last executing test programs:

22m57.78483276s ago: executing program 1 (id=295):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000040)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0xfd, 0x11f3, &(0x7f0000001b80)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x0)
gettid()

22m53.618593505s ago: executing program 1 (id=302):
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6163746976655f6c6f67733d362c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c616c6c6f635f6d6f64653d72657573652c6e6f61636c2c686561702c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c636f6d70726573735f63616368652c6a71666d743d7666736f6c642c0059f4bd815bd5269b4f523c9fa8d344a3944fb455fe1b97b3eda5f977db05bfa9d02cc67646849b46fd481fbbd5b0fd213353e4ae7755b4985d63c4a5e13292c6d514d644c884482f93129a82c26ad8f1f7191de0ca75795a5f697573c1828a8ecf4a82e89215d1979fa2738c76683b231a638e5a0d6bd7235d108d564d307b3067ab6ac37a59e50763a2be3d70a1260e"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2b442, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r3, &(0x7f00000001c0)=[{&(0x7f0000000780)=""/2, 0x2}, {0x0, 0x2}], 0x2)
syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3e, &(0x7f00000000c0)=0x4, 0x4)
connect$llc(r4, &(0x7f0000000000)={0x1a, 0x1, 0x8, 0x40, 0x0, 0xf9, @local}, 0x10)

22m48.774835026s ago: executing program 1 (id=309):
syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x69)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000000)={0x0, 0x1, 0x1, 0x7, 0x402, 0x258})
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
semget$private(0x0, 0x207, 0x200)
syz_emit_ethernet(0x76, 0x0, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000001080)={{0x1, 0x1, 0x18, <r6=>r5}, './file0\x00'})
recvfrom$inet(r6, &(0x7f00000010c0)=""/96, 0x60, 0x40000040, &(0x7f0000001140)={0x2, 0x4e24, @loopback}, 0x10)
dup(r6)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000001300)={&(0x7f0000001180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000012c0)={&(0x7f00000011c0)={0xc4, 0x17, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1ff}]}, @NFTA_FLOWTABLE_HOOK={0x8c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x423}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'virt_wifi0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_vlan\x00'}, {0x14}, {0x14, 0x1, 'xfrm0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0xc4}, 0x1, 0x0, 0x0, 0x24040880}, 0x10)

22m47.10917292s ago: executing program 1 (id=313):
socket(0x1, 0x2, 0x0)
ioperm(0x2, 0x2, 0x81)
r0 = socket$kcm(0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r4 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, 0x0, &(0x7f0000000480))
write$apparmor_current(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7065726d70728f5420951c790b44"], 0x10)
request_key(0x0, &(0x7f00000003c0)={'syz', 0x3}, &(0x7f0000000400)='}--{^/.f\xa8@+\x00', 0xfffffffffffffffe)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x3f, &(0x7f0000000180)=0x2, 0x4)
r6 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r6, 0x29, 0x4b, 0x0, 0x4)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x9, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

22m45.648271115s ago: executing program 1 (id=315):
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000b80)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000295000000000000009f33ef60916e6e893f1eeb0be2566cd0723043c47c896ce0bce66a245ad99b817fd98cd824498949714ffaac8a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb2c5ca683a4b6fc89398f2b9000f224891060017cfa6fa26fa7a34701008c61897d4a6148a1c11428607c40de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710800e835cf0d78e45f70983826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174bed9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632fd30bf05121438bb74e4670ab5dfe447a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffb426e1230bc1cd4c02c4c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd78a9f3fdc1f50c445e3f30e703cf05b90fbf940e6652d377474ed5f816f66ac3027460ae991e7f834dd7a7fc2a7003d1a6cf5478533584961c329fcf4fed5c9455640dcd28273dc9753cc979113f2915a3039c3ca60ec53bb1130c2d27fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc51177cce5ef265c92b7957a334ff7be2ca867fd94286e016febfdb5827efc7a6efb01d66a396f84c1ca75daa4ead099694ed03d449b185cc836bab1a41a61bd6f03a54fafcee554bbb52adf8f1d7ede9f9a711256fb45e6c3d12ff560ee69d68733d522d9bbecf52396f15976381c27015403778139808142b48ced145ca8a6da5f322d413d09cc38b832fa05dd3c799042588f9eea6f443baa759257a000000000000000000bed1dad228e11f80cfea5848e436acf6e89dfae0b3d95b911af1818e0081504811a5f3c5d1ced3e592224f1d2ca3bdb2cc89001605db6987899eb99f94265401a95ff0a5a266438f1db461b7ebedd419bc038f7d36bd2bd4b3f92cd1469b63b1ce456a96152d353a8ab65f8bae521db73ff00b5d5cac7a439ab40d97e57f23e703fd6395930b9c3485ab181a83ed568cade43111530ec584cfb48e0cc5d63e2807b2e98525a84f9ac59cf74f3ba279e228e2a0dc8da8017cba3996541008785ab8f041f0a8d1399d88a3a58765e5a0149b9d0ea54b323675149783ec057ec6d6e8e600b9eced07ddcc56b77d8ea08223"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r5, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r4}, 0x20)
shutdown(r4, 0x1)
recvfrom(r4, &(0x7f0000000240)=""/225, 0xe1, 0x40000120, 0x0, 0x0)

22m44.490461141s ago: executing program 1 (id=318):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000080))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000002, 0x59032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})

22m27.223087946s ago: executing program 32 (id=318):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000080))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000002, 0x59032, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})

20m40.899105378s ago: executing program 5 (id=510):
socket(0x1, 0x2, 0x0)
ioperm(0x2, 0x2, 0x81)
r0 = socket$kcm(0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SCSI_IOCTL_START_UNIT(0xffffffffffffffff, 0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
r4 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, 0x0, &(0x7f0000000480))
write$apparmor_current(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="7065726d70728f5420951c790b44"], 0x10)
request_key(&(0x7f0000000100)='rxrpc_s\x00', 0x0, &(0x7f0000000400)='}--{^/.f\xa8@+\x00', 0xfffffffffffffffe)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x3f, &(0x7f0000000180)=0x2, 0x4)
r6 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r6, 0x29, 0x4b, 0x0, 0x4)
r7 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x7ff, 0x81, 0xd, 0x4005, 0x2})
bpf$MAP_CREATE(0x0, 0x0, 0x0)

20m39.798770194s ago: executing program 5 (id=512):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000080)={0x28, 0x10, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @fd=r0}, @typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0x8, 0x2b, 0x0, 0x1, [@typed={0x4, 0x2}]}]}, 0x28}], 0x1}, 0x20000094)

20m37.305199885s ago: executing program 5 (id=514):
r0 = socket$inet6(0xa, 0x3, 0xb)
connect$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
getpid()
socket(0x2, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r1, 0x0, 0x17, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x2b, 0x1, 0x0)

20m34.911630796s ago: executing program 5 (id=517):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x7f)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_clone(0x106200, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0xfffffffffffffffe, 0x0, {{0x7, 0x1, 0x3, 0x658d430, 0x5, 0x1, {0x1, 0x180, 0xff, 0xf0, 0x100, 0xd615, 0x5, 0x800001, 0xfefffffe, 0x1000, 0x0, 0xee00, 0x0, 0x3fe, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f03)

20m32.754346238s ago: executing program 5 (id=522):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = syz_open_dev$media(&(0x7f0000000000), 0x7, 0x1)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_generic(0x10, 0x3, 0x10)
fsopen(&(0x7f0000000140)='devpts\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup(r1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r5}, &(0x7f0000000240), &(0x7f00000003c0)=r7}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000340)={@random="6ea88d319b8c", @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x43, 0x4e22, 0x8}}}}}, 0x0)

20m24.597027888s ago: executing program 5 (id=532):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vcsa(0xffffff9c, 0x0, 0x400, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
preadv2(r2, 0x0, 0x0, 0x2b, 0xfffffff9, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kvm_set_irq\x00'}, 0x18)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000280)={'#! ', './file0/file0'}, 0x11)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4004801}, 0x2)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x29}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

20m23.087647942s ago: executing program 33 (id=532):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vcsa(0xffffff9c, 0x0, 0x400, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
preadv2(r2, 0x0, 0x0, 0x2b, 0xfffffff9, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kvm_set_irq\x00'}, 0x18)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000280)={'#! ', './file0/file0'}, 0x11)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}, 0x1, 0x0, 0x0, 0x4004801}, 0x2)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x29}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

20m21.012500074s ago: executing program 4 (id=535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="07000000040000000800000040"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r0}, &(0x7f00000002c0), &(0x7f0000000300)='%pI4   \x00'}, 0x20)

20m20.486307612s ago: executing program 4 (id=537):
socket(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="02142000110000000040000000000000030005000000000002000000ffffffff0000000000000000080012000000010000000000000000000600000000000027b20e97a6a9ecae000000ee00000000000000000000000000fc020000000000000000000000000000030006000000000002000000e000000100000000000000"], 0x88}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc)
setsockopt$ax25_int(r5, 0x101, 0xc, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r7 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r8 = fcntl$dupfd(r7, 0x0, r7)
write$sndseq(r8, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x10000]}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time={0x4b57854}, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x4, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}], 0x8c)
close_range(r6, 0xffffffffffffffff, 0x0)

20m18.438019385s ago: executing program 4 (id=539):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="d5b06e226458f28c472abd2ef1b8cfff890d743b51adca456579d6183c96badb6bda5f2097b73c1d0b9a00b3e03c9fde722f53b98465ca3b7fbe20d99bb00d44b46b33e92558ec964243695107f16223941befd570dabcc7eb739e28da9d122f35da79c1b3cd53c591f96e4036e2c9d1d1488d6bc4ccc153ac687234b66caf03afc28338ae308055ec672dabddb997b17d87463c3a061e6297"], 0x1, 0x154, &(0x7f0000000240)="$eJzs20tO8mAUxvHn5f7xeUHRiXFA4kAnUikDdOhSCFRCLGrECcSBrsA1uDMXoIluQAwNYCKXJhL7Rvv/jQ55eNPTwWnPpAIQWyWVZGSUHv7YzRUeisZ2SwAiMpD0PgAQT8lX2x0AsOPlVHqS9Px221AyPbUfDPO7cZ7ITOf30k5qlJuscl/3i0dpf3ze/Jt5Pj/J8zPzg73x9f9rRata07oK2tDmKG9Ozm8vuQ0B8WJUDssX/iGhs7bvHc3N00FemZtngtwNyatz82yQlxuXfnNRmwBmSCw5/8mQ+U+FzD8Ae7q9/nnd971rCgoKiklh+8kE4Kc5N50rp9vrH7Y79ZbX8i7cmls9diu12okTbPbO4v0ewO/1+dK33QkAAAAAAAAAAAAAAPiuorZstwAAAAAgIlF8TmT7HgEAAAAAAAAAAAAAAAAAAIC/4iMAAP//TM0l7A==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080), 0x1000000000000090}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$DRM_IOCTL_SYNCOBJ_RESET(0xffffffffffffffff, 0xc01064c4, &(0x7f0000000480)={0x0})
truncate(&(0x7f0000000280)='./file1\x00', 0x1fefff)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b)

20m17.005494699s ago: executing program 4 (id=543):
socket(0x10, 0x3, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="02142000110000000040000000000000030005000000000002000000ffffffff0000000000000000080012000000010000000000000000000600000000000027b20e97a6a9ecae000000ee00000000000000000000000000fc020000000000000000000000000000030006000000000002000000e000000100000000000000"], 0x88}}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
r5 = syz_init_net_socket$ax25(0x3, 0x2, 0xcc)
setsockopt$ax25_int(r5, 0x101, 0xc, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
write$sndseq(r7, &(0x7f0000000180)=[{0xfc, 0x0, 0x0, 0xc, @tick, {0x10}, {}, @raw32}, {0x0, 0x0, 0x0, 0x9b, @tick=0x5, {}, {}, @quote}], 0x38)
write$sndseq(r7, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x10000]}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @time={0x4b57854}, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x4, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}], 0x8c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

20m14.794695661s ago: executing program 4 (id=547):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1ce0", 0xffeb, 0x900, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = gettid()
sendmsg$unix(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000640)='Q;', 0x2}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r4, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000018"], 0xa0}, 0x4004881)
recvmsg$unix(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x2000)

20m7.839245365s ago: executing program 4 (id=558):
r0 = socket$tipc(0x1e, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
chown(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x1e, &(0x7f0000000100)=0x1, 0x29)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_UPDATE_FT_IES(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x1c, r7, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8841}, 0x48080)

19m52.003336196s ago: executing program 34 (id=558):
r0 = socket$tipc(0x1e, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x48)
chown(0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r5, 0x6, 0x1e, &(0x7f0000000100)=0x1, 0x29)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_UPDATE_FT_IES(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)={0x1c, r7, 0x1, 0x70bd29, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x8841}, 0x48080)

9m38.094894476s ago: executing program 3 (id=1772):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000780)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000040)={0x1d, r1, 0x3}, 0x18)
bind$can_j1939(r0, 0x0, 0x0)

9m37.808363145s ago: executing program 3 (id=1774):
ioperm(0x0, 0x4, 0x2)
madvise(&(0x7f0000000000/0x4000)=nil, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x12, 0x0)
syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
close(0xffffffffffffffff)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)

9m36.031673359s ago: executing program 3 (id=1776):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_OUTPUT(r3, 0xc004562f, &(0x7f00000000c0)=0x1)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f0000000240)={0x40, 0x0, '\x00', {0x0, @bt={0x6, 0x5, 0x1, 0x0, 0x2, 0x10000, 0xa, 0x8, 0x100007, 0x4, 0x2, 0x1, 0x6ac, 0x43cb, 0x4, 0x6, {0x85a6, 0x7fffffff}, 0xb2, 0x81}}})

9m34.493769264s ago: executing program 3 (id=1780):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000140)={0x0, 0xff, 0xffffffb8})

9m33.33868453s ago: executing program 3 (id=1782):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f00000001c0)={'batadv0\x00', <r4=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x20000000}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrusage(0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000480)=ANY=[@ANYBLOB="5400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010010200000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r1, @ANYBLOB, @ANYRES32=r4, @ANYRES32=r1, @ANYBLOB="77630f1db1677f64b632ee6a9a7a0b5bf287804e864e1281e91c2fb693db0b2686b301379ce837cd0080fe8a35"], 0x54}}, 0x20008040)

9m31.092873072s ago: executing program 3 (id=1784):
syz_mount_image$minix(&(0x7f0000000300), &(0x7f0000000180)='./file2\x00', 0x4000, &(0x7f0000000340)=ANY=[], 0x1, 0x1ff, &(0x7f00000005c0)="$eJzs3M1O1FAYxvGn0xZGNOJH/IgrExPjRkaBhMxKuQBvwMQFwUImFjXiBmKi3IR7t668BBO9D28AFu5ccUzbQ2Y6MzCnpaXK/H8J05eZ87TnQM5h2oYRgKn1NH305KmdVsaYj3clPX8mKWi4cwBqZez20ACYPn7pqf/iaA0B8F86WPUltfXdk379/rC+b7/aju8fDlZbWeFJ+wP5C675PS/d3gny+TlJF0daj56QmC9Z/r7y+UsFjz83lNcV13w2/gf3FGogf1nSvJTu5qqka5KuS7NJ2xuSWrnjz9jv+vnb2RN7jsMAAAAAAOBEydnnwmnzE3fgS3o09pXkPHijF0fjX50stPnHJfMzNr94yvzS4JOt41p7/TLMNrM2v7D+Jn5Zsg9AWa1i83/ksqDL/D92OtiVIT//Q/fe2CuCG73PhTIAMts7u6/W4jh6V2Xx5KQ2UtEdJitCxT0cX3xNCv3J7ozUfKwyRbLYlo0f3ZCpumOfNLmNcWhznoqg2p/zD3nD8zTITaJv9ndb6SiGFgr/jBcmALXrvN9629ne2X3Y21rbjDaj18sr3e7K8tJit5O+LU8ezXzTvQRQh/4f/aZ7AgAAAAAAAAAAAAAAyrop6VZa/TwsEHP9eA8AAAAA/5Cz+KeopscIAAAAAAAAAAAAAMB59zcAAP//jf04bg==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80000, 0x0)
getdents64(r0, &(0x7f0000000080)=""/4096, 0x1000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
recvmmsg(r3, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000d00)}, 0x80000000}, {{0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000001080)=""/153, 0x99}, {&(0x7f0000001200)=""/4096, 0x1000}], 0x2, &(0x7f0000002340)=""/45, 0x2d}, 0x4ae}], 0x5, 0x40002120, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r4, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)

9m15.935946451s ago: executing program 35 (id=1784):
syz_mount_image$minix(&(0x7f0000000300), &(0x7f0000000180)='./file2\x00', 0x4000, &(0x7f0000000340)=ANY=[], 0x1, 0x1ff, &(0x7f00000005c0)="$eJzs3M1O1FAYxvGn0xZGNOJH/IgrExPjRkaBhMxKuQBvwMQFwUImFjXiBmKi3IR7t668BBO9D28AFu5ccUzbQ2Y6MzCnpaXK/H8J05eZ87TnQM5h2oYRgKn1NH305KmdVsaYj3clPX8mKWi4cwBqZez20ACYPn7pqf/iaA0B8F86WPUltfXdk379/rC+b7/aju8fDlZbWeFJ+wP5C675PS/d3gny+TlJF0daj56QmC9Z/r7y+UsFjz83lNcV13w2/gf3FGogf1nSvJTu5qqka5KuS7NJ2xuSWrnjz9jv+vnb2RN7jsMAAAAAAOBEydnnwmnzE3fgS3o09pXkPHijF0fjX50stPnHJfMzNr94yvzS4JOt41p7/TLMNrM2v7D+Jn5Zsg9AWa1i83/ksqDL/D92OtiVIT//Q/fe2CuCG73PhTIAMts7u6/W4jh6V2Xx5KQ2UtEdJitCxT0cX3xNCv3J7ozUfKwyRbLYlo0f3ZCpumOfNLmNcWhznoqg2p/zD3nD8zTITaJv9ndb6SiGFgr/jBcmALXrvN9629ne2X3Y21rbjDaj18sr3e7K8tJit5O+LU8ezXzTvQRQh/4f/aZ7AgAAAAAAAAAAAAAAyrop6VZa/TwsEHP9eA8AAAAA/5Cz+KeopscIAAAAAAAAAAAAAMB59zcAAP//jf04bg==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x80000, 0x0)
getdents64(r0, &(0x7f0000000080)=""/4096, 0x1000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
recvmmsg(r3, &(0x7f0000002200)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, &(0x7f0000000d00)}, 0x80000000}, {{0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000001080)=""/153, 0x99}, {&(0x7f0000001200)=""/4096, 0x1000}], 0x2, &(0x7f0000002340)=""/45, 0x2d}, 0x4ae}], 0x5, 0x40002120, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r4, &(0x7f0000000000)="240000001a005f0214f9f407000904001f00000000000000000000000800040001000000", 0x24)

