink: 'syz.3.455': attribute type 1 has an invalid length.
[  171.334730][ T7133] overlayfs: failed to resolve './file1': -2
[  171.916798][ T5865] page_pool_release_retry() stalled pool shutdown 1 inflight 61 sec
[  173.828487][ T7145] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.909900][ T7145] syzkaller0: entered promiscuous mode
[  173.917929][ T7145] syzkaller0: entered allmulticast mode
[  173.926918][ T7145] tipc: Resetting bearer <eth:syzkaller0>
[  174.047986][ T7148] loop2: detected capacity change from 0 to 16
[  174.300705][ T7148] erofs: (device loop2): mounted with root inode @ nid 36.
[  174.354196][ T7148] syz.2.460: attempt to access beyond end of device
[  174.354196][ T7148] loop2: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  175.053380][ T3515] tipc: Resetting bearer <eth:syzkaller0>
[  175.118739][ T7144] tipc: Resetting bearer <eth:syzkaller0>
[  175.564501][  T786] tipc: Node number set to 738573072
[  176.198267][ T7165] loop2: detected capacity change from 0 to 16
[  176.234213][ T7165] erofs: (device loop2): mounted with root inode @ nid 36.
[  176.271748][ T7165] erofs: (device loop2): z_erofs_fill_inode_lazy: unknown HEAD1 format 5 for nid 36, please upgrade kernel
[  176.287735][ T7165] erofs: (device loop2): z_erofs_fill_inode_lazy: unknown HEAD1 format 5 for nid 36, please upgrade kernel
[  176.299764][ T7165] erofs: (device loop2): z_erofs_read_folio: read error -95 @ 8200 of nid 36
[  178.708641][ T7144] tipc: Disabling bearer <eth:syzkaller0>
[  178.727582][ T7154] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  178.745441][ T7170] netlink: 20 bytes leftover after parsing attributes in process `syz.2.465'.
[  178.994027][ T7173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.467'.
[  179.018663][ T7173] netlink: 'syz.0.467': attribute type 1 has an invalid length.
[  179.090307][ T7176] loop2: detected capacity change from 0 to 2048
[  179.179376][ T7176] EXT4-fs (loop2): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  180.639537][ T7192] loop1: detected capacity change from 0 to 256
[  181.100623][ T7192] FAT-fs (loop1): Directory bread(block 64) failed
[  181.108013][ T7192] FAT-fs (loop1): Directory bread(block 65) failed
[  181.115604][ T7192] FAT-fs (loop1): Directory bread(block 66) failed
[  181.122378][ T7192] FAT-fs (loop1): Directory bread(block 67) failed
[  181.130659][ T7192] FAT-fs (loop1): Directory bread(block 68) failed
[  181.137675][ T7192] FAT-fs (loop1): Directory bread(block 69) failed
[  181.145187][ T7192] FAT-fs (loop1): Directory bread(block 70) failed
[  181.152188][ T7192] FAT-fs (loop1): Directory bread(block 71) failed
[  181.161003][ T7192] FAT-fs (loop1): Directory bread(block 72) failed
[  181.167957][ T7192] FAT-fs (loop1): Directory bread(block 73) failed
[  181.335803][ T7192] netlink: 28 bytes leftover after parsing attributes in process `syz.1.469'.
[  181.600147][ T7192] syz.1.469 (7192) used greatest stack depth: 20616 bytes left
[  181.608483][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  182.942661][ T7202] overlayfs: overlapping lowerdir path
[  183.730932][ T7206] netlink: 4 bytes leftover after parsing attributes in process `syz.1.473'.
[  183.768697][ T7206] netlink: 12 bytes leftover after parsing attributes in process `syz.1.473'.
[  183.858540][ T7208] tipc: Started in network mode
[  183.882879][ T7208] tipc: Node identity 4e34a5eb1021, cluster identity 4711
[  183.900985][ T7208] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  184.113446][ T7209] syzkaller0: entered promiscuous mode
[  184.121681][ T7209] syzkaller0: entered allmulticast mode
[  184.132880][ T7209] tipc: Resetting bearer <eth:syzkaller0>
[  184.160622][ T7216] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  184.171823][ T7207] tipc: Resetting bearer <eth:syzkaller0>
[  185.163964][    T9] tipc: Node number set to 1578477035
[  188.479528][ T7237] loop1: detected capacity change from 0 to 40427
[  188.663341][ T7237] F2FS-fs (loop1): Found nat_bits in checkpoint
[  188.855779][ T7237] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  192.161836][ T7207] tipc: Disabling bearer <eth:syzkaller0>
[  192.171808][ T7216] syzkaller0: entered promiscuous mode
[  192.177825][ T7216] syzkaller0: entered allmulticast mode
[  192.191735][ T7221] tipc: Resetting bearer <eth:syzkaller0>
[  192.201767][ T7215] tipc: Resetting bearer <eth:syzkaller0>
[  192.245262][ T7215] tipc: Disabling bearer <eth:syzkaller0>
[  192.282342][ T7255] netlink: 4 bytes leftover after parsing attributes in process `syz.1.484'.
[  192.301132][ T7256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.484'.
[  193.005537][ T7277] overlayfs: overlapping lowerdir path
[  193.040760][ T7271] process 'syz.1.487' launched './file0' with NULL argv: empty string added
[  194.560563][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  194.573094][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  194.714894][ T7281] netlink: 12 bytes leftover after parsing attributes in process `syz.2.490'.
[  195.177064][ T7283] loop2: detected capacity change from 0 to 512
[  195.218955][ T7283] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  195.232802][ T7283] EXT4-fs (loop2): 1 truncate cleaned up
[  195.240349][ T7283] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.397763][ T7287] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  195.576689][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.940344][ T7295] netlink: 28 bytes leftover after parsing attributes in process `syz.0.492'.
[  195.993822][ T7295] loop0: detected capacity change from 0 to 512
[  196.232237][ T7295] EXT4-fs (loop0): 1 truncate cleaned up
[  196.246991][ T7295] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  196.842341][ T7301] netlink: 4 bytes leftover after parsing attributes in process `syz.1.496'.
[  196.892684][ T7301] netlink: 12 bytes leftover after parsing attributes in process `syz.1.496'.
[  196.965579][ T7294] overlayfs: failed to resolve './file1': -2
[  197.173755][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.433753][ T7308] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  197.441751][ T7308] syzkaller0: entered promiscuous mode
[  197.451699][ T7308] syzkaller0: entered allmulticast mode
[  197.577313][ T7307] tipc: Resetting bearer <eth:syzkaller0>
[  197.629359][ T7307] tipc: Disabling bearer <eth:syzkaller0>
[  197.705269][ T7318] overlayfs: overlapping lowerdir path
[  202.260349][ T7330] loop0: detected capacity change from 0 to 40427
[  202.719507][ T7330] F2FS-fs (loop0): Found nat_bits in checkpoint
[  205.643601][ T7352] loop1: detected capacity change from 0 to 40427
[  205.916761][ T7352] F2FS-fs (loop1): Found nat_bits in checkpoint
[  206.165476][ T7352] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  207.591190][ T7360] netlink: 4 bytes leftover after parsing attributes in process `syz.2.508'.
[  208.126248][ T7362] netlink: 12 bytes leftover after parsing attributes in process `syz.2.508'.
[  208.855763][ T7375] loop3: detected capacity change from 0 to 256
[  208.893906][ T7375] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  208.905129][ T7375] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  210.949525][ T7375] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  211.172916][ T7375] input: syz1 as /devices/virtual/input/input5
[  212.377425][ T7385] loop2: detected capacity change from 0 to 128
[  212.557308][ T7385] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  212.691525][ T7385] ext4 filesystem being mounted at /120/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  212.978147][ T5804] Bluetooth: hci1: command 0x0406 tx timeout
[  212.985211][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[  212.991762][ T5804] Bluetooth: hci3: command 0x0406 tx timeout
[  213.215343][ T5789] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  213.228032][ T7391] overlayfs: overlapping lowerdir path
[  214.917026][ T7409] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  215.024104][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  215.039444][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  215.982009][ T7420] netlink: 4 bytes leftover after parsing attributes in process `syz.1.522'.
[  216.004899][ T7420] netlink: 12 bytes leftover after parsing attributes in process `syz.1.522'.
[  218.426078][ T7441] loop2: detected capacity change from 0 to 256
[  218.546613][ T7447] overlayfs: failed to resolve './file0': -2
[  218.654358][ T7441] exfat: Deprecated parameter 'namecase'
[  218.780131][ T7441] exfat: Deprecated parameter 'utf8'
[  218.903389][ T7441] exfat: Unknown parameter 'rootcontext'
[  219.720871][ T7458] overlayfs: failed to resolve './file1': -2
[  221.541738][ T7470] loop1: detected capacity change from 0 to 1024
[  221.574864][ T7470] EXT4-fs: Ignoring removed i_version option
[  221.581612][ T7470] EXT4-fs: Ignoring removed bh option
[  221.625257][ T7470] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  221.644160][ T7470] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  221.682581][ T7470] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  221.728252][ T7470] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  221.769313][ T7470] EXT4-fs (loop1): external journal device major/minor numbers have changed
[  221.804047][ T7470] EXT4-fs (loop1): filesystem has both journal inode and journal device!
[  222.745712][ T7477] loop3: detected capacity change from 0 to 512
[  222.779695][ T7470] loop1: detected capacity change from 0 to 1024
[  222.797178][ T7477] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  222.820494][ T7470] EXT4-fs: Ignoring removed orlov option
[  222.871947][ T7470] EXT4-fs: Ignoring removed nomblk_io_submit option
[  223.007860][ T7477] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.538: invalid indirect mapped block 4294967295 (level 1)
[  223.077295][ T7470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.124851][ T7488] loop2: detected capacity change from 0 to 1024
[  223.124848][ T7477] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.538: invalid indirect mapped block 4294967295 (level 1)
[  223.133381][ T7488] EXT4-fs: Ignoring removed nobh option
[  223.219694][ T7489] xt_hashlimit: max too large, truncated to 1048576
[  223.230281][ T7489] No such timeout policy "syz1"
[  223.354100][ T7488] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  224.587268][ T7477] EXT4-fs (loop3): 2 truncates cleaned up
[  224.594972][ T7477] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  224.743957][ T7491] xt_TCPMSS: Only works on TCP SYN packets
[  225.923376][ T7488] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.012473][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.141386][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.303774][ T5865] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  226.495942][ T5865] usb 1-1: Using ep0 maxpacket: 32
[  226.509153][ T5865] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  226.522377][ T5865] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  226.540771][ T5865] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  226.550733][ T5865] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.589081][ T5865] usb 1-1: config 0 descriptor??
[  226.629377][ T5865] hub 1-1:0.0: bad descriptor, ignoring hub
[  226.658910][ T5865] hub: probe of 1-1:0.0 failed with error -5
[  226.676657][ T5865] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  226.907924][ T7502] netlink: 4 bytes leftover after parsing attributes in process `syz.3.542'.
[  226.922439][ T7502] netlink: 12 bytes leftover after parsing attributes in process `syz.3.542'.
[  227.241711][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.821625][ T7522] overlayfs: overlapping lowerdir path
[  229.665195][   T27] usb 1-1: USB disconnect, device number 2
[  229.709879][ T7530] netlink: 4 bytes leftover after parsing attributes in process `syz.0.552'.
[  230.724078][ T7542] loop1: detected capacity change from 0 to 512
[  231.241514][ T7542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.255195][ T7542] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.665478][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.743523][ T7564] netlink: 28 bytes leftover after parsing attributes in process `syz.3.558'.
