last executing test programs:

1m12.777744835s ago: executing program 0 (id=333):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000380)=@v={0x93, 0x7, 0x0, 0x15, @MIDI_NOTEON=@special, 0x9a, 0x3})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000100)="ad733642561534f1", 0x8)
accept(0xffffffffffffffff, &(0x7f0000000040)=@qipcrtr, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c900"], 0x16)
syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x400, 0x0, 0x338}, &(0x7f0000000080), &(0x7f00000001c0))

1m11.861363686s ago: executing program 0 (id=334):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x44080)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x4000)

1m11.747019798s ago: executing program 0 (id=337):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f0000002400)={0x0, 0x0, &(0x7f00000023c0)={&(0x7f00000002c0)={0x1c, r1, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'bb\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x24000000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000000c0)={0x0, 0x80000, <r5=>0xffffffffffffffff})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
capset(&(0x7f0000000280)={0x20080522, r0}, &(0x7f0000000380)={0x4, 0x2, 0x7, 0x99, 0x4, 0x8})
r7 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000004c0)={0x0, 0xe, r8, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_RMFB(r6, 0xc00464af, &(0x7f0000000100)=r9)
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000300)={r9, 0x0, 0xb, 0x7, 0x3, [], [0x55, 0x8001, 0x9, 0x4], [0x40, 0x3, 0x80000000, 0x3], [0x1f, 0x6, 0x8, 0x3]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8)
r10 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r10, 0xc0487c04, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000fc0)=[{}, {}]})

1m9.113173221s ago: executing program 0 (id=350):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000500)='./bus\x00', 0x10418, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000700)=""/229, 0xe5)

1m6.80693742s ago: executing program 0 (id=344):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffdb, &(0x7f0000000000)="cb", 0x0, 0x0, 0x0, 0x2}, 0x50)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xb, 0x10, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})

1m4.860432045s ago: executing program 0 (id=349):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)

1m4.544436288s ago: executing program 32 (id=349):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)

1m3.050762557s ago: executing program 2 (id=359):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, &(0x7f0000000380)=@v={0x93, 0x7, 0x0, 0x15, @MIDI_NOTEON=@special, 0x9a, 0x3})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
r5 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000100)="ad733642561534f1", 0x8)
accept(r4, &(0x7f0000000040)=@qipcrtr, 0x0)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c900"], 0x16)
syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x0, 0x400, 0x0, 0x338}, &(0x7f0000000080), &(0x7f00000001c0))

1m1.857093252s ago: executing program 2 (id=360):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000003500)=""/4106, 0x100a}, {&(0x7f00000003c0)=""/143, 0x8f}, {&(0x7f0000000980)=""/110, 0x6e}, {&(0x7f0000000b00)=""/241, 0xf1}], 0x4}}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x179c}], 0x3, 0x0, 0x0)

57.628445845s ago: executing program 2 (id=372):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r0, r2}, 0x10)
bpf$ITER_CREATE(0x22, &(0x7f0000000040)={r6}, 0x8)

52.182864554s ago: executing program 2 (id=384):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000500)='./bus\x00', 0x10418, &(0x7f0000000040)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000700)=""/229, 0xe5)

49.517378017s ago: executing program 2 (id=388):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x84, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @remote={0xac, 0x3}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_LABELS_MASK={0x10, 0x17, [0x0, 0x0, 0x0]}, @CTA_LABELS={0x10, 0x16, 0x1, 0x0, [0x0, 0xffffffff, 0x0]}]}, 0x84}, 0x1, 0x0, 0x0, 0x8020}, 0x0)

48.567501799s ago: executing program 2 (id=392):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16], 0x1000f)

47.991151617s ago: executing program 33 (id=392):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000380)={0x0, 0x8c}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000480)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000500)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x34000811)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES16], 0x1000f)

16.069214828s ago: executing program 1 (id=464):
socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x49)
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

14.094526703s ago: executing program 3 (id=471):
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000180)='hugetlbfs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x3, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
clock_adjtime(0x0, &(0x7f0000000400)={0x1ff, 0x8bcd0c0000000000, 0xeb8, 0x800000000000008, 0xa4, 0x3, 0x29eb6be, 0x7, 0x4, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x2000005, 0x3, 0x3, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0x3})
sendmsg$nl_xfrm(r6, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0xe, 0xf, &(0x7f00000016c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r8, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r4}, &(0x7f0000000100), &(0x7f0000000140)=r3}, 0x20)
sendmsg(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x803e000000000000)

13.589105989s ago: executing program 1 (id=472):
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00e611ed6229b237ad2a184a94283e2b34c24caf7280c18475708140abe763dfb52cdb0ba0cdc8c572346d0a832984b36248c4fa844eda0af4b1652605421a7821dcfde12aa77458d811a84538a156b05b0ec3eaf24a90ceb5b7463d9fd38b49d41fbfa868653605702abe43d9c2c30aed4da0b8cc18c6b369f086a965442c1217f19a67a534064b7236a6660000000000"], 0x1, 0x189, &(0x7f00000027c0)="$eJzs279u2lAUx/GfjflT6B9a+keqOnSquhQDlWi70UdB4CJUk6CQBRQpyXtkyZanyhOEIVumEOHYTnCYELYJfD8L5/jo6h6Gyz1CIAA7q6WvMmQoN0++FMrHFSPtlgAkZOa/3s58pRmAnZG5SbsDAOmY/pWGkq6ujzrK5IKx4FMQzOutoG7mn8wP01NTny2/bhT0IjpfnEvfgvVGccl6qRjWS94zK1L/rrK//0u90mu9UVlv9U4Vv94N139cw0QEAMD2M1SN5gsPTP3ru04tzLNeXlfRv6RzXt4I6/f5zzDPe3m1s+92Y3wXAFZhqnrxOI+e/0zk/Fv++Qfw/I3Gk/9t13UOEgqC7wcS3XQ9gU42oo21BFltRBsESwJLCW96ubSU8gcTgNjZh4OhPRpPfvQH7Z7Tc/aajWbzT+33r7rtDf724vgPYIs8XPppdwIAAAAAAAAAAAAAAFb1Xh/SbgEAAABAQmL7X5Eh6Uz8shgAAAAAAAAAAAAAAAAAgBjcBQAA//+4NBng")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000040)={0x9, 0x2, 0x1000, 0x5})

13.218689174s ago: executing program 5 (id=474):
r0 = syz_clone(0xa0000280, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ptrace(0x10, r0)
ptrace$PTRACE_GETSIGMASK(0x420a, r0, 0x8, &(0x7f0000000140))

12.786140469s ago: executing program 3 (id=475):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)

12.005276019s ago: executing program 5 (id=477):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
splice(r0, 0x0, r2, 0x0, 0x4, 0xb)

11.564636605s ago: executing program 3 (id=478):
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

8.215103167s ago: executing program 3 (id=483):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)
recvmmsg(r1, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000003500)=""/4106, 0x100a}, {&(0x7f00000003c0)=""/143, 0x8f}, {&(0x7f0000000980)=""/110, 0x6e}, {&(0x7f0000000b00)=""/241, 0xf1}], 0x4}}, {{0x0, 0x0, 0x0}, 0x2}, {{0x0, 0x0, 0x0}, 0x179c}], 0x3, 0x0, 0x0)

7.299252518s ago: executing program 5 (id=485):
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000180)='hugetlbfs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x3, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
clock_adjtime(0x0, &(0x7f0000000400)={0x1ff, 0x8bcd0c0000000000, 0xeb8, 0x800000000000008, 0xa4, 0x3, 0x29eb6be, 0x7, 0x4, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x2000005, 0x3, 0x3, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0x3})
sendmsg$nl_xfrm(r6, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0xe, 0xf, &(0x7f00000016c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r8, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r4}, &(0x7f0000000100), &(0x7f0000000140)=r3}, 0x20)
sendmsg(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x803e000000000000)

7.210135459s ago: executing program 1 (id=486):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000100000000000002a0000001800018014000200"], 0x2c}, 0x1, 0x0, 0x0, 0x40040}, 0x0)

6.925328963s ago: executing program 1 (id=489):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)

5.468137941s ago: executing program 5 (id=491):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd01000000000014e803006000000001"], 0xfdef)

5.467824332s ago: executing program 3 (id=492):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, 0x0, 0x4000)
openat$vcsu(0xffffffffffffff9c, 0x0, 0x80101, 0x0)

5.406396962s ago: executing program 6 (id=493):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0x2, 0x2, 0x1)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28)
writev(r0, &(0x7f00000016c0)=[{&(0x7f00000006c0)='X', 0x1}], 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "0daf7461cfccf6ce"}, 0x28)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0xfe8e, 0x12)
recvmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000002880)=[{0x0}, {0x0}], 0x2}, 0x120)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000002, 0x8031, 0xffffffffffffffff, 0x0)

4.520656203s ago: executing program 6 (id=495):
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$netlink(0x10, 0x3, 0xf)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001800)=""/211, 0xd3}], 0x1})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

4.326902976s ago: executing program 1 (id=496):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x10)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000004200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040810}, 0x4000000)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)

4.241200147s ago: executing program 5 (id=497):
openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00e611ed6229b237ad2a184a94283e2b34c24caf7280c18475708140abe763dfb52cdb0ba0cdc8c572346d0a832984b36248c4fa844eda0af4b1652605421a7821dcfde12aa77458d811a84538a156b05b0ec3eaf24a90ceb5b7463d9fd38b49d41fbfa868653605702abe43d9c2c30aed4da0b8cc18c6b369f086a965442c1217f19a67a534064b7236a6660000000000"], 0x1, 0x189, &(0x7f00000027c0)="$eJzs279u2lAUx/GfjflT6B9a+keqOnSquhQDlWi70UdB4CJUk6CQBRQpyXtkyZanyhOEIVumEOHYTnCYELYJfD8L5/jo6h6Gyz1CIAA7q6WvMmQoN0++FMrHFSPtlgAkZOa/3s58pRmAnZG5SbsDAOmY/pWGkq6ujzrK5IKx4FMQzOutoG7mn8wP01NTny2/bhT0IjpfnEvfgvVGccl6qRjWS94zK1L/rrK//0u90mu9UVlv9U4Vv94N139cw0QEAMD2M1SN5gsPTP3ru04tzLNeXlfRv6RzXt4I6/f5zzDPe3m1s+92Y3wXAFZhqnrxOI+e/0zk/Fv++Qfw/I3Gk/9t13UOEgqC7wcS3XQ9gU42oo21BFltRBsESwJLCW96ubSU8gcTgNjZh4OhPRpPfvQH7Z7Tc/aajWbzT+33r7rtDf724vgPYIs8XPppdwIAAAAAAAAAAAAAAFb1Xh/SbgEAAABAQmL7X5Eh6Uz8shgAAAAAAAAAAAAAAAAAgBjcBQAA//+4NBng")
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCSWINSZ(r2, 0x5414, &(0x7f0000000040)={0x9, 0x2, 0x1000, 0x5})