1m12.474694736s ago: executing program 0 (id=2748):
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6163746976655f6c6f67733d362c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c616c6c6f635f6d6f64653d72657573652c6e6f61636c2c686561702c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c636f6d70726573735f63616368652c6a71666d743d7666736f6c642c0059f4bd815bd5269b4f523c9fa8d344a3944fb455fe1b97b3eda5f977db05bfa9d02cc67646849b46fd481fbbd5b0fd213353e4ae7755b4985d63c4a5e13292c6d514d644c884482f93129a82c26ad8f1f7191de0ca75795a5f697573c1828a8ecf4a82e89215d1979fa2738c76683b231a638e5a0d6bd7235d108d564d307b3067ab6ac37a59e50763a2be3d70a1260e"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2b442, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r4, &(0x7f00000001c0)=[{&(0x7f0000000780)=""/2, 0x2}, {0x0, 0x2}], 0x2)
r5 = syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x3e, &(0x7f00000000c0)=0x4, 0x4)
connect$llc(r6, &(0x7f0000000000)={0x1a, 0x1, 0x8, 0x40, 0x0, 0xf9, @local}, 0x10)
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
ftruncate(r0, 0x4008c0d)
r7 = openat$dir(0xffffffffffffff9c, 0x0, 0x2a442, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r8 = openat$dir(0xffffffffffffff9c, 0x0, 0x2a442, 0x0)
fallocate(r8, 0x0, 0x0, 0x40002)
fallocate(r7, 0x8, 0x2000, 0x40000)

1m6.406982056s ago: executing program 0 (id=2759):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
times(0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x8, 0x1)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
mount$pvfs2(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)

25.734596428s ago: executing program 2 (id=2833):
r0 = socket$kcm(0x10, 0x2, 0x0)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r4, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r0, 0x8982, 0x0)

24.323319643s ago: executing program 2 (id=2835):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x23108000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$describe(0x6, r3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r4, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x3)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_HELP={0xc, 0x5, 0x0, 0x1, {0x8, 0x1, 'RAS\x00'}}]}, 0x70}}, 0x0)
write$uinput_user_dev(r4, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000]}, 0x45c)
ioctl$UI_DEV_CREATE(r4, 0x5501)
io_uring_setup(0x29ea, &(0x7f0000000480)={0x0, 0x0, 0x2})

21.871920804s ago: executing program 2 (id=2842):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/slabinfo\x00', 0x41, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", <r4=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000780)={"d1ed39d88b014976ab94c1fb10628c46d2e681cdb9e5c1a31965c61e0df52c5e", r5})
close_range(r2, r3, 0x0)
ppoll(&(0x7f0000000380), 0x0, &(0x7f00000003c0)={0x0, 0x989680}, 0x0, 0x0)
process_madvise(0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

11.973054101s ago: executing program 2 (id=2861):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000340)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug}, {@minixdf}, {@resgid}, {@grpquota}, {@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x44a, &(0x7f0000000400)="$eJzs281vG0UbAPBn10n6vv1KKOWjpUCgQkR8JE1aoAcuIJA4FIEEh3IMTlpVdRvUBIlWFQ0IlQsSqgRnxBGJv4AbFwSckLjCHVWqoJcWTkG73m1t106b1rFD/ftJm8x4x555PDve2R07gIE1nv1JIrZGxG8RMVrPNhcYr/+7evls9e/LZ6tJrKy89WeSl7ty+Wy1LFo+b0uRmUgj0k+SopJmi6fPHJ+t1eZPFfmppRPvTS2ePvPssROzR+ePzp+cOXjwwP7pF56fea4rcWZxXdn94cKeXa+9c+H16uEL7/70bdbercX+xji6ZTwL/K+VXOu+J7pdWZ9ta0gnQ31sCGtSiYisu4bz8T8albjeeaPx6sd9bRywrrJz06bOu5dXgLtYEv1uAdAf5Yk+u/4ttx5NPTaESy/VL4CyuK8WW33PUKRFmeGW69tuGo+Iw8v/fJVtsU73IQAAGn1W/fJQPNNu/pfG/Q3lthdrKGMRcU9E7IiIeyNiZ0TcF5GXfSAiHlxj/a1LQzfOf9KLtxXYLcrmfy8Wa1vN879y9hdjlSK3LY9/ODlyrDa/r3hPJmJ4U5afXqWO71/59fNO+xrnf9mW1V/OBYt2XBxquUE3N7s0m09Ku+DSRxG7h9rFn1xbCUgiYldE7F7bS28vE8ee+mZPp0I3j38VXVhnWvk64sl6/y9HS/ylZPX1yan/RW1+31R5VNzo51/Ov9mp/juKvwuy/t/cfPy3FhlLGtdrF9dex/nfP+14TXO7x/9I8nbeLyPFYx/MLi2dmo4YSQ7l+abHZ64/t8yX5bP4J/a2H/87iudk9TwUEdlB/HBEPBIRjxZtfywiHo+IvavE/+PLnfdthP6fa/v5d+34b+n/tScqx3/4rlP9t9b/B/LURPFI/vl3E7fawDt57wAAAOC/Is2/A5+kk9fSaTo5Wf8O/87YnNYWFpeePrLw/sm5+nflx2I4Le90jTbcD51OlotXrOdninvF5f79xX3jLyr/z/OT1YXaXJ9jh0G3pcP4z/xR6XfrgHXXbh1tZqQPDQF6rnX8p83Zc2/0sjFAT/m9Ngyum4z/tFftAHrP+R8GV7vxf64lby0A7k7O/zC4jH8YXMY/DC7jHwbSnfyuX2KQE5FuiGZIrFOi359MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3fFvAAAA//+uEO7O")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000002ec0)=""/4096, 0x1000)

11.452587069s ago: executing program 2 (id=2862):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f000062b000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f0000ffa000/0x3000)=nil)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setitimer(0x2, &(0x7f0000000080)={{0x6, 0xfffffffffffffffb}, {0x7, 0x100000001}}, 0x0)
socket$inet(0x2, 0x2, 0x0)
write$bt_hci(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e0001000200"], 0x8)

10.180877574s ago: executing program 8 (id=2865):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xb, 0x1ff003, 0x81, 0x7f, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
socket$kcm(0x11, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x0)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x20)
connect$l2tp6(r1, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r1, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1c, 0x0}}], 0x17fd147c801ae9ab, 0x0)

10.113889334s ago: executing program 2 (id=2866):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x23108000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$describe(0x6, r2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_ABSBIT(r3, 0x40045567, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, &(0x7f00000002c0)={0x3f})
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x70, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_HELP={0xc, 0x5, 0x0, 0x1, {0x8, 0x1, 'RAS\x00'}}]}, 0x70}}, 0x0)
write$uinput_user_dev(r3, &(0x7f0000000840)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8000]}, 0x45c)
ioctl$UI_DEV_CREATE(r3, 0x5501)
io_uring_setup(0x29ea, &(0x7f0000000480)={0x0, 0x0, 0x2})

9.842045564s ago: executing program 6 (id=2867):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
keyctl$revoke(0x1c, 0x0)

9.652753963s ago: executing program 0 (id=2761):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e23, @rand_addr=0x64010100}, 0x10)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x1a8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x24, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$inet6_icmp(0xa, 0x2, 0x3a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
read$FUSE(0xffffffffffffffff, &(0x7f00000049c0)={0x2020}, 0x2020)

9.250078951s ago: executing program 6 (id=2868):
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, 0x0, &(0x7f0000000000)=0x49)
socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)

7.409266835s ago: executing program 6 (id=2869):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000d40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070200000ee6b0ffbf250000000000003d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56601a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8d4fee81e3cdd5daf2cdad3d1a74a2f078aa6402483856a6e494408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae060959c9639564f000fc3cdd05a1575c91cf5ba8b2db403681ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f8000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcba6ec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0d642986f8bbc7340bc6393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d6812467c1a4186edd036f15bf847c50f79e1a0ad3d2b5080ecb0148e2b86177869884ae62420c9f1b534e969fce97ffff070000000000dbbfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a0c3e28f359608ea326c77a1aa17318f392a0ec6c188916f452533d4327feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8668f076c659f56d6c7f97a96d6cdf45cfe88b30c170000000001000000effbf33bd1becb0de0a080931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f2be09295e4a8da03d23b48bb38b31a14ffcddd92c38f6b6d86a0e5ed47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f130000000000000000000000000000000000000000002a37163e8d7ef2f3c58d045f0700000094029acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
r1 = socket(0x2c, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, 0x0, &(0x7f0000000080)=@udp=r1, 0x2}, 0x20)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000300), 0x8)
syz_genetlink_get_family_id$tipc(&(0x7f00000009c0), 0xffffffffffffffff)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f00000003c0)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000001500)=ANY=[], 0x10)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r3, &(0x7f00000000c0)="832a0a65bd8c022b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83c6e613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038d0100a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b17680100969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06de269e97fbb0776bf56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105cfdf8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f01000080000000004febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60133641a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2e9a20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1015ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846899c6b23c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33694f40000000000005d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b95bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca86f750189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc681b6c9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8504611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c01446234437b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c64cd14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e87973d574ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7430100bf3825a1996c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb150963b84470364942e90d1cf856cead864f5e38c83b9ed86cc5725a20299ce512b16500"/4081], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_REAPURB(r5, 0x4004550c, &(0x7f0000002680))
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x6b87bd76ddbcbbe)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="02002302230102090500000010000020"])
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x84}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)

6.919918443s ago: executing program 8 (id=2871):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f0000000a00)={[{@resuid}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@errors_remount}]}, 0x2, 0x44a, &(0x7f0000000400)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchown(r0, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000001180), 0x0, 0x1)
ioctl$DRM_IOCTL_SET_UNIQUE(r1, 0x40106410, &(0x7f00000012c0)={0x0, 0x0})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000"], 0x7c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x5)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000002feffff720af0fff8ffffff71a4f0ff000000007110000000000000e5000500000000004704000001ed00000f030000000000001d44000000000000620a00fe040026ca7203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350844ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0xffffffffffffffb9, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

6.755715203s ago: executing program 0 (id=2873):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1208002, &(0x7f00000001c0)={[{@grpquota}, {@data_err_ignore}, {@resuid}, {@grpjquota}, {@dioread_nolock}, {}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080))
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x2)

5.563308769s ago: executing program 6 (id=2874):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fff)
syz_open_dev$ndb(0x0, 0x0, 0x200)
ioctl$NBD_DO_IT(r2, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)

5.390780728s ago: executing program 0 (id=2876):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0xfd}, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffffffffffff}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)

5.272913568s ago: executing program 6 (id=2877):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000002480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r0, 0x0, r3, 0x0, 0x7, 0x9)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
write$P9_RWRITE(r3, &(0x7f0000000040)={0xb}, 0x11000)
read(r2, &(0x7f0000032440)=""/102364, 0x18fdc)
write$P9_RAUTH(r3, &(0x7f0000000240)={0x14, 0x67, 0x2, {0x80, 0x0, 0x8}}, 0x14)
close_range(r1, r2, 0x0)
r5 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000000c0)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@compress}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000130001000000000000000000070000", @ANYRES32=r7, @ANYBLOB="00000000000000000c001a80080004800400"], 0x2c}}, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
io_uring_setup(0x3eae, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_procs(r8, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r9, &(0x7f0000000c40), 0x12)
r10 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
openat$cgroup_subtree(r10, &(0x7f0000000080), 0x2, 0x0)
ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000000c40)={0x0, 0x5, @start={0x0, 0x0, "6564b0c85386f1b7302731a7fd3184a0f7c8797568c3d1283fab33035b652e49fbc2eac3d26d998bf1b707fa6697a5b199db9e71aef3c8636ee4c913ffba55ad19ab1c31d3a146361c9c7cd9c3c15057eeae5948ba58a58043238998a39c05df3d134146e725c30f1d9d6317c3d4b37eb311473b53c35126e7c2fb64d51b53afdf4795876cfad513cf14d0a81871275ee995d4a1b3eba7f722e79b889c70a4af0ab27f6d07577a4c4892b8748120e46c1925643d60bc32bc12a716fb00333f1f6141a9f29670a2e7cb4369512fb8bd851df2724570f06335cd8afb31c520f4532a013696751e42181ff931f176944790611f7c42c4ac9624d5957e047d932fd776b33a4785b4b8eb126ba28b07109a6299d0575aa74864ba51a416fbdc96f661aba6daac28c40bd3603bd226e2f80c41fe9043b8fcf2050f9427f89f42606a2bdabd08ead9083f614f5c97e1b482956560f354902660694de1b8bba7e91d46fb5c30f097a8202c4ead22388396e1455ae3136dbbb33f85c80092486d0b208459cd17170b14b01cdb397244fc3ece54e9cb6f6752555797de7454495659e271c531f136abdbe3bf8562d99d19bcb4191257487c37f9fa17ea78c9e8878cebdf9f016dd333932138e7abdc20b58c54c781d4fde8393c3e24eb28abee881dd69e953f5fd777949df9da65505987e088ad4903c3b4f262b6fb6407bf3e33c7604761c8c4e8529410b34131eb8d04b41cc104ec8a66b5cc371fdc64d293b1e528ea322ad648922f55dda8fbc4a08d5420ecbd252c33ae49c10b3a9122651547113da642c8f84b2b20f51ec313d74bf11517e4a7230dfdd8241aaf4e2c0d30184ddffaca11bba71618179974125fb8d96dbd3ec3d5a6585b7a486cf9e02594e8c42a401dced73f294dca767f088cae05b1d21e346b89c5fedd148bc0028543b6937c6e94e7a03bf49b8eb37bf12d0c17aa3a60738b3af003806303a9ec7141b5c2945625998f645dbc093587dce1ac5c406993b048a827f7e44820aaa640f5d1e003a7c8698554331151f400f95307f94435872b13018b623b951bc100d8f5f88537b8fb8330bb49dd0243f7bf34bf54abcd61862d02480ec7ccc5e947e68d38f43b2246957cfc266e1eeb1fcd23c26aa2ae07259c1cb882928aab33f6f565ad487417be5bc2a8cc8cd92a34c313dca98ea19fc5bf0abcf7c144cab3421755de21ed8d97e26a93b2900f2d1af1b71440b2af78ca226c63f07bd3693e8b0d3c4fcfcf69e49d81ce1d664da9a7cc07088cf50529d06087d3312e5c5e9e77a7ce0e6fdcacdc3c5563ce3e3e63e857e33ac64bf9dd61e977c79b5de9706c369917295ea596916422e3102fcf1125e16f0822fa1c786a935442a3e2840ac8cf49edcce09936abc753bdd813c08192eea27fc426c9cf1630bcdbabcaf0c648494fadea6a0a6679", "6e22c1f8f55f1a95aa11988f0078ba29b561c77a0ddf46c0aa334acece5a60966a47af78a209fd73e2007610202eceb93b4b5a47960e5540990838ed67fc14b0567c6ceffc8c7ed6ee5b9277da734d255ec7f0e1fdffffff3df1ef6a64ae119fcdab0376b64047cc719f26da18fd9737cad16d73ffada29c3c2ae5da4e12b49bb8ce24cf2dde18615d3b8cf495174bcb8f29a0dfcb0ce14e1aca9b48f1c8abb2f4274c207176c399e4265384d0e93a2e87e9ed8d8ff587fc87a545c4ee1d918ee0b3f75e82ccef7284e79c686b37bd7e5d599cc9f14b7657cc4d3a394641d27d906e590413547e4e9e9fffcda2348d529aec9e80841832591340945eb6b76bb1763a7d6bb77656665724ca7ef1b352c25dd1256ae466a0cf573e67bd2890dc18e6bf974f56ee8ba20014c6fa167781577bb268591fe3ffcf53e6a73e7aa68201cb8d3f5a41ea164e85cf906401698876eceb972ef0d581765b25138efb0a2e9702600be8a11e324a850a52769766f620679a70ecbe9dce80c1acc26d7094fabea6e9bc8c4023700c3feb320b776acb362d427957c62344c6aad1534b5058c017576953d5a2dfe98bdcbb696107fc85a37439f2006389cba1bbd2b4eb673a7cecbe9616087e4609c8af371e10e65a80810ab41c36ea8f083e4154508105ec05dae4ab034395f954034cd2760b99cd1404aceccdf77cba238cbe7b4cdb0af8975b90d94f87d86852f8a40c1ef6482e7f060e60aaeaa2518d80c5fcba5ce2149663f22de34b4c536ec3c973b7d1507dd380fa6bca5f1ea0dc58839a4b71c26a34596b3c34fa48c262c3f51db5be6f37812eccbb5387a4909700b98f3509c5c046f698ade38c8d0a6a2c88f3b51406b533e4f9cadb18c8e7dfdd7ed0d921d1f8fd6168161213f6bc10b18037bde29b3e4e35090131539b96640a1478d89a088b1b21b39a3276e345f932213c482dbe9e7e1edf484b3e4799b9267dcc25cd0f199c534e78b0a841aa563c41e1accce9fe7247be2c0a16b520e346f395116c239af6384f2f834a1403f1657ace49e69951b89503858ace5077476ecde81a68d44580092bf90d3f6d3f5408b312001cc544261f447e66df7c5f65da9eead00c13dabd60b906bf2db692c31267626426939f92f4bd8ef6d597c2aa3b1004adfd1223fa63ee546fddb49cee7af78368eda64fbccf450abdb8137a1b75048a7c6c76dae8f86949270bfefaf7ef25840d26bd1882a3c8be18c7f32ed9c26aefb1dda4e3cd1aa491193207538ae0f145cbf098524f7813d07032f6f58b6497287637891e4019c3485b723eb2e4e9d9a4dcda039002070c4ac8224b65bb555834ca4337ed36817fea31ec5d79e33f31d043bd34063a03edbf646e45102a18e9034e1c61e3bd18317ab94a3a262c223126a089d7efd1237bc986496d58c99c36cd19993f596910ff"}, [0x7fff, 0x0, 0x80000001, 0xfffffffffffffffa, 0xfd, 0x17d, 0x2, 0x1d, 0x3, 0x10, 0xfffffffffffffff5, 0x4, 0x1, 0xa, 0x9, 0x4001, 0x8001000, 0x6, 0x4, 0x9, 0x8000000, 0xa24, 0x9, 0x3, 0x8000, 0x400, 0xbb5, 0x6ec, 0x1, 0x2, 0x3, 0x52, 0x3ff, 0x1, 0x548, 0x7, 0x5, 0xf, 0x2, 0xfff, 0x1a60000000000000, 0x40000000000, 0x1, 0x2, 0x800fc, 0x7f, 0x5, 0xa, 0xfffffffffffffe51, 0x8, 0xfffffffffffffffd, 0x9, 0x7, 0x0, 0x0, 0xf9, 0xd424, 0xfffffffffffffff7, 0x0, 0x7a, 0x0, 0x6, 0x4, 0x2]})