[  232.799887][ T7564] loop3: detected capacity change from 0 to 512
[  233.192663][ T7567] overlayfs: overlapping lowerdir path
[  233.588578][ T7561] loop1: detected capacity change from 0 to 4096
[  233.702109][ T7564] EXT4-fs (loop3): 1 truncate cleaned up
[  233.709267][ T7564] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.004510][ T7561] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.020267][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.085970][ T7561] fs-verity: sha512 using implementation "sha512-avx2"
[  234.285485][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.349276][ T7577] loop3: detected capacity change from 0 to 1024
[  234.357083][ T7577] EXT4-fs: Ignoring removed i_version option
[  234.376668][ T7577] EXT4-fs: Ignoring removed bh option
[  234.396032][ T7577] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  234.423482][ T7577] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  234.443171][ T7577] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  234.467016][ T7577] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  234.490856][ T7577] EXT4-fs (loop3): external journal device major/minor numbers have changed
[  234.516874][ T7577] EXT4-fs (loop3): filesystem has both journal inode and journal device!
[  234.840381][ T7577] loop3: detected capacity change from 0 to 1024
[  234.888287][ T7577] EXT4-fs: Ignoring removed orlov option
[  234.928501][ T7577] EXT4-fs: Ignoring removed nomblk_io_submit option
[  234.978681][ T7577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.318718][ T7593] loop2: detected capacity change from 0 to 1024
[  236.444434][ T7593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.725368][ T7601] loop1: detected capacity change from 0 to 1024
[  236.744772][ T7601] EXT4-fs: Ignoring removed orlov option
[  236.750596][ T7601] EXT4-fs: Ignoring removed nomblk_io_submit option
[  236.831073][ T7601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.095001][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.820359][ T7611] netlink: 28 bytes leftover after parsing attributes in process `syz.3.570'.
[  239.876340][ T7611] loop3: detected capacity change from 0 to 512
[  240.588446][ T7611] EXT4-fs (loop3): 1 truncate cleaned up
[  240.595683][ T7611] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.827822][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.904954][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.760949][ T7630] loop3: detected capacity change from 0 to 2048
[  242.824483][ T7630] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.857516][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.975219][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  245.299163][ T7652] loop2: detected capacity change from 0 to 1024
[  245.306609][ T7652] EXT4-fs: Ignoring removed orlov option
[  245.312319][ T7652] EXT4-fs: Ignoring removed nomblk_io_submit option
[  245.407945][ T7653] netlink: 28 bytes leftover after parsing attributes in process `syz.0.580'.
[  245.461797][ T7653] loop0: detected capacity change from 0 to 512
[  245.672742][ T7653] EXT4-fs (loop0): 1 truncate cleaned up
[  245.685534][ T7653] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.983829][ T7652] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  246.228698][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.381090][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.601984][ T7691] loop1: detected capacity change from 0 to 128
[  249.712049][ T7687] loop2: detected capacity change from 0 to 2048
[  249.747463][ T7695] syz.1.590: attempt to access beyond end of device
[  249.747463][ T7695] loop1: rw=2049, sector=145, nr_sectors = 528 limit=128
[  249.814452][ T7687] EXT4-fs (loop2): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.900198][ T7691] syz.1.590: attempt to access beyond end of device
[  249.900198][ T7691] loop1: rw=524288, sector=145, nr_sectors = 224 limit=128
[  250.296928][ T7701] loop0: detected capacity change from 0 to 512
[  250.402516][ T7701] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 24
[  250.545039][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  250.825445][ T7706] loop2: detected capacity change from 0 to 1024
[  250.854380][ T7706] EXT4-fs: Ignoring removed orlov option
[  250.860099][ T7706] EXT4-fs: Ignoring removed nomblk_io_submit option
[  251.017158][ T7706] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.013008][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.210634][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.598'.
[  255.361003][ T7737] loop2: detected capacity change from 0 to 256
[  256.347727][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  256.347845][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  256.543915][ T7739] netlink: 4 bytes leftover after parsing attributes in process `syz.0.602'.
[  261.624691][ T7770] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  264.022488][ T7786] syz.2.615 (7786) used greatest stack depth: 16784 bytes left
[  264.333097][ T7791] input: syz0 as /devices/virtual/input/input6
[  267.242310][ T7819] loop1: detected capacity change from 0 to 40427
[  267.358126][ T7819] F2FS-fs (loop1): Found nat_bits in checkpoint
[  267.503944][ T7819] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  270.120826][ T7837] loop0: detected capacity change from 0 to 512
[  270.276439][ T7837] EXT4-fs (loop0): 1 truncate cleaned up
[  270.289664][ T7837] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.384105][ T7839] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  270.828154][ T5787] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.463053][ T7849] loop0: detected capacity change from 0 to 256
[  271.468927][ T7849] exfat: Unknown parameter 'iochar'
[  272.005658][ T7854] loop3: detected capacity change from 0 to 512
[  272.720180][ T7854] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  272.905641][ T7854] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  272.985946][ T7854] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.447657][   T28] audit: type=1326 audit(1753180065.534:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.3.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e838e9a9 code=0x7ffc0000
[  273.955451][   T28] audit: type=1326 audit(1753180065.534:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7853 comm="syz.3.636" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16e838e9a9 code=0x7ffc0000
[  274.146806][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  274.333941][   T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  274.717524][   T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.729805][   T23] usb 2-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  275.240756][   T23] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.386147][   T23] usb 2-1: config 0 descriptor??
[  275.424308][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  275.432726][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  275.808437][ T7880] loop2: detected capacity change from 0 to 512
[  275.849606][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  276.442964][ T7880] EXT4-fs (loop2): 1 truncate cleaned up
[  276.450509][ T7880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.728244][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.104588][   T23] usbhid 2-1:0.0: can't add hid device: -71
[  277.110871][   T23] usbhid: probe of 2-1:0.0 failed with error -71
[  277.121187][   T23] usb 2-1: USB disconnect, device number 2
[  278.574068][ T5105] Bluetooth: hci2: command 0x0406 tx timeout
[  281.351050][ T7905] loop1: detected capacity change from 0 to 128
[  284.136671][ T7922] loop1: detected capacity change from 0 to 512
[  284.668041][ T7926] overlayfs: overlapping lowerdir path
[  285.012186][ T7922] EXT4-fs (loop1): 1 truncate cleaned up
[  285.019316][ T7922] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.501721][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.307984][ T7939] loop0: detected capacity change from 0 to 40427
[  287.510694][ T7939] F2FS-fs (loop0): Found nat_bits in checkpoint
[  287.797675][ T7939] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  290.077995][ T7952] sch_fq: defrate 0 ignored.
[  290.256645][ T7953] loop1: detected capacity change from 0 to 1024
[  290.269804][ T7953] EXT4-fs: Ignoring removed orlov option
[  290.275702][ T7953] EXT4-fs: Ignoring removed nomblk_io_submit option
[  290.930138][ T7953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.385891][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.323758][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  295.528228][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.557749][    T9] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  297.976046][ T7994] loop3: detected capacity change from 0 to 40427
[  298.118798][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.247565][ T7994] F2FS-fs (loop3): Found nat_bits in checkpoint
[  298.425825][ T7994] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  298.634895][    T9] usb 3-1: config 0 descriptor??
[  298.830548][    T9] usb 3-1: can't set config #0, error -71
[  298.892287][    T9] usb 3-1: USB disconnect, device number 3
[  303.684866][ T8032] xt_hashlimit: size too large, truncated to 1048576
[  303.715026][ T8028] loop2: detected capacity change from 0 to 2048
[  304.480219][ T8028] EXT4-fs (loop2): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.593078][ T8038] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  305.777266][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  306.121218][ T8048] netlink: 4 bytes leftover after parsing attributes in process `syz.2.681'.
[  306.158544][ T8048] bridge_slave_1: left allmulticast mode
[  306.189664][ T8048] bridge_slave_1: left promiscuous mode
[  306.213213][ T8048] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.227934][ T8048] bridge_slave_0: left allmulticast mode
[  306.233811][ T8048] bridge_slave_0: left promiscuous mode
[  306.240437][ T8048] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.354091][ T8050] overlayfs: overlapping lowerdir path
[  309.244078][ T8057] loop3: detected capacity change from 0 to 40427
[  309.549551][ T8057] F2FS-fs (loop3): Found nat_bits in checkpoint
[  309.884748][ T8057] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  311.432214][ T8064] loop2: detected capacity change from 0 to 40427
[  311.556068][ T8064] F2FS-fs (loop2): invalid crc value
[  311.645020][ T8064] F2FS-fs (loop2): Found nat_bits in checkpoint
[  312.422779][ T8064] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  312.911977][ T8080] syz.2.684: attempt to access beyond end of device
[  312.911977][ T8080] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  313.665715][ T8079] syz.2.684: attempt to access beyond end of device
[  313.665715][ T8079] loop2: rw=10241, sector=45104, nr_sectors = 8 limit=40427
[  314.094402][ T5789] syz-executor: attempt to access beyond end of device
[  314.094402][ T5789] loop2: rw=2049, sector=45112, nr_sectors = 16 limit=40427
[  314.152081][ T5789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  314.164696][ T5789] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  315.102756][ T8091] netlink: 20 bytes leftover after parsing attributes in process `syz.3.690'.
[  315.694861][ T5795] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  315.713144][ T5105] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  315.733868][ T5105] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  315.754350][ T5105] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  315.765832][ T5105] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  315.800783][ T5105] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  315.808514][ T5105] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  315.906307][ T5795] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.936790][ T5795] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  315.973564][ T5795] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.044973][ T5795] usb 4-1: config 0 descriptor??
[  316.629217][ T8103] loop2: detected capacity change from 0 to 512
[  316.915112][ T8103] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.928492][ T8103] ext4 filesystem being mounted at /171/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.574435][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  317.580834][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  317.797070][ T5795] lenovo 0003:17EF:6047.0001: item fetching failed at offset 4/5
[  317.861019][ T5795] lenovo 0003:17EF:6047.0001: hid_parse failed
[  317.904370][ T5799] Bluetooth: hci4: command tx timeout
[  317.933909][ T5795] lenovo: probe of 0003:17EF:6047.0001 failed with error -22
[  318.188722][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.331537][ T8094] chnl_net:caif_netlink_parms(): no params data found
[  318.462389][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.667178][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.833979][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.076394][ T5105] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  319.086922][ T5105] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  319.095311][ T5105] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  319.103828][ T5105] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  319.115861][ T5105] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  319.125935][ T5105] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  319.186105][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.879189][ T8094] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.917459][ T8094] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.951329][ T8094] bridge_slave_0: entered allmulticast mode
[  319.984573][ T5105] Bluetooth: hci4: command tx timeout
[  319.993855][ T8094] bridge_slave_0: entered promiscuous mode
[  320.012414][   T27] usb 4-1: USB disconnect, device number 2
[  320.034099][ T8094] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.041261][ T8094] bridge0: port 2(bridge_slave_1) entered disabled state
[  320.048558][ T8094] bridge_slave_1: entered allmulticast mode
[  320.056816][ T8094] bridge_slave_1: entered promiscuous mode
[  320.298961][ T8094] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  320.416302][ T8094] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  321.183737][ T5105] Bluetooth: hci3: command tx timeout
[  322.074128][ T5105] Bluetooth: hci4: command tx timeout
[  322.260930][ T8094] team0: Port device team_slave_0 added
[  322.322924][ T8133] netlink: 20 bytes leftover after parsing attributes in process `syz.3.698'.
[  322.349206][ T8130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.697'.