3.25622336s ago: executing program 1 (id=498):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
splice(r0, 0x0, r2, 0x0, 0x4, 0xb)

3.089766551s ago: executing program 6 (id=499):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r6=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r6, 0x1, {}, 0xff}, 0x18)

2.749476966s ago: executing program 4 (id=500):
r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x8, 0x2)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000107c0)=@multiplanar_userptr={0x3, 0x1, 0x4, 0x6897f13e1e1bee22, 0x4, {}, {0x3a0fc17256ccdd17, 0xc, 0x0, 0x9, 0x5, 0x3, '_\x00'}, 0x9, 0x2, {0x0}, 0x3})

2.497290949s ago: executing program 4 (id=501):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file6\x00', 0x101442, 0xfb)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)=0x2)

1.62670549s ago: executing program 4 (id=502):
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000180)='hugetlbfs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x3, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
clock_adjtime(0x0, &(0x7f0000000400)={0x1ff, 0x8bcd0c0000000000, 0xeb8, 0x800000000000008, 0xa4, 0x3, 0x29eb6be, 0x7, 0x4, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x2000005, 0x3, 0x3, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0x3})
sendmsg$nl_xfrm(r6, 0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0xe, 0xf, &(0x7f00000016c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)={@map=r4, r8, 0x5, 0x0, 0x0, @void, @value}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r4}, &(0x7f0000000100), &(0x7f0000000140)=r3}, 0x20)
sendmsg(r5, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)='H', 0x20001401}], 0x1}, 0x803e000000000000)

1.58877218s ago: executing program 6 (id=503):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x8, 0x0, 0x69)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, r4, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @empty}]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x4004004)
mlockall(0x2)
r5 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, 0x0)
r7 = userfaultfd(0x801)
ioctl$UFFDIO_CONTINUE(r7, 0xc020aa07, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$SHM_UNLOCK(r5, 0xc)

1.55953178s ago: executing program 3 (id=504):
socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000), 0x49)
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f00000080c0)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

921.250329ms ago: executing program 4 (id=505):
socket$netlink(0x10, 0x3, 0x400000000000004)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r1 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r1, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)

655.873252ms ago: executing program 6 (id=506):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x468, &(0x7f00000004c0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="1400000042000501"], 0x14}}, 0x0)

606.475622ms ago: executing program 4 (id=507):
r0 = gettid()
process_vm_readv(r0, &(0x7f0000000000)=[{&(0x7f0000000dc0)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/185, 0xb9}], 0x2, &(0x7f0000000400)=[{&(0x7f0000000180)=""/184, 0xb8}, {&(0x7f0000000040)=""/48, 0x30}, {&(0x7f0000002a80)=""/4096, 0x1000}], 0x3, 0x0)

453.167455ms ago: executing program 4 (id=508):
socket$netlink(0x10, 0x3, 0x400000000000004)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_AUTHENTICATE(0xffffffffffffffff, 0x0, 0x10)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000004200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20040810}, 0x4000000)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)

138.871319ms ago: executing program 6 (id=509):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x8b, 0x2c4, &(0x7f00000003c0)="$eJzs3b9u01wYx/HfsdMkfdu3GFqEhBhQoYIJtWVBLJVQxTWwgIAmSBVRK0qRgIWIgQlxAewsXAAXwYSQmGFi4gK6GR37pDlu7KRpVbsR34+UxrHPn+c4jn2eSKkF4J91Z/3np5u/7cNIoUJJt6XAbrqsmqTzutB8sbW7udtpt4Y1FEpNJQ8jJTXNQJmNrXZeVVsvqeFE9lVNs/46nIw4juNfVQeBKjXdc5i3MZAa7tMZ+oUnydSB191Q6lYUy2lh9rSnl5qrOg4AQLVMen0P3HV+1s3fg0Bacpd9//r/4/+K4z2ea9qrOoSKedf/JMuKjX1/zySb+vleksLZ7UEvSxy3Hzt5rCs9sjITTJPNKgeTxSSWYPrJZqd9Y2O70wr0VmuOV2xB0ppaLmd1MtEONr2Ysy6rrqLWst4Nb2YmGcOUHcNqQfzzeZ0edW8fhvlqvpkHJtJHtfbnf7XY+GN279TdqX78y0XNbT+7b5+jtFTBKM8mnVzM7tihowyLMhK5PRWHyn5BEGXjrOfWqutArXR0K0U9uXbmc2utjqi1YGt99mr1j+bimifNfDD3zKL+6IvWvfl/YPf2kgY/mfmNJCXdkdEbT25uWEtKRv6q7qXcNoOjjQdj6O/j93qsW5p7/ur100edTnun7AUbQ+mdspAu9A6CdI09KE5JYGMt2HOsv0ZRe6dWTu91HbedpkaVafiFsyM9uND7WB+i995JemSEJZ+ZUIn+m15c5k2ZAaFs9uRh0vzPy1eWkxTJ/omGzNPjUdM2r8WVnNygsV/wv/2W+tPI4gxoJszL4LoaI+e6cl266q0ckXNFOidNDx3rJDHr+q6HfP8PAAAAAAAAAAAAAAAAAAAwacr4tYbXHf/RBwAAAAAAAAAAAAAAAAAAAACAIyi+/29TJ3j/38zvAA59/9/GMQYKYMDfAAAA//9VYnGz")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)

0s ago: executing program 5 (id=510):
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x30004c0, &(0x7f0000002bc0)=ANY=[@ANYBLOB="71756965742c63726561746f723dd4675f162c696f636861727365743d69736f383835392d322c71756965742c636f6465706167653d63703933362c00b24530a1a1e51b95228246cc65c972358b611490e09004a315011a4fe58392211f22a42390912061adb25c406e20585d9fa4109c4a2b201f39c5e48b745085abecadfbfbbcd03215c2cdd68151829c12d7be50cdd55aa9e506d9e28ad8ce2951dd1f560961e92e8d198954d737b45262a26cc3bb46b70e1ad909d3b0c2d7fb8053f47884a9cc46a9d32ce04b2d00544c47d94d5a91538c024918965b", @ANYRESDEC, @ANYRESOCT], 0xe, 0x2b7, &(0x7f0000000b00)="$eJzs3c1qE1EYxvHnTFIbtdSprQguqwXdiNaNuIlILsKVqE2EYqioFT9WVVyJ6N69t+BFuFG8AV258gLqauScOZlMMh9JQ5Np6/8HLZPMvHPe0/k45x0oIwD/rVutn5+v/bY/RqqpJr27IQWSGlJd0hmdbTzb2t7c7nbax0p2VHMR9scojjSZbTa2OnmhNs5FeKH9VNdC+jtMRxRFN39VnQQq567+HIE0769Ot74x88zKvZ4wbmef8zhszK529UKLVecBAKiWH/8DP84v+Pl7EEhrftg/kOP/pHarTmDqotK1qfHfVVmRscf3lFuV1HtxCWfXB70qcZyW54Y+u7IxGJpgplrJ53IJjj/Y7HYubzzqtgO9UdNLbbbifrfjU7dnRLarObVpiTH6bvJnlCddH+ZsH9bj/J9LGsh/ecIWJ2a+mu/mjgn1Se1k/lePjD1M7kiFQ0cqzv9K8R5dL0O7lfxto9lsBgObLLlGzvkWvBG9bORXJOqdUUsafEAQjsrTRZ0eiop7d3VE1HJu1HrvU0HUykCU7U1yNhe3N23mg7ltVvVHX9RKzf8Dm9+aSq/M/lVj1uKhwP3F4/4UPByqu32GmZEje7kkf8X5otT/lt/TsAfvdV/Xtfj05auHtW6388Qu3MtZeLyQfDP3VsrdpuIF7fS/mVfkZDbuDUqzTOzSvu7Q3j9GbmyvsgNxUI70QuvbbE+kKhYqvj9hJvoHvepMUBE77zJx/devV+rxZM/+CnPn6WM+CPB7jOwcO6ng+rFRPCOXdGJPFVyjuILL1lyZmtHVXOcvShfGbzH0eR4RpqUfusvzfwAAAAAAAAAAAAAAAAAAgMNmFv9OUHUfAQAAAAAAAAAAAAAAAAAAAAA47JL3/6r3/l8Vv/83HTj8Kpb9fP/vxy3x/l9g+v4FAAD//969fME=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r0, &(0x7f00000029c0)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd4829bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9eee37f2ff921707abba139bccdf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26439f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e1fe28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac23f6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a2312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20e9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