5.262805038s ago: executing program 7 (id=2878):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
keyctl$revoke(0x1c, 0x0)

4.630547396s ago: executing program 7 (id=2879):
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000040)="ff0204000000000100000000000000000000000000000205", 0x18)
getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, 0x0, &(0x7f0000000000)=0x49)
socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000200)={@dev}, 0x14)

3.500392272s ago: executing program 8 (id=2880):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
syz_open_procfs(0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$media(&(0x7f00000001c0), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r3, 0xc0487c04, &(0x7f0000000700)={0x0, 0x0, 0x0, &(0x7f0000000480), 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x0, &(0x7f00000006c0)})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00')
pread64(r4, &(0x7f00000002c0)=""/163, 0xa3, 0x0)

2.173416577s ago: executing program 7 (id=2882):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000fddbdf251200000008000300", @ANYRES32=r2, @ANYBLOB="0a00060008021100000100000c00430002"], 0x34}}, 0x44)

2.030600397s ago: executing program 0 (id=2883):
getpgid(0xffffffffffffffff)
syz_usb_connect(0x0, 0x24, &(0x7f0000000680)={{0x12, 0x1, 0x0, 0x19, 0x58, 0xc, 0x20, 0x424, 0xc001, 0x36a7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x50, 0x0, [{{0x9, 0x4, 0xd9, 0x0, 0x0, 0xbb, 0x1, 0x6}}]}}]}}, 0x0)

1.840871386s ago: executing program 6 (id=2884):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x437, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x54583, 0x1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TTL={0x5, 0x3, 0x80}, @IFLA_GENEVE_TOS={0x5, 0x4, 0x1}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.730788746s ago: executing program 7 (id=2885):
socket(0x2b, 0x80801, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
socket$key(0xf, 0x3, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x5, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r1, 0x0)
accept4$unix(r1, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
socket$kcm(0x29, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r3, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0)

695.003042ms ago: executing program 8 (id=2886):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x2000000000000000}, 0x18)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x0, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e0000001000000000000000000000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)

428.234561ms ago: executing program 8 (id=2887):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r2 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x7fff)
syz_open_dev$ndb(0x0, 0x0, 0x200)
ioctl$NBD_DO_IT(r2, 0xab03)
ioctl$NBD_CLEAR_SOCK(r2, 0xab04)

314.734761ms ago: executing program 7 (id=2888):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r2, 0x4068aea3, &(0x7f0000000180)={0xc7, 0x0, 0x1})

137.29424ms ago: executing program 7 (id=2889):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x73, 0x86, 0x40, 0x20, 0xc72, 0x14, 0x39ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0xa, [{{0x9, 0x4, 0x1d, 0xf3, 0x0, 0x71, 0x6c, 0x75}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000140)={0x84, &(0x7f0000000000)={0x20, 0x3, 0x3, "58cb02"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 8 (id=2890):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0xfca804a0, 0x5, 0x0, &(0x7f00000002c0)="b800000500", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000000480)=0x7ff, 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x3c, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x3c}}, 0x0)
syz_80211_inject_frame(0x0, &(0x7f0000000500)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0x0, @default, @val, @void}, 0x20)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

kernel console output (not intermixed with test programs):