[  322.385397][ T8094] team0: Port device team_slave_1 added
[  322.575288][ T8094] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.582421][ T8094] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.653615][ T8094] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.882462][ T8094] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.890019][ T8094] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.917608][ T8094] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.113186][   T12] tipc: Left network mode
[  323.280817][ T5105] Bluetooth: hci3: command tx timeout
[  324.144328][ T5105] Bluetooth: hci4: command tx timeout
[  324.405120][ T8094] hsr_slave_0: entered promiscuous mode
[  324.423914][ T8094] hsr_slave_1: entered promiscuous mode
[  324.453460][ T8094] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  324.461455][ T8094] Cannot create hsr debugfs directory
[  325.419453][ T5105] Bluetooth: hci3: command tx timeout
[  325.947257][ T8170] overlayfs: overlapping lowerdir path
[  326.838172][ T8172] netlink: 20 bytes leftover after parsing attributes in process `syz.3.705'.
[  327.123432][ T8176] netlink: 4 bytes leftover after parsing attributes in process `syz.3.706'.
[  327.169042][ T8115] chnl_net:caif_netlink_parms(): no params data found
[  327.503951][ T5105] Bluetooth: hci3: command tx timeout
[  327.613867][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  327.833696][ T8115] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.835189][    T9] usb 4-1: Using ep0 maxpacket: 32
[  327.840878][ T8115] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.862361][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  327.888530][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  327.893877][ T8115] bridge_slave_0: entered allmulticast mode
[  327.913787][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  327.941403][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.941413][ T8115] bridge_slave_0: entered promiscuous mode
[  327.945209][ T8115] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.983801][ T8115] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.986517][    T9] usb 4-1: config 0 descriptor??
[  327.991117][ T8115] bridge_slave_1: entered allmulticast mode
[  328.017672][ T8115] bridge_slave_1: entered promiscuous mode
[  328.049142][    T9] hub 4-1:0.0: USB hub found
[  328.279745][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  328.296213][    T9] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[  328.328805][    T9] usbhid 4-1:0.0: can't add hid device: -71
[  328.350744][    T9] usbhid: probe of 4-1:0.0 failed with error -71
[  328.366874][   T12] hsr_slave_0: left promiscuous mode
[  328.384723][   T12] hsr_slave_1: left promiscuous mode
[  328.396394][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  328.410426][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  328.422388][    T9] usb 4-1: USB disconnect, device number 3
[  328.445711][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  328.455954][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  328.476625][   T12] bridge_slave_1: left allmulticast mode
[  328.482335][   T12] bridge_slave_1: left promiscuous mode
[  328.500555][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.523672][   T12] bridge_slave_0: left allmulticast mode
[  328.530307][   T12] bridge_slave_0: left promiscuous mode
[  328.543996][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.630439][   T12] veth1_macvtap: left promiscuous mode
[  328.638606][   T12] veth0_macvtap: left promiscuous mode
[  328.654494][   T12] veth1_vlan: left promiscuous mode
[  328.661351][   T12] veth0_vlan: left promiscuous mode
[  328.992641][ T8202] loop3: detected capacity change from 0 to 128
[  329.111202][ T8202] syz.3.710: attempt to access beyond end of device
[  329.111202][ T8202] loop3: rw=2049, sector=145, nr_sectors = 896 limit=128
[  329.177492][ T8202] syz.3.710: attempt to access beyond end of device
[  329.177492][ T8202] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[  329.196489][ T8202] syz.3.710: attempt to access beyond end of device
[  329.196489][ T8202] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  329.211340][ T8202] syz.3.710: attempt to access beyond end of device
[  329.211340][ T8202] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  329.226368][ T8202] syz.3.710: attempt to access beyond end of device
[  329.226368][ T8202] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  329.249209][ T8202] syz.3.710: attempt to access beyond end of device
[  329.249209][ T8202] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  329.265481][ T8202] syz.3.710: attempt to access beyond end of device
[  329.265481][ T8202] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  329.780613][ T8214] loop3: detected capacity change from 0 to 512
[  329.938443][ T8214] EXT4-fs (loop3): 1 truncate cleaned up
[  329.950905][ T8214] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.473307][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.588118][ T8218] netlink: 20 bytes leftover after parsing attributes in process `syz.3.712'.
[  330.718251][   T12] team0 (unregistering): Port device team_slave_1 removed
[  330.769762][   T12] team0 (unregistering): Port device team_slave_0 removed
[  330.811630][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  330.856985][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  331.303309][   T12] bond0 (unregistering): Released all slaves
[  331.390392][ T8115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.410914][ T8115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.436014][ T8094] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  331.512033][ T8094] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  331.539304][ T8094] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  331.574446][ T8094] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  331.634176][ T8220] netlink: 4 bytes leftover after parsing attributes in process `syz.3.713'.
[  331.647878][ T8115] team0: Port device team_slave_0 added
[  331.676615][ T8115] team0: Port device team_slave_1 added
[  331.712498][ T8115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.719770][ T8115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.756893][ T8115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.798109][ T8115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.824261][ T8115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.875411][ T8115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.757104][ T8115] hsr_slave_0: entered promiscuous mode
[  333.005528][ T8115] hsr_slave_1: entered promiscuous mode
[  334.281066][ T8094] 8021q: adding VLAN 0 to HW filter on device bond0
[  334.323257][ T8094] 8021q: adding VLAN 0 to HW filter on device team0
[  334.365982][ T8254] netlink: 20 bytes leftover after parsing attributes in process `syz.3.719'.
[  334.413709][ T8255] netlink: 12 bytes leftover after parsing attributes in process `syz.2.717'.
[  334.572632][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  334.579876][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  334.631840][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.639239][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  334.922219][ T8115] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  334.934903][ T8115] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  335.753723][ T8115] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  335.819814][ T8115] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  336.155486][ T8115] 8021q: adding VLAN 0 to HW filter on device bond0
[  336.208802][ T8115] 8021q: adding VLAN 0 to HW filter on device team0
[  336.294449][ T3490] bridge0: port 1(bridge_slave_0) entered blocking state
[  336.301662][ T3490] bridge0: port 1(bridge_slave_0) entered forwarding state
[  336.325350][ T3490] bridge0: port 2(bridge_slave_1) entered blocking state
[  336.332545][ T3490] bridge0: port 2(bridge_slave_1) entered forwarding state
[  336.846547][ T8094] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.319243][ T8115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.862774][ T8316] loop2: detected capacity change from 0 to 128
[  337.880522][ T8094] veth0_vlan: entered promiscuous mode
[  337.946579][ T8094] veth1_vlan: entered promiscuous mode
[  338.065589][ T8316] syz.2.724: attempt to access beyond end of device
[  338.065589][ T8316] loop2: rw=2049, sector=145, nr_sectors = 704 limit=128
[  338.086517][ T8094] veth0_macvtap: entered promiscuous mode
[  338.118376][ T8094] veth1_macvtap: entered promiscuous mode
[  338.158339][ T8094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.176482][ T8094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.184601][ T8316] syz.2.724: attempt to access beyond end of device
[  338.184601][ T8316] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  338.214326][ T8094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.241787][ T8094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.262869][ T8094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.284177][ T8094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.302867][ T8094] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.348763][ T8094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.374819][ T8094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.411652][ T8094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.440099][ T8094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.455813][ T8324] loop2: detected capacity change from 0 to 512
[  338.461190][ T8094] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.475267][ T8324] EXT4-fs: Ignoring removed bh option
[  338.502298][ T8094] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.523667][ T8324] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  338.535330][ T8094] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.602381][ T8094] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.631738][ T8094] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.647107][ T8324] EXT4-fs (loop2): 1 truncate cleaned up
[  338.684764][ T8094] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.700014][ T8324] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.738574][ T8094] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.985128][ T8336] netlink: 24 bytes leftover after parsing attributes in process `syz.3.726'.
[  339.108352][ T8115] veth0_vlan: entered promiscuous mode
[  339.139322][ T8115] veth1_vlan: entered promiscuous mode
[  340.032483][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.137299][ T8115] veth0_macvtap: entered promiscuous mode
[  340.185246][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.225533][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.257929][ T8115] veth1_macvtap: entered promiscuous mode
[  341.068035][ T3443] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  341.088362][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.099647][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.109977][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.120676][ T3443] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  341.136865][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.176083][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.212999][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.239126][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.273691][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.310833][ T8115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.375646][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.388096][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.406696][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.427231][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.466414][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.100669][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.287329][ T8115] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  342.303605][ T8115] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.357067][ T8115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  342.412776][ T8115] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  342.442730][ T8115] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  342.456226][ T8115] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  342.472251][ T8115] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  342.687672][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.712300][ T8373] loop4: detected capacity change from 0 to 1024
[  342.723767][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.744666][ T8373] EXT4-fs: Ignoring removed orlov option
[  342.750383][ T8373] EXT4-fs: Ignoring removed nomblk_io_submit option
[  342.821830][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.834946][ T8373] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.841880][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.295595][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.594688][ T8421] netlink: 20 bytes leftover after parsing attributes in process `syz.3.740'.
[  348.238029][  T787] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  348.914350][  T787] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  349.170107][ T8435] fido_id[8435]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  349.313227][ T8436] loop2: detected capacity change from 0 to 512
[  349.505715][ T8436] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  349.854391][ T8436] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.739: casefold flag without casefold feature
[  350.013849][ T8436] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.739: couldn't read orphan inode 15 (err -117)
[  350.060254][ T8436] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.915085][ T8467] loop4: detected capacity change from 0 to 1024
[  350.922622][ T8467] EXT4-fs: Ignoring removed nomblk_io_submit option
[  350.993473][ T8467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.261093][ T8477] netlink: 20 bytes leftover after parsing attributes in process `syz.3.750'.
[  351.268009][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.805395][ T8489] loop2: detected capacity change from 0 to 2048
[  352.729313][ T8494] syz.3.752[8494] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  352.729478][ T8494] syz.3.752[8494] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  352.749136][ T8494] loop3: detected capacity change from 0 to 256
[  352.771159][ T8494] exfat: Deprecated parameter 'utf8'
[  352.776628][ T8494] exfat: Deprecated parameter 'utf8'
[  353.132269][ T8494] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  353.779145][ T8489] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.951709][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.232267][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.391114][ T8513] loop3: detected capacity change from 0 to 1024
[  356.406607][ T8512] netlink: 20 bytes leftover after parsing attributes in process `syz.4.760'.
[  356.457739][ T8513] EXT4-fs: Ignoring removed nobh option
[  356.532589][ T8513] EXT4-fs: Ignoring removed bh option
[  356.539168][ T8513] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  356.761101][ T8513] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.925946][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.807264][ T8543] loop5: detected capacity change from 0 to 2048
[  358.904491][ T8550] loop3: detected capacity change from 0 to 1024
[  358.918896][ T8550] EXT4-fs: Ignoring removed orlov option
[  358.927142][ T8543] EXT4-fs (loop5): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.964802][ T8550] EXT4-fs: Ignoring removed nomblk_io_submit option
[  359.287763][ T8550] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.311700][ T8557] overlayfs: overlapping lowerdir path
[  360.309582][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  361.308615][ T8580] netlink: 20 bytes leftover after parsing attributes in process `syz.2.770'.
[  361.522469][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.981744][ T8612] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  364.513959][ T8631] netlink: 20 bytes leftover after parsing attributes in process `syz.5.779'.