omes ready
[   61.743084][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.751195][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   61.772130][ T4167] device veth0_vlan entered promiscuous mode
[   61.814314][ T4175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.844171][ T4175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.856275][ T4175] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.866567][ T4167] device veth1_vlan entered promiscuous mode
[   61.876692][ T4166] device veth0_vlan entered promiscuous mode
[   61.885168][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   61.896845][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   61.905521][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.914559][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   61.923410][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   61.946720][ T4175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.957261][ T4175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.969415][ T4175] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.987967][ T4175] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.996935][ T4175] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.007169][ T4175] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.016189][ T4175] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.026817][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   62.035239][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.044846][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.054981][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.083883][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.092083][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.113764][ T4166] device veth1_vlan entered promiscuous mode
[   62.129901][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   62.143190][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   62.153095][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   62.189240][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.198129][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.220227][ T4167] device veth0_macvtap entered promiscuous mode
[   62.228701][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.238541][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   62.246907][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   62.255576][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   62.264272][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.274760][ T4165] device veth0_vlan entered promiscuous mode
[   62.291292][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.299283][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.321270][ T4166] device veth0_macvtap entered promiscuous mode
[   62.328965][ T4167] device veth1_macvtap entered promiscuous mode
[   62.337281][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.347294][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   62.355699][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.365908][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.374708][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.397912][ T4165] device veth1_vlan entered promiscuous mode
[   62.412495][ T4166] device veth1_macvtap entered promiscuous mode
[   62.442872][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.455711][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.465858][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.478645][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.491210][ T4167] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.523907][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.544385][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.560293][ T4167] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.571198][ T4167] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.582320][ T4167] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.590101][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   62.600193][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.609004][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.619519][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.628501][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.637733][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.646639][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.664912][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.673910][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.682346][ T4174] Bluetooth: hci3: command 0x040f tx timeout
[   62.688589][ T4174] Bluetooth: hci2: command 0x040f tx timeout
[   62.698197][ T4167] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.714232][ T4167] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.716176][ T4174] Bluetooth: hci4: command 0x040f tx timeout
[   62.727826][ T4167] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.743961][ T4167] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.760568][ T4174] Bluetooth: hci0: command 0x040f tx timeout
[   62.771353][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.779299][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.793512][ T4165] device veth0_macvtap entered promiscuous mode
[   62.804003][ T4174] Bluetooth: hci1: command 0x040f tx timeout
[   62.973670][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.986912][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.997145][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.008486][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.020150][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.030973][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.084842][ T4166] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.359462][ T4165] device veth1_macvtap entered promiscuous mode
[   63.791706][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.799687][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   63.815265][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   63.823503][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   63.832487][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.843598][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.854792][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.865043][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.876268][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.886822][ T4166] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.897793][ T4166] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.909378][ T4166] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.971442][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.979414][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.982029][ T4216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.013565][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.026859][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.038774][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.050578][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.053862][ T4216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.067020][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.082793][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.097449][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   64.110289][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.125575][ T4165] batman_adv: batadv0: Interface activated: batadv_slave_0
[   64.222865][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   64.233577][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   64.242885][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   64.250917][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   64.258859][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   64.267859][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   64.280096][ T4166] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.290333][ T4166] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.299236][ T4166] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.308050][ T4166] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.330907][  T427] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.339934][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.347877][  T427] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.350849][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.367783][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.378892][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.388881][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.399451][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.409575][ T4165] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   64.420207][ T4165] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   64.438124][ T4165] batman_adv: batadv0: Interface activated: batadv_slave_1
[   64.454504][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   64.462809][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   64.472770][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   64.497286][ T4165] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.514465][ T4165] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.524277][ T4165] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.543673][ T4165] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.705468][ T4255] Zero length message leads to an empty skb
[   64.737953][  T427] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.765187][  T427] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.771839][ T4174] Bluetooth: hci4: command 0x0419 tx timeout
[   64.779705][ T4174] Bluetooth: hci2: command 0x0419 tx timeout
[   64.796257][ T4216] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   64.816459][ T4174] Bluetooth: hci3: command 0x0419 tx timeout
[   64.838067][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.848577][ T4211] Bluetooth: hci1: command 0x0419 tx timeout
[   64.861912][ T4233] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.874549][ T4211] Bluetooth: hci0: command 0x0419 tx timeout
[   64.877725][ T4257] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   64.886296][ T4233] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.971555][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.993430][ T4233] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.012954][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   65.045889][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   65.060020][ T4233] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.100219][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   65.297314][ T4264] loop4: detected capacity change from 0 to 64
[   65.392573][ T4267] loop0: detected capacity change from 0 to 512
[   65.423854][ T4252] loop1: detected capacity change from 0 to 40427
[   65.608317][ T4252] F2FS-fs (loop1): invalid crc value
[   65.614676][ T4267] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.1: casefold flag without casefold feature
[   65.992042][ T4267] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.1: couldn't read orphan inode 15 (err -117)
[   66.730656][    C0] sched: RT throttling activated
[   66.801002][ T4267] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[   66.833805][ T4252] F2FS-fs (loop1): Found nat_bits in checkpoint
[   67.548661][ T4286] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   67.548661][ T4286] The task syz.0.1 (4286) triggered the difference, watch for misbehavior.
[   68.181945][ T4252] F2FS-fs (loop1): Start checkpoint disabled!
[   68.265574][ T4288] netlink: 'syz.4.11': attribute type 29 has an invalid length.
[   68.294335][ T4288] netlink: 'syz.4.11': attribute type 29 has an invalid length.
[   68.375567][ T4290] netlink: 'syz.4.11': attribute type 29 has an invalid length.
[   68.410785][ T4288] netlink: 'syz.4.11': attribute type 29 has an invalid length.
[   71.168393][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[   71.175385][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[   72.523477][ T4349] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   72.703353][ T4349] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   76.934606][ T4420] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   77.714075][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[   77.723987][ T4179] CPU: 1 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[   77.732339][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   77.742411][ T4179] Workqueue: hci4 hci_rx_work
[   77.747139][ T4179] Call Trace:
[   77.750425][ T4179]  <TASK>
[   77.753370][ T4179]  dump_stack_lvl+0x168/0x230
[   77.758073][ T4179]  ? show_regs_print_info+0x20/0x20
[   77.763297][ T4179]  ? load_image+0x3b0/0x3b0
[   77.767867][ T4179]  sysfs_create_dir_ns+0x252/0x280
[   77.772997][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[   77.778048][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[   77.782745][ T4179]  ? le_conn_complete_evt+0xcbc/0x1590
[   77.788221][ T4179]  ? hci_event_packet+0xe05/0x12f0
[   77.793359][ T4179]  ? process_one_work+0x863/0x1000