The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1111.968958][T12617] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1112.153410][T12617] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1113.197657][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1113.422000][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1113.499097][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1113.575522][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1113.659918][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1113.740886][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1113.814394][T12907] orangefs_mount: mount request failed with -4
[ 1114.041194][T12617] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.138333][T12617] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.147084][T12617] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1114.300428][T12617] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1115.116935][T12920] fuse: Unknown parameter '0x0000000000000004'
[ 1115.147231][T10274] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1115.150983][T12922] loop0: detected capacity change from 0 to 64
[ 1115.176291][T10274] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1115.283854][ T4370] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1115.320134][ T4370] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1115.376738][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1115.392331][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1115.590767][T12930] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1880'.
[ 1117.507831][T12929] loop2: detected capacity change from 0 to 32768
[ 1117.590123][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1118.037245][T12932] loop0: detected capacity change from 0 to 40427
[ 1118.108762][T12932] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[ 1118.170489][T12932] F2FS-fs (loop0): invalid crc value
[ 1118.187820][T12932] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1118.245773][T12937] loop8: detected capacity change from 0 to 40427
[ 1118.274087][T12937] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1118.311711][T12937] F2FS-fs (loop8): invalid crc value
[ 1118.345469][T12937] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1118.365073][T12932] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1119.095898][T12937] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1121.123830][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1121.135210][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1121.234776][T12986] fuse: Unknown parameter '0x0000000000000004'
[ 1121.297138][T12988] program syz.2.1889 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1122.403768][T12994] loop7: detected capacity change from 0 to 64
[ 1122.671474][T12617] syz-executor: attempt to access beyond end of device
[ 1122.671474][T12617] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1123.901091][T13013] loop6: detected capacity change from 0 to 128
[ 1123.954018][T13013] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1124.070296][T13013] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1124.109121][T13013] ext4 filesystem being mounted at /208/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1124.161930][T13021] loop2: detected capacity change from 0 to 256
[ 1125.311575][T13027] orangefs_mount: mount request failed with -4
[ 1125.819724][ T4248] syz-executor: attempt to access beyond end of device
[ 1125.819724][ T4248] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1126.261671][T13037] fuse: Unknown parameter '0x0000000000000004'
[ 1127.272338][T13051] program syz.2.1905 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1128.184377][T13060] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1901'.
[ 1128.770311][T13064] loop2: detected capacity change from 0 to 64
[ 1129.547432][T13045] loop7: detected capacity change from 0 to 40427
[ 1129.594134][T13045] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1129.661141][T13045] F2FS-fs (loop7): invalid crc value
[ 1129.685700][T13045] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1129.878204][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1130.131678][T13071] loop0: detected capacity change from 0 to 32768
[ 1130.279093][   T27] audit: type=1800 audit(1738540918.065:99): pid=13071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1909" name="bus" dev="loop0" ino=7 res=0 errno=0
[ 1131.416403][T13092] orangefs_mount: mount request failed with -4
[ 1131.597137][T13099] program syz.6.1917 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1133.264453][T13110] input: syz1 as /devices/virtual/input/input12
[ 1135.642333][ T1043] block nbd7: Attempted send on invalid socket
[ 1135.649009][ T1043] I/O error, dev nbd7, sector 128 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[ 1135.658955][ T1043] gfs2: error 10 reading superblock
[ 1136.198507][ T4293] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[ 1136.328125][T13151] loop8: detected capacity change from 0 to 128
[ 1136.374650][T13151] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1136.411047][T13129] ubi0: attaching mtd0
[ 1136.429354][T13151] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1136.441330][ T4293] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1136.459513][T13129] ubi0: scanning is finished
[ 1136.467533][T13129] ubi0: empty MTD device detected
[ 1136.484980][ T4293] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBE, skipping
[ 1136.518448][T13151] ext4 filesystem being mounted at /7/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1136.550345][ T4293] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1136.660121][ T4293] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 1136.699861][ T4293] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 1136.708100][ T4293] usb 1-1: Product: syz
[ 1136.748669][ T4293] usb 1-1: Manufacturer: syz
[ 1136.768574][ T4293] usb 1-1: SerialNumber: syz
[ 1136.794714][ T4293] usb 1-1: config 0 descriptor??
[ 1136.827358][ T4293] radio-si470x 1-1:0.0: could not find interrupt in endpoint
[ 1136.840034][ T4293] radio-si470x: probe of 1-1:0.0 failed with error -5
[ 1136.853301][ T4293] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1137.190718][ T4293] libceph: connect (1)[c::]:6789 error -101
[ 1137.201071][ T4293] libceph: mon0 (1)[c::]:6789 connect error
[ 1137.218246][T13156] ceph: No mds server is up or the cluster is laggy
[ 1137.244944][ T4293] libceph: connect (1)[c::]:6789 error -101
[ 1137.272268][T13129] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[ 1137.294467][ T4293] libceph: mon0 (1)[c::]:6789 connect error
[ 1137.480124][T13141] loop7: detected capacity change from 0 to 40427
[ 1137.522470][T13141] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1137.580347][T13141] F2FS-fs (loop7): invalid crc value
[ 1137.591698][ T8430] libceph: connect (1)[c::]:6789 error -101
[ 1137.598170][ T8430] libceph: mon0 (1)[c::]:6789 connect error
[ 1137.621756][T13141] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1137.839092][T13141] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1138.856339][ T8616] usb 1-1: USB disconnect, device number 21
[ 1139.260684][ T8071] syz-executor: attempt to access beyond end of device
[ 1139.260684][ T8071] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1140.384796][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1141.015821][T13212] input: syz1 as /devices/virtual/input/input13
[ 1142.387471][T13223] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1934'.
[ 1145.777427][T13252] loop7: detected capacity change from 0 to 2048
[ 1145.895803][T13252] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1147.085381][T13246] loop2: detected capacity change from 0 to 32768
[ 1148.006816][   T27] audit: type=1800 audit(1738540935.795:100): pid=13246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1939" name="bus" dev="loop2" ino=7 res=0 errno=0
[ 1148.073520][T13251] loop0: detected capacity change from 0 to 40427
[ 1148.175508][T13251] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[ 1148.248656][T13251] F2FS-fs (loop0): invalid crc value
[ 1148.272622][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1148.321515][T13251] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1148.471449][T13284] loop8: detected capacity change from 0 to 64
[ 1148.577931][T13251] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1153.543417][T13324] program syz.0.1948 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1153.881663][T13330] orangefs_mount: mount request failed with -4
[ 1155.729790][T13334] loop8: detected capacity change from 0 to 32768
[ 1155.819495][   T27] audit: type=1800 audit(1738540943.615:101): pid=13334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1955" name="bus" dev="loop8" ino=7 res=0 errno=0
[ 1156.143210][T13338] loop7: detected capacity change from 0 to 40427
[ 1156.170102][T13354] loop0: detected capacity change from 0 to 128
[ 1156.208578][T13338] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1156.230195][T13354] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1156.263674][T13338] F2FS-fs (loop7): invalid crc value
[ 1156.264766][T13354] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1156.311779][T13338] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1156.354317][T13354] ext4 filesystem being mounted at /437/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1156.658542][T13338] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1156.667684][T13366] loop8: detected capacity change from 0 to 64
[ 1157.290000][ T8071] syz-executor: attempt to access beyond end of device
[ 1157.290000][ T8071] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1157.309014][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1159.268135][T13368] loop6: detected capacity change from 0 to 40427
[ 1159.330305][T13368] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3ffff
[ 1159.363111][T13368] F2FS-fs (loop6): invalid crc value
[ 1160.966157][T13402] input: syz1 as /devices/virtual/input/input14
[ 1161.576617][T13368] F2FS-fs (loop6): Failed to initialize F2FS segment manager (-4)
[ 1163.495631][T13420] loop7: detected capacity change from 0 to 64
[ 1163.627065][T13417] device veth0_vlan left promiscuous mode
[ 1163.634210][T13417] device veth0_vlan entered promiscuous mode
[ 1164.037646][T13427] loop2: detected capacity change from 0 to 64
[ 1165.204197][T13437] program syz.6.1968 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1165.342970][T13441] loop7: detected capacity change from 0 to 128
[ 1165.393793][T13441] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1165.497372][T13441] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1165.540429][T13441] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1165.836128][T13447] orangefs_mount: mount request failed with -4
[ 1166.391195][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1166.812195][T13462] loop8: detected capacity change from 0 to 128
[ 1166.860625][ T9626] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[ 1166.900911][T13462] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a802c018, mo2=0002]
[ 1166.929662][T13462] System zones: 1-3, 19-19, 35-36
[ 1166.936045][T13462] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1166.960185][T13462] ext4 filesystem being mounted at /16/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1167.044727][T13440] loop2: detected capacity change from 0 to 40427
[ 1167.068696][ T9626] usb 8-1: Using ep0 maxpacket: 8
[ 1167.079143][ T9626] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1167.103779][T13440] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[ 1167.113040][T13462] EXT4-fs warning (device loop8): ext4_group_extend:1870: can't shrink FS - resize aborted
[ 1167.136581][ T9626] usb 8-1: config 8 has an invalid interface number: 255 but max is 0
[ 1167.145514][T13440] F2FS-fs (loop2): invalid crc value
[ 1167.168577][ T9626] usb 8-1: config 8 has no interface number 0
[ 1167.192058][T13440] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1167.198169][ T9626] usb 8-1: config 8 interface 255 has no altsetting 0
[ 1167.242218][ T9626] usb 8-1: string descriptor 0 read error: -22
[ 1167.264807][ T9626] usb 8-1: New USB device found, idVendor=0423, idProduct=000c, bcdDevice=2e.bf
[ 1167.281582][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1167.298644][ T9626] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1167.415255][T13440] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1167.552213][ T9626] catc 8-1:8.255: Can't set altsetting 1.
[ 1167.559089][ T9626] catc: probe of 8-1:8.255 failed with error -5
[ 1167.878344][T13478] device syzkaller1 entered promiscuous mode
[ 1168.633361][ T9626] usb 8-1: USB disconnect, device number 10
[ 1169.048527][ T4259] syz-executor: attempt to access beyond end of device
[ 1169.048527][ T4259] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1170.168769][T13495] loop7: detected capacity change from 0 to 64
[ 1171.562859][T13506] loop8: detected capacity change from 0 to 2048
[ 1171.613014][T13508] loop6: detected capacity change from 0 to 64
[ 1172.084934][T13516] netlink: 'syz.0.1985': attribute type 2 has an invalid length.
[ 1172.158491][T13516] netlink: 'syz.0.1985': attribute type 1 has an invalid length.
[ 1172.190604][T13516] netlink: 187320 bytes leftover after parsing attributes in process `syz.0.1985'.
[ 1172.355894][T13522] loop8: detected capacity change from 0 to 1764
[ 1172.658953][T13527] block device autoloading is deprecated and will be removed.
[ 1173.596232][T13544] program syz.6.1991 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1173.636328][T13533] loop2: detected capacity change from 0 to 40427
[ 1173.708107][T13533] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[ 1173.738132][T13533] F2FS-fs (loop2): invalid crc value
[ 1173.793067][T13533] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1173.990736][T13533] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1176.672677][ T4259] syz-executor: attempt to access beyond end of device
[ 1176.672677][ T4259] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1176.879469][T13551] orangefs_mount: mount request failed with -4
[ 1176.912029][T13567] loop8: detected capacity change from 0 to 64
[ 1178.206505][T13574] loop0: detected capacity change from 0 to 64
[ 1180.478372][ T9626] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1180.751752][T13602] input: syz1 as /devices/virtual/input/input15
[ 1181.399022][ T9626] usb 9-1: Using ep0 maxpacket: 32
[ 1181.999610][ T9626] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1182.035327][ T9626] usb 9-1: unable to read config index 0 descriptor/start: -71
[ 1182.061259][ T9626] usb 9-1: can't read configurations, error -71
[ 1182.328552][T13613] loop6: detected capacity change from 0 to 512
[ 1182.406991][T13619] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1182.419348][T13619] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1182.437691][T13619] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1182.437691][T13619] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1182.560905][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1182.567596][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1184.117171][T13619] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1184.165431][T13613] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1184.198692][T13613] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1184.248289][T13619] CUSE: DEVNAME unspecified
[ 1184.500858][   T27] audit: type=1800 audit(1738540972.295:102): pid=13613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2004" name="bus" dev="loop6" ino=18 res=0 errno=0
[ 1184.910876][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1185.184399][T13640] loop6: detected capacity change from 0 to 64
[ 1185.380680][T13644] loop7: detected capacity change from 0 to 64
[ 1188.957105][T13672] program syz.8.2015 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1189.455075][T13679] input: syz1 as /devices/virtual/input/input16
[ 1190.098660][T13683] device syzkaller1 entered promiscuous mode
[ 1193.818324][T13700] loop2: detected capacity change from 0 to 512
[ 1193.973891][T13700] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1194.003340][T13700] ext4 filesystem being mounted at /439/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1194.010111][T13691] loop7: detected capacity change from 0 to 32768
[ 1194.167515][T13691] XFS (loop7): Mounting V5 Filesystem
[ 1194.193808][   T27] audit: type=1800 audit(1738540981.985:103): pid=13700 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2020" name="bus" dev="loop2" ino=18 res=0 errno=0
[ 1194.355075][T13691] XFS (loop7): Ending clean mount
[ 1194.708996][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1194.844299][T13691] XFS (loop7): Quotacheck needed: Please wait.
[ 1195.074478][T13718] loop2: detected capacity change from 0 to 32768
[ 1195.197351][T13691] XFS (loop7): Quotacheck: Done.
[ 1195.233575][T13718] XFS (loop2): Mounting V5 Filesystem
[ 1195.273692][T13696] loop6: detected capacity change from 0 to 40427
[ 1195.335635][T13696] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3ffff
[ 1195.358809][T13696] F2FS-fs (loop6): invalid crc value
[ 1195.362869][ T8071] XFS (loop7): Unmounting Filesystem
[ 1195.434333][T13718] XFS (loop2): Ending clean mount
[ 1195.453364][T13718] XFS (loop2): Quotacheck needed: Please wait.
[ 1195.477645][T13696] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1195.578982][T13718] XFS (loop2): Quotacheck: Done.
[ 1195.717140][T13696] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1196.184582][T13744] overlayfs: missing 'lowerdir'
[ 1196.832623][ T8332] syz-executor: attempt to access beyond end of device
[ 1196.832623][ T8332] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1197.014975][ T4259] XFS (loop2): Unmounting Filesystem
[ 1200.008508][   T48] Bluetooth: hci5: command 0x0406 tx timeout
[ 1200.868366][T13773] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2028'.
[ 1204.568440][T13782] orangefs_mount: mount request failed with -4
[ 1205.392055][T13794] input: syz1 as /devices/virtual/input/input17
[ 1206.126610][T13799] program syz.6.2037 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1206.726500][T13806] device syzkaller1 entered promiscuous mode
[ 1208.751927][T13818] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2043'.
[ 1210.988913][T13831] loop2: detected capacity change from 0 to 128
[ 1211.063413][T13831] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1211.249462][T13831] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1211.283327][T13831] ext4 filesystem being mounted at /448/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1212.099969][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1212.302186][T13849] loop7: detected capacity change from 0 to 64
[ 1213.440598][T13858] loop8: detected capacity change from 0 to 64
[ 1214.871683][T13847] loop2: detected capacity change from 0 to 32768
[ 1214.918378][ T4290] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1215.120296][ T4290] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1215.141166][ T4290] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1216.572973][ T4290] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1216.598364][ T4290] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1216.627508][ T4290] usb 1-1: config 0 descriptor??
[ 1216.639736][ T4290] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1217.049996][T13882] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2059'.
[ 1218.754218][    T7] usb 1-1: USB disconnect, device number 22
[ 1219.196506][T13897] loop2: detected capacity change from 0 to 64
[ 1220.717054][T13908] loop7: detected capacity change from 0 to 64
[ 1224.903051][T13935] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2073'.
[ 1224.912231][T13935] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2073'.
[ 1227.934946][T13953] loop6: detected capacity change from 0 to 64
[ 1229.192690][T13963] loop6: detected capacity change from 0 to 64
[ 1231.441196][T13978] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2085'.
[ 1231.450325][T13978] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2085'.
[ 1235.566950][T14005] loop7: detected capacity change from 0 to 64
[ 1238.589243][T14028] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2097'.
[ 1238.598453][T14028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2097'.
[ 1241.634996][T14048] loop6: detected capacity change from 0 to 64
[ 1243.881663][T14064] loop8: detected capacity change from 0 to 64
[ 1244.038795][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1244.045177][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1245.564129][T14078] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2110'.
[ 1245.573373][T14078] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2110'.
[ 1249.835563][T14101] loop7: detected capacity change from 0 to 64
[ 1251.302537][T14118] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2122'.
[ 1251.311840][T14118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2122'.
[ 1255.420936][T14155] loop6: detected capacity change from 0 to 64
[ 1256.457120][T14163] loop6: detected capacity change from 0 to 64
[ 1256.586508][T14165] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2133'.
[ 1256.595685][T14165] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2133'.
[ 1263.103657][T14204] loop6: detected capacity change from 0 to 128
[ 1263.962198][T14204] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1264.040801][T14204] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1265.712035][T14219] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2147'.
[ 1265.878718][T14204] ext4 filesystem being mounted at /246/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1266.195402][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1268.618133][T14242] loop6: detected capacity change from 0 to 64
[ 1271.836386][T14247] loop7: detected capacity change from 0 to 40427
[ 1271.889075][T14247] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1271.965757][T14247] F2FS-fs (loop7): invalid crc value
[ 1272.016863][T14247] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1272.462778][T14247] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1272.531390][T14267] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2162'.
[ 1274.269907][ T8071] syz-executor: attempt to access beyond end of device
[ 1274.269907][ T8071] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1276.181575][T14291] loop2: detected capacity change from 0 to 64
[ 1276.588084][T14299] loop0: detected capacity change from 0 to 128
[ 1276.646208][T14299] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1276.713474][T14299] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1276.732297][T14299] ext4 filesystem being mounted at /483/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1277.542922][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1278.688799][T14313] orangefs_mount: mount request failed with -4
[ 1278.944230][T14304] loop2: detected capacity change from 0 to 40427
[ 1279.018931][T14304] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[ 1279.073660][T14304] F2FS-fs (loop2): invalid crc value
[ 1279.094806][T14304] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1279.207691][T14304] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1279.615057][ T4259] syz-executor: attempt to access beyond end of device
[ 1279.615057][ T4259] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1279.793928][T14334] netlink: 32 bytes leftover after parsing attributes in process `syz.8.2175'.
[ 1282.458175][T14344] loop8: detected capacity change from 0 to 64
[ 1282.774834][T14348] loop7: detected capacity change from 0 to 128
[ 1282.798495][ T8616] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1282.843017][T14348] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1282.967961][T14348] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1282.999336][T14348] ext4 filesystem being mounted at /289/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1283.012119][ T8616] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1283.028005][ T8616] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1283.038081][ T8616] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1283.621072][ T8616] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1283.730742][ T8616] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1283.750953][ T8616] usb 7-1: config 0 descriptor??
[ 1284.179381][ T8616] usbhid 7-1:0.0: can't add hid device: -71
[ 1284.187211][ T8616] usbhid: probe of 7-1:0.0 failed with error -71
[ 1284.221297][ T8616] usb 7-1: USB disconnect, device number 4
[ 1284.922241][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1286.103224][T14376] loop7: detected capacity change from 0 to 40427
[ 1286.143446][T14376] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1286.186021][T14376] F2FS-fs (loop7): invalid crc value
[ 1286.288369][T14385] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2189'.