[  364.808250][ T8639] loop5: detected capacity change from 0 to 256
[  364.836777][ T8639] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  364.847673][ T8639] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  364.945457][ T8639] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  365.115555][ T8640] input: syz1 as /devices/virtual/input/input7
[  366.429601][ T8645] loop2: detected capacity change from 0 to 1024
[  366.480786][ T8645] EXT4-fs: Ignoring removed orlov option
[  366.819558][ T8645] EXT4-fs: Ignoring removed nomblk_io_submit option
[  367.751691][ T8645] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.675101][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.972381][ T8709] netlink: 4 bytes leftover after parsing attributes in process `syz.4.792'.
[  375.938035][ T8750] loop2: detected capacity change from 0 to 256
[  375.948911][ T8750] exfat: Unknown parameter 'iochar'
[  377.933985][   T27] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  378.024905][ T8765] netlink: 4 bytes leftover after parsing attributes in process `syz.3.804'.
[  378.182388][   T27] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  378.249942][   T27] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  378.315260][   T27] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  378.343613][   T27] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  378.373220][   T27] usb 6-1: SerialNumber: syz
[  378.873260][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  378.880210][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  379.011103][   T27] usb 6-1: 0:2 : does not exist
[  379.016588][   T27] usb 6-1: unit 5: unexpected type 0x09
[  379.057353][   T27] usb 6-1: USB disconnect, device number 2
[  380.000083][ T5801] udevd[5801]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  380.952078][ T8796] loop2: detected capacity change from 0 to 2048
[  381.782477][ T8796] EXT4-fs (loop2): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  382.523812][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  386.258325][ T8842] loop4: detected capacity change from 0 to 512
[  386.272586][ T8842] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  386.529317][ T8842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.542035][ T8842] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  386.618775][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.821'.
[  386.644518][ T8842] serio: Serial port ptm0
[  388.743973][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.344904][ T8887] platform regulatory.0: loading /lib/firmware/regulatory.db.p7s failed with error -4
[  392.447334][ T8887] platform regulatory.0: Direct firmware load for regulatory.db.p7s failed with error -4
[  392.513608][ T8887] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db.p7s
[  392.637988][ T8908] loop3: detected capacity change from 0 to 2048
[  392.712708][ T8908] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  393.471884][ T8928] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  394.247068][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  394.744347][   T28] audit: type=1326 audit(1753180186.834:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8933 comm="syz.4.836" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa3e6d8e9a9 code=0x0
[  395.845444][ T8960] netlink: 12 bytes leftover after parsing attributes in process `syz.4.837'.
[  396.982007][ T8976] loop2: detected capacity change from 0 to 128
[  397.144953][ T8976] syz.2.842: attempt to access beyond end of device
[  397.144953][ T8976] loop2: rw=2049, sector=145, nr_sectors = 656 limit=128
[  397.232413][ T8976] syz.2.842: attempt to access beyond end of device
[  397.232413][ T8976] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  397.249987][ T8976] syz.2.842: attempt to access beyond end of device
[  397.249987][ T8976] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  397.265013][ T8976] syz.2.842: attempt to access beyond end of device
[  397.265013][ T8976] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  397.281354][ T8976] syz.2.842: attempt to access beyond end of device
[  397.281354][ T8976] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  398.139416][ T8979] loop5: detected capacity change from 0 to 40427
[  398.180908][ T8979] F2FS-fs (loop5): Invalid SB checksum offset: 0
[  398.187578][ T8979] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  398.222004][ T8981] loop3: detected capacity change from 0 to 512
[  398.258470][ T8979] F2FS-fs (loop5): invalid crc value
[  398.366801][ T8979] F2FS-fs (loop5): sanity_check_inode: corrupted inode footer i_ino=3, ino,nid: [14170371, 3] run fsck to fix.
[  398.402312][ T8979] F2FS-fs (loop5): Failed to read root inode
[  398.495051][ T8981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.507709][ T8981] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  398.839102][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.200986][ T9006] loop2: detected capacity change from 0 to 256
[  399.212783][ T9006] exfat: Unknown parameter 'iochar'
[  405.522145][ T9047] loop5: detected capacity change from 0 to 2048
[  405.944578][ T9047] EXT4-fs (loop5): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  406.129619][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  407.359974][ T9068] loop3: detected capacity change from 0 to 128
[  407.657438][ T9073] xt_hashlimit: max too large, truncated to 1048576
[  407.668236][ T9073] No such timeout policy "syz1"
[  409.863338][ T9088] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  409.929624][ T9086] loop3: detected capacity change from 0 to 2048
[  410.264893][ T9086] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.462418][ T9111] loop5: detected capacity change from 0 to 512
[  411.478694][ T9111] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  411.496296][ T9111] EXT4-fs (loop5): 1 truncate cleaned up
[  411.497774][ T9111] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.743984][ T9098] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  412.958001][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.163789][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  414.243843][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  414.252646][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  414.499034][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  414.601383][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  417.277716][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  419.046757][ T9174] loop3: detected capacity change from 0 to 16
[  419.075651][ T9174] erofs: (device loop3): mounted with root inode @ nid 36.
[  419.118367][ T9174] syz.3.892: attempt to access beyond end of device
[  419.118367][ T9174] loop3: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  419.145333][ T9174] netlink: 12 bytes leftover after parsing attributes in process `syz.3.892'.
[  419.944480][ T9162] syz.4.890[9162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  419.944623][ T9162] syz.4.890[9162] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  419.978970][ T9162] loop4: detected capacity change from 0 to 256
[  420.110521][ T9162] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  420.135879][ T9162] batadv_slave_0: entered promiscuous mode
[  420.289963][ T9180] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  421.292564][ T9193] loop3: detected capacity change from 0 to 2048
[  421.300472][ T9195] netlink: 4 bytes leftover after parsing attributes in process `syz.5.897'.
[  421.759017][ T9193] EXT4-fs (loop3): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.831496][ T9207] xt_TCPMSS: Only works on TCP SYN packets
[  424.570326][ T9228] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  424.879600][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  425.413662][ T9242] loop3: detected capacity change from 0 to 1024
[  425.427786][ T9242] EXT4-fs: Ignoring removed orlov option
[  425.583922][ T9242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  425.989871][ T9248] netlink: 28 bytes leftover after parsing attributes in process `syz.5.908'.
[  426.065070][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.621399][ T9255] loop5: detected capacity change from 0 to 256
[  427.566510][ T9262] loop3: detected capacity change from 0 to 2048
[  428.100667][ T9262] EXT4-fs (loop3): #clusters per group too big: 32768
[  429.327677][ T9273] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  429.570073][ T9275] loop4: detected capacity change from 0 to 2048
[  431.475009][ T9275] EXT4-fs (loop4): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  431.883657][    T9] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  432.084160][    T9] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  432.092236][    T9] usb 4-1: config 0 has no interface number 0
[  432.139740][    T9] usb 4-1: config 0 interface 8 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  432.139819][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=b9d5, bcdDevice=73.f7
[  432.139842][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.154915][    T9] usb 4-1: config 0 descriptor??
[  432.157134][ T9303] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  432.237528][ T9297] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  432.460483][ T5882] usb 4-1: USB disconnect, device number 4
[  433.556464][ T9320] loop3: detected capacity change from 0 to 128
[  433.679357][ T9322] syz.3.923: attempt to access beyond end of device
[  433.679357][ T9322] loop3: rw=2049, sector=145, nr_sectors = 456 limit=128
[  434.148654][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  436.030194][ T9329] xt_l2tp: wrong L2TP version: 0
[  436.158771][ T9341] random: crng reseeded on system resumption
[  436.644164][ T9344] loop3: detected capacity change from 0 to 40427
[  436.832548][ T9344] F2FS-fs (loop3): Found nat_bits in checkpoint
[  436.886619][ T9344] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  437.431892][ T9355] loop2: detected capacity change from 0 to 512
[  437.702531][ T9355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.762349][ T9355] ext4 filesystem being mounted at /234/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  437.809049][ T9355] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.522202][ T9360] loop4: detected capacity change from 0 to 2048
[  438.599676][ T9362] loop2: detected capacity change from 0 to 128
[  438.626288][ T9360] EXT4-fs (loop4): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  439.811901][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  439.995120][ T9379] loop5: detected capacity change from 0 to 256
[  440.939513][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  440.947310][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  442.793547][ T5800] Bluetooth: hci4: command 0x0406 tx timeout
[  442.799932][ T5800] Bluetooth: hci3: command 0x0406 tx timeout
[  445.288631][ T9401] loop5: detected capacity change from 0 to 40427
[  445.454892][ T9401] F2FS-fs (loop5): Found nat_bits in checkpoint
[  445.525259][ T9401] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  445.972231][ T9415] loop3: detected capacity change from 0 to 128
[  446.192819][ T9417] netlink: 64 bytes leftover after parsing attributes in process `syz.2.947'.
[  446.270965][   T28] audit: type=1326 audit(1753180238.354:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9416 comm="syz.2.947" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fd238e9a9 code=0x0
[  446.619913][ T9419] overlayfs: overlapping lowerdir path
[  447.988755][ T9430] loop4: detected capacity change from 0 to 256
[  447.996268][ T9430] exfat: Deprecated parameter 'namecase'
[  448.002048][ T9430] exfat: Deprecated parameter 'utf8'
[  448.685181][ T9430] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  451.188505][ T9454] loop4: detected capacity change from 0 to 40427
[  451.253858][ T9454] F2FS-fs (loop4): Found nat_bits in checkpoint
[  451.344319][ T9454] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  451.588367][ T9465] overlayfs: overlapping lowerdir path
[  456.634959][ T9496] loop2: detected capacity change from 0 to 512
[  456.642386][ T9496] EXT4-fs: Ignoring removed mblk_io_submit option
[  456.650095][ T9496] EXT4-fs: Ignoring removed bh option
[  456.655747][ T9496] ext4: Unknown parameter 'fsuuid'
[  457.030134][ T9501] netlink: 'syz.2.968': attribute type 27 has an invalid length.
[  457.204027][ T9506] overlayfs: failed to resolve './file0': -2
[  458.286337][ T9515] loop5: detected capacity change from 0 to 512
[  458.350615][ T9515] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  458.363704][ T9515] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  458.507220][ T9520] loop3: detected capacity change from 0 to 1024
[  458.527602][ T9520] EXT4-fs: Ignoring removed i_version option
[  458.559375][ T9520] EXT4-fs: inline encryption not supported
[  458.574347][ T9520] EXT4-fs: Ignoring removed oldalloc option
[  458.624373][ T9520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  458.872947][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  459.668323][ T9518] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 328: padding at end of block bitmap is not set
[  460.354523][ T9501] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  460.381609][ T9501] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.093378][ T9501] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.109754][ T9501] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.120329][ T9501] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.134965][ T9501] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.373946][ T9501] hsr1: left allmulticast mode
[  461.595528][ T9504] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.607502][ T9504] 8021q: adding VLAN 0 to HW filter on device team0
[  461.619793][ T9504] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  461.956456][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  462.674629][ T9538] loop2: detected capacity change from 0 to 40427
[  463.198194][ T9538] F2FS-fs (loop2): Found nat_bits in checkpoint
[  463.344417][ T9538] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  465.520423][ T9561] loop4: detected capacity change from 0 to 8192
[  467.127182][ T9579] loop3: detected capacity change from 0 to 512
[  467.140816][ T9579] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  467.260133][ T9579] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  467.273677][ T9579] ext4 filesystem being mounted at /268/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  468.270337][ T9571] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  468.626679][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.520210][ T9596] netlink: 12 bytes leftover after parsing attributes in process `syz.3.989'.