[   77.798488][ T4179]  ? do_raw_spin_unlock+0x11d/0x230
[   77.803715][ T4179]  kobject_add_internal+0x662/0xd00
[   77.808944][ T4179]  kobject_add+0x152/0x210
[   77.813386][ T4179]  ? kobject_init+0x1d0/0x1d0
[   77.818088][ T4179]  ? klist_children_get+0x50/0x50
[   77.823133][ T4179]  ? get_device_parent+0x121/0x3f0
[   77.828273][ T4179]  device_add+0x483/0xfb0
[   77.832639][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[   77.837645][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[   77.842971][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[   77.848101][ T4179]  ? mark_lock+0x94/0x320
[   77.852452][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   77.858458][ T4179]  hci_le_meta_evt+0x289/0x3b80
[   77.863330][ T4179]  ? hci_event_packet+0x36d/0x12f0
[   77.868455][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[   77.873677][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[   77.878740][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[   77.884827][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[   77.890476][ T4179]  ? mark_lock+0x94/0x320
[   77.894821][ T4179]  ? mutex_unlock+0x10/0x10
[   77.899425][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[   77.905425][ T4179]  ? lock_chain_count+0x20/0x20
[   77.910391][ T4179]  ? __rwlock_init+0x140/0x140
[   77.915171][ T4179]  hci_event_packet+0xe05/0x12f0
[   77.920121][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[   77.925341][ T4179]  ? rcu_lock_release+0x20/0x20
[   77.930205][ T4179]  ? skb_dequeue+0x1d/0x140
[   77.934729][ T4179]  ? hci_send_to_monitor+0x9c/0x4a0
[   77.939948][ T4179]  hci_rx_work+0x255/0xa10
[   77.944394][ T4179]  process_one_work+0x863/0x1000
[   77.949365][ T4179]  ? worker_detach_from_pool+0x240/0x240
[   77.955008][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[   77.960330][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[   77.965373][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[   77.970769][ T4179]  ? wq_worker_running+0x97/0x170
[   77.975812][ T4179]  worker_thread+0xaa8/0x12a0
[   77.980538][ T4179]  kthread+0x436/0x520
[   77.984617][ T4179]  ? rcu_lock_release+0x20/0x20
[   77.989492][ T4179]  ? kthread_blkcg+0xd0/0xd0
[   77.994096][ T4179]  ret_from_fork+0x1f/0x30
[   77.998543][ T4179]  </TASK>
[   78.019817][ T4179] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   78.033234][ T4179] Bluetooth: hci4: failed to register connection device
[   80.279422][ T4465] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   80.594779][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[   80.605784][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[   80.614156][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[   80.624228][ T4180] Workqueue: hci0 hci_rx_work
[   80.628937][ T4180] Call Trace:
[   80.632233][ T4180]  <TASK>
[   80.635176][ T4180]  dump_stack_lvl+0x168/0x230
[   80.639973][ T4180]  ? show_regs_print_info+0x20/0x20
[   80.645199][ T4180]  ? load_image+0x3b0/0x3b0
[   80.649741][ T4180]  sysfs_create_dir_ns+0x252/0x280
[   80.654882][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[   80.659933][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[   80.664629][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[   80.670109][ T4180]  ? hci_event_packet+0xe05/0x12f0
[   80.675242][ T4180]  ? process_one_work+0x863/0x1000
[   80.680374][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[   80.685602][ T4180]  kobject_add_internal+0x662/0xd00
[   80.690831][ T4180]  kobject_add+0x152/0x210
[   80.695277][ T4180]  ? kobject_init+0x1d0/0x1d0
[   80.699983][ T4180]  ? klist_children_get+0x50/0x50
[   80.705030][ T4180]  ? get_device_parent+0x121/0x3f0
[   80.710167][ T4180]  device_add+0x483/0xfb0
[   80.714548][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[   80.719512][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[   80.724824][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[   80.730053][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[   80.735187][ T4180]  ? __switch_to_asm+0x34/0x60
[   80.739983][ T4180]  ? __schedule+0x11c0/0x43b0
[   80.744684][ T4180]  ? __mutex_trylock_common+0x14f/0x250
[   80.750261][ T4180]  hci_le_meta_evt+0x289/0x3b80
[   80.755131][ T4180]  ? hci_event_packet+0x36d/0x12f0
[   80.760266][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[   80.765485][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[   80.770538][ T4180]  ? release_firmware_map_entry+0x190/0x190
[   80.776457][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[   80.782549][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[   80.788219][ T4180]  ? mutex_unlock+0x10/0x10
[   80.792743][ T4180]  ? preempt_schedule+0xa7/0xb0
[   80.797626][ T4180]  ? schedule_preempt_disabled+0x20/0x20
[   80.803276][ T4180]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[   80.808938][ T4180]  hci_event_packet+0xe05/0x12f0
[   80.813908][ T4180]  ? rcu_lock_release+0x20/0x20
[   80.818788][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[   80.824013][ T4180]  hci_rx_work+0x255/0xa10
[   80.828481][ T4180]  process_one_work+0x863/0x1000
[   80.833456][ T4180]  ? worker_detach_from_pool+0x240/0x240
[   80.839108][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[   80.844421][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[   80.849468][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[   80.854866][ T4180]  ? wq_worker_running+0x97/0x170
[   80.859898][ T4180]  worker_thread+0xaa8/0x12a0
[   80.864601][ T4180]  kthread+0x436/0x520
[   80.868673][ T4180]  ? rcu_lock_release+0x20/0x20
[   80.873524][ T4180]  ? kthread_blkcg+0xd0/0xd0
[   80.878121][ T4180]  ret_from_fork+0x1f/0x30
[   80.882551][ T4180]  </TASK>
[   80.888422][ T4180] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   80.902024][ T4180] Bluetooth: hci0: failed to register connection device
[   81.864805][   T21] cfg80211: failed to load regulatory.db
[   83.185268][ T4496] loop3: detected capacity change from 0 to 4096
[   83.322772][ T4496] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[   84.891499][ T4168] ntfs3: loop3: ntfs_sync_fs r=1a failed, -22.
[   84.905544][ T4168] ntfs3: loop3: ntfs_evict_inode r=1a failed, -22.
[   84.931524][ T4168] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[   86.753520][ T4527] loop1: detected capacity change from 0 to 512
[   86.848685][ T4527] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   86.908066][ T4527] EXT4-fs (loop1): invalid journal inode
[   86.950510][ T4527] EXT4-fs (loop1): can't get journal size
[   86.966675][ T4529] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   86.990027][ T4527] EXT4-fs (loop1): 1 truncate cleaned up
[   87.002698][ T4527] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[   87.015007][ T4529] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   87.025726][ T4536] loop3: detected capacity change from 0 to 2048
[   87.520707][ T4542] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.701616][ T4575] loop0: detected capacity change from 0 to 1024
[   89.953665][ T4577] netlink: 'syz.3.99': attribute type 29 has an invalid length.
[   89.964062][ T4577] netlink: 'syz.3.99': attribute type 29 has an invalid length.
[   89.978563][ T4577] netlink: 'syz.3.99': attribute type 29 has an invalid length.
[   90.100935][ T4575] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   90.654109][ T4575] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000070,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,max_batch_time=0x00000000000003fe,user_xattr,bsdgroups,,errors=continue. Quota mode: none.
[   90.917373][ T4589] loop3: detected capacity change from 0 to 512
[   91.029190][ T4589] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   91.045113][ T4589] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01c, mo2=0002]
[   91.080221][ T4589] EXT4-fs (loop3): orphan cleanup on readonly fs
[   91.097885][ T4589] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279949761 > max in inode 13
[   91.164101][ T4589] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279949762 > max in inode 13
[   91.187284][ T4589] EXT4-fs (loop3): 1 truncate cleaned up
[   91.193155][ T4589] EXT4-fs (loop3): mounted filesystem without journal. Opts: commit=0x0000000000000000,noblock_validity,user_xattr,,errors=continue. Quota mode: none.
[   91.233840][ T4589] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.103: dx entry: limit 65535 != root limit 120
[   91.267044][ T4589] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.103: Corrupt directory, running e2fsck is recommended
[   91.523653][ T4598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.105'.
[   91.620139][ T4571] loop1: detected capacity change from 0 to 32768
[   91.883221][ T4571] XFS (loop1): Mounting V5 Filesystem
[   92.007196][ T4571] XFS (loop1): Ending clean mount
[   92.229408][ T4175] XFS (loop1): Unmounting Filesystem
[   92.402568][ T4614] syz.2.109 uses obsolete (PF_INET,SOCK_PACKET)
[   94.590339][ T4632] loop4: detected capacity change from 0 to 64
[   95.214959][ T4632] =======================================================
[   95.214959][ T4632] WARNING: The mand mount option has been deprecated and
[   95.214959][ T4632]          and is ignored by this kernel. Remove the mand
[   95.214959][ T4632]          option from the mount to silence this warning.
[   95.214959][ T4632] =======================================================
[   95.249895][    C0] vkms_vblank_simulate: vblank timer overrun
[   95.417738][ T4640] loop1: detected capacity change from 0 to 1024
[   95.585490][ T4640] EXT4-fs (loop1): Ignoring removed orlov option
[   95.692215][ T4640] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv1,resgid=0x0000000000000000,nodioread_nolock,norecovery,debug_want_extra_isize=0x0000000000000080,quota,errors=remount-ro,grpid,orlov,. Quota mode: writeback.
[   95.714868][    C0] vkms_vblank_simulate: vblank timer overrun
[   97.579549][ T4658] loop4: detected capacity change from 0 to 2048
[   97.836002][ T4664] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   98.686647][ T4674] loop3: detected capacity change from 0 to 512
[   98.726326][ T4679] loop1: detected capacity change from 0 to 64
[   98.799309][ T4674] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.123: casefold flag without casefold feature
[   98.876896][ T4674] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.123: couldn't read orphan inode 15 (err -117)
[   98.975828][ T4674] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  101.243641][ T4699] loop4: detected capacity change from 0 to 1024
[  101.432509][ T4699] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  101.582475][ T4699] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,noquota,dioread_nolock,jqfmt=vfsv1,debug_want_extra_isize=0x0000000000000070,max_dir_size_kb=0x00000000000007b1,stripe=0x0000000000000020,bsdgroups,max_batch_time=0x00000000000003fe,user_xattr,bsdgroups,,errors=continue. Quota mode: none.
[  102.508957][ T4724] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  103.187284][ T4732] loop2: detected capacity change from 0 to 64
[  108.502812][ T4776] loop0: detected capacity change from 0 to 512
[  108.509795][ T4775] loop1: detected capacity change from 0 to 512
[  108.570842][ T4778] loop3: detected capacity change from 0 to 64
[  108.603510][ T4776] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  108.622336][ T4775] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  108.635392][ T4775] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01c, mo2=0002]
[  108.660788][ T4776] EXT4-fs (loop0): invalid journal inode
[  108.664932][ T4775] EXT4-fs (loop1): orphan cleanup on readonly fs
[  108.685533][ T4776] EXT4-fs (loop0): can't get journal size
[  109.056214][ T4787] loop4: detected capacity change from 0 to 1024
[  110.120841][ T4775] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279949761 > max in inode 13
[  110.275283][ T4775] EXT4-fs warning (device loop1): ext4_block_to_path:107: block 3279949762 > max in inode 13
[  110.361983][ T4776] EXT4-fs (loop0): 1 truncate cleaned up
[  110.370765][ T4775] EXT4-fs (loop1): 1 truncate cleaned up
[  110.395484][ T4775] EXT4-fs (loop1): mounted filesystem without journal. Opts: commit=0x0000000000000000,noblock_validity,user_xattr,,errors=continue. Quota mode: none.
[  110.538578][ T4776] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  110.650436][ T4360] hfsplus: b-tree write err: -5, ino 4
[  110.674545][ T4775] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.151: dx entry: limit 65535 != root limit 120
[  110.708392][ T4775] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.151: Corrupt directory, running e2fsck is recommended
[  111.776512][ T4806] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  111.784443][ T4806] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  113.165779][ T4174] Bluetooth: hci0: command 0x0c1a tx timeout