[ 1286.489537][T14376] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1287.043714][T14376] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1289.049412][ T8071] syz-executor: attempt to access beyond end of device
[ 1289.049412][ T8071] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1290.059756][T14400] orangefs_mount: mount request failed with -4
[ 1290.084503][T14403] loop0: detected capacity change from 0 to 64
[ 1290.668413][T10731] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1291.077621][T14414] loop6: detected capacity change from 0 to 128
[ 1291.110425][T10731] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1291.123607][T14414] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1291.143806][T10731] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1291.180852][T10731] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1291.204300][T10731] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1291.224581][T10731] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1291.261537][T10731] usb 9-1: config 0 descriptor??
[ 1291.294057][T14414] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1291.312338][T14414] ext4 filesystem being mounted at /258/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1292.437271][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1292.926433][T10731] usbhid 9-1:0.0: can't add hid device: -71
[ 1292.952898][T10731] usbhid: probe of 9-1:0.0 failed with error -71
[ 1293.018985][T10731] usb 9-1: USB disconnect, device number 4
[ 1293.424577][T14436] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2202'.
[ 1296.660574][T14438] loop6: detected capacity change from 0 to 40427
[ 1296.710189][T14438] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3ffff
[ 1296.744987][T14438] F2FS-fs (loop6): invalid crc value
[ 1296.874430][T14438] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1297.006595][T14438] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1297.374932][ T8332] syz-executor: attempt to access beyond end of device
[ 1297.374932][ T8332] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1298.228010][T14471] loop6: detected capacity change from 0 to 64
[ 1300.192653][T14485] loop2: detected capacity change from 0 to 128
[ 1300.214140][T14478] orangefs_mount: mount request failed with -4
[ 1300.254370][T14485] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1300.334888][T14490] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2215'.
[ 1300.696239][T14485] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1301.145181][T14485] ext4 filesystem being mounted at /487/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1302.048031][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1302.945036][T14487] loop8: detected capacity change from 0 to 40427
[ 1302.960214][T14487] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1302.976257][T14487] F2FS-fs (loop8): invalid crc value
[ 1303.015279][T14487] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1303.124085][T14487] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1303.757412][T14504] loop2: detected capacity change from 0 to 40427
[ 1303.775714][T14504] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[ 1303.806399][T14504] F2FS-fs (loop2): invalid crc value
[ 1303.844379][T14504] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1303.969424][T14504] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1304.565453][ T4259] syz-executor: attempt to access beyond end of device
[ 1304.565453][ T4259] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1304.928446][ T4499] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1305.452480][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1305.459363][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1306.290325][ T4499] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1306.307966][ T4499] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1306.317823][ T4499] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1306.330899][ T4499] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1306.340052][ T4499] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.360203][ T4499] usb 1-1: config 0 descriptor??
[ 1306.659079][T14543] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2229'.
[ 1307.422518][ T4499] usbhid 1-1:0.0: can't add hid device: -71
[ 1307.438366][ T4499] usbhid: probe of 1-1:0.0 failed with error -71
[ 1307.454057][ T4499] usb 1-1: USB disconnect, device number 23
[ 1307.670745][T14549] loop2: detected capacity change from 0 to 64
[ 1309.166093][T14557] loop0: detected capacity change from 0 to 128
[ 1309.194338][T14557] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1309.224325][T14557] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1309.342166][T14557] ext4 filesystem being mounted at /495/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1310.989569][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1311.489772][T14571] orangefs_mount: mount request failed with -4
[ 1311.663525][T14555] loop2: detected capacity change from 0 to 40427
[ 1311.713381][T14555] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[ 1311.739873][T14555] F2FS-fs (loop2): invalid crc value
[ 1311.767275][T14555] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1311.955180][T14555] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1312.017429][T14570] loop8: detected capacity change from 0 to 40427
[ 1312.052304][T14570] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1312.069037][T14570] F2FS-fs (loop8): invalid crc value
[ 1312.077910][T14570] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1312.578479][T14570] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1312.903871][ T4259] syz-executor: attempt to access beyond end of device
[ 1312.903871][ T4259] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1313.180643][T12617] syz-executor: attempt to access beyond end of device
[ 1313.180643][T12617] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1315.183563][T14607] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2241'.
[ 1316.218379][ T9626] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1316.410119][ T9626] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1316.445443][ T9626] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1316.528243][ T9626] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1316.569211][ T9626] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1317.418952][ T9626] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1317.429538][ T9626] usb 1-1: config 0 descriptor??
[ 1317.690921][T14626] loop8: detected capacity change from 0 to 64
[ 1317.771075][ T9626] usbhid 1-1:0.0: can't add hid device: -71
[ 1317.779244][ T9626] usbhid: probe of 1-1:0.0 failed with error -71
[ 1317.823913][ T9626] usb 1-1: USB disconnect, device number 24
[ 1318.119375][T14632] loop2: detected capacity change from 0 to 128
[ 1318.146871][T14632] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1318.229462][T14632] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1318.265464][T14632] ext4 filesystem being mounted at /494/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1319.144552][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1320.456820][T14640] loop8: detected capacity change from 0 to 40427
[ 1320.470735][T14640] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1320.522805][T14640] F2FS-fs (loop8): invalid crc value
[ 1320.582901][T14640] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1321.041509][T14661] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2256'.
[ 1324.765757][T14674] loop6: detected capacity change from 0 to 64
[ 1325.056149][T14682] loop2: detected capacity change from 0 to 128
[ 1325.090469][T14682] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1325.114202][T14682] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1325.180389][T14682] ext4 filesystem being mounted at /496/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1325.482978][ T8430] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[ 1325.851474][ T8430] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1325.881840][ T8430] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1325.895462][ T8430] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1325.911256][ T8430] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1325.923821][ T8430] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1325.965601][ T8430] usb 8-1: config 0 descriptor??
[ 1326.115495][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1326.407285][ T8430] usbhid 8-1:0.0: can't add hid device: -71
[ 1326.420900][ T8430] usbhid: probe of 8-1:0.0 failed with error -71
[ 1326.436758][T14693] orangefs_mount: mount request failed with -4
[ 1326.491435][ T8430] usb 8-1: USB disconnect, device number 11
[ 1327.422107][T14706] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2267'.
[ 1331.241838][T14715] loop0: detected capacity change from 0 to 40427
[ 1331.298413][T14715] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[ 1331.408780][T14715] F2FS-fs (loop0): invalid crc value
[ 1331.420379][T14739] loop2: detected capacity change from 0 to 64
[ 1331.893844][T14715] F2FS-fs (loop0): Failed to start F2FS issue_checkpoint_thread (-12)
[ 1332.943044][T14751] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2279'.
[ 1333.681084][T14752] loop0: detected capacity change from 0 to 128
[ 1333.690006][T14752] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1333.719233][T14752] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1333.749692][T14752] ext4 filesystem being mounted at /504/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1335.429485][T14764] orangefs_mount: mount request failed with -4
[ 1336.190480][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1338.645973][T14789] loop2: detected capacity change from 0 to 64
[ 1339.243323][T14780] loop8: detected capacity change from 0 to 40427
[ 1339.257649][T14780] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1339.276420][T14780] F2FS-fs (loop8): invalid crc value
[ 1339.406977][T14780] F2FS-fs (loop8): Found nat_bits in checkpoint
[ 1339.572198][T14780] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1342.733592][T14803] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2291'.
[ 1342.873337][T12617] syz-executor: attempt to access beyond end of device
[ 1342.873337][T12617] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1343.775935][T14812] orangefs_mount: mount request failed with -4
[ 1343.835947][T14816] loop0: detected capacity change from 0 to 512
[ 1343.941608][T14816] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1343.971157][T14816] ext4 filesystem being mounted at /506/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1344.100740][   T27] audit: type=1800 audit(1738541131.895:104): pid=14816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2295" name="bus" dev="loop0" ino=18 res=0 errno=0
[ 1344.271356][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1346.563191][T14839] loop0: detected capacity change from 0 to 64
[ 1349.764555][T14850] loop0: detected capacity change from 0 to 40427
[ 1349.815312][T14850] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[ 1349.911740][T14850] F2FS-fs (loop0): invalid crc value
[ 1350.010367][T14850] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1350.275985][T14850] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1351.604528][ T4248] syz-executor: attempt to access beyond end of device
[ 1351.604528][ T4248] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1351.786121][T14888] loop8: detected capacity change from 0 to 64
[ 1352.238761][T14889] orangefs_mount: mount request failed with -4
[ 1355.696193][T14913] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1355.709708][T14913] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1355.716839][T14913] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1355.716839][T14913] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1355.736427][T14913] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1355.748227][T14913] CUSE: DEVNAME unspecified
[ 1356.567475][T14901] loop8: detected capacity change from 0 to 40427
[ 1356.621143][T14924] loop2: detected capacity change from 0 to 64
[ 1356.629799][T14901] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1356.713424][T14901] F2FS-fs (loop8): invalid crc value
[ 1356.724093][T14901] F2FS-fs (loop8): Failed to start F2FS issue_checkpoint_thread (-12)
[ 1359.233360][T14936] loop0: detected capacity change from 0 to 32768
[ 1360.510788][T14936] XFS (loop0): Mounting V5 Filesystem
[ 1362.245594][T14957] input: syz1 as /devices/virtual/input/input18
[ 1362.256051][T14936] XFS (loop0): Ending clean mount
[ 1362.264416][T14936] XFS (loop0): Quotacheck needed: Please wait.
[ 1362.578647][T14936] XFS (loop0): Quotacheck: Done.
[ 1362.829562][ T4248] XFS (loop0): Unmounting Filesystem
[ 1363.752361][T14979] loop7: detected capacity change from 0 to 64
[ 1366.987927][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1366.994332][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1368.160237][T15001] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1368.184299][T15001] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1368.199215][T15001] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1368.199215][T15001] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1368.253900][T15001] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1368.285546][T15001] CUSE: DEVNAME unspecified
[ 1368.844096][T15011] input: syz1 as /devices/virtual/input/input19
[ 1371.565918][T15042] loop2: detected capacity change from 0 to 64
[ 1371.713493][T15045] loop0: detected capacity change from 0 to 128
[ 1373.851212][T15045] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1373.910712][T15045] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1373.955721][T15045] ext4 filesystem being mounted at /518/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1374.046651][T15053] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1374.098419][T15053] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1374.104290][T15053] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1374.104290][T15053] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1374.154531][T15053] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1374.174296][T15053] CUSE: DEVNAME unspecified
[ 1375.128656][T15064] loop8: detected capacity change from 0 to 64
[ 1375.713365][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1375.725596][T15075] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1375.741859][T15075] IPv6: NLM_F_CREATE should be set when creating new route
[ 1375.749164][T15075] IPv6: NLM_F_CREATE should be set when creating new route
[ 1375.998423][   T26] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[ 1376.205179][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1376.624582][   T26] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1376.792701][   T26] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1376.806931][   T26] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1377.130349][   T26] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1377.753135][   T26] usb 8-1: config 0 descriptor??
[ 1377.770695][T15073] orangefs_mount: mount request failed with -4
[ 1378.116734][T15100] loop0: detected capacity change from 0 to 64
[ 1378.167853][   T26] usbhid 8-1:0.0: can't add hid device: -71
[ 1378.177461][   T26] usbhid: probe of 8-1:0.0 failed with error -71
[ 1378.198410][   T26] usb 8-1: USB disconnect, device number 12
[ 1379.335470][T15097] loop2: detected capacity change from 0 to 32768
[ 1379.464620][T15097] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[ 1379.484716][T15097] XFS (loop2): Mounting V5 Filesystem
[ 1379.605380][T15097] XFS (loop2): Ending clean mount
[ 1380.070812][T15097] XFS (loop2): Quotacheck needed: Please wait.
[ 1380.449848][T15097] XFS (loop2): Quotacheck: Done.
[ 1380.536891][T15097] xfs: Unknown parameter '��18446744073709551615�01777777777777777777777��V?����Cp~'~8pٻ젌|�^��(
c�o����M�)��0177777777777777777777718446744073709551615����������'
[ 1380.802498][T15098] loop8: detected capacity change from 0 to 32768
[ 1380.825328][T15098] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.2368 (15098)
[ 1380.846230][T15104] loop7: detected capacity change from 0 to 40427
[ 1381.076827][T15104] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1381.529011][T15104] F2FS-fs (loop7): invalid crc value
[ 1381.585323][T15098] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1381.601337][T15104] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1381.638535][ T4259] XFS (loop2): Unmounting Filesystem
[ 1381.658452][T15098] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[ 1381.741018][T15098] BTRFS info (device loop8): using free space tree
[ 1381.853492][T15104] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1382.498935][T15098] BTRFS error (device loop8): open_ctree failed
[ 1382.564141][ T8071] syz-executor: attempt to access beyond end of device
[ 1382.564141][ T8071] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1383.507742][T15178] program syz.2.2374 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1383.578364][T15161] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1383.829850][T15161] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1383.906819][T15161] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1384.009392][T15186] loop7: detected capacity change from 0 to 64
[ 1384.035405][T15161] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1384.298307][T15161] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1384.323494][T15161] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1384.400192][T15161] usb 9-1: config 0 descriptor??
[ 1384.573386][T15166] loop0: detected capacity change from 0 to 40427
[ 1384.598625][T15166] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3ffff
[ 1384.617796][T15166] F2FS-fs (loop0): invalid crc value
[ 1384.883198][T15166] F2FS-fs (loop0): Found nat_bits in checkpoint
[ 1385.016939][T15161] usbhid 9-1:0.0: can't add hid device: -71
[ 1385.026943][T15161] usbhid: probe of 9-1:0.0 failed with error -71
[ 1385.042638][T15166] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1385.089223][T15161] usb 9-1: USB disconnect, device number 5
[ 1385.306537][T15181] loop6: detected capacity change from 0 to 256
[ 1385.717694][ T4248] syz-executor: attempt to access beyond end of device
[ 1385.717694][ T4248] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1388.722111][T15224] orangefs_mount: mount request failed with -4
[ 1389.103905][T15233] loop7: detected capacity change from 0 to 64
[ 1391.658282][ T4293] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1391.782861][T15235] loop6: detected capacity change from 0 to 40427
[ 1391.907415][ T4293] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1391.935429][T15235] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3ffff
[ 1391.958895][ T4293] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1391.999901][ T4293] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1392.016249][T15235] F2FS-fs (loop6): invalid crc value
[ 1392.023767][ T4293] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1392.033219][ T4293] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1392.044091][ T4293] usb 9-1: config 0 descriptor??
[ 1392.057439][T15235] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1392.505500][    C1] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1392.513875][ T4293] usbhid 9-1:0.0: can't add hid device: -71
[ 1392.520227][ T4293] usbhid: probe of 9-1:0.0 failed with error -71
[ 1392.549367][ T4293] usb 9-1: USB disconnect, device number 6
[ 1393.935554][T15276] input: syz1 as /devices/virtual/input/input20
[ 1394.830479][T15283] loop8: detected capacity change from 0 to 64
[ 1396.621662][T15291] loop0: detected capacity change from 0 to 128
[ 1396.771484][T15291] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1396.859181][T15291] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1397.198403][T15291] ext4 filesystem being mounted at /534/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1397.269224][T15301] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1397.281200][T15301] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1397.287135][T15301] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1397.287135][T15301] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1397.306562][T15301] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1397.318001][T15301] CUSE: DEVNAME unspecified
[ 1398.548429][   T26] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1398.580272][T15295] loop7: detected capacity change from 0 to 40427
[ 1398.605570][T15295] F2FS-fs (loop7): build fault injection attr: rate: 690, type: 0x3ffff
[ 1398.731793][   T26] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1398.765263][T15295] F2FS-fs (loop7): invalid crc value
[ 1398.784936][   T26] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1398.801478][T15295] F2FS-fs (loop7): Found nat_bits in checkpoint
[ 1398.869585][   T26] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1398.936200][   T26] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1398.998232][   T26] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1399.048731][   T26] usb 9-1: config 0 descriptor??
[ 1399.114568][T15295] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1399.129982][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1399.668052][ T8071] syz-executor: attempt to access beyond end of device
[ 1399.668052][ T8071] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1399.676139][   T26] usbhid 9-1:0.0: can't add hid device: -71
[ 1399.722223][   T26] usbhid: probe of 9-1:0.0 failed with error -71
[ 1399.744446][   T26] usb 9-1: USB disconnect, device number 7
[ 1402.443334][T15337] input: syz1 as /devices/virtual/input/input21
[ 1403.412200][T15347] loop8: detected capacity change from 0 to 64
[ 1405.785800][T15363] orangefs_mount: mount request failed with -4
[ 1406.124297][T15364] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1406.155792][T15364] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1406.163161][T15364] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1406.163161][T15364] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1406.183961][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1406.205226][T15364] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1406.258390][T15364] CUSE: DEVNAME unspecified
[ 1407.009362][ T9626] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1407.214417][ T9626] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1407.238065][ T9626] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1407.248120][ T9626] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1407.262252][ T9626] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1407.271477][ T9626] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1407.282279][ T9626] usb 8-1: config 0 descriptor??
[ 1407.930832][ T9626] usbhid 8-1:0.0: can't add hid device: -71
[ 1407.963663][ T9626] usbhid: probe of 8-1:0.0 failed with error -71
[ 1408.002081][ T9626] usb 8-1: USB disconnect, device number 13
[ 1410.674632][T15387] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2432'.
[ 1410.683799][T15387] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2432'.
[ 1410.926068][T15398] loop7: detected capacity change from 0 to 64
[ 1413.504832][T15417] orangefs_mount: mount request failed with -4
[ 1414.177829][T15430] program syz.6.2440 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1414.269638][ T5427] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1414.479870][ T5427] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1414.496452][ T5427] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1414.530313][ T5427] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1414.576264][ T5427] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1414.606551][ T5427] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.627513][ T5427] usb 9-1: config 0 descriptor??
[ 1416.038872][ T5427] usbhid 9-1:0.0: can't add hid device: -71
[ 1416.044925][ T5427] usbhid: probe of 9-1:0.0 failed with error -71
[ 1416.058657][ T5427] usb 9-1: USB disconnect, device number 8
[ 1417.948653][T15450] device syzkaller1 entered promiscuous mode
[ 1419.096574][T15454] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2450'.
[ 1419.190684][T15457] loop8: detected capacity change from 0 to 64
[ 1419.526317][T15462] loop2: detected capacity change from 0 to 22
[ 1419.536352][T15462] MTD: Attempt to mount non-MTD device "/dev/loop2"
[ 1420.868300][T15462] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1421.086779][T15474] loop7: detected capacity change from 0 to 256
[ 1421.100187][T15474] exFAT-fs (loop7): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[ 1421.418393][ T4433] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1421.695539][T15486] loop7: detected capacity change from 0 to 128