[  469.889717][ T9605] loop5: detected capacity change from 0 to 128
[  470.030479][ T9605] syz.5.993: attempt to access beyond end of device
[  470.030479][ T9605] loop5: rw=2049, sector=145, nr_sectors = 248 limit=128
[  470.090265][ T9605] syz.5.993: attempt to access beyond end of device
[  470.090265][ T9605] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[  470.116220][ T9605] syz.5.993: attempt to access beyond end of device
[  470.116220][ T9605] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[  471.757210][ T9626] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  473.923831][ T9634] overlayfs: overlapping lowerdir path
[  474.835985][ T9638] loop2: detected capacity change from 0 to 1024
[  474.859614][ T9638] EXT4-fs: Ignoring removed orlov option
[  474.894338][ T9638] EXT4-fs: Ignoring removed nomblk_io_submit option
[  476.070051][ T9638] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  478.651366][ T9660] loop3: detected capacity change from 0 to 40427
[  478.730468][ T9660] F2FS-fs (loop3): Found nat_bits in checkpoint
[  478.967510][ T9660] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  479.376075][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.686924][ T9682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1009'.
[  481.036946][ T9691] loop4: detected capacity change from 0 to 512
[  481.077512][ T9691] EXT4-fs (loop4): 1 truncate cleaned up
[  481.087178][ T9691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  481.764493][ T9693] EXT4-fs error (device loop4): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  481.810241][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  482.045810][ T9709] loop2: detected capacity change from 0 to 1024
[  482.066608][ T9709] EXT4-fs: Ignoring removed orlov option
[  482.072329][ T9709] EXT4-fs: Ignoring removed nomblk_io_submit option
[  483.579334][ T9709] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.291895][ T9732] loop4: detected capacity change from 0 to 256
[  487.418857][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.642894][ T9749] overlayfs: overlapping lowerdir path
[  496.834735][ T9787] loop2: detected capacity change from 0 to 1024
[  496.848098][ T9787] EXT4-fs: Ignoring removed orlov option
[  496.853993][ T9787] EXT4-fs: Ignoring removed nomblk_io_submit option
[  497.031289][ T9787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  497.532677][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.907043][ T9798] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1038'.
[  499.974007][ T9798] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1038'.
[  500.322109][ T9818] syz.3.1041[9818] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  500.322257][ T9818] syz.3.1041[9818] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  500.340122][ T9818] loop3: detected capacity change from 0 to 256
[  501.748384][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  501.783666][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  501.849975][ T9824] loop4: detected capacity change from 0 to 2048
[  501.980367][ T9824] EXT4-fs (loop4): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  502.025230][ T9827] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1044'.
[  502.333601][ T9837] loop2: detected capacity change from 0 to 128
[  502.460612][ T9838] loop5: detected capacity change from 0 to 256
[  502.472676][ T9838] exfat: Unknown parameter 'iochar'
[  506.063641][ T9829] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  507.735290][ T9866] loop2: detected capacity change from 0 to 40427
[  507.806523][ T9866] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  507.813046][ T9866] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  507.852089][ T9866] F2FS-fs (loop2): invalid crc value
[  508.284372][ T9866] F2FS-fs (loop2): sanity_check_inode: corrupted inode footer i_ino=3, ino,nid: [14170371, 3] run fsck to fix.
[  508.350286][ T9866] F2FS-fs (loop2): Failed to read root inode
[  510.004500][ T9875] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1055'.
[  510.459581][ T9882] loop5: detected capacity change from 0 to 512
[  510.677382][ T9882] EXT4-fs error (device loop5): ext4_orphan_get:1425: comm syz.5.1057: bad orphan inode 11862016
[  510.695618][ T9882] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  510.708972][ T9882] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  511.832579][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0700-0000-0000-000000000000.
[  513.175889][ T9894] loop4: detected capacity change from 0 to 128
[  513.247649][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  513.359595][ T9897] syz.4.1059: attempt to access beyond end of device
[  513.359595][ T9897] loop4: rw=2049, sector=145, nr_sectors = 232 limit=128
[  513.522118][ T9896] loop2: detected capacity change from 0 to 256
[  513.833640][ T9907] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1065'.
[  515.437254][ T9930] overlayfs: overlapping lowerdir path
[  516.661269][ T9941] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1075'.
[  517.126308][ T9944] loop2: detected capacity change from 0 to 256
[  518.997105][ T9974] syzkaller0: entered promiscuous mode
[  519.002861][ T9974] syzkaller0: entered allmulticast mode
[  519.252083][ T9975] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  519.337504][ T9978] xt_hashlimit: max too large, truncated to 1048576
[  519.345346][ T9978] No such timeout policy "syz1"
[  521.095297][ T9984] loop5: detected capacity change from 0 to 512
[  521.379378][ T9984] EXT4-fs (loop5): 1 truncate cleaned up
[  521.386537][ T9984] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  521.583317][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.440785][T10028] loop5: detected capacity change from 0 to 512
[  525.501390][T10028] EXT4-fs (loop5): 1 truncate cleaned up
[  525.508629][T10028] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  525.787946][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.438298][T10058] syz.3.1113[10058] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  527.438456][T10058] syz.3.1113[10058] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  528.976551][T10053] loop3: detected capacity change from 0 to 256
[  530.014722][T10081] overlayfs: overlapping lowerdir path
[  535.266991][T10118] loop4: detected capacity change from 0 to 128
[  540.174718][T10167] overlayfs: overlapping lowerdir path
[  541.547683][T10153] netlink: 'syz.4.1139': attribute type 21 has an invalid length.
[  541.555756][T10153] netlink: 'syz.4.1139': attribute type 15 has an invalid length.
[  541.762407][T10178] netlink: 'syz.3.1148': attribute type 10 has an invalid length.
[  541.771343][T10178] netlink: 55 bytes leftover after parsing attributes in process `syz.3.1148'.
[  545.084814][T10208] netlink: 'syz.3.1157': attribute type 2 has an invalid length.
[  545.112345][T10208] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1157'.
[  545.164974][T10209] netlink: 'syz.3.1157': attribute type 2 has an invalid length.
[  545.213670][T10209] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1157'.
[  548.025999][T10239] netlink: 'syz.2.1169': attribute type 29 has an invalid length.
[  548.084003][T10239] netlink: 'syz.2.1169': attribute type 29 has an invalid length.
[  548.115111][T10239] netlink: 'syz.2.1169': attribute type 29 has an invalid length.
[  548.164378][T10239] netlink: 'syz.2.1169': attribute type 29 has an invalid length.
[  548.193852][T10239] netlink: 'syz.2.1169': attribute type 29 has an invalid length.
[  548.292960][T10246] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  548.323881][T10246] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  548.964207][T10246] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  549.030513][T10246] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  549.084876][T10246] netlink: 'syz.4.1172': attribute type 29 has an invalid length.
[  549.187899][T10252] syzkaller0: entered promiscuous mode
[  549.193498][T10252] syzkaller0: entered allmulticast mode
[  549.416418][T10261] loop4: detected capacity change from 0 to 128
[  550.223959][T10265] syz.4.1176: attempt to access beyond end of device
[  550.223959][T10265] loop4: rw=2049, sector=145, nr_sectors = 288 limit=128
[  550.451777][T10261] syz.4.1176: attempt to access beyond end of device
[  550.451777][T10261] loop4: rw=524288, sector=145, nr_sectors = 224 limit=128
[  551.729040][T10287] syzkaller0: entered promiscuous mode
[  551.754261][T10287] syzkaller0: entered allmulticast mode
[  552.128708][T10301] loop3: detected capacity change from 0 to 128
[  552.244567][T10301] syz.3.1192: attempt to access beyond end of device
[  552.244567][T10301] loop3: rw=2049, sector=145, nr_sectors = 760 limit=128
[  552.300813][T10301] syz.3.1192: attempt to access beyond end of device
[  552.300813][T10301] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[  552.318502][T10301] syz.3.1192: attempt to access beyond end of device
[  552.318502][T10301] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  552.336445][T10301] syz.3.1192: attempt to access beyond end of device
[  552.336445][T10301] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  553.014913][T10321] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  553.041790][T10322] validate_nla: 1 callbacks suppressed
[  553.041806][T10322] netlink: 'syz.5.1200': attribute type 29 has an invalid length.
[  553.101296][T10322] netlink: 'syz.5.1200': attribute type 29 has an invalid length.
[  553.145782][T10324] loop4: detected capacity change from 0 to 512
[  553.183160][T10323] netlink: 'syz.5.1200': attribute type 29 has an invalid length.
[  553.232041][T10325] netlink: 'syz.5.1200': attribute type 29 has an invalid length.
[  553.238811][T10324] EXT4-fs (loop4): 1 truncate cleaned up
[  553.247412][T10322] netlink: 'syz.5.1200': attribute type 29 has an invalid length.
[  553.307186][T10324] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  554.506109][T10340] loop3: detected capacity change from 0 to 128
[  554.676211][T10340] syz.3.1205: attempt to access beyond end of device
[  554.676211][T10340] loop3: rw=2049, sector=145, nr_sectors = 320 limit=128
[  554.790838][T10340] syz.3.1205: attempt to access beyond end of device
[  554.790838][T10340] loop3: rw=524288, sector=145, nr_sectors = 224 limit=128
[  554.823516][T10340] syz.3.1205: attempt to access beyond end of device
[  554.823516][T10340] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  554.840936][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.859036][T10340] syz.3.1205: attempt to access beyond end of device
[  554.859036][T10340] loop3: rw=0, sector=145, nr_sectors = 8 limit=128
[  555.257114][T10350] overlayfs: overlapping lowerdir path
[  556.417903][T10363] loop4: detected capacity change from 0 to 256
[  556.427483][T10363] exfat: Deprecated parameter 'namecase'
[  556.433250][T10363] exfat: Deprecated parameter 'utf8'
[  556.505616][T10363] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  557.222915][T10376] Dead loop on virtual device ip6_vti0, fix it urgently!
[  557.381382][T10381] loop2: detected capacity change from 0 to 128
[  557.902577][T10386] syzkaller0: entered promiscuous mode
[  557.908313][T10386] syzkaller0: entered allmulticast mode
[  559.640912][T10403] loop3: detected capacity change from 0 to 256
[  559.648339][T10403] exfat: Deprecated parameter 'namecase'
[  559.654165][T10403] exfat: Deprecated parameter 'utf8'
[  559.749362][T10403] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  563.187302][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  563.193948][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  566.605618][T10436] syz.4.1233[10436] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  566.605771][T10436] syz.4.1233[10436] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  566.650231][T10436] loop4: detected capacity change from 0 to 256
[  569.107642][T10480] loop4: detected capacity change from 0 to 256
[  569.115001][T10480] exfat: Deprecated parameter 'namecase'
[  569.121387][T10480] exfat: Deprecated parameter 'utf8'
[  569.137390][T10480] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  571.801902][T10523] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1262'.
[  571.820451][T10523] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1262'.
[  571.832111][T10522] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1262'.
[  571.848842][T10523] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1262'.
[  572.322321][T10535] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.1265'.
[  572.333115][T10535] netlink: 6116 bytes leftover after parsing attributes in process `syz.2.1265'.
[  572.342689][T10535] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1265'.