[  113.449748][ T4837] loop2: detected capacity change from 0 to 64
[  114.782253][ T4847] loop3: detected capacity change from 0 to 512
[  114.811584][ T4851] loop0: detected capacity change from 0 to 512
[  114.887663][ T4847] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  115.039857][ T4851] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  115.158202][ T4847] EXT4-fs (loop3): invalid journal inode
[  115.167048][ T4851] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8802c01c, mo2=0002]
[  115.295808][ T4847] EXT4-fs (loop3): can't get journal size
[  115.539764][ T4851] EXT4-fs (loop0): orphan cleanup on readonly fs
[  115.558360][ T4847] EXT4-fs (loop3): 1 truncate cleaned up
[  115.567958][ T4851] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949761 > max in inode 13
[  116.246439][ T4847] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  116.265274][ T4851] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279949762 > max in inode 13
[  116.342868][ T4851] EXT4-fs (loop0): 1 truncate cleaned up
[  116.375199][ T4851] EXT4-fs (loop0): mounted filesystem without journal. Opts: commit=0x0000000000000000,noblock_validity,user_xattr,,errors=continue. Quota mode: none.
[  116.636726][ T4851] EXT4-fs warning (device loop0): dx_probe:893: inode #2: comm syz.0.169: dx entry: limit 65535 != root limit 120
[  117.149424][ T4851] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.169: Corrupt directory, running e2fsck is recommended
[  119.637068][ T4903] loop2: detected capacity change from 0 to 64
[  119.740358][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  119.750701][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  119.759072][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  119.769142][ T4180] Workqueue: hci4 hci_rx_work
[  119.773858][ T4180] Call Trace:
[  119.777145][ T4180]  <TASK>
[  119.780082][ T4180]  dump_stack_lvl+0x168/0x230
[  119.784778][ T4180]  ? show_regs_print_info+0x20/0x20
[  119.790011][ T4180]  ? load_image+0x3b0/0x3b0
[  119.794549][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  119.799674][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  119.804717][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  119.809404][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  119.814623][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  119.819842][ T4180]  kobject_add_internal+0x662/0xd00
[  119.825069][ T4180]  kobject_add+0x152/0x210
[  119.829510][ T4180]  ? kobject_init+0x1d0/0x1d0
[  119.834205][ T4180]  ? klist_children_get+0x50/0x50
[  119.839243][ T4180]  ? get_device_parent+0x121/0x3f0
[  119.844373][ T4180]  device_add+0x483/0xfb0
[  119.848731][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  119.853700][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  119.859113][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  119.864345][ T4180]  ? rcu_is_watching+0x63/0xa0
[  119.869132][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  119.874004][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  119.879133][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  119.884275][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  119.889339][ T4180]  ? release_firmware_map_entry+0x190/0x190
[  119.895254][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  119.901357][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  119.907013][ T4180]  ? mark_lock+0x94/0x320
[  119.911368][ T4180]  ? mutex_unlock+0x10/0x10
[  119.915893][ T4180]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  119.921902][ T4180]  ? lock_chain_count+0x20/0x20
[  119.926776][ T4180]  ? __rwlock_init+0x140/0x140
[  119.931560][ T4180]  hci_event_packet+0xe05/0x12f0
[  119.936519][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  119.941744][ T4180]  ? rcu_lock_release+0x20/0x20
[  119.946613][ T4180]  ? skb_dequeue+0x1d/0x140
[  119.951151][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[  119.956376][ T4180]  hci_rx_work+0x255/0xa10
[  119.960832][ T4180]  process_one_work+0x863/0x1000
[  119.965807][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  119.971460][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  119.976779][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  119.981912][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  119.987304][ T4180]  ? wq_worker_running+0x97/0x170
[  119.992350][ T4180]  worker_thread+0xaa8/0x12a0
[  119.997075][ T4180]  kthread+0x436/0x520
[  120.001158][ T4180]  ? rcu_lock_release+0x20/0x20
[  120.006025][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  120.010633][ T4180]  ret_from_fork+0x1f/0x30
[  120.015087][ T4180]  </TASK>
[  120.247870][ T4180] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  120.264690][ T4180] Bluetooth: hci4: failed to register connection device
[  121.250281][ T4922] loop1: detected capacity change from 0 to 512
[  121.310269][ T4922] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  121.367672][ T4922] EXT4-fs (loop1): invalid journal inode
[  121.396764][ T4922] EXT4-fs (loop1): can't get journal size
[  121.485262][ T4922] EXT4-fs (loop1): 1 truncate cleaned up
[  121.501628][ T4922] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  121.563096][ T4907] loop3: detected capacity change from 0 to 32768
[  121.738623][ T4907] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.184 (4907)
[  122.224164][ T4932] loop2: detected capacity change from 0 to 2048
[  122.356501][ T4938] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.368419][   T21] Bluetooth: hci4: command 0x2016 tx timeout
[  122.379723][ T4907] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  122.445167][ T4907] BTRFS info (device loop3): force clearing of disk cache
[  122.504453][ T4907] BTRFS info (device loop3): setting nodatacow, compression disabled
[  122.539889][ T4941] ax25_connect(): syz.0.195 uses autobind, please contact jreuter@yaina.de
[  122.593331][ T4907] BTRFS info (device loop3): enabling auto defrag
[  122.635288][ T4907] BTRFS info (device loop3): max_inline at 0
[  122.652658][ T4907] BTRFS info (device loop3): enabling disk space caching
[  122.720937][ T4907] BTRFS info (device loop3): disk space caching is enabled
[  122.731983][ T4907] BTRFS info (device loop3): has skinny extents
[  123.084671][ T4907] BTRFS error (device loop3): open_ctree failed: -12
[  123.223155][ T4970] loop2: detected capacity change from 0 to 512
[  123.272790][ T4970] EXT4-fs (loop2): Ignoring removed nobh option
[  123.279225][ T4970] EXT4-fs (loop2): Ignoring removed nobh option
[  123.285890][ T4970] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  123.298103][ T4970] EXT4-fs (loop2): invalid inodes per group: 985120
[  123.298103][ T4970] 
[  124.137431][ T4973] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  124.655086][ T4983] loop2: detected capacity change from 0 to 64
[  124.995786][ T4996] ax25_connect(): syz.4.208 uses autobind, please contact jreuter@yaina.de
[  126.071592][ T4999] loop1: detected capacity change from 0 to 2048
[  127.509862][ T5012] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  127.705310][ T5020] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  128.027257][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  128.038121][ T4179] CPU: 1 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[  128.046479][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  128.056549][ T4179] Workqueue: hci2 hci_rx_work
[  128.061262][ T4179] Call Trace:
[  128.064550][ T4179]  <TASK>
[  128.067491][ T4179]  dump_stack_lvl+0x168/0x230
[  128.072191][ T4179]  ? show_regs_print_info+0x20/0x20
[  128.077409][ T4179]  ? load_image+0x3b0/0x3b0
[  128.081942][ T4179]  sysfs_create_dir_ns+0x252/0x280
[  128.087073][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  128.092114][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[  128.096900][ T4179]  kobject_add_internal+0x662/0xd00
[  128.102121][ T4179]  kobject_add+0x152/0x210
[  128.106556][ T4179]  ? kobject_init+0x1d0/0x1d0
[  128.111252][ T4179]  ? klist_children_get+0x50/0x50
[  128.116307][ T4179]  ? get_device_parent+0x121/0x3f0
[  128.121440][ T4179]  device_add+0x483/0xfb0
[  128.125798][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[  128.130769][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[  128.136083][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[  128.141211][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[  128.146439][ T4179]  ? __mutex_trylock_common+0x14f/0x250
[  128.152050][ T4179]  hci_le_meta_evt+0x289/0x3b80
[  128.156921][ T4179]  ? hci_event_packet+0x36d/0x12f0
[  128.162048][ T4179]  ? hci_event_packet+0x2e2/0x12f0
[  128.167175][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  128.172224][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[  128.178308][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  128.183954][ T4179]  ? mark_lock+0x94/0x320
[  128.188298][ T4179]  ? mutex_unlock+0x10/0x10
[  128.192816][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  128.198814][ T4179]  ? lock_chain_count+0x20/0x20
[  128.203684][ T4179]  ? __rwlock_init+0x140/0x140
[  128.208463][ T4179]  hci_event_packet+0xe05/0x12f0
[  128.213413][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[  128.218632][ T4179]  ? rcu_lock_release+0x20/0x20
[  128.223503][ T4179]  ? hci_send_to_monitor+0x9c/0x4a0
[  128.228718][ T4179]  hci_rx_work+0x255/0xa10
[  128.233164][ T4179]  process_one_work+0x863/0x1000
[  128.238141][ T4179]  ? worker_detach_from_pool+0x240/0x240
[  128.243792][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[  128.249114][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[  128.254160][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  128.259562][ T4179]  ? wq_worker_running+0x97/0x170
[  128.264603][ T4179]  worker_thread+0xaa8/0x12a0
[  128.269325][ T4179]  kthread+0x436/0x520
[  128.273404][ T4179]  ? rcu_lock_release+0x20/0x20
[  128.278265][ T4179]  ? kthread_blkcg+0xd0/0xd0
[  128.282869][ T4179]  ret_from_fork+0x1f/0x30
[  128.287327][ T4179]  </TASK>
[  128.290412][    C1] vkms_vblank_simulate: vblank timer overrun
[  128.325147][ T4179] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  128.340643][ T4179] Bluetooth: hci2: failed to register connection device
[  128.984807][ T5045] loop3: detected capacity change from 0 to 64
[  128.996965][ T5046] ax25_connect(): syz.2.223 uses autobind, please contact jreuter@yaina.de
[  129.642791][ T5011] loop4: detected capacity change from 0 to 32768
[  129.750426][ T5011] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.211 (5011)
[  130.350995][ T5011] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  130.380983][ T4174] Bluetooth: hci2: command 0x2016 tx timeout
[  130.387394][ T5011] BTRFS info (device loop4): enabling auto defrag
[  130.401654][ T5011] BTRFS info (device loop4): max_inline at 0
[  130.409401][ T5011] BTRFS info (device loop4): enabling ssd optimizations
[  130.416747][ T5011] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  130.432237][ T5011] BTRFS info (device loop4): use lzo compression, level 0
[  130.463040][ T5011] BTRFS info (device loop4): using free space tree
[  130.471477][ T5011] BTRFS info (device loop4): has skinny extents
[  130.642034][ T5011] BTRFS error (device loop4): open_ctree failed: -12
[  130.886166][ T5100] loop2: detected capacity change from 0 to 64
[  131.126017][ T5106] loop0: detected capacity change from 0 to 512
[  131.324124][ T5107] netlink: 'syz.4.236': attribute type 29 has an invalid length.
[  131.334705][ T5107] netlink: 'syz.4.236': attribute type 29 has an invalid length.
[  131.350941][ T5107] netlink: 'syz.4.236': attribute type 29 has an invalid length.
[  131.362433][ T5107] netlink: 'syz.4.236': attribute type 29 has an invalid length.
[  131.607379][ T5106] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nodiscard,min_batch_time=0x00000000000003ff,,errors=continue. Quota mode: none.
[  131.898718][ T5111] loop1: detected capacity change from 0 to 512
[  131.915052][ T5113] loop2: detected capacity change from 0 to 64
[  131.988203][ T5111] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  132.022185][ T5106] overlayfs: conflicting lowerdir path
[  132.025924][ T5111] EXT4-fs (loop1): invalid journal inode
[  132.123824][ T5111] EXT4-fs (loop1): can't get journal size
[  132.156176][ T5066] loop3: detected capacity change from 0 to 40427
[  132.212842][ T5111] EXT4-fs (loop1): 1 truncate cleaned up
[  132.225411][ T5111] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  132.255479][ T5066] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  133.336219][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  133.342593][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  133.350614][ T5066] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  133.654456][ T5066] F2FS-fs (loop3): invalid crc value