[ 1421.711243][ T4433] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1421.746820][ T4433] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1421.746989][T15486] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1422.588366][ T4433] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1422.601977][ T4433] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1422.611524][ T4433] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1422.630264][ T4433] usb 9-1: config 0 descriptor??
[ 1422.739725][T15486] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1422.767829][T15486] ext4 filesystem being mounted at /348/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1423.170970][T15498] program syz.6.2462 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1423.713212][ T4433] usbhid 9-1:0.0: can't add hid device: -71
[ 1424.287351][ T4433] usbhid: probe of 9-1:0.0 failed with error -71
[ 1424.347564][ T4433] usb 9-1: USB disconnect, device number 9
[ 1424.645287][T15509] device syzkaller1 entered promiscuous mode
[ 1426.998868][T15521] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1427.010900][T15521] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1427.016951][T15521] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1427.016951][T15521] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1427.037864][T15521] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1427.122255][T15521] CUSE: DEVNAME unspecified
[ 1427.743203][T15526] loop0: detected capacity change from 0 to 64
[ 1428.333330][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.339974][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1429.938344][T15534] loop0: detected capacity change from 0 to 512
[ 1429.948086][T15534] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1429.988976][T15534] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[ 1430.006733][T15534] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[ 1430.014884][T15534] System zones: 0-2, 18-18, 34-34
[ 1430.039292][T15534] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.2470: bad orphan inode 15
[ 1430.055303][T15534] ext4_test_bit(bit=14, block=18) = 1
[ 1430.060917][T15534] is_bad_inode(inode)=0
[ 1430.065109][T15534] NEXT_ORPHAN(inode)=2264924160
[ 1430.070021][T15534] max_ino=32
[ 1430.073241][T15534] i_nlink=0
[ 1430.076435][T15534] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[ 1430.105986][T15534] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.2470: bg 0: block 80: padding at end of block bitmap is not set
[ 1430.133750][T15534] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[ 1430.147521][T15534] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1430.438638][T15533] orangefs_mount: mount request failed with -4
[ 1430.646423][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1432.567084][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1432.736084][T15558] loop0: detected capacity change from 0 to 1024
[ 1433.082797][    T7] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1433.324735][    T7] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1433.540944][    T7] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1433.552138][    T7] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1433.565591][    T7] usb 7-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1433.575012][    T7] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1433.589627][    T7] usb 7-1: config 0 descriptor??
[ 1433.605409][T15569] loop7: detected capacity change from 0 to 64
[ 1433.766912][T15571] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1433.779146][T15571] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1433.786164][T15571] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1433.786164][T15571] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1433.806267][T15571] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1434.013826][T15571] CUSE: DEVNAME unspecified
[ 1435.462268][    T7] acrux 0003:1A34:0802.0011: unknown main item tag 0x0
[ 1435.469269][    T7] acrux 0003:1A34:0802.0011: unknown main item tag 0x0
[ 1435.478226][    T7] acrux 0003:1A34:0802.0011: unknown main item tag 0x0
[ 1435.495507][    T7] acrux 0003:1A34:0802.0011: unknown main item tag 0x0
[ 1436.104601][    T7] acrux 0003:1A34:0802.0011: unknown main item tag 0x0
[ 1436.221986][T15580] program syz.8.2481 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1436.485551][    T7] acrux 0003:1A34:0802.0011: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.6-1/input0
[ 1436.538244][    T7] acrux 0003:1A34:0802.0011: no inputs found
[ 1436.544404][    T7] acrux 0003:1A34:0802.0011: Failed to enable force feedback support, error: -19
[ 1436.602812][T15582] loop2: detected capacity change from 0 to 512
[ 1437.826417][T15592] ucma_write: process 405 (syz.8.2486) changed security contexts after opening file descriptor, this is not allowed.
[ 1437.902307][T14071] usb 7-1: reset high-speed USB device number 5 using dummy_hcd
[ 1437.917389][T15593] loop0: detected capacity change from 0 to 64
[ 1439.129416][T15049] usb 7-1: USB disconnect, device number 5
[ 1439.440881][T15611] orangefs_mount: mount request failed with -4
[ 1440.143200][T15626] program syz.7.2494 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1443.428309][T15049] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1443.640126][T15049] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1443.681890][T15049] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1443.729025][T15049] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1443.761224][T15049] usb 8-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1443.775662][T15049] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1443.812936][T15049] usb 8-1: config 0 descriptor??
[ 1444.314853][T15049] acrux 0003:1A34:0802.0012: unknown main item tag 0x0
[ 1444.326036][T15049] acrux 0003:1A34:0802.0012: unknown main item tag 0x0
[ 1444.363166][T15049] acrux 0003:1A34:0802.0012: unknown main item tag 0x0
[ 1444.370332][T15049] acrux 0003:1A34:0802.0012: unknown main item tag 0x0
[ 1444.378032][T15049] acrux 0003:1A34:0802.0012: unknown main item tag 0x0
[ 1444.396292][T15049] acrux 0003:1A34:0802.0012: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.7-1/input0
[ 1444.413693][T15049] acrux 0003:1A34:0802.0012: no inputs found
[ 1444.420008][T15049] acrux 0003:1A34:0802.0012: Failed to enable force feedback support, error: -19
[ 1445.527047][T14720] usb 8-1: USB disconnect, device number 14
[ 1447.985511][T15680] program syz.7.2509 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1448.281145][T15683] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2510'.
[ 1448.327882][T15678] loop0: detected capacity change from 0 to 128
[ 1448.891073][T15678] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1448.937453][T15678] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1448.999492][T15678] ext4 filesystem being mounted at /556/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1449.130639][T15688] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1449.144684][T15688] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1449.150832][T15688] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1449.150832][T15688] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1449.171058][T15688] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1449.183909][T15688] CUSE: DEVNAME unspecified
[ 1450.152281][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1455.535174][T15729] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2521'.
[ 1455.849706][T15731] program syz.2.2523 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1458.193129][T15741] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1458.204982][T15741] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1458.211313][T15741] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1458.211313][T15741] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1458.231108][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1458.237313][T15741] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1458.250534][T15741] CUSE: DEVNAME unspecified
[ 1458.777145][T15746] loop0: detected capacity change from 0 to 1024
[ 1458.830726][T15746] EXT4-fs: Ignoring removed nobh option
[ 1458.836348][T15746] EXT4-fs: Ignoring removed bh option
[ 1459.928814][T15746] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1461.798233][T15756] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 64: padding at end of block bitmap is not set
[ 1461.839885][T15756] EXT4-fs (loop0): Remounting filesystem read-only
[ 1462.219250][T15774] netlink: 52 bytes leftover after parsing attributes in process `syz.8.2534'.
[ 1463.008564][T15775] device syzkaller1 entered promiscuous mode
[ 1464.061646][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1464.322870][T15782] loop8: detected capacity change from 0 to 128
[ 1464.451781][T15782] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1464.462916][T15782] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1464.472019][T15782] ext4 filesystem being mounted at /124/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1464.653093][T15790] input: syz1 as /devices/virtual/input/input22
[ 1465.163280][T15798] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1465.175158][T15798] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1465.181191][T15798] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1465.181191][T15798] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1466.226585][T15798] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1467.235724][T15798] CUSE: DEVNAME unspecified
[ 1468.017144][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1470.431820][T15820] loop8: detected capacity change from 0 to 128
[ 1470.461889][T15822] loop6: detected capacity change from 0 to 128
[ 1470.536913][T15822] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1470.609716][T15825] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2548'.
[ 1471.579255][T15830] device syzkaller1 entered promiscuous mode
[ 1472.889273][T15822] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1472.925983][T15822] ext4 filesystem being mounted at /326/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1473.200547][T15834] program syz.7.2550 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1473.428284][    T7] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1473.437626][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1473.631732][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1473.652424][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1473.680362][    T7] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1473.726399][    T7] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1473.775776][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1473.821614][T15847] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1473.822893][    T7] usb 1-1: config 0 descriptor??
[ 1473.833346][T15847] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1473.833364][T15847] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1473.833364][T15847] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1473.833381][T15847] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1473.833394][T15847] CUSE: DEVNAME unspecified
[ 1473.863406][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1473.943018][T15853] input: syz1 as /devices/virtual/input/input23
[ 1474.667507][    T7] acrux 0003:1A34:0802.0013: unknown main item tag 0x0
[ 1474.703861][    T7] acrux 0003:1A34:0802.0013: unknown main item tag 0x0
[ 1474.753299][    T7] acrux 0003:1A34:0802.0013: unknown main item tag 0x0
[ 1474.790905][    T7] acrux 0003:1A34:0802.0013: unknown main item tag 0x0
[ 1474.858294][    T7] acrux 0003:1A34:0802.0013: unknown main item tag 0x0
[ 1474.885852][    T7] acrux 0003:1A34:0802.0013: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0
[ 1474.976242][    T7] acrux 0003:1A34:0802.0013: no inputs found
[ 1475.017100][    T7] acrux 0003:1A34:0802.0013: Failed to enable force feedback support, error: -19
[ 1476.745652][ T8430] usb 1-1: USB disconnect, device number 25
[ 1477.069885][T15879] device syzkaller1 entered promiscuous mode
[ 1478.643207][T15897] program syz.8.2568 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1478.663049][T15899] input: syz1 as /devices/virtual/input/input24
[ 1479.262321][T15875] loop6: detected capacity change from 0 to 40427
[ 1480.412181][T15901] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1480.424377][T15901] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1480.430286][T15901] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1480.430286][T15901] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1480.449224][T15901] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1480.460466][T15901] CUSE: DEVNAME unspecified
[ 1481.298474][ T8430] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[ 1481.329731][T15906] orangefs_mount: mount request failed with -4
[ 1482.347847][ T9626] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1482.360658][ T8430] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 1482.400616][ T8430] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1482.416815][ T8430] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1482.436122][ T8430] usb 1-1: Product: syz
[ 1482.474752][ T8430] usb 1-1: Manufacturer: syz
[ 1482.487383][ T8430] usb 1-1: SerialNumber: syz
[ 1482.563521][ T9626] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1482.587434][ T9626] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1482.630796][ T8430] usb 1-1: config 0 descriptor??
[ 1482.639565][ T8430] streamzap 1-1:0.0: streamzap_probe: Unexpected desc.bNumEndpoints (0)
[ 1482.654528][ T9626] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1482.699582][ T9626] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1482.734705][ T9626] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1482.767853][ T9626] usb 3-1: config 0 descriptor??
[ 1482.843527][ T8430] usb 1-1: USB disconnect, device number 26
[ 1482.974626][T15925] loop6: detected capacity change from 0 to 2048
[ 1483.049182][T15925] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1483.194292][ T9626] acrux 0003:1A34:0802.0014: unknown main item tag 0x0
[ 1483.203910][ T9626] acrux 0003:1A34:0802.0014: unknown main item tag 0x0
[ 1483.218982][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1483.224933][ T9626] acrux 0003:1A34:0802.0014: unknown main item tag 0x0
[ 1483.244972][ T9626] acrux 0003:1A34:0802.0014: unknown main item tag 0x0
[ 1483.263087][ T9626] acrux 0003:1A34:0802.0014: unknown main item tag 0x0
[ 1483.282272][ T9626] acrux 0003:1A34:0802.0014: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0
[ 1483.309089][ T9626] acrux 0003:1A34:0802.0014: no inputs found
[ 1483.318702][ T9626] acrux 0003:1A34:0802.0014: Failed to enable force feedback support, error: -19
[ 1483.703027][T15934] loop7: detected capacity change from 0 to 512
[ 1483.770899][ T8242] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1483.772119][T14720] usb 3-1: USB disconnect, device number 25
[ 1485.282896][T15953] loop2: detected capacity change from 0 to 128
[ 1485.378089][T15953] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1486.159455][T15950] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1486.179462][T15950] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1486.191556][T15950] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1486.191556][T15950] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1486.243046][T15953] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1486.262657][T15953] ext4 filesystem being mounted at /556/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1486.293075][T15938] loop6: detected capacity change from 0 to 40427
[ 1486.300103][T15950] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1486.314823][T15950] CUSE: DEVNAME unspecified
[ 1486.445161][T15938] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x3ffff
[ 1486.509941][T15938] F2FS-fs (loop6): invalid crc value
[ 1486.907917][T15938] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1487.024023][T15938] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1487.078931][T15960] orangefs_mount: mount request failed with -4
[ 1487.858660][T15976] program syz.8.2590 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1487.911678][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1488.060562][T15979] loop2: detected capacity change from 0 to 2048
[ 1488.572410][T15988] loop6: detected capacity change from 0 to 512
[ 1488.640018][T15988] Quota error (device loop6): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1488.707826][T15988] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 1488.737942][T15988] EXT4-fs error (device loop6): ext4_acquire_dquot:6795: comm syz.6.2589: Failed to acquire dquot type 1
[ 1488.818004][T15988] EXT4-fs (loop6): 1 truncate cleaned up
[ 1488.838808][T15988] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1488.864819][T15988] ext4 filesystem being mounted at /337/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1489.039032][T14720] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1489.718300][T15831] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1489.747886][T15991] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[ 1489.772672][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1489.779052][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1489.790723][T14720] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1489.815276][T16001] loop7: detected capacity change from 0 to 256
[ 1489.823077][T14720] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1489.852371][T14720] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1489.855668][T16001] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[ 1489.890526][T16001] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1489.905173][T14720] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1490.089025][T14720] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1490.099356][T15831] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1490.114861][T15831] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1490.125768][T14720] usb 9-1: config 0 descriptor??
[ 1490.130995][T15831] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1490.140695][T15831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1490.156529][T15988] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1490.440902][T16010] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1490.453155][T16010] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1490.459490][T16010] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1490.459490][T16010] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1490.478777][T16010] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1490.514929][T16010] CUSE: DEVNAME unspecified
[ 1490.609173][T14720] acrux 0003:1A34:0802.0015: unknown main item tag 0x0
[ 1490.617167][T14720] acrux 0003:1A34:0802.0015: unknown main item tag 0x0
[ 1490.625281][T14720] acrux 0003:1A34:0802.0015: unknown main item tag 0x0
[ 1490.633207][T14720] acrux 0003:1A34:0802.0015: unknown main item tag 0x0
[ 1490.640889][T14720] acrux 0003:1A34:0802.0015: unknown main item tag 0x0
[ 1490.701009][T14720] acrux 0003:1A34:0802.0015: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.8-1/input0
[ 1490.729372][T16006] orangefs_mount: mount request failed with -4
[ 1490.752116][T14720] acrux 0003:1A34:0802.0015: no inputs found
[ 1490.758399][T14720] acrux 0003:1A34:0802.0015: Failed to enable force feedback support, error: -19
[ 1491.404664][T16018] loop0: detected capacity change from 0 to 128
[ 1491.437967][T16020] program syz.7.2603 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1491.468890][T16018] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1491.542752][T16018] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1491.552638][T16018] ext4 filesystem being mounted at /573/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1491.916683][T16003] loop2: detected capacity change from 0 to 40427
[ 1491.970728][T16003] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x3ffff
[ 1491.987048][T16003] F2FS-fs (loop2): invalid crc value
[ 1491.998454][T14720] usb 9-1: reset high-speed USB device number 10 using dummy_hcd
[ 1492.031595][T16003] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1492.236966][T16003] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1492.424366][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1492.778227][ T9626] usb 7-1: USB disconnect, device number 6
[ 1492.808802][ T4259] syz-executor: attempt to access beyond end of device
[ 1492.808802][ T4259] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1492.826249][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1493.355478][ T4293] usb 9-1: USB disconnect, device number 10
[ 1494.057035][T16046] sctp: failed to load transform for md5: -2
[ 1495.074967][T16066] program syz.0.2614 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1496.165511][T16060] orangefs_mount: mount request failed with -4
[ 1496.436993][T16078] loop8: detected capacity change from 0 to 128
[ 1497.178555][T16078] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1497.279375][T16078] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1497.378574][T16078] ext4 filesystem being mounted at /138/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1497.665256][   T26] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1498.148977][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1498.988278][   T26] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1499.075387][   T26] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1499.145380][   T26] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1499.218274][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1499.238881][   T26] usb 1-1: config 0 descriptor??
[ 1499.279466][T16098] loop2: detected capacity change from 0 to 8192
[ 1499.314541][T16098] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1499.924562][T16107] overlayfs: missing 'lowerdir'
[ 1500.673380][T16112] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[ 1500.718696][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1500.718944][   T26] usbhid 1-1:0.0: can't add hid device: -71
[ 1500.766396][   T26] usbhid: probe of 1-1:0.0 failed with error -71
[ 1500.783037][   T26] usb 1-1: USB disconnect, device number 27
[ 1502.625406][T16127] orangefs_mount: mount request failed with -4
[ 1504.008722][T16124] loop6: detected capacity change from 0 to 32768
[ 1504.628305][T16042] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1504.889503][T16042] usb 9-1: Using ep0 maxpacket: 8
[ 1504.947781][T16042] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1505.060303][T16042] usb 9-1: config 65 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 113, changing to 10
[ 1505.115420][T16163] loop6: detected capacity change from 0 to 128
[ 1505.118172][T16042] usb 9-1: config 65 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1040, setting to 1024
[ 1505.173652][T16042] usb 9-1: config 65 interface 0 has no altsetting 0
[ 1505.178563][T16163] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1505.215897][T16042] usb 9-1: string descriptor 0 read error: -22
[ 1505.257021][T16042] usb 9-1: New USB device found, idVendor=05ac, idProduct=021a, bcdDevice= 0.40
[ 1505.282516][T16163] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1505.286967][T16042] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1505.318311][T16163] ext4 filesystem being mounted at /343/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1505.354845][T16158] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1505.648200][ T4290] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1505.832783][T16178] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[ 1505.844957][T16178] CUSE: unknown device info "3�ܟ�,��̘�"
[ 1505.851102][T16178] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[ 1505.851102][T16178] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[ 1505.870952][T16178] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[ 1505.899573][ T4290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1505.933884][ T4290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1505.962123][ T4290] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1505.969544][T16178] CUSE: DEVNAME unspecified
[ 1506.071945][ T4290] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1506.261446][ T4290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1506.585036][ T4290] usb 3-1: config 0 descriptor??
[ 1507.024371][ T4290] acrux 0003:1A34:0802.0016: unknown main item tag 0x0
[ 1507.031865][ T4290] acrux 0003:1A34:0802.0016: unknown main item tag 0x0
[ 1507.059850][ T4290] acrux 0003:1A34:0802.0016: unknown main item tag 0x0
[ 1507.085487][T16042] appletouch 9-1:65.0: Failed to request geyser raw mode
[ 1507.098281][T16042] appletouch: probe of 9-1:65.0 failed with error -5
[ 1507.129443][T16042] usb 9-1: USB disconnect, device number 11
[ 1507.130395][ T4290] acrux 0003:1A34:0802.0016: unknown main item tag 0x0
[ 1507.175426][ T4290] acrux 0003:1A34:0802.0016: unknown main item tag 0x0
[ 1507.197555][ T4290] acrux 0003:1A34:0802.0016: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0
[ 1507.221536][ T4290] acrux 0003:1A34:0802.0016: no inputs found