[  583.389542][T10592] loop3: detected capacity change from 0 to 8
[  583.602988][T10592] SQUASHFS error: xz decompression failed, data probably corrupt
[  583.653553][T10592] SQUASHFS error: Failed to read block 0x108: -5
[  583.659964][T10592] SQUASHFS error: Unable to read metadata cache entry [106]
[  583.719410][T10592] SQUASHFS error: Unable to read inode 0x11f
[  585.564314][T10607] loop5: detected capacity change from 0 to 256
[  585.578234][T10607] exfat: Deprecated parameter 'namecase'
[  585.585913][T10607] exfat: Bad value for 'errors'
[  589.585914][T10656] loop4: detected capacity change from 0 to 256
[  592.325035][T10682] loop5: detected capacity change from 0 to 1024
[  592.337771][T10682] EXT4-fs: Ignoring removed orlov option
[  592.353528][T10682] EXT4-fs: Ignoring removed nomblk_io_submit option
[  592.405911][T10682] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  595.125399][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.603109][T10737] loop4: detected capacity change from 0 to 1024
[  598.627881][T10737] EXT4-fs: Ignoring removed orlov option
[  598.661517][T10737] EXT4-fs: Ignoring removed nomblk_io_submit option
[  598.709656][T10737] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  600.650689][T10747] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  600.699287][T10747] syzkaller0: entered promiscuous mode
[  600.727773][T10747] syzkaller0: entered allmulticast mode
[  601.435542][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.276728][T10766] loop3: detected capacity change from 0 to 64
[  602.697576][T10770] netlink: 'syz.3.1331': attribute type 64 has an invalid length.
[  602.706822][T10770] netlink: 'syz.3.1331': attribute type 4 has an invalid length.
[  602.720069][T10770] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1331'.
[  605.225145][T10797] loop3: detected capacity change from 0 to 512
[  606.773071][T10797] EXT4-fs (loop3): 1 truncate cleaned up
[  606.779730][T10797] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  607.121322][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.987964][T10798] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1339'.
[  609.026139][T10819] loop4: detected capacity change from 0 to 64
[  610.150852][T10823] loop3: detected capacity change from 0 to 32768
[  610.341826][T10821] loop2: detected capacity change from 0 to 32768
[  611.316836][T10836] read_mapping_page failed!
[  611.334631][   T28] audit: type=1800 audit(1753180402.984:8): pid=10836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1347" name="file1" dev="loop3" ino=4 res=0 errno=0
[  614.665568][T10864] loop4: detected capacity change from 0 to 256
[  614.923589][T10868] loop3: detected capacity change from 0 to 4096
[  614.955782][T10868] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  615.418410][T10868] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  617.907802][T10900] loop4: detected capacity change from 0 to 256
[  619.110689][T10913] xt_hashlimit: max too large, truncated to 1048576
[  619.117621][T10913] No such timeout policy "syz1"
[  619.196649][T10915] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  619.220032][T10915] syzkaller0: entered promiscuous mode
[  619.340246][T10915] syzkaller0: entered allmulticast mode
[  621.258075][T10926] loop2: detected capacity change from 0 to 32768
[  621.285762][T10926] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1379 (10926)
[  621.649414][T10952] xt_hashlimit: max too large, truncated to 1048576
[  621.657382][T10952] No such timeout policy "syz1"
[  621.682226][T10926] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  621.811303][T10926] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  621.958823][T10926] BTRFS info (device loop2): using free space tree
[  622.729577][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  622.784635][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  622.994020][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  623.059924][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  623.095180][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  623.105903][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  623.117076][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  623.140209][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  623.151500][T10926] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  623.213828][T10926] BTRFS error (device loop2): open_ctree failed: -12
[  625.936331][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  625.942734][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  626.051099][T10994] overlayfs: overlapping lowerdir path
[  626.841314][T11003] loop2: detected capacity change from 0 to 512
[  626.963953][T11003] EXT4-fs (loop2): 1 truncate cleaned up
[  626.971067][T11003] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  627.245543][T11009] xt_hashlimit: max too large, truncated to 1048576
[  627.252410][T11009] No such timeout policy "syz1"
[  628.144667][T11005] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  628.339766][T11019] loop4: detected capacity change from 0 to 1024
[  628.371005][T11019] EXT4-fs: Ignoring removed orlov option
[  628.402914][T11019] EXT4-fs: Ignoring removed nomblk_io_submit option
[  628.468588][T11019] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  628.894784][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.351371][T11018] loop3: detected capacity change from 0 to 32768
[  629.399315][T11018] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.1400 (11018)
[  629.485710][T11018] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  629.523572][T11018] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  629.532314][T11018] BTRFS info (device loop3): force clearing of disk cache
[  629.573757][T11018] BTRFS info (device loop3): enabling auto defrag
[  629.580313][T11018] BTRFS info (device loop3): max_inline at 0
[  629.627294][T11018] BTRFS info (device loop3): enabling disk space caching
[  629.673648][T11018] BTRFS info (device loop3): disk space caching is enabled
[  630.729715][T11018] BTRFS info (device loop3): enabling ssd optimizations
[  630.764346][T11018] BTRFS info (device loop3): rebuilding free space tree
[  630.878081][T11018] BTRFS info (device loop3): disabling free space tree
[  630.895992][T11018] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  630.920226][T11018] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  631.605509][ T5786] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  632.882837][T11070] syzkaller0: entered promiscuous mode
[  632.895819][T11070] syzkaller0: entered allmulticast mode
[  633.581815][T11078] xt_hashlimit: max too large, truncated to 1048576
[  633.588915][T11078] No such timeout policy "syz1"
[  634.882549][T11081] loop3: detected capacity change from 0 to 512
[  635.283242][T11081] EXT4-fs (loop3): 1 truncate cleaned up
[  635.292109][T11081] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  635.443556][T11083] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  635.562371][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.877182][ T5808] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  635.904070][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.463560][ T5808] usb 3-1: Using ep0 maxpacket: 8
[  636.470839][ T5808] usb 3-1: config index 0 descriptor too short (expected 18, got 10)
[  636.618296][ T5808] usb 3-1: config 0 descriptor has 1 excess byte, ignoring
[  636.635450][ T5808] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  636.675573][ T5808] usb 3-1: New USB device found, idVendor=0586, idProduct=401a, bcdDevice= 2.4d
[  636.698684][ T5808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.723604][ T5808] usb 3-1: Product: syz
[  636.731810][ T5808] usb 3-1: Manufacturer: syz
[  636.737509][ T5808] usb 3-1: SerialNumber: syz
[  636.956704][ T5808] usb 3-1: config 0 descriptor??
[  637.552210][ T5808] usb 3-1: USB disconnect, device number 4
[  638.506363][T11123] syzkaller0: entered promiscuous mode
[  638.527038][T11123] syzkaller0: entered allmulticast mode
[  638.943913][T11133] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  638.978915][T11133] macvtap1: entered promiscuous mode
[  639.015366][T11133] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  641.819211][T11160] (null): rxe_set_mtu: Set mtu to 4096
[  641.830405][T11160] lo speed is unknown, defaulting to 1000
[  641.858358][T11160] lo speed is unknown, defaulting to 1000
[  641.877885][T11160] lo speed is unknown, defaulting to 1000
[  642.731655][T11160] infiniband syz0: set active
[  642.745257][   T23] lo speed is unknown, defaulting to 1000
[  642.757319][T11160] infiniband syz0: added lo
[  642.776019][T11160] syz0: rxe_create_cq: returned err = -12
[  642.782901][T11160] infiniband syz0: Couldn't create ib_mad CQ
[  642.789950][T11160] infiniband syz0: Couldn't open port 1
[  643.113449][T11160] RDS/IB: syz0: added
[  643.122187][T11160] smc: adding ib device syz0 with port count 1
[  643.129965][T11160] smc:    ib device syz0 port 1 has pnetid 
[  643.164193][T11160] lo speed is unknown, defaulting to 1000
[  643.484185][   T23] lo speed is unknown, defaulting to 1000
[  643.497755][T11160] lo speed is unknown, defaulting to 1000
[  643.725306][T11160] lo speed is unknown, defaulting to 1000
[  644.162966][T11160] lo speed is unknown, defaulting to 1000
[  644.630669][T11160] lo speed is unknown, defaulting to 1000
[  648.412071][T11198] loop4: detected capacity change from 0 to 40427
[  648.434192][T11198] F2FS-fs (loop4): invalid crc value
[  648.438634][T11201] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1451'.
[  648.461058][T11198] F2FS-fs (loop4): Found nat_bits in checkpoint
[  648.500283][T11201] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1451'.
[  648.514250][T11198] F2FS-fs (loop4): Start checkpoint disabled!
[  648.543655][T11198] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  649.246491][   T11] bio_check_eod: 83 callbacks suppressed
[  649.246509][   T11] kworker/u4:0: attempt to access beyond end of device
[  649.246509][   T11] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  649.271642][   T11] kworker/u4:0: attempt to access beyond end of device
[  649.271642][   T11] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  649.293326][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  649.306045][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  649.312991][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  649.352327][   T11] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  649.569101][T11212] syzkaller0: entered promiscuous mode
[  649.590531][T11212] syzkaller0: entered allmulticast mode
[  650.263221][T11223] overlayfs: overlapping lowerdir path
[  651.822322][T11230] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  651.829197][T11230] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  652.095579][T11230] vhci_hcd vhci_hcd.0: Device attached
[  652.155672][T11233] vhci_hcd: connection closed
[  652.160522][ T1090] vhci_hcd: stop threads
[  652.182242][ T1090] vhci_hcd: release socket
[  652.190965][ T1090] vhci_hcd: disconnect device
[  652.441018][T11237] loop4: detected capacity change from 0 to 4096
[  652.453611][T11237] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  652.656838][T11239] xt_hashlimit: max too large, truncated to 1048576
[  652.663664][T11239] No such timeout policy "syz1"
[  652.688863][T11228] loop3: detected capacity change from 0 to 32768
[  652.888689][T11237] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  652.914287][T11228] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  653.121300][T11228] XFS (loop3): Ending clean mount
[  653.168171][T11228] XFS (loop3): Quotacheck needed: Please wait.
[  653.383249][T11228] XFS (loop3): Quotacheck: Done.
[  653.679550][ T5786] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  654.408404][T11271] syzkaller0: entered promiscuous mode
[  654.423634][T11271] syzkaller0: entered allmulticast mode
[  655.852217][T11280] loop5: detected capacity change from 0 to 1024
[  656.204001][T11280] hfsplus: invalid extended attribute record
[  657.395441][ T8706] hfsplus: b-tree write err: -5, ino 4
[  659.699332][T11316] loop2: detected capacity change from 0 to 1024
[  659.707218][T11316] EXT4-fs: Ignoring removed orlov option
[  659.736452][T11316] EXT4-fs: Ignoring removed nomblk_io_submit option
[  659.786144][T11316] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  663.443852][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  666.559742][T11363] loop2: detected capacity change from 0 to 1024
[  666.574070][T11363] EXT4-fs: Ignoring removed orlov option
[  666.594780][T11363] EXT4-fs: Ignoring removed nomblk_io_submit option
[  666.661210][T11363] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  670.650126][T11392] hub 6-0:1.0: USB hub found
[  670.659029][T11392] hub 6-0:1.0: 1 port detected
[  675.796658][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  676.152105][T11424] loop4: detected capacity change from 0 to 40427
[  676.171585][T11424] F2FS-fs (loop4): invalid crc value
[  676.470105][T11424] F2FS-fs (loop4): Found nat_bits in checkpoint
[  676.543016][T11424] F2FS-fs (loop4): Start checkpoint disabled!