[  133.695880][ T5066] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  134.154938][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  134.166315][ T4179] CPU: 1 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[  134.174676][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  134.184882][ T4179] Workqueue: hci1 hci_rx_work
[  134.189585][ T4179] Call Trace:
[  134.192874][ T4179]  <TASK>
[  134.195816][ T4179]  dump_stack_lvl+0x168/0x230
[  134.200515][ T4179]  ? show_regs_print_info+0x20/0x20
[  134.205732][ T4179]  ? load_image+0x3b0/0x3b0
[  134.210263][ T4179]  sysfs_create_dir_ns+0x252/0x280
[  134.215390][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  134.220440][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[  134.225127][ T4179]  ? le_conn_complete_evt+0xcbc/0x1590
[  134.230602][ T4179]  ? hci_event_packet+0xe05/0x12f0
[  134.235728][ T4179]  ? process_one_work+0x863/0x1000
[  134.240858][ T4179]  ? do_raw_spin_unlock+0x11d/0x230
[  134.246073][ T4179]  kobject_add_internal+0x662/0xd00
[  134.251310][ T4179]  kobject_add+0x152/0x210
[  134.255762][ T4179]  ? kobject_init+0x1d0/0x1d0
[  134.260463][ T4179]  ? klist_children_get+0x50/0x50
[  134.265499][ T4179]  ? get_device_parent+0x121/0x3f0
[  134.270634][ T4179]  device_add+0x483/0xfb0
[  134.274996][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[  134.279966][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[  134.285279][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[  134.290415][ T4179]  ? __mutex_trylock_common+0x14f/0x250
[  134.296087][ T4179]  hci_le_meta_evt+0x289/0x3b80
[  134.300956][ T4179]  ? hci_event_packet+0x36d/0x12f0
[  134.306083][ T4179]  ? hci_event_packet+0x2e2/0x12f0
[  134.311293][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  134.316352][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[  134.322434][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  134.328087][ T4179]  ? mark_lock+0x94/0x320
[  134.332449][ T4179]  ? mutex_unlock+0x10/0x10
[  134.336984][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  134.343146][ T4179]  ? lock_chain_count+0x20/0x20
[  134.348021][ T4179]  ? __rwlock_init+0x140/0x140
[  134.352808][ T4179]  hci_event_packet+0xe05/0x12f0
[  134.357769][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[  134.362996][ T4179]  ? rcu_lock_release+0x20/0x20
[  134.367870][ T4179]  ? hci_send_to_monitor+0x9c/0x4a0
[  134.373089][ T4179]  hci_rx_work+0x255/0xa10
[  134.377543][ T4179]  process_one_work+0x863/0x1000
[  134.382514][ T4179]  ? worker_detach_from_pool+0x240/0x240
[  134.388158][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[  134.393479][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[  134.398521][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  134.403915][ T4179]  ? wq_worker_running+0x97/0x170
[  134.408973][ T4179]  worker_thread+0xaa8/0x12a0
[  134.413699][ T4179]  kthread+0x436/0x520
[  134.417780][ T4179]  ? rcu_lock_release+0x20/0x20
[  134.422666][ T4179]  ? kthread_blkcg+0xd0/0xd0
[  134.427272][ T4179]  ret_from_fork+0x1f/0x30
[  134.431724][ T4179]  </TASK>
[  134.434827][    C1] vkms_vblank_simulate: vblank timer overrun
[  134.489630][ T4179] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  134.504999][ T4179] Bluetooth: hci1: failed to register connection device
[  135.059303][ T5151] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  135.578572][ T5130] loop2: detected capacity change from 0 to 40427
[  135.804259][ T5161] loop3: detected capacity change from 0 to 64
[  135.913360][ T5130] F2FS-fs (loop2): Unrecognized mount option "memory=low" or missing value
[  136.002795][ T5165] loop0: detected capacity change from 0 to 512
[  136.155269][ T5165] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  136.166905][ T5165] EXT4-fs (loop0): invalid journal inode
[  136.209361][ T5165] EXT4-fs (loop0): can't get journal size
[  136.527173][ T5165] EXT4-fs (loop0): 1 truncate cleaned up
[  136.575938][ T5165] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  137.759225][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  137.770374][ T4179] CPU: 0 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[  137.778741][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  137.788809][ T4179] Workqueue: hci0 hci_rx_work
[  137.793509][ T4179] Call Trace:
[  137.796796][ T4179]  <TASK>
[  137.799736][ T4179]  dump_stack_lvl+0x168/0x230
[  137.804438][ T4179]  ? show_regs_print_info+0x20/0x20
[  137.809653][ T4179]  ? load_image+0x3b0/0x3b0
[  137.814186][ T4179]  sysfs_create_dir_ns+0x252/0x280
[  137.819312][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  137.824352][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[  137.829039][ T4179]  ? le_conn_complete_evt+0xcbc/0x1590
[  137.834517][ T4179]  ? hci_event_packet+0xe05/0x12f0
[  137.839642][ T4179]  ? process_one_work+0x863/0x1000
[  137.844766][ T4179]  ? do_raw_spin_unlock+0x11d/0x230
[  137.849981][ T4179]  kobject_add_internal+0x662/0xd00
[  137.855203][ T4179]  kobject_add+0x152/0x210
[  137.859638][ T4179]  ? kobject_init+0x1d0/0x1d0
[  137.864339][ T4179]  ? klist_children_get+0x50/0x50
[  137.869378][ T4179]  ? get_device_parent+0x121/0x3f0
[  137.874519][ T4179]  device_add+0x483/0xfb0
[  137.878874][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[  137.883835][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[  137.889147][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[  137.894282][ T4179]  ? __mutex_trylock_common+0x14f/0x250
[  137.899848][ T4179]  hci_le_meta_evt+0x289/0x3b80
[  137.904711][ T4179]  ? hci_event_packet+0x36d/0x12f0
[  137.909833][ T4179]  ? hci_event_packet+0x2e2/0x12f0
[  137.914957][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  137.920005][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[  137.926090][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  137.931754][ T4179]  ? mark_lock+0x94/0x320
[  137.936096][ T4179]  ? mutex_unlock+0x10/0x10
[  137.940614][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  137.946618][ T4179]  ? lock_chain_count+0x20/0x20
[  137.951482][ T4179]  ? __rwlock_init+0x140/0x140
[  137.956263][ T4179]  hci_event_packet+0xe05/0x12f0
[  137.961222][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[  137.966450][ T4179]  ? rcu_lock_release+0x20/0x20
[  137.971328][ T4179]  ? hci_send_to_monitor+0x9c/0x4a0
[  137.976549][ T4179]  hci_rx_work+0x255/0xa10
[  137.980995][ T4179]  process_one_work+0x863/0x1000
[  137.985966][ T4179]  ? worker_detach_from_pool+0x240/0x240
[  137.991611][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[  137.996926][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[  138.001982][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  138.007381][ T4179]  ? wq_worker_running+0x97/0x170
[  138.012439][ T4179]  worker_thread+0xaa8/0x12a0
[  138.017159][ T4179]  kthread+0x436/0x520
[  138.021238][ T4179]  ? rcu_lock_release+0x20/0x20
[  138.026099][ T4179]  ? kthread_blkcg+0xd0/0xd0
[  138.030704][ T4179]  ret_from_fork+0x1f/0x30
[  138.035153][ T4179]  </TASK>
[  138.096249][ T4179] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  138.112768][ T4179] Bluetooth: hci0: failed to register connection device
[  138.203956][ T5188] loop2: detected capacity change from 0 to 22
[  138.292620][ T5188] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  139.177265][ T5188] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  139.947571][ T5221] loop4: detected capacity change from 0 to 64
[  140.229462][ T5258] loop0: detected capacity change from 0 to 512
[  140.529065][ T5258] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  140.555155][ T5258] EXT4-fs (loop0): invalid journal inode
[  140.924406][ T5258] EXT4-fs (loop0): can't get journal size
[  140.962718][ T5258] EXT4-fs (loop0): 1 truncate cleaned up
[  141.010300][ T5258] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  144.675358][ T5315] netlink: 'syz.3.280': attribute type 29 has an invalid length.
[  145.152329][ T5315] netlink: 'syz.3.280': attribute type 29 has an invalid length.
[  146.162889][ T5328] loop4: detected capacity change from 0 to 64
[  146.950359][ T5332] loop1: detected capacity change from 0 to 64
[  147.238128][ T5334] loop3: detected capacity change from 0 to 512
[  147.345057][ T5334] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  147.615246][ T5334] EXT4-fs (loop3): invalid journal inode
[  147.669465][ T5334] EXT4-fs (loop3): can't get journal size
[  147.777553][ T5334] EXT4-fs (loop3): 1 truncate cleaned up
[  147.791097][ T5334] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  148.524765][ T5349] loop2: detected capacity change from 0 to 64
[  151.065932][ T5370] netlink: 'syz.3.292': attribute type 29 has an invalid length.
[  151.074415][ T5370] netlink: 'syz.3.292': attribute type 29 has an invalid length.
[  151.085066][ T5370] netlink: 'syz.3.292': attribute type 29 has an invalid length.
[  151.094131][ T5370] netlink: 'syz.3.292': attribute type 29 has an invalid length.
[  152.504563][ T5375] loop3: detected capacity change from 0 to 64
[  153.658105][ T5389] loop4: detected capacity change from 0 to 512
[  155.002396][ T4168] hfs: node 4:3 still has 1 user(s)!
[  155.124933][ T5389] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  155.174007][ T5389] EXT4-fs (loop4): invalid journal inode
[  155.215768][ T5389] EXT4-fs (loop4): can't get journal size
[  155.227507][ T5402] loop3: detected capacity change from 0 to 22
[  155.444526][ T5402] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  156.288590][ T5402] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  156.534304][ T5389] EXT4-fs (loop4): 1 truncate cleaned up
[  156.540194][ T5389] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  157.575590][ T5416] loop3: detected capacity change from 0 to 64
[  157.670944][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.679969][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.689027][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.698092][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.707241][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.716268][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.725257][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.734281][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #282!!!
[  157.743280][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  157.752295][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[  158.063344][ T5425] netlink: 'syz.2.309': attribute type 29 has an invalid length.
[  158.071599][ T5425] netlink: 'syz.2.309': attribute type 29 has an invalid length.
[  158.080459][ T5425] netlink: 'syz.2.309': attribute type 29 has an invalid length.
[  158.089027][ T5425] netlink: 'syz.2.309': attribute type 29 has an invalid length.
[  161.728221][ T5456] loop4: detected capacity change from 0 to 22
[  161.820948][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  161.832310][ T4180] CPU: 0 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  161.840672][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  161.850752][ T4180] Workqueue: hci2 hci_rx_work
[  161.855461][ T4180] Call Trace:
[  161.858750][ T4180]  <TASK>
[  161.861691][ T4180]  dump_stack_lvl+0x168/0x230
[  161.866393][ T4180]  ? show_regs_print_info+0x20/0x20
[  161.871608][ T4180]  ? load_image+0x3b0/0x3b0
[  161.876144][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  161.881272][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  161.886308][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  161.890994][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[  161.896470][ T4180]  ? hci_event_packet+0xe05/0x12f0
[  161.901594][ T4180]  ? process_one_work+0x863/0x1000
[  161.906721][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  161.911956][ T4180]  kobject_add_internal+0x662/0xd00
[  161.917179][ T4180]  kobject_add+0x152/0x210
[  161.921617][ T4180]  ? kobject_init+0x1d0/0x1d0
[  161.926315][ T4180]  ? klist_children_get+0x50/0x50
[  161.931352][ T4180]  ? get_device_parent+0x121/0x3f0
[  161.936483][ T4180]  device_add+0x483/0xfb0
[  161.940848][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  161.945808][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  161.951125][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  161.956248][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  161.961462][ T4180]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  161.967117][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  161.971987][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  161.977119][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  161.982245][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  161.987287][ T4180]  ? release_firmware_map_entry+0x190/0x190
[  161.993201][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  161.999289][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  162.005025][ T4180]  ? mutex_unlock+0x10/0x10
[  162.009546][ T4180]  ? preempt_schedule+0xa7/0xb0
[  162.014407][ T4180]  ? schedule_preempt_disabled+0x20/0x20
[  162.020062][ T4180]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  162.025720][ T4180]  hci_event_packet+0xe05/0x12f0