[ 1507.231457][ T4290] acrux 0003:1A34:0802.0016: Failed to enable force feedback support, error: -19
[ 1507.265371][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1508.105653][T16189] orangefs_mount: mount request failed with -4
[ 1509.291085][ T9626] usb 3-1: reset high-speed USB device number 26 using dummy_hcd
[ 1510.455319][   T48] Bluetooth: hci5: Malformed LE Event: 0x1b
[ 1510.608353][T16223] input: syz1 as /devices/virtual/input/input26
[ 1511.306615][T15049] usb 3-1: USB disconnect, device number 26
[ 1512.725801][T16229] loop8: detected capacity change from 0 to 40427
[ 1512.752917][T16229] F2FS-fs (loop8): build fault injection attr: rate: 690, type: 0x3ffff
[ 1514.290291][T16261] orangefs_mount: mount request failed with -4
[ 1514.346880][T16229] F2FS-fs (loop8): invalid crc value
[ 1514.467667][T16229] F2FS-fs (loop8): Failed to start F2FS issue_checkpoint_thread (-12)
[ 1515.147484][T16269] vivid-007: disconnect
[ 1515.526001][T16268] vivid-007: reconnect
[ 1516.313492][T16286] input: syz1 as /devices/virtual/input/input27
[ 1519.735709][T16308] Bluetooth: MGMT ver 1.22
[ 1520.388384][ T4290] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1521.408251][ T4290] usb 7-1: Using ep0 maxpacket: 32
[ 1521.419991][ T4290] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1521.627392][ T4290] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1521.650015][ T4290] usb 7-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[ 1521.659436][ T4290] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1521.670401][ T4290] usb 7-1: config 0 descriptor??
[ 1523.072473][T16323] orangefs_mount: mount request failed with -4
[ 1523.434648][ T4290] usbhid 7-1:0.0: can't add hid device: -71
[ 1523.441102][ T4290] usbhid: probe of 7-1:0.0 failed with error -71
[ 1523.455178][ T4290] usb 7-1: USB disconnect, device number 7
[ 1525.190372][T16343] input: syz1 as /devices/virtual/input/input28
[ 1529.350411][T16375] loop2: detected capacity change from 0 to 2048
[ 1530.085655][T16375] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1530.170971][T16384] orangefs_mount: mount request failed with -4
[ 1531.148237][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1531.233151][T16401] input: syz1 as /devices/virtual/input/input29
[ 1531.284873][T16406] loop8: detected capacity change from 0 to 512
[ 1531.362953][ T8242] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1534.388889][T16431] loop2: detected capacity change from 0 to 128
[ 1534.477525][T16431] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1534.757937][T16431] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1535.468407][T16431] ext4 filesystem being mounted at /581/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1535.606399][T16445] loop7: detected capacity change from 0 to 1024
[ 1535.811497][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1537.292996][T16451] orangefs_mount: mount request failed with -4
[ 1537.414597][T16456] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1537.422051][T16456] IPv6: NLM_F_CREATE should be set when creating new route
[ 1537.429378][T16456] IPv6: NLM_F_CREATE should be set when creating new route
[ 1537.835158][T16466] input: syz1 as /devices/virtual/input/input30
[ 1537.877266][T16472] program syz.8.2707 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1539.424291][T16485] loop8: detected capacity change from 0 to 128
[ 1539.728878][T16485] EXT4-fs (loop8): Test dummy encryption mode enabled
[ 1539.809062][T16485] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1539.827893][T16485] ext4 filesystem being mounted at /158/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1540.695534][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1540.788065][T16496] loop6: detected capacity change from 0 to 128
[ 1541.609529][T16504] device syzkaller1 entered promiscuous mode
[ 1543.070451][T16522] program syz.6.2718 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1543.081401][T16518] input: syz1 as /devices/virtual/input/input31
[ 1543.146785][T16510] orangefs_mount: mount request failed with -4
[ 1543.493096][T16531] loop0: detected capacity change from 0 to 128
[ 1543.773967][T16531] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1544.874281][T16531] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1544.898832][T16531] ext4 filesystem being mounted at /592/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1545.387009][ T4248] EXT4-fs (loop0): unmounting filesystem.
[ 1545.708062][T16519] loop8: detected capacity change from 0 to 32768
[ 1545.728902][T16519] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.2717 (16519)
[ 1545.839674][T16519] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1545.878510][T16519] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[ 1545.887294][T16519] BTRFS info (device loop8): using free space tree
[ 1546.249866][T16569] device syzkaller1 entered promiscuous mode
[ 1547.004075][T16519] BTRFS error (device loop8): open_ctree failed
[ 1547.519237][T16588] program syz.7.2730 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1550.508459][T16596] orangefs_mount: mount request failed with -4
[ 1551.251327][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.257737][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1551.471778][T16606] loop2: detected capacity change from 0 to 128
[ 1551.507924][T16606] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1551.621949][T15049] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1552.383825][T16606] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1552.496737][T16606] ext4 filesystem being mounted at /590/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1553.139320][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1554.455647][T16633] loop7: detected capacity change from 0 to 2048
[ 1555.233553][T16633] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[ 1555.693121][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1555.706152][T16646] device syzkaller1 entered promiscuous mode
[ 1556.139017][T16639] loop6: detected capacity change from 0 to 32768
[ 1556.155229][T16639] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.2743 (16639)
[ 1556.177490][T16639] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1556.187961][T16639] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[ 1556.197012][T16639] BTRFS info (device loop6): using free space tree
[ 1556.348930][T16639] BTRFS info (device loop6): enabling ssd optimizations
[ 1558.012328][T16675] orangefs_mount: mount request failed with -4
[ 1558.308658][ T8332] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1562.224738][T16704] loop2: detected capacity change from 0 to 2048
[ 1562.369074][T16704] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1562.961386][T16716] device syzkaller1 entered promiscuous mode
[ 1563.257518][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1564.258139][T16720] orangefs_mount: mount request failed with -4
[ 1564.961150][T16715] loop8: detected capacity change from 0 to 32768
[ 1565.016344][T16715] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1565.056651][T16715] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[ 1565.090511][T16715] BTRFS info (device loop8): using free space tree
[ 1566.313618][T16722] loop2: detected capacity change from 0 to 32768
[ 1566.347700][T12619] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1566.362672][T12619] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1566.387765][T12619] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1566.420124][T12619] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1566.432963][T12619] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1566.445695][T12619] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1566.522956][T16722] XFS (loop2): Mounting V5 Filesystem
[ 1566.536627][T16715] BTRFS error (device loop8): open_ctree failed
[ 1566.714162][T16722] XFS (loop2): Ending clean mount
[ 1567.080388][   T27] audit: type=1800 audit(2000000193.060:105): pid=16765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2760" name="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=5772 res=0 errno=0
[ 1567.971933][ T4259] XFS (loop2): Unmounting Filesystem
[ 1568.247001][T16772] loop8: detected capacity change from 0 to 32768
[ 1568.265016][T16772] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 scanned by syz.8.2767 (16772)
[ 1568.478634][T16446] Bluetooth: hci2: command 0x0409 tx timeout
[ 1568.490961][T16772] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1568.501397][T16772] BTRFS info (device loop8): using crc32c (crc32c-intel) checksum algorithm
[ 1568.510342][T16772] BTRFS info (device loop8): metadata ratio 2
[ 1568.516453][T16772] BTRFS info (device loop8): allowing degraded mounts
[ 1568.523362][T16772] BTRFS info (device loop8): force zlib compression, level 3
[ 1568.530864][T16772] BTRFS info (device loop8): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1568.549460][T16772] BTRFS info (device loop8): use zstd compression, level 3
[ 1568.556707][T16772] BTRFS info (device loop8): turning on sync discard
[ 1568.565108][T16772] BTRFS info (device loop8): enabling ssd optimizations
[ 1568.572316][T16772] BTRFS info (device loop8): max_inline at 0
[ 1568.578549][T16772] BTRFS info (device loop8): using free space tree
[ 1568.741539][ T4371] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1569.277911][T16796] loop6: detected capacity change from 0 to 2048
[ 1569.421498][ T4371] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1569.721378][ T4371] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1569.820764][T16751] chnl_net:caif_netlink_parms(): no params data found
[ 1569.844825][T16796] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1570.049109][ T4371] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1570.558250][T16446] Bluetooth: hci2: command 0x041b tx timeout
[ 1571.978479][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1572.180290][T12617] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1572.323740][T16751] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1572.348721][T16751] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1572.369789][T16816] loop6: detected capacity change from 0 to 2048
[ 1572.378800][T16751] device bridge_slave_0 entered promiscuous mode
[ 1572.475604][T16751] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1572.497834][T16751] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1572.522812][T16816] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[ 1572.532926][T16751] device bridge_slave_1 entered promiscuous mode
[ 1572.638344][T16446] Bluetooth: hci2: command 0x040f tx timeout
[ 1572.654787][T16821] input: syz1 as /devices/virtual/input/input32
[ 1572.865961][T16804] loop2: detected capacity change from 0 to 32768
[ 1572.921466][T16804] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2768 (16804)
[ 1572.971954][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1573.008012][T16804] BTRFS error (device loop2): open_ctree failed
[ 1573.060058][T16751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1573.106633][T16751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1573.347072][T16751] team0: Port device team_slave_0 added
[ 1574.734753][T16446] Bluetooth: hci2: command 0x0419 tx timeout
[ 1574.854741][T16751] team0: Port device team_slave_1 added
[ 1575.300751][T16751] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1575.348252][T16751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1575.446404][T16751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1575.626318][T16751] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1575.633946][T16751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1576.463531][T16751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1576.778447][T16751] device hsr_slave_0 entered promiscuous mode
[ 1576.804916][T16751] device hsr_slave_1 entered promiscuous mode
[ 1576.844579][T16751] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1576.874920][T16751] Cannot create hsr debugfs directory
[ 1577.085576][T16863] block nbd8: shutting down sockets
[ 1577.163971][T16847] loop6: detected capacity change from 0 to 32768
[ 1577.419215][T16847] XFS (loop6): Mounting V5 Filesystem
[ 1577.503636][T16847] XFS (loop6): Ending clean mount
[ 1577.611124][   T27] audit: type=1800 audit(2000000203.590:106): pid=16847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2778" name="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop6" ino=5772 res=0 errno=0
[ 1577.763997][ T4371] bond1: (slave gretap1): Releasing active interface
[ 1577.809165][ T8332] XFS (loop6): Unmounting Filesystem
[ 1581.424912][ T4371] batman_adv: batadv0: Removing interface: ipvlan2
[ 1581.463190][ T4371] batman_adv: batadv0: Removing interface: ipvlan3
[ 1581.577025][ T4371] batman_adv: batadv0: Removing interface: ipvlan4
[ 1581.597497][ T4371] batman_adv: batadv0: Removing interface: ipvlan5
[ 1581.636258][ T4371] batman_adv: batadv0: Removing interface: ipvlan6
[ 1581.679331][ T4371] batman_adv: batadv0: Removing interface: ipvlan7
[ 1581.702101][ T4371] batman_adv: batadv0: Removing interface: ipvlan8
[ 1581.810756][ T4371] batman_adv: batadv0: Removing interface: ipvlan9
[ 1581.843466][ T4371] batman_adv: batadv0: Removing interface: ipvlan10
[ 1581.894958][ T4371] batman_adv: batadv0: Removing interface: ipvlan11
[ 1582.281802][T16912] befs: (loop13): No write support. Marking filesystem read-only
[ 1582.295856][T16912] I/O error, dev loop13, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[ 1582.305799][T16912] befs: (loop13): unable to read superblock
[ 1583.454906][T16927] block nbd6: shutting down sockets
[ 1583.596496][ T4371] device hsr_slave_0 left promiscuous mode
[ 1583.688936][ T4371] device hsr_slave_1 left promiscuous mode
[ 1583.690952][T16930] input: syz1 as /devices/virtual/input/input33
[ 1583.726095][ T4371] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1583.970866][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1584.904446][ T4371] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1584.980361][ T4371] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1585.057922][ T4371] device bridge_slave_1 left promiscuous mode
[ 1585.138490][ T4371] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.192243][ T4371] device bridge_slave_0 left promiscuous mode
[ 1585.208362][ T4371] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.288436][ T4371] device veth1_macvtap left promiscuous mode
[ 1585.294511][ T4371] device veth0_macvtap left promiscuous mode
[ 1585.308529][ T4371] device veth1_vlan left promiscuous mode
[ 1585.335397][ T4371] device veth0_vlan left promiscuous mode
[ 1588.033694][T16955] loop2: detected capacity change from 0 to 32768
[ 1588.076991][T16955] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.2799 (16955)
[ 1588.094249][T16955] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1588.104709][T16955] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[ 1588.113542][T16955] BTRFS info (device loop2): metadata ratio 2
[ 1588.119705][T16955] BTRFS info (device loop2): allowing degraded mounts
[ 1588.126507][T16955] BTRFS info (device loop2): force zlib compression, level 3
[ 1588.133982][T16955] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1588.143426][T16955] BTRFS info (device loop2): use zstd compression, level 3
[ 1588.150835][T16955] BTRFS info (device loop2): turning on sync discard
[ 1588.157555][T16955] BTRFS info (device loop2): enabling ssd optimizations
[ 1588.164666][T16955] BTRFS info (device loop2): max_inline at 0
[ 1588.170763][T16955] BTRFS info (device loop2): using free space tree
[ 1588.409195][ T4371] bond1 (unregistering): Released all slaves
[ 1588.772718][T16944] loop8: detected capacity change from 0 to 32768
[ 1588.909060][T16944] XFS (loop8): Mounting V5 Filesystem
[ 1589.133546][T16944] XFS (loop8): log mount failed
[ 1589.249126][   T27] audit: type=1800 audit(2000000215.200:107): pid=16983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2799" name="file1" dev="loop2" ino=260 res=0 errno=0
[ 1590.132587][ T4259] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1590.639799][T16996] input: syz0 as /devices/virtual/input/input34
[ 1590.802667][T16998] program syz.6.2807 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1591.129511][T17003] loop2: detected capacity change from 0 to 512
[ 1591.225730][T17003] Quota error (device loop2): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1591.310245][T17003] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1591.321801][T17003] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.2804: Failed to acquire dquot type 1
[ 1591.356012][T17007] input: syz1 as /devices/virtual/input/input35
[ 1591.358011][T17003] EXT4-fs (loop2): 1 truncate cleaned up
[ 1591.368348][T17003] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1591.378040][T17003] ext4 filesystem being mounted at /608/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1591.454897][T16992] loop7: detected capacity change from 0 to 32768
[ 1591.488756][T16992] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop7 scanned by syz.7.2805 (16992)
[ 1591.726378][T16992] BTRFS info (device loop7): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1591.753836][T16992] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[ 1591.848207][ T9626] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1591.860140][T16992] BTRFS info (device loop7): using free space tree
[ 1591.871081][T17015] ERROR: device name not specified.
[ 1592.067200][ T9626] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1592.174906][ T9626] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1592.286867][ T9626] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1592.478183][T16992] BTRFS info (device loop7): enabling ssd optimizations
[ 1592.647388][ T9626] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1592.681750][T17003] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1592.729990][T17006] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[ 1592.777391][ T4371] team0 (unregistering): Port device team_slave_1 removed
[ 1593.049156][   T27] audit: type=1804 audit(2000000219.030:108): pid=17039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2805" name="/newroot/428/file0/bus" dev="loop7" ino=263 res=1 errno=0
[ 1593.239264][   T27] audit: type=1804 audit(2000000219.030:109): pid=17035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.2805" name="/newroot/428/file0/bus" dev="loop7" ino=263 res=1 errno=0
[ 1593.549891][ T4371] team0 (unregistering): Port device team_slave_0 removed
[ 1594.190934][ T4371] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1594.273398][ T8071] BTRFS info (device loop7): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1595.039492][ T4371] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1595.301139][T17048] loop8: detected capacity change from 0 to 2048
[ 1595.356456][T17048] UDF-fs: error (device loop8): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1595.363552][T16580] usb 3-1: USB disconnect, device number 27
[ 1595.420134][T17048] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1595.549291][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1595.813430][T17050] loop2: detected capacity change from 0 to 4096
[ 1597.798318][T17074] ERROR: device name not specified.
[ 1598.180239][ T4259] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[ 1598.188630][ T4259] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[ 1599.183460][T17086] loop2: detected capacity change from 0 to 512
[ 1599.275801][T17086] Quota error (device loop2): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1599.299368][T17086] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[ 1599.332069][T17086] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.2823: Failed to acquire dquot type 1
[ 1599.401242][T17086] EXT4-fs (loop2): 1 truncate cleaned up
[ 1599.406979][T17086] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1599.486149][T17086] ext4 filesystem being mounted at /611/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1601.459053][T17098] input: syz1 as /devices/virtual/input/input36
[ 1601.890998][T17089] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[ 1602.108379][T15049] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1602.241787][T17107] loop8: detected capacity change from 0 to 2048
[ 1602.253387][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1602.327018][T17107] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1602.344833][T17107] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1602.415952][T17107] fs-verity: sha512 using implementation "sha512-avx2"
[ 1602.498169][T15049] usb 3-1: device not accepting address 28, error -71
[ 1602.749071][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1602.862963][T17116] ERROR: device name not specified.
[ 1603.304427][T17118] sctp: [Deprecated]: syz.8.2831 (pid 17118) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1603.304427][T17118] Use struct sctp_sack_info instead
[ 1603.539471][ T4371] bond0 (unregistering): Released all slaves
[ 1603.849233][T17124] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1604.958694][T17062] device syzkaller1 entered promiscuous mode
[ 1605.988750][T17136] input: syz1 as /devices/virtual/input/input37
[ 1606.935856][T17147] loop8: detected capacity change from 0 to 512
[ 1607.137320][T17152] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2839'.
[ 1607.167101][T17147] Quota error (device loop8): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1607.189969][T16751] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1607.208928][T17147] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[ 1607.250262][T17147] EXT4-fs error (device loop8): ext4_acquire_dquot:6795: comm syz.8.2838: Failed to acquire dquot type 1
[ 1607.300668][T16751] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1607.321412][T16751] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1607.324085][T17147] EXT4-fs (loop8): 1 truncate cleaned up
[ 1607.342893][T17147] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1607.361590][T16751] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1607.398656][T17147] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1607.465831][T17158] loop7: detected capacity change from 0 to 1024
[ 1607.505526][T17158] ext4: Unknown parameter 'subj_role'
[ 1607.657108][T16751] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1607.732979][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1607.748421][T15049] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1607.774056][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1607.819585][T16751] 8021q: adding VLAN 0 to HW filter on device team0
[ 1607.980188][T15163] usb 8-1: new full-speed USB device number 16 using dummy_hcd
[ 1607.992948][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1608.004833][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1608.019932][T15049] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1608.856385][T15049] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1608.866418][T15049] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1608.875575][T15049] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1608.887317][T17147] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1608.904600][ T4334] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1608.911803][ T4334] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1608.951356][T15163] usb 8-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xA6, skipping
[ 1608.972793][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1609.008187][T15163] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 65535, setting to 64
[ 1609.029625][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1609.047375][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1609.073847][T15163] usb 8-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 1609.091708][T15163] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1609.099867][T15163] usb 8-1: Product: syz
[ 1609.104058][T15163] usb 8-1: Manufacturer: syz
[ 1609.107393][ T4334] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1609.108749][T15163] usb 8-1: SerialNumber: syz
[ 1609.115790][ T4334] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1609.122413][T15163] usb 8-1: config 0 descriptor??
[ 1609.627150][T15163] usb 8-1: USB disconnect, device number 16
[ 1609.692802][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1610.124277][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1610.176727][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1610.263204][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1610.369286][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1610.577279][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1610.596798][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1610.828910][T15163] usb 9-1: USB disconnect, device number 12