[  677.056155][T11424] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  677.572417][T11441] xt_hashlimit: max too large, truncated to 1048576
[  677.687298][T11442] syzkaller0: entered promiscuous mode
[  677.692838][T11442] syzkaller0: entered allmulticast mode
[  677.790469][T11441] No such timeout policy "syz1"
[  677.818511][ T3443] kworker/u4:9: attempt to access beyond end of device
[  677.818511][ T3443] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  677.846525][ T3443] kworker/u4:9: attempt to access beyond end of device
[  677.846525][ T3443] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  677.893508][ T3443] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  677.908355][ T3443] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  677.920523][ T3443] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  677.953617][ T3443] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  679.946349][T11455] loop4: detected capacity change from 0 to 512
[  680.004494][T11455] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.1514: corrupted in-inode xattr: bad e_name length
[  680.028853][T11455] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1514: couldn't read orphan inode 15 (err -117)
[  680.087547][T11455] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.250843][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.951301][T11463] loop3: detected capacity change from 0 to 1024
[  681.005064][T11463] EXT4-fs: Ignoring removed orlov option
[  681.010842][T11463] EXT4-fs: Ignoring removed nomblk_io_submit option
[  681.092469][T11463] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  682.482566][T11474] loop2: detected capacity change from 0 to 32768
[  682.519656][T11474] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1519 (11474)
[  682.574357][T11474] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  682.605282][T11474] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  682.625931][T11474] BTRFS info (device loop2): use zlib compression, level 3
[  682.633249][T11474] BTRFS info (device loop2): enabling auto defrag
[  682.670190][T11474] BTRFS info (device loop2): doing ref verification
[  682.680283][T11474] BTRFS info (device loop2): use no compression
[  682.699692][T11474] BTRFS info (device loop2): force clearing of disk cache
[  682.725266][T11474] BTRFS info (device loop2): turning off barriers
[  682.731777][T11474] BTRFS info (device loop2): turning on barriers
[  682.784454][T11474] BTRFS info (device loop2): setting nodatacow, compression disabled
[  682.793142][T11474] BTRFS info (device loop2): using free space tree
[  683.779638][T11474] BTRFS info (device loop2): enabling ssd optimizations
[  683.809656][T11474] BTRFS info (device loop2): auto enabling async discard
[  683.868385][T11474] BTRFS info (device loop2): rebuilding free space tree
[  684.488395][ T5789] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  684.745555][T11519] tipc: Started in network mode
[  684.765259][T11519] tipc: Node identity 8ea0d09cffee, cluster identity 4711
[  684.772618][T11519] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  684.902531][T11521] tipc: Resetting bearer <eth:syzkaller0>
[  685.097728][T11518] tipc: Disabling bearer <eth:syzkaller0>
[  686.069124][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  686.077646][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  688.026310][T11546] loop5: detected capacity change from 0 to 40427
[  688.826621][T11546] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x7
[  688.838705][T11546] F2FS-fs (loop5): invalid crc value
[  688.862661][T11546] F2FS-fs (loop5): Found nat_bits in checkpoint
[  688.948396][T11546] F2FS-fs (loop5): Start checkpoint disabled!
[  688.970510][T11546] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  689.305337][T11558] loop4: detected capacity change from 0 to 128
[  689.384514][T11561] syzkaller0: entered promiscuous mode
[  689.593974][T11561] syzkaller0: entered allmulticast mode
[  690.189837][T11558] FAT-fs (loop4): Directory bread(block 32) failed
[  690.243677][T11558] FAT-fs (loop4): Directory bread(block 33) failed
[  690.251351][T11558] FAT-fs (loop4): Directory bread(block 34) failed
[  690.308864][T11558] FAT-fs (loop4): Directory bread(block 35) failed
[  690.339192][T11558] FAT-fs (loop4): Directory bread(block 36) failed
[  690.376023][T11558] FAT-fs (loop4): Directory bread(block 37) failed
[  690.384937][ T3490] kworker/u4:10: attempt to access beyond end of device
[  690.384937][ T3490] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  690.409188][T11558] FAT-fs (loop4): Directory bread(block 38) failed
[  690.419611][ T3490] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  690.429578][T11558] FAT-fs (loop4): Directory bread(block 39) failed
[  690.439897][ T3490] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  690.460674][T11558] FAT-fs (loop4): Directory bread(block 40) failed
[  690.523729][T11558] FAT-fs (loop4): Directory bread(block 41) failed
[  691.422670][ T5786] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  692.713873][T11583] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  693.559922][T11586] loop4: detected capacity change from 0 to 1024
[  693.647862][T11586] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  694.044690][T11595] 9pnet_fd: Insufficient options for proto=fd
[  694.976927][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  699.692353][T11625] loop2: detected capacity change from 0 to 512
[  700.825679][T11625] EXT4-fs (loop2): 1 truncate cleaned up
[  700.832743][T11625] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  701.154976][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.452515][T11637] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  704.430409][T11665] overlayfs: overlapping lowerdir path
[  706.588464][T11680] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  712.726203][T11732] loop4: detected capacity change from 0 to 64
[  712.908422][T11734] syzkaller0: entered promiscuous mode
[  712.923036][T11734] syzkaller0: entered allmulticast mode
[  722.765912][T11801] loop4: detected capacity change from 0 to 1024
[  722.783565][T11801] EXT4-fs: Ignoring removed orlov option
[  722.799575][T11801] EXT4-fs: Ignoring removed nomblk_io_submit option
[  722.842390][T11801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  726.581280][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.362769][T11821] loop2: detected capacity change from 0 to 40427
[  727.380633][T11821] F2FS-fs (loop2): invalid crc value
[  727.411114][T11821] F2FS-fs (loop2): Found nat_bits in checkpoint
[  727.456889][T11821] F2FS-fs (loop2): Start checkpoint disabled!
[  727.473706][T11821] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  728.285961][ T3435] kworker/u4:8: attempt to access beyond end of device
[  728.285961][ T3435] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  728.327267][ T3435] kworker/u4:8: attempt to access beyond end of device
[  728.327267][ T3435] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  728.371366][ T3435] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  728.391260][ T3435] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  728.412378][ T3435] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  728.431202][ T3435] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  730.231028][T11848] loop4: detected capacity change from 0 to 1024
[  730.697752][T11848] EXT4-fs: Ignoring removed orlov option
[  730.833529][T11848] EXT4-fs: Ignoring removed nomblk_io_submit option
[  731.330530][T11848] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  734.373902][ T8094] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  735.667184][T11887] tipc: Started in network mode
[  735.672318][T11887] tipc: Node identity 7aa4a0665068, cluster identity 4711
[  735.687075][T11887] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  735.709744][T11887] syzkaller0: entered promiscuous mode
[  735.719435][T11887] syzkaller0: entered allmulticast mode
[  735.748981][T11887] tipc: Resetting bearer <eth:syzkaller0>
[  735.764350][T11886] tipc: Resetting bearer <eth:syzkaller0>
[  735.807574][T11886] tipc: Disabling bearer <eth:syzkaller0>
[  735.838365][T11890] loop2: detected capacity change from 0 to 1024
[  735.852093][T11890] EXT4-fs: Ignoring removed orlov option
[  735.864439][T11890] EXT4-fs: Ignoring removed nomblk_io_submit option
[  735.967245][T11890] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  736.082388][T11895] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  740.029424][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  742.527921][T11933] loop5: detected capacity change from 0 to 1024
[  742.561024][T11933] EXT4-fs: Ignoring removed orlov option
[  742.583406][T11933] EXT4-fs: Ignoring removed nomblk_io_submit option
[  742.643286][T11933] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  745.555769][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  747.081464][T11959] loop5: detected capacity change from 0 to 40427
[  747.174421][T11959] F2FS-fs (loop5): invalid crc value
[  747.200329][T11959] F2FS-fs (loop5): Found nat_bits in checkpoint
[  747.461559][T11959] F2FS-fs (loop5): Start checkpoint disabled!
[  747.518388][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  747.548288][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  747.973506][T11959] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  748.249458][T11972] overlayfs: overlapping lowerdir path
[  748.770052][   T11] kworker/u4:0: attempt to access beyond end of device
[  748.770052][   T11] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  748.806060][   T11] kworker/u4:0: attempt to access beyond end of device
[  748.806060][   T11] loop5: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  748.854075][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  748.861308][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  748.876873][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  748.901976][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  751.669734][T12008] macvtap1: entered promiscuous mode
[  751.693567][T12008] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  752.501076][T12014] loop3: detected capacity change from 0 to 40427
[  752.557611][T12014] F2FS-fs (loop3): invalid crc value
[  752.566550][T12014] F2FS-fs (loop3): Found nat_bits in checkpoint
[  753.103751][T12014] F2FS-fs (loop3): Start checkpoint disabled!
[  753.119145][T12014] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  753.850913][   T12] kworker/u4:1: attempt to access beyond end of device
[  753.850913][   T12] loop3: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  753.868052][   T12] kworker/u4:1: attempt to access beyond end of device
[  753.868052][   T12] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  753.883506][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  753.893157][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  753.900419][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  753.912172][   T12] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  753.948128][T12034] hub 6-0:1.0: USB hub found
[  753.956754][T12034] hub 6-0:1.0: 1 port detected
[  754.836086][T12038] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  754.856064][T12038] macvtap1: entered promiscuous mode
[  758.658117][T12072] overlayfs: overlapping lowerdir path
[  759.307835][T12075] loop2: detected capacity change from 0 to 1024
[  759.364620][T12075] EXT4-fs: Ignoring removed orlov option
[  759.412087][T12075] EXT4-fs: Ignoring removed nomblk_io_submit option
[  759.534836][T12075] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  763.070844][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  764.230922][T12109] loop5: detected capacity change from 0 to 40427
[  764.353754][T12109] F2FS-fs (loop5): invalid crc value
[  764.548407][T12109] F2FS-fs (loop5): Found nat_bits in checkpoint
[  764.597802][T12109] F2FS-fs (loop5): Start checkpoint disabled!