[  162.030684][ T4180]  ? rcu_lock_release+0x20/0x20
[  162.035574][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[  162.040805][ T4180]  hci_rx_work+0x255/0xa10
[  162.045252][ T4180]  process_one_work+0x863/0x1000
[  162.050220][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  162.055866][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  162.061167][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  162.066217][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  162.071612][ T4180]  ? wq_worker_running+0x97/0x170
[  162.076665][ T4180]  worker_thread+0xaa8/0x12a0
[  162.081388][ T4180]  kthread+0x436/0x520
[  162.085470][ T4180]  ? rcu_lock_release+0x20/0x20
[  162.090329][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  162.094944][ T4180]  ret_from_fork+0x1f/0x30
[  162.099388][ T4180]  </TASK>
[  162.102450][    C0] vkms_vblank_simulate: vblank timer overrun
[  162.158610][ T4180] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  162.173478][ T4180] Bluetooth: hci2: failed to register connection device
[  162.293008][ T5458] loop0: detected capacity change from 0 to 512
[  162.322152][ T5456] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  162.351451][ T5456] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  162.377476][ T5458] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  162.543872][ T5458] EXT4-fs (loop0): invalid journal inode
[  162.773172][ T5458] EXT4-fs (loop0): can't get journal size
[  163.732609][ T5471] netlink: 'syz.2.322': attribute type 29 has an invalid length.
[  163.741245][ T5471] netlink: 'syz.2.322': attribute type 29 has an invalid length.
[  163.914952][ T5471] netlink: 'syz.2.322': attribute type 29 has an invalid length.
[  163.923403][ T5471] netlink: 'syz.2.322': attribute type 29 has an invalid length.
[  164.532267][ T5458] EXT4-fs (loop0): 1 truncate cleaned up
[  164.538143][ T5458] EXT4-fs (loop0): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  164.547434][ T5479] loop1: detected capacity change from 0 to 64
[  167.047558][ T5482] loop2: detected capacity change from 0 to 40427
[  167.184388][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  167.194747][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  167.203105][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  167.213172][ T4180] Workqueue: hci1 hci_rx_work
[  167.217875][ T4180] Call Trace:
[  167.221167][ T4180]  <TASK>
[  167.224107][ T4180]  dump_stack_lvl+0x168/0x230
[  167.228805][ T4180]  ? show_regs_print_info+0x20/0x20
[  167.234031][ T4180]  ? load_image+0x3b0/0x3b0
[  167.238570][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  167.243708][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  167.248758][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  167.253453][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[  167.258927][ T4180]  ? hci_event_packet+0xe05/0x12f0
[  167.264052][ T4180]  ? process_one_work+0x863/0x1000
[  167.269182][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  167.274409][ T4180]  kobject_add_internal+0x662/0xd00
[  167.279652][ T4180]  kobject_add+0x152/0x210
[  167.284261][ T4180]  ? kobject_init+0x1d0/0x1d0
[  167.288956][ T4180]  ? klist_children_get+0x50/0x50
[  167.293993][ T4180]  ? get_device_parent+0x121/0x3f0
[  167.299122][ T4180]  device_add+0x483/0xfb0
[  167.303478][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  167.308441][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  167.313752][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  167.318899][ T4180]  ? __schedule+0x11c0/0x43b0
[  167.323588][ T4180]  ? __mutex_trylock_common+0x14f/0x250
[  167.329158][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  167.334024][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  167.339147][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  167.344275][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  167.349324][ T4180]  ? release_firmware_map_entry+0x190/0x190
[  167.355256][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  167.361339][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  167.366989][ T4180]  ? mark_lock+0x94/0x320
[  167.371430][ T4180]  ? mutex_unlock+0x10/0x10
[  167.375947][ T4180]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  167.381956][ T4180]  ? lock_chain_count+0x20/0x20
[  167.386824][ T4180]  ? __rwlock_init+0x140/0x140
[  167.391607][ T4180]  hci_event_packet+0xe05/0x12f0
[  167.396557][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  167.401778][ T4180]  ? rcu_lock_release+0x20/0x20
[  167.406637][ T4180]  ? lock_acquire+0x1f2/0x3f0
[  167.411434][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[  167.416739][ T4180]  hci_rx_work+0x255/0xa10
[  167.421192][ T4180]  process_one_work+0x863/0x1000
[  167.426159][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  167.431812][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  167.437128][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  167.442171][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  167.447562][ T4180]  ? wq_worker_running+0x97/0x170
[  167.452608][ T4180]  worker_thread+0xaa8/0x12a0
[  167.457333][ T4180]  kthread+0x436/0x520
[  167.461426][ T4180]  ? rcu_lock_release+0x20/0x20
[  167.466291][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  167.470897][ T4180]  ret_from_fork+0x1f/0x30
[  167.475343][ T4180]  </TASK>
[  167.578852][ T4180] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  167.595975][ T4180] Bluetooth: hci1: failed to register connection device
[  167.663497][ T5482] F2FS-fs (loop2): invalid crc value
[  167.668972][ T5482] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-12)
[  168.228596][ T5518] loop2: detected capacity change from 0 to 1024
[  168.327179][ T5518] hfsplus: failed to load attributes file
[  170.218761][ T5526] loop3: detected capacity change from 0 to 512
[  170.317846][ T5526] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  170.362809][ T5526] EXT4-fs (loop3): invalid journal inode
[  170.368641][ T5526] EXT4-fs (loop3): can't get journal size
[  170.454730][ T5526] EXT4-fs (loop3): 1 truncate cleaned up
[  170.460414][ T5526] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  170.756743][ T5533] loop0: detected capacity change from 0 to 128
[  171.522607][ T5533] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  171.714703][ T5533] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  172.748399][ T5533] overlayfs: upper fs needs to support d_type.
[  172.781633][ T5546] loop3: detected capacity change from 0 to 512
[  172.781658][ T5547] loop1: detected capacity change from 0 to 128
[  172.799520][ T5533] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  172.831979][ T5547] EXT4-fs (loop1): Ignoring removed nobh option
[  172.845931][ T5547] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  172.858266][ T5547] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  172.861999][ T5533] overlayfs: failed to set xattr on upper
[  172.892452][ T5533] overlayfs: ...falling back to index=off,metacopy=off.
[  172.915019][ T5546] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  172.966864][ T5546] EXT4-fs (loop3): invalid journal inode
[  172.978119][ T5546] EXT4-fs (loop3): can't get journal size
[  173.087240][ T5546] EXT4-fs (loop3): 1 truncate cleaned up
[  173.097532][ T5546] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  173.383819][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  173.393951][ T4180] CPU: 0 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  173.402298][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  173.412373][ T4180] Workqueue: hci0 hci_rx_work
[  173.417078][ T4180] Call Trace:
[  173.420384][ T4180]  <TASK>
[  173.423327][ T4180]  dump_stack_lvl+0x168/0x230
[  173.428028][ T4180]  ? show_regs_print_info+0x20/0x20
[  173.433255][ T4180]  ? load_image+0x3b0/0x3b0
[  173.437789][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  173.442910][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  173.447953][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  173.452639][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[  173.458111][ T4180]  ? hci_event_packet+0xe05/0x12f0
[  173.463234][ T4180]  ? process_one_work+0x863/0x1000
[  173.468360][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  173.473585][ T4180]  kobject_add_internal+0x662/0xd00
[  173.479034][ T4180]  kobject_add+0x152/0x210
[  173.483498][ T4180]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  173.489174][ T4180]  ? kobject_init+0x1d0/0x1d0
[  173.493891][ T4180]  ? get_device_parent+0x121/0x3f0
[  173.499032][ T4180]  device_add+0x483/0xfb0
[  173.503392][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  173.508353][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  173.513673][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  173.518807][ T4180]  ? __mutex_trylock_common+0x14f/0x250
[  173.524384][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  173.529251][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  173.534379][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  173.539510][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  173.544569][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  173.550666][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  173.556332][ T4180]  ? mark_lock+0x94/0x320
[  173.560699][ T4180]  ? mutex_unlock+0x10/0x10
[  173.565308][ T4180]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  173.571311][ T4180]  ? lock_chain_count+0x20/0x20
[  173.576183][ T4180]  ? __rwlock_init+0x140/0x140
[  173.580963][ T4180]  hci_event_packet+0xe05/0x12f0
[  173.585911][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  173.591134][ T4180]  ? rcu_lock_release+0x20/0x20
[  173.596017][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[  173.601233][ T4180]  hci_rx_work+0x255/0xa10
[  173.605678][ T4180]  process_one_work+0x863/0x1000
[  173.610648][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  173.616294][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  173.621603][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  173.626643][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  173.628255][ T4166] UDF-fs: error (device loop0): udf_read_inode: (ino 114) failed !bh
[  173.632034][ T4180]  ? wq_worker_running+0x97/0x170
[  173.645347][ T4180]  worker_thread+0xaa8/0x12a0
[  173.650083][ T4180]  kthread+0x436/0x520
[  173.654166][ T4180]  ? rcu_lock_release+0x20/0x20
[  173.659032][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  173.663639][ T4180]  ret_from_fork+0x1f/0x30
[  173.668088][ T4180]  </TASK>
[  173.671141][    C0] vkms_vblank_simulate: vblank timer overrun
[  174.077596][ T4166] UDF-fs: error (device loop0): udf_read_inode: (ino 114) failed !bh
[  174.152982][ T4180] kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  174.167273][ T4180] Bluetooth: hci0: failed to register connection device
[  174.294884][ T5570] mmap: syz.4.347 (5570) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  175.023189][ T4285] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.161329][ T4285] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.276115][ T4285] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.415275][ T4285] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  176.184182][ T5595] loop1: detected capacity change from 0 to 1024
[  176.455647][  T427] hfsplus: b-tree write err: -5, ino 4
[  176.579796][ T5582] chnl_net:caif_netlink_parms(): no params data found
[  176.749783][ T5582] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.777440][ T5582] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.832739][ T5582] device bridge_slave_0 entered promiscuous mode
[  176.916281][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  176.925962][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  176.934308][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  176.944376][ T4180] Workqueue: hci2 hci_rx_work
[  176.949078][ T4180] Call Trace:
[  176.952370][ T4180]  <TASK>
[  176.955308][ T4180]  dump_stack_lvl+0x168/0x230
[  176.960005][ T4180]  ? show_regs_print_info+0x20/0x20
[  176.965221][ T4180]  ? load_image+0x3b0/0x3b0
[  176.969751][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  176.974879][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  176.979920][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  176.984605][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[  176.990075][ T4180]  ? hci_event_packet+0xe05/0x12f0
[  176.995206][ T4180]  ? process_one_work+0x863/0x1000
[  177.000338][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  177.005563][ T4180]  kobject_add_internal+0x662/0xd00
[  177.010795][ T4180]  kobject_add+0x152/0x210
[  177.015237][ T4180]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  177.020888][ T4180]  ? kobject_init+0x1d0/0x1d0
[  177.025580][ T4180]  ? device_add+0x3d8/0xfb0
[  177.030114][ T4180]  device_add+0x483/0xfb0