[ 1610.845935][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1611.176889][T17150] EXT4-fs error (device loop8): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[ 1611.253509][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1611.498973][T16751] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1611.560807][T16751] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1611.609189][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1611.628435][ T4371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1611.828620][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1611.975089][T17202] loop6: detected capacity change from 0 to 1024
[ 1612.030300][T17202] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1612.047958][T17202] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1612.056875][T17202] EXT4-fs (loop6): Test dummy encryption mode enabled
[ 1612.196812][T17202] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[ 1612.689163][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.695841][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1613.054285][ T8332] EXT4-fs (loop6): unmounting filesystem.
[ 1613.485290][T17229] input: syz1 as /devices/virtual/input/input38
[ 1614.468593][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1614.476166][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1614.560879][T16751] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1614.675280][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1614.693219][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1614.882261][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1614.898142][ T4267] usb 9-1: new full-speed USB device number 13 using dummy_hcd
[ 1614.909855][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1614.929749][T17241] device syzkaller1 entered promiscuous mode
[ 1614.951484][T17238] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1615.044977][T16751] device veth0_vlan entered promiscuous mode
[ 1615.064524][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1615.158946][ T4267] usb 9-1: config 0 has an invalid interface number: 29 but max is 0
[ 1615.173743][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1615.177332][ T4267] usb 9-1: config 0 has no interface number 0
[ 1615.203186][ T4267] usb 9-1: config 0 interface 29 has no altsetting 0
[ 1615.219893][ T4267] usb 9-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1615.229250][ T4267] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1615.242109][T16751] device veth1_vlan entered promiscuous mode
[ 1615.254908][ T4267] usb 9-1: Product: syz
[ 1615.263576][ T4267] usb 9-1: Manufacturer: syz
[ 1615.390878][ T4267] usb 9-1: SerialNumber: syz
[ 1615.436825][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1615.446198][ T4267] usb 9-1: config 0 descriptor??
[ 1615.452787][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1616.474878][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1617.099995][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1617.140485][T16751] device veth0_macvtap entered promiscuous mode
[ 1617.177449][ T4267] peak_usb 9-1:0.29: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[ 1617.194175][T16751] device veth1_macvtap entered promiscuous mode
[ 1617.206543][ T4267] peak_usb 9-1:0.29 can0: sending command failure: -8
[ 1617.217630][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1617.233833][ T4267] peak_usb 9-1:0.29 can0: sending command failure: -8
[ 1617.256111][ T4267] peak_usb 9-1:0.29 can0: sending command failure: -8
[ 1617.267026][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1617.276460][T17255] loop7: detected capacity change from 0 to 512
[ 1617.348138][T17255] Quota error (device loop7): do_check_range: Getting dqdh_entries 1536 out of range 0-14
[ 1617.358502][T17255] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[ 1617.368712][T17255] EXT4-fs error (device loop7): ext4_acquire_dquot:6795: comm syz.7.2860: Failed to acquire dquot type 1
[ 1617.381929][T17255] EXT4-fs (loop7): 1 truncate cleaned up
[ 1617.396818][T17255] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1617.407325][T17254] loop6: detected capacity change from 0 to 4096
[ 1617.416841][T17255] ext4 filesystem being mounted at /443/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1617.443022][T17260] loop2: detected capacity change from 0 to 512
[ 1617.447104][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1617.461059][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.473515][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1617.484228][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.495144][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1617.505956][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.506243][T17260] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c098, mo2=0002]
[ 1617.515895][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1617.516056][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.568270][T17260] System zones: 1-12
[ 1617.574158][T17260] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.2861: inode #1: comm syz.2.2861: iget: illegal inode #
[ 1617.603102][ T4267] peak_usb: probe of 9-1:0.29 failed with error -8
[ 1617.603180][T17260] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.2861: error while reading EA inode 1 err=-117
[ 1617.622702][T16751] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1617.650620][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1617.652012][T17260] EXT4-fs (loop2): 1 orphan inode deleted
[ 1617.664695][T17260] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1617.670552][ T4267] usb 9-1: USB disconnect, device number 13
[ 1617.685746][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1617.702401][T17260] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.2861: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[ 1617.738382][T15049] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 1617.759548][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1617.784779][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.798044][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1617.824925][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.849499][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1617.866770][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.877247][T16751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1617.892682][T16751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1617.905495][ T4259] EXT4-fs (loop2): unmounting filesystem.
[ 1617.908699][ T8332] ntfs3: loop6: ntfs_evict_inode r=5 failed, -22.
[ 1617.914164][T16751] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1617.928000][ T8332] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[ 1617.941985][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1617.958290][T15049] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1617.980425][T15049] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1617.993328][ T4314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1618.023663][T15049] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1618.035541][T16751] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1618.054137][T16751] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1618.063042][T15049] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1618.078188][T16751] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1618.087183][T16751] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1618.108986][T17255] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1618.194402][T17271] loop6: detected capacity change from 0 to 4096
[ 1618.252125][T17271] ntfs3: loop6: Different NTFS' sector size (1024) and media sector size (512)
[ 1618.440832][T17271] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[ 1619.171125][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.209931][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.259541][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1619.349972][ T4828] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.367989][ T4828] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.431268][ T4828] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1619.549054][T17258] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[ 1620.016294][T17293] input: syz1 as /devices/virtual/input/input39
[ 1620.034481][T17299] loop0: detected capacity change from 0 to 128
[ 1620.069888][T17299] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1620.266144][T17299] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1620.532504][T16584] usb 8-1: USB disconnect, device number 17
[ 1621.468414][T17299] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1622.075148][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1622.124832][T17301] overlayfs: failed to resolve './file2': -2
[ 1622.456400][T17318] loop8: detected capacity change from 0 to 512
[ 1622.491864][T17318] EXT4-fs error (device loop8): ext4_xattr_inode_iget:400: comm syz.8.2871: Parent and EA inode have the same ino 15
[ 1622.500120][T17320] loop7: detected capacity change from 0 to 512
[ 1622.514846][T17318] EXT4-fs (loop8): Remounting filesystem read-only
[ 1622.531452][T17318] EXT4-fs (loop8): 1 orphan inode deleted
[ 1622.539952][T17318] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1622.546547][T16751] EXT4-fs (loop0): unmounting filesystem.
[ 1622.604609][T17320] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a816c098, mo2=0002]
[ 1622.624844][T17320] System zones: 1-12
[ 1622.661180][T17320] EXT4-fs error (device loop7): ext4_xattr_inode_iget:404: comm syz.7.2872: inode #1: comm syz.7.2872: iget: illegal inode #
[ 1622.713146][T17320] EXT4-fs error (device loop7): ext4_xattr_inode_iget:409: comm syz.7.2872: error while reading EA inode 1 err=-117
[ 1622.768744][T17320] EXT4-fs (loop7): 1 orphan inode deleted
[ 1622.774631][T17320] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1622.888662][T17320] EXT4-fs error (device loop7): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.7.2872: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[ 1623.506350][T17328] loop0: detected capacity change from 0 to 1024
[ 1623.674759][T17328] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1623.688527][T17328] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1623.708226][T17328] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1623.749111][ T8071] EXT4-fs (loop7): unmounting filesystem.
[ 1623.759830][T17328] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1623.911698][T17335] block nbd6: shutting down sockets
[ 1623.917204][T16751] EXT4-fs (loop0): unmounting filesystem.
[ 1627.051140][T12617] EXT4-fs (loop8): unmounting filesystem.
[ 1628.713586][T17370] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2886'.
[ 1628.748132][ T4267] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1628.763466][T17368] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2885'.
[ 1628.796152][T17368] device batadv0 entered promiscuous mode
[ 1628.823813][T17368] device macvtap1 entered promiscuous mode
[ 1628.839441][T17368] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1628.948152][ T4267] usb 1-1: Using ep0 maxpacket: 32
[ 1628.955173][ T4267] usb 1-1: config 0 has an invalid interface number: 217 but max is 0
[ 1628.977480][ T4267] usb 1-1: config 0 has no interface number 0
[ 1629.010438][ T4267] usb 1-1: New USB device found, idVendor=0424, idProduct=c001, bcdDevice=36.a7
[ 1629.028136][ T4267] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1629.036196][ T4267] usb 1-1: Product: syz
[ 1629.049150][   T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1629.061238][   T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1629.070534][ T4267] usb 1-1: Manufacturer: syz
[ 1629.075177][ T4267] usb 1-1: SerialNumber: syz
[ 1629.093801][T17377] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1629.102389][T17377] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1629.119756][T17378] block nbd8: shutting down sockets
[ 1629.125200][T17377] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1629.129647][ T4267] usb 1-1: config 0 descriptor??
[ 1629.137322][   T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1629.352132][    T9] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1629.372252][ T4267] usb 1-1: USB disconnect, device number 28
[ 1629.393271][ T4267] ==================================================================
[ 1629.401392][ T4267] BUG: KASAN: use-after-free in hdm_disconnect+0x109/0x1c0
[ 1629.408630][ T4267] Read of size 8 at addr ffff8880273c5898 by task kworker/0:3/4267
[ 1629.416588][ T4267] 
[ 1629.418947][ T4267] CPU: 0 PID: 4267 Comm: kworker/0:3 Not tainted 6.1.128-syzkaller #0
[ 1629.427134][ T4267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1629.437222][ T4267] Workqueue: usb_hub_wq hub_event
[ 1629.442347][ T4267] Call Trace:
[ 1629.445618][ T4267]  <TASK>
[ 1629.448553][ T4267]  dump_stack_lvl+0x1e3/0x2cb
[ 1629.453263][ T4267]  ? nf_tcp_handle_invalid+0x642/0x642
[ 1629.458735][ T4267]  ? panic+0x764/0x764
[ 1629.462810][ T4267]  ? _printk+0xd1/0x111
[ 1629.466999][ T4267]  ? __virt_addr_valid+0x17f/0x530
[ 1629.472129][ T4267]  ? __virt_addr_valid+0x17f/0x530
[ 1629.477259][ T4267]  print_report+0x15f/0x4f0
[ 1629.481771][ T4267]  ? __virt_addr_valid+0x17f/0x530
[ 1629.487067][ T4267]  ? __virt_addr_valid+0x17f/0x530
[ 1629.492191][ T4267]  ? __virt_addr_valid+0x45b/0x530
[ 1629.497313][ T4267]  ? __phys_addr+0xb6/0x170
[ 1629.501824][ T4267]  ? hdm_disconnect+0x109/0x1c0
[ 1629.506681][ T4267]  kasan_report+0x136/0x160
[ 1629.511194][ T4267]  ? hdm_disconnect+0x109/0x1c0
[ 1629.516074][ T4267]  hdm_disconnect+0x109/0x1c0
[ 1629.520760][ T4267]  usb_unbind_interface+0x1cd/0x840
[ 1629.525969][ T4267]  ? kernfs_remove_by_name_ns+0x10f/0x150
[ 1629.531700][ T4267]  ? usb_driver_release_interface+0x1c0/0x1c0
[ 1629.537782][ T4267]  device_release_driver_internal+0x59e/0x880
[ 1629.543860][ T4267]  bus_remove_device+0x2e5/0x400
[ 1629.548802][ T4267]  device_del+0x6e2/0xbd0
[ 1629.553149][ T4267]  ? kill_device+0x160/0x160
[ 1629.557755][ T4267]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 1629.563750][ T4267]  ? usb_disconnect+0xfa/0x8c0
[ 1629.568521][ T4267]  ? mutex_lock_nested+0x10/0x10
[ 1629.573495][ T4267]  usb_disable_device+0x3b8/0x840
[ 1629.578545][ T4267]  usb_disconnect+0x33c/0x8c0
[ 1629.583233][ T4267]  hub_event+0x1f78/0x5730
[ 1629.587692][ T4267]  ? led_work+0x700/0x700
[ 1629.592052][ T4267]  ? read_lock_is_recursive+0x10/0x10
[ 1629.597453][ T4267]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 1629.603455][ T4267]  ? print_irqtrace_events+0x210/0x210
[ 1629.608926][ T4267]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 1629.614854][ T4267]  ? do_raw_spin_unlock+0x137/0x8a0
[ 1629.620068][ T4267]  ? process_one_work+0x7a9/0x11d0
[ 1629.625212][ T4267]  process_one_work+0x8a9/0x11d0
[ 1629.630173][ T4267]  ? worker_detach_from_pool+0x260/0x260
[ 1629.635820][ T4267]  ? _raw_spin_lock_irqsave+0x120/0x120
[ 1629.641393][ T4267]  ? kthread_data+0x4e/0xc0
[ 1629.645928][ T4267]  ? wq_worker_running+0x97/0x190
[ 1629.650982][ T4267]  worker_thread+0xa47/0x1200
[ 1629.655693][ T4267]  kthread+0x28d/0x320
[ 1629.659771][ T4267]  ? worker_clr_flags+0x190/0x190
[ 1629.664808][ T4267]  ? kthread_blkcg+0xd0/0xd0
[ 1629.669410][ T4267]  ret_from_fork+0x1f/0x30
[ 1629.673856][ T4267]  </TASK>
[ 1629.676880][ T4267] 
[ 1629.679198][ T4267] Allocated by task 4267:
[ 1629.683539][ T4267]  kasan_set_track+0x4b/0x70
[ 1629.688220][ T4267]  __kasan_kmalloc+0x97/0xb0
[ 1629.692835][ T4267]  hdm_probe+0x91/0x13d0
[ 1629.697114][ T4267]  usb_probe_interface+0x5c0/0xaf0
[ 1629.702248][ T4267]  really_probe+0x2ab/0xcb0
[ 1629.706766][ T4267]  __driver_probe_device+0x1a2/0x3d0
[ 1629.712069][ T4267]  driver_probe_device+0x50/0x420
[ 1629.717116][ T4267]  __device_attach_driver+0x2cf/0x510
[ 1629.722499][ T4267]  bus_for_each_drv+0x183/0x200
[ 1629.727381][ T4267]  __device_attach+0x359/0x570
[ 1629.732147][ T4267]  bus_probe_device+0xba/0x1e0
[ 1629.736933][ T4267]  device_add+0xb48/0xfd0
[ 1629.741274][ T4267]  usb_set_configuration+0x19dd/0x2020
[ 1629.746746][ T4267]  usb_generic_driver_probe+0x84/0x140
[ 1629.752225][ T4267]  usb_probe_device+0x130/0x260
[ 1629.757081][ T4267]  really_probe+0x2ab/0xcb0
[ 1629.761600][ T4267]  __driver_probe_device+0x1a2/0x3d0
[ 1629.766892][ T4267]  driver_probe_device+0x50/0x420
[ 1629.771937][ T4267]  __device_attach_driver+0x2cf/0x510
[ 1629.777315][ T4267]  bus_for_each_drv+0x183/0x200
[ 1629.782207][ T4267]  __device_attach+0x359/0x570
[ 1629.787079][ T4267]  bus_probe_device+0xba/0x1e0
[ 1629.791858][ T4267]  device_add+0xb48/0xfd0
[ 1629.796203][ T4267]  usb_new_device+0xbdd/0x1900
[ 1629.800977][ T4267]  hub_event+0x2efe/0x5730
[ 1629.805399][ T4267]  process_one_work+0x8a9/0x11d0
[ 1629.810339][ T4267]  worker_thread+0xa47/0x1200
[ 1629.815020][ T4267]  kthread+0x28d/0x320
[ 1629.819092][ T4267]  ret_from_fork+0x1f/0x30
[ 1629.823518][ T4267] 
[ 1629.825841][ T4267] Freed by task 4267:
[ 1629.829816][ T4267]  kasan_set_track+0x4b/0x70
[ 1629.834407][ T4267]  kasan_save_free_info+0x27/0x40
[ 1629.839433][ T4267]  ____kasan_slab_free+0xd6/0x120
[ 1629.844459][ T4267]  __kmem_cache_free+0x25c/0x3c0
[ 1629.849403][ T4267]  device_release+0x91/0x1c0
[ 1629.853993][ T4267]  kobject_put+0x224/0x460
[ 1629.858413][ T4267]  hdm_disconnect+0xef/0x1c0
[ 1629.863020][ T4267]  usb_unbind_interface+0x1cd/0x840
[ 1629.868255][ T4267]  device_release_driver_internal+0x59e/0x880
[ 1629.874366][ T4267]  bus_remove_device+0x2e5/0x400
[ 1629.879360][ T4267]  device_del+0x6e2/0xbd0
[ 1629.883766][ T4267]  usb_disable_device+0x3b8/0x840
[ 1629.888851][ T4267]  usb_disconnect+0x33c/0x8c0
[ 1629.893584][ T4267]  hub_event+0x1f78/0x5730
[ 1629.898041][ T4267]  process_one_work+0x8a9/0x11d0
[ 1629.903021][ T4267]  worker_thread+0xa47/0x1200
[ 1629.907778][ T4267]  kthread+0x28d/0x320
[ 1629.911880][ T4267]  ret_from_fork+0x1f/0x30
[ 1629.916384][ T4267] 
[ 1629.918719][ T4267] Last potentially related work creation:
[ 1629.924443][ T4267]  kasan_save_stack+0x3b/0x60
[ 1629.929160][ T4267]  __kasan_record_aux_stack+0xb0/0xc0
[ 1629.934596][ T4267]  call_rcu+0x163/0xa10
[ 1629.938788][ T4267]  generic_shutdown_super+0x130/0x340
[ 1629.944209][ T4267]  kill_block_super+0x7a/0xe0
[ 1629.948951][ T4267]  deactivate_locked_super+0xa0/0x110
[ 1629.954374][ T4267]  cleanup_mnt+0x490/0x520
[ 1629.958850][ T4267]  task_work_run+0x246/0x300
[ 1629.963500][ T4267]  exit_to_user_mode_loop+0xde/0x100
[ 1629.968828][ T4267]  exit_to_user_mode_prepare+0xb1/0x140
[ 1629.974430][ T4267]  syscall_exit_to_user_mode+0x60/0x270
[ 1629.980031][ T4267]  do_syscall_64+0x47/0xb0
[ 1629.984490][ T4267]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1629.990445][ T4267] 
[ 1629.992780][ T4267] The buggy address belongs to the object at ffff8880273c4000
[ 1629.992780][ T4267]  which belongs to the cache kmalloc-8k of size 8192
[ 1630.006887][ T4267] The buggy address is located 6296 bytes inside of
[ 1630.006887][ T4267]  8192-byte region [ffff8880273c4000, ffff8880273c6000)
[ 1630.020381][ T4267] 
[ 1630.022718][ T4267] The buggy address belongs to the physical page:
[ 1630.029151][ T4267] page:ffffea00009cf000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x273c0
[ 1630.039631][ T4267] head:ffffea00009cf000 order:3 compound_mapcount:0 compound_pincount:0
[ 1630.048009][ T4267] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1630.056028][ T4267] raw: 00fff00000010200 0000000000000000 dead000000000001 ffff888017c42280
[ 1630.064617][ T4267] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[ 1630.073199][ T4267] page dumped because: kasan: bad access detected
[ 1630.079618][ T4267] page_owner tracks the page as allocated
[ 1630.085326][ T4267] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 12617, tgid 12617 (syz-executor), ts 1115281157528, free_ts 1115268451991
[ 1630.108606][ T4267]  post_alloc_hook+0x18d/0x1b0
[ 1630.113382][ T4267]  get_page_from_freelist+0x3731/0x38d0
[ 1630.118932][ T4267]  __alloc_pages+0x28d/0x770
[ 1630.123528][ T4267]  alloc_slab_page+0x6a/0x150
[ 1630.128215][ T4267]  new_slab+0x84/0x2d0
[ 1630.132296][ T4267]  ___slab_alloc+0xc20/0x1270
[ 1630.136979][ T4267]  __kmem_cache_alloc_node+0x19f/0x260
[ 1630.142463][ T4267]  __kmalloc_node+0xa2/0x230
[ 1630.147056][ T4267]  kvmalloc_node+0x6e/0x180
[ 1630.151561][ T4267]  pfifo_fast_init+0x385/0x6d0
[ 1630.156328][ T4267]  qdisc_create_dflt+0x130/0x500
[ 1630.161291][ T4267]  mq_init+0x2c8/0x6b0
[ 1630.165365][ T4267]  qdisc_create_dflt+0x130/0x500
[ 1630.170307][ T4267]  dev_activate+0x227/0x1200
[ 1630.174901][ T4267]  __dev_open+0x3f3/0x510
[ 1630.179240][ T4267]  __dev_change_flags+0x1db/0x6e0
[ 1630.184272][ T4267] page last free stack trace:
[ 1630.188937][ T4267]  free_unref_page_prepare+0x12a6/0x15b0
[ 1630.194571][ T4267]  free_unref_page+0x33/0x3e0
[ 1630.199248][ T4267]  __unfreeze_partials+0x1b7/0x210
[ 1630.204367][ T4267]  put_cpu_partial+0x17b/0x250
[ 1630.209136][ T4267]  qlist_free_all+0x76/0xe0
[ 1630.213645][ T4267]  kasan_quarantine_reduce+0x156/0x170
[ 1630.219108][ T4267]  __kasan_slab_alloc+0x1f/0x70
[ 1630.223961][ T4267]  slab_post_alloc_hook+0x52/0x3a0
[ 1630.229078][ T4267]  kmem_cache_alloc+0x10c/0x2d0
[ 1630.233945][ T4267]  getname_flags+0xb8/0x4f0
[ 1630.238451][ T4267]  do_sys_openat2+0xd2/0x4f0
[ 1630.243069][ T4267]  __x64_sys_openat+0x243/0x290
[ 1630.247933][ T4267]  do_syscall_64+0x3b/0xb0
[ 1630.252348][ T4267]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1630.258255][ T4267] 
[ 1630.260575][ T4267] Memory state around the buggy address:
[ 1630.266202][ T4267]  ffff8880273c5780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1630.274263][ T4267]  ffff8880273c5800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1630.282322][ T4267] >ffff8880273c5880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1630.290377][ T4267]                             ^
[ 1630.295223][ T4267]  ffff8880273c5900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1630.303285][ T4267]  ffff8880273c5980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1630.311342][ T4267] ==================================================================
[ 1630.325266][ T4267] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1630.332510][ T4267] CPU: 0 PID: 4267 Comm: kworker/0:3 Not tainted 6.1.128-syzkaller #0
[ 1630.340688][ T4267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1630.350792][ T4267] Workqueue: usb_hub_wq hub_event
[ 1630.355881][ T4267] Call Trace:
[ 1630.359181][ T4267]  <TASK>
[ 1630.362132][ T4267]  dump_stack_lvl+0x1e3/0x2cb
[ 1630.366836][ T4267]  ? nf_tcp_handle_invalid+0x642/0x642
[ 1630.372330][ T4267]  ? panic+0x764/0x764
[ 1630.376427][ T4267]  ? preempt_schedule_common+0xa6/0xd0
[ 1630.381914][ T4267]  ? vscnprintf+0x59/0x80
[ 1630.386274][ T4267]  panic+0x318/0x764
[ 1630.390201][ T4267]  ? check_panic_on_warn+0x1d/0xa0
[ 1630.395347][ T4267]  ? memcpy_page_flushcache+0xfc/0xfc
[ 1630.400748][ T4267]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[ 1630.406763][ T4267]  ? _raw_spin_unlock+0x40/0x40
[ 1630.411643][ T4267]  ? print_report+0x4a3/0x4f0
[ 1630.416382][ T4267]  check_panic_on_warn+0x7e/0xa0
[ 1630.421361][ T4267]  ? hdm_disconnect+0x109/0x1c0
[ 1630.426236][ T4267]  end_report+0x66/0x110
[ 1630.428467][ T8430] usb 8-1: new full-speed USB device number 18 using dummy_hcd
[ 1630.438045][ T4267]  kasan_report+0x143/0x160
[ 1630.442574][ T4267]  ? hdm_disconnect+0x109/0x1c0
[ 1630.447463][ T4267]  hdm_disconnect+0x109/0x1c0
[ 1630.452169][ T4267]  usb_unbind_interface+0x1cd/0x840
[ 1630.457397][ T4267]  ? kernfs_remove_by_name_ns+0x10f/0x150
[ 1630.463148][ T4267]  ? usb_driver_release_interface+0x1c0/0x1c0
[ 1630.469231][ T4267]  device_release_driver_internal+0x59e/0x880
[ 1630.475315][ T4267]  bus_remove_device+0x2e5/0x400
[ 1630.480289][ T4267]  device_del+0x6e2/0xbd0
[ 1630.484636][ T4267]  ? kill_device+0x160/0x160
[ 1630.489234][ T4267]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 1630.495320][ T4267]  ? usb_disconnect+0xfa/0x8c0
[ 1630.500113][ T4267]  ? mutex_lock_nested+0x10/0x10
[ 1630.505076][ T4267]  usb_disable_device+0x3b8/0x840
[ 1630.510108][ T4267]  usb_disconnect+0x33c/0x8c0
[ 1630.514794][ T4267]  hub_event+0x1f78/0x5730
[ 1630.519237][ T4267]  ? led_work+0x700/0x700
[ 1630.523576][ T4267]  ? read_lock_is_recursive+0x10/0x10
[ 1630.528962][ T4267]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[ 1630.534954][ T4267]  ? print_irqtrace_events+0x210/0x210
[ 1630.540442][ T4267]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[ 1630.546348][ T4267]  ? do_raw_spin_unlock+0x137/0x8a0
[ 1630.551553][ T4267]  ? process_one_work+0x7a9/0x11d0
[ 1630.556675][ T4267]  process_one_work+0x8a9/0x11d0
[ 1630.561625][ T4267]  ? worker_detach_from_pool+0x260/0x260
[ 1630.567265][ T4267]  ? _raw_spin_lock_irqsave+0x120/0x120
[ 1630.572817][ T4267]  ? kthread_data+0x4e/0xc0
[ 1630.577336][ T4267]  ? wq_worker_running+0x97/0x190
[ 1630.582363][ T4267]  worker_thread+0xa47/0x1200
[ 1630.587057][ T4267]  kthread+0x28d/0x320
[ 1630.591127][ T4267]  ? worker_clr_flags+0x190/0x190
[ 1630.596154][ T4267]  ? kthread_blkcg+0xd0/0xd0
[ 1630.600748][ T4267]  ret_from_fork+0x1f/0x30
[ 1630.605179][ T4267]  </TASK>
[ 1630.608511][ T4267] Kernel Offset: disabled
[ 1630.612862][ T4267] Rebooting in 86400 seconds..