[  764.733638][T12109] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  765.402141][ T8706] kworker/u4:14: attempt to access beyond end of device
[  765.402141][ T8706] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  765.427416][   T48] kworker/u4:3: attempt to access beyond end of device
[  765.427416][   T48] loop5: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  765.448142][   T48] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  765.458583][   T48] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  765.471578][   T48] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  765.481102][   T48] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  765.707976][T12121] hub 6-0:1.0: USB hub found
[  765.713890][T12121] hub 6-0:1.0: 1 port detected
[  767.890020][T12134] loop5: detected capacity change from 0 to 1024
[  767.914773][T12134] EXT4-fs: Ignoring removed orlov option
[  767.951048][T12134] EXT4-fs: Ignoring removed nomblk_io_submit option
[  768.360643][T12134] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  768.675017][T12136] loop2: detected capacity change from 0 to 512
[  768.925139][T12136] EXT4-fs (loop2): 1 truncate cleaned up
[  768.942521][T12136] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  770.544262][T12142] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 7: invalid block bitmap
[  771.444797][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  772.057445][T12161] overlayfs: overlapping lowerdir path
[  775.967009][T12193] hub 6-0:1.0: USB hub found
[  775.975192][T12193] hub 6-0:1.0: 1 port detected
[  777.193101][T12199] overlayfs: overlapping lowerdir path
[  778.932403][ T8115] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  780.692055][T12226] hub 6-0:1.0: USB hub found
[  780.698453][T12226] hub 6-0:1.0: 1 port detected
[  780.927512][T12227] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  780.957630][T12227] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  780.975001][T12227] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  781.011045][T12227] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  781.028903][T12227] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  781.041891][T12227] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  781.447847][T12224] lo speed is unknown, defaulting to 1000
[  782.959931][T12235] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  783.263987][T12227] Bluetooth: hci0: command tx timeout
[  784.213892][T12248] loop4: detected capacity change from 0 to 1024
[  784.221862][T12248] EXT4-fs: Ignoring removed orlov option
[  784.273660][T12248] EXT4-fs: Ignoring removed nomblk_io_submit option
[  784.347384][T12248] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  784.545614][T12254] syzkaller0: entered promiscuous mode
[  784.580563][T12254] syzkaller0: entered allmulticast mode
[  785.803723][T12227] Bluetooth: hci0: command tx timeout
[  787.823579][T12227] Bluetooth: hci0: command tx timeout
[  788.067089][T12267] loop2: detected capacity change from 0 to 1024
[  788.246797][T12268] ==================================================================
[  788.254926][T12268] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x595/0x1210
[  788.262680][T12268] Read of size 2 at addr ffff88805a37ba18 by task syz.2.1721/12268
[  788.270599][T12268] 
[  788.272967][T12268] CPU: 1 PID: 12268 Comm: syz.2.1721 Not tainted 6.6.99-syzkaller #0
[  788.281052][T12268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  788.291219][T12268] Call Trace:
[  788.294511][T12268]  <TASK>
[  788.297920][T12268]  dump_stack_lvl+0x16c/0x230
[  788.302631][T12268]  ? __lock_acquire+0x7c80/0x7c80
[  788.307700][T12268]  ? show_regs_print_info+0x20/0x20
[  788.312943][T12268]  ? load_image+0x3b0/0x3b0
[  788.317492][T12268]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  788.322912][T12268]  ? __virt_addr_valid+0x18c/0x540
[  788.328143][T12268]  ? __virt_addr_valid+0x469/0x540
[  788.333285][T12268]  print_report+0xac/0x200
[  788.337725][T12268]  ? hfsplus_uni2asc+0x595/0x1210
[  788.344336][T12268]  kasan_report+0x117/0x150
[  788.348851][T12268]  ? __asan_memcpy+0x40/0x70
[  788.353456][T12268]  ? hfsplus_uni2asc+0x595/0x1210
[  788.358501][T12268]  hfsplus_uni2asc+0x595/0x1210
[  788.363383][T12268]  hfsplus_listxattr+0x58f/0xb80
[  788.368351][T12268]  ? hfsplus_getxattr+0x160/0x160
[  788.373395][T12268]  ? kasan_save_free_info+0x2e/0x50
[  788.378644][T12268]  ? slab_free_freelist_hook+0x130/0x1b0
[  788.384635][T12268]  ? user_path_at_empty+0x4c/0x60
[  788.389673][T12268]  ? kmem_cache_free+0xf8/0x280
[  788.394538][T12268]  ? bpf_lsm_inode_listxattr+0x9/0x10
[  788.399919][T12268]  ? hfsplus_getxattr+0x160/0x160
[  788.404960][T12268]  listxattr+0x107/0x280
[  788.409222][T12268]  path_listxattr+0xdd/0x1b0
[  788.413833][T12268]  ? path_getxattr+0x400/0x400
[  788.418612][T12268]  ? lockdep_hardirqs_on+0x98/0x150
[  788.423831][T12268]  do_syscall_64+0x55/0xb0
[  788.428262][T12268]  ? clear_bhb_loop+0x40/0x90
[  788.432947][T12268]  ? clear_bhb_loop+0x40/0x90
[  788.437631][T12268]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  788.443541][T12268] RIP: 0033:0x7f3fd238e9a9
[  788.447977][T12268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  788.467597][T12268] RSP: 002b:00007f3fd32b3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  788.476033][T12268] RAX: ffffffffffffffda RBX: 00007f3fd25b6080 RCX: 00007f3fd238e9a9
[  788.484021][T12268] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  788.492008][T12268] RBP: 00007f3fd2410d69 R08: 0000000000000000 R09: 0000000000000000
[  788.499991][T12268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  788.507971][T12268] R13: 0000000000000001 R14: 00007f3fd25b6080 R15: 00007ffc41ba23c8
[  788.515965][T12268]  </TASK>
[  788.518994][T12268] 
[  788.521331][T12268] Allocated by task 12268:
[  788.525754][T12268]  kasan_set_track+0x4e/0x70
[  788.530361][T12268]  __kasan_kmalloc+0x8f/0xa0
[  788.534966][T12268]  __kmalloc+0xb4/0x240
[  788.539148][T12268]  hfsplus_find_init+0x89/0x1d0
[  788.544016][T12268]  hfsplus_listxattr+0x390/0xb80
[  788.548972][T12268]  listxattr+0x107/0x280
[  788.553226][T12268]  path_listxattr+0xdd/0x1b0
[  788.557855][T12268]  do_syscall_64+0x55/0xb0
[  788.562303][T12268]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  788.568234][T12268] 
[  788.570595][T12268] The buggy address belongs to the object at ffff88805a37b800
[  788.570595][T12268]  which belongs to the cache kmalloc-1k of size 1024
[  788.584679][T12268] The buggy address is located 0 bytes to the right of
[  788.584679][T12268]  allocated 536-byte region [ffff88805a37b800, ffff88805a37ba18)
[  788.599280][T12268] 
[  788.601616][T12268] The buggy address belongs to the physical page:
[  788.608052][T12268] page:ffffea000168de00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5a378
[  788.618212][T12268] head:ffffea000168de00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  788.627159][T12268] anon flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  788.635855][T12268] page_type: 0xffffffff()
[  788.640199][T12268] raw: 00fff00000000840 ffff888017841dc0 0000000000000000 dead000000000001
[  788.648808][T12268] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  788.657393][T12268] page dumped because: kasan: bad access detected
[  788.663817][T12268] page_owner tracks the page as allocated
[  788.669535][T12268] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 2914, tgid 2914 (kworker/u4:7), ts 93681308846, free_ts 26088450335
[  788.690222][T12268]  post_alloc_hook+0x1cd/0x210
[  788.695014][T12268]  get_page_from_freelist+0x195c/0x19f0
[  788.700586][T12268]  __alloc_pages+0x1e3/0x460
[  788.705210][T12268]  alloc_slab_page+0x5d/0x170
[  788.709920][T12268]  new_slab+0x87/0x2e0
[  788.714010][T12268]  ___slab_alloc+0xc6d/0x12f0
[  788.718714][T12268]  __kmem_cache_alloc_node+0x1a2/0x260
[  788.724190][T12268]  __kmalloc+0xa4/0x240
[  788.728366][T12268]  ieee802_11_parse_elems_full+0xb9/0x2080
[  788.734198][T12268]  ieee80211_ibss_rx_queued_mgmt+0x49b/0x2ac0
[  788.740295][T12268]  ieee80211_iface_work+0x717/0xc70
[  788.745509][T12268]  cfg80211_wiphy_work+0x225/0x260
[  788.750638][T12268]  process_scheduled_works+0xa45/0x15b0
[  788.756208][T12268]  worker_thread+0xa55/0xfc0
[  788.760816][T12268]  kthread+0x2fa/0x390
[  788.764898][T12268]  ret_from_fork+0x48/0x80
[  788.769330][T12268] page last free stack trace:
[  788.774103][T12268]  free_unref_page_prepare+0x7ce/0x8e0
[  788.779590][T12268]  free_unref_page+0x32/0x2e0
[  788.784291][T12268]  free_contig_range+0xa1/0x160
[  788.789176][T12268]  destroy_args+0x87/0x770
[  788.795221][T12268]  debug_vm_pgtable+0x3cc/0x410
[  788.800282][T12268]  do_one_initcall+0x1fd/0x750
[  788.805078][T12268]  do_initcall_level+0x137/0x1f0
[  788.810049][T12268]  do_initcalls+0x69/0xd0
[  788.814397][T12268]  kernel_init_freeable+0x3d2/0x570
[  788.819627][T12268]  kernel_init+0x1d/0x1c0
[  788.823982][T12268]  ret_from_fork+0x48/0x80
[  788.828414][T12268]  ret_from_fork_asm+0x11/0x20
[  788.833198][T12268] 
[  788.835530][T12268] Memory state around the buggy address:
[  788.841165][T12268]  ffff88805a37b900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  788.849242][T12268]  ffff88805a37b980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  788.857332][T12268] >ffff88805a37ba00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc
[  788.865400][T12268]                             ^
[  788.870258][T12268]  ffff88805a37ba80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  788.878334][T12268]  ffff88805a37bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  788.886406][T12268] ==================================================================
[  788.989066][T12268] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  788.996331][T12268] CPU: 0 PID: 12268 Comm: syz.2.1721 Not tainted 6.6.99-syzkaller #0
[  789.004435][T12268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  789.014578][T12268] Call Trace:
[  789.017891][T12268]  <TASK>
[  789.020867][T12268]  dump_stack_lvl+0x16c/0x230
[  789.025591][T12268]  ? show_regs_print_info+0x20/0x20
[  789.030849][T12268]  ? load_image+0x3b0/0x3b0
[  789.035493][T12268]  panic+0x2c0/0x710
[  789.039453][T12268]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  789.045674][T12268]  ? bpf_jit_dump+0xd0/0xd0
[  789.050219][T12268]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  789.056140][T12268]  ? _raw_spin_unlock+0x40/0x40
[  789.061018][T12268]  ? hfsplus_uni2asc+0x595/0x1210
[  789.066094][T12268]  check_panic_on_warn+0x84/0xa0
[  789.071080][T12268]  ? hfsplus_uni2asc+0x595/0x1210
[  789.076152][T12268]  end_report+0x6f/0x140
[  789.080428][T12268]  kasan_report+0x128/0x150
[  789.084966][T12268]  ? __asan_memcpy+0x40/0x70
[  789.089672][T12268]  ? hfsplus_uni2asc+0x595/0x1210
[  789.094718][T12268]  hfsplus_uni2asc+0x595/0x1210
[  789.099593][T12268]  hfsplus_listxattr+0x58f/0xb80
[  789.104555][T12268]  ? hfsplus_getxattr+0x160/0x160
[  789.109609][T12268]  ? kasan_save_free_info+0x2e/0x50
[  789.114882][T12268]  ? slab_free_freelist_hook+0x130/0x1b0
[  789.120536][T12268]  ? user_path_at_empty+0x4c/0x60
[  789.125595][T12268]  ? kmem_cache_free+0xf8/0x280
[  789.130486][T12268]  ? bpf_lsm_inode_listxattr+0x9/0x10
[  789.135870][T12268]  ? hfsplus_getxattr+0x160/0x160
[  789.140916][T12268]  listxattr+0x107/0x280
[  789.145189][T12268]  path_listxattr+0xdd/0x1b0
[  789.149808][T12268]  ? path_getxattr+0x400/0x400
[  789.154594][T12268]  ? lockdep_hardirqs_on+0x98/0x150
[  789.159817][T12268]  do_syscall_64+0x55/0xb0
[  789.164304][T12268]  ? clear_bhb_loop+0x40/0x90
[  789.168994][T12268]  ? clear_bhb_loop+0x40/0x90
[  789.173681][T12268]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  789.179591][T12268] RIP: 0033:0x7f3fd238e9a9
[  789.184105][T12268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.203741][T12268] RSP: 002b:00007f3fd32b3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3
[  789.212186][T12268] RAX: ffffffffffffffda RBX: 00007f3fd25b6080 RCX: 00007f3fd238e9a9
[  789.220257][T12268] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  789.228243][T12268] RBP: 00007f3fd2410d69 R08: 0000000000000000 R09: 0000000000000000
[  789.236222][T12268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  789.244203][T12268] R13: 0000000000000001 R14: 00007f3fd25b6080 R15: 00007ffc41ba23c8
[  789.252196][T12268]  </TASK>
[  789.255359][T12268] Kernel Offset: disabled
[  789.259717][T12268] Rebooting in 86400 seconds..