[  177.034470][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  177.039425][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  177.044737][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  177.049866][ T4180]  ? finish_task_switch+0x12f/0x640
[  177.055078][ T4180]  ? __mutex_trylock_common+0x14f/0x250
[  177.060650][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  177.065516][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  177.070643][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  177.075768][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  177.080809][ T4180]  ? mark_lock+0x94/0x320
[  177.085161][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  177.091246][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  177.096891][ T4180]  ? mark_lock+0x94/0x320
[  177.101237][ T4180]  ? mutex_unlock+0x10/0x10
[  177.105756][ T4180]  ? mark_lock+0x94/0x320
[  177.110108][ T4180]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  177.116111][ T4180]  hci_event_packet+0xe05/0x12f0
[  177.121072][ T4180]  ? rcu_lock_release+0x20/0x20
[  177.125951][ T4180]  ? hci_rx_work+0x248/0xa10
[  177.130559][ T4180]  hci_rx_work+0x255/0xa10
[  177.135002][ T4180]  process_one_work+0x863/0x1000
[  177.140002][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  177.145646][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  177.150949][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  177.155986][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  177.161376][ T4180]  ? wq_worker_running+0x97/0x170
[  177.166415][ T4180]  worker_thread+0xaa8/0x12a0
[  177.171142][ T4180]  kthread+0x436/0x520
[  177.175223][ T4180]  ? rcu_lock_release+0x20/0x20
[  177.180086][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  177.184691][ T4180]  ret_from_fork+0x1f/0x30
[  177.189139][ T4180]  </TASK>
[  177.795455][ T4180] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  177.812949][ T4180] Bluetooth: hci2: failed to register connection device
[  177.823563][ T4174] Bluetooth: hci1: command 0x0409 tx timeout
[  177.913980][ T5582] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.921189][ T5582] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.976166][ T5582] device bridge_slave_1 entered promiscuous mode
[  177.999360][ T5621] loop2: detected capacity change from 0 to 512
[  178.053335][ T5621] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  178.155004][ T5621] EXT4-fs (loop2): invalid journal inode
[  178.160849][ T5621] EXT4-fs (loop2): can't get journal size
[  178.242823][ T5621] EXT4-fs (loop2): 1 truncate cleaned up
[  178.250045][ T5621] EXT4-fs (loop2): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  178.317231][ T5582] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  178.360893][ T5582] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  179.492601][ T5582] team0: Port device team_slave_0 added
[  179.547871][ T5582] team0: Port device team_slave_1 added
[  179.683616][ T5639] netlink: 28 bytes leftover after parsing attributes in process `syz.3.364'.
[  179.742040][ T5582] batman_adv: batadv0: Adding interface: batadv_slave_0
[  179.762831][ T5582] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  179.858595][ T5582] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  179.879344][ T5641] netlink: 28 bytes leftover after parsing attributes in process `syz.3.364'.
[  179.900028][ T4964] Bluetooth: hci1: command 0x041b tx timeout
[  180.171060][ T5582] batman_adv: batadv0: Adding interface: batadv_slave_1
[  180.250317][ T5582] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  180.681245][ T5582] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  180.773763][ T4971] Bluetooth: hci0: command 0x0406 tx timeout
[  180.782473][ T4971] Bluetooth: hci4: command 0x0406 tx timeout
[  180.803683][ T4971] Bluetooth: hci2: command 0x0406 tx timeout
[  180.826202][ T4971] Bluetooth: hci3: command 0x0406 tx timeout
[  180.879903][ T4285] device hsr_slave_0 left promiscuous mode
[  180.899685][ T4285] device hsr_slave_1 left promiscuous mode
[  180.924535][ T4285] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  180.955440][ T4285] batman_adv: batadv0: Removing interface: batadv_slave_0
[  181.001375][ T4285] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  181.033797][ T4285] batman_adv: batadv0: Removing interface: batadv_slave_1
[  181.064771][ T4285] device bridge_slave_1 left promiscuous mode
[  181.072287][ T4285] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.148466][ T4285] device bridge_slave_0 left promiscuous mode
[  181.168331][ T4285] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.221749][ T4285] device veth1_macvtap left promiscuous mode
[  181.228400][ T4285] device veth0_macvtap left promiscuous mode
[  181.254003][ T4285] device veth1_vlan left promiscuous mode
[  181.260118][ T4285] device veth0_vlan left promiscuous mode
[  181.499672][ T5669] loop1: detected capacity change from 0 to 512
[  181.583570][ T5669] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  181.620268][ T5669] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  181.679236][ T5669] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  181.724713][ T5669] EXT4-fs (loop1): 1 truncate cleaned up
[  181.752087][ T5669] EXT4-fs (loop1): mounted filesystem without journal. Opts: nomblk_io_submit,usrjquota="errors=continue,noload,noquota,grpjquota="errors=continue,block_validity,jqfmt=vfsv1,delalloc,,errors=continue. Quota mode: writeback.
[  182.007085][ T4964] Bluetooth: hci1: command 0x040f tx timeout
[  182.133441][ T4285] team0 (unregistering): Port device team_slave_1 removed
[  182.173592][ T4285] team0 (unregistering): Port device team_slave_0 removed
[  182.257714][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  182.268872][ T4179] CPU: 1 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[  182.277230][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  182.287295][ T4179] Workqueue: hci4 hci_rx_work
[  182.292026][ T4179] Call Trace:
[  182.295315][ T4179]  <TASK>
[  182.298254][ T4179]  dump_stack_lvl+0x168/0x230
[  182.302958][ T4179]  ? show_regs_print_info+0x20/0x20
[  182.308175][ T4179]  ? load_image+0x3b0/0x3b0
[  182.312728][ T4179]  sysfs_create_dir_ns+0x252/0x280
[  182.317856][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  182.322898][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[  182.327682][ T4179]  ? le_conn_complete_evt+0xcbc/0x1590
[  182.333166][ T4179]  ? mark_lock+0x94/0x320
[  182.337516][ T4179]  ? do_raw_spin_unlock+0x11d/0x230
[  182.342731][ T4179]  kobject_add_internal+0x662/0xd00
[  182.347958][ T4179]  kobject_add+0x152/0x210
[  182.352397][ T4179]  ? kobject_init+0x1d0/0x1d0
[  182.357100][ T4179]  ? klist_children_get+0x50/0x50
[  182.362144][ T4179]  ? get_device_parent+0x121/0x3f0
[  182.367281][ T4179]  device_add+0x483/0xfb0
[  182.371718][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  182.377373][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[  182.382338][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[  182.387653][ T4179]  ? __switch_to_asm+0x34/0x60
[  182.392457][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[  182.397591][ T4179]  ? __schedule+0x11c0/0x43b0
[  182.402281][ T4179]  ? __mutex_trylock_common+0x14f/0x250
[  182.407856][ T4179]  hci_le_meta_evt+0x289/0x3b80
[  182.412728][ T4179]  ? hci_event_packet+0x36d/0x12f0
[  182.417855][ T4179]  ? hci_event_packet+0x2e2/0x12f0
[  182.422988][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  182.428036][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  182.434038][ T4179]  ? lock_chain_count+0x20/0x20
[  182.438906][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[  182.445077][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  182.450733][ T4179]  ? mutex_unlock+0x10/0x10
[  182.455435][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  182.461101][ T4179]  hci_event_packet+0xe05/0x12f0
[  182.466055][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[  182.471279][ T4179]  ? rcu_lock_release+0x20/0x20
[  182.476151][ T4179]  ? hci_send_to_monitor+0x9c/0x4a0
[  182.481370][ T4179]  hci_rx_work+0x255/0xa10
[  182.485819][ T4179]  process_one_work+0x863/0x1000
[  182.490797][ T4179]  ? worker_detach_from_pool+0x240/0x240
[  182.496451][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[  182.501755][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[  182.506882][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  182.512274][ T4179]  ? wq_worker_running+0x97/0x170
[  182.517319][ T4179]  worker_thread+0xaa8/0x12a0
[  182.522061][ T4179]  kthread+0x436/0x520
[  182.526150][ T4179]  ? rcu_lock_release+0x20/0x20
[  182.531019][ T4179]  ? kthread_blkcg+0xd0/0xd0
[  182.535633][ T4179]  ret_from_fork+0x1f/0x30
[  182.540081][ T4179]  </TASK>
[  182.613493][ T4179] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  182.634006][ T4179] Bluetooth: hci4: failed to register connection device
[  182.772459][ T4285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.811700][ T4285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.999131][ T4285] bond0 (unregistering): Released all slaves
[  183.129720][ T5661] device syzkaller1 entered promiscuous mode
[  183.335102][ T5582] device hsr_slave_0 entered promiscuous mode
[  183.361777][ T5582] device hsr_slave_1 entered promiscuous mode
[  183.383491][ T5582] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  183.450229][ T5582] Cannot create hsr debugfs directory
[  183.693920][ T5691] loop3: detected capacity change from 0 to 32768
[  184.046642][ T5691] XFS (loop3): Mounting V5 Filesystem
[  184.294835][ T5691] XFS (loop3): Ending clean mount
[  184.308522][ T5691] XFS (loop3): Quotacheck needed: Please wait.
[  184.376346][ T2855] Bluetooth: hci1: command 0x0419 tx timeout
[  184.429019][ T5691] XFS (loop3): Quotacheck: Done.
[  185.195168][ T5715] loop4: detected capacity change from 0 to 64
[  185.239407][ T5582] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  185.511863][ T4168] XFS (loop3): Unmounting Filesystem
[  185.584932][ T5582] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  185.667737][ T5582] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  185.742674][ T5582] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  185.788985][ T5722] loop4: detected capacity change from 0 to 512
[  185.877977][ T5722] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  185.972294][ T5722] EXT4-fs (loop4): invalid journal inode
[  185.991984][ T5722] EXT4-fs (loop4): can't get journal size
[  186.034788][ T5722] EXT4-fs (loop4): 1 truncate cleaned up
[  186.054726][ T5722] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  186.116135][ T5582] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.210645][ T5265] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  186.236004][ T5265] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  186.305900][ T5582] 8021q: adding VLAN 0 to HW filter on device team0
[  186.512805][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  186.545325][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  186.655601][ T4277] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.662727][ T4277] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.783317][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  186.827918][ T5737] loop3: detected capacity change from 0 to 2048
[  186.864707][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  186.909310][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  186.962778][ T4277] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.969979][ T4277] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.977820][ T5737] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  187.023135][ T5737] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  187.054044][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  187.109955][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  187.171776][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  187.213616][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  187.238171][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  187.289777][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  187.359563][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  187.386697][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  187.421663][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  187.446651][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  187.479720][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  187.514200][ T5582] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  187.666260][ T5748] loop2: detected capacity change from 0 to 128
[  187.770270][ T5748] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  187.831067][ T5748] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  189.747422][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  189.758986][ T4180] CPU: 0 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  189.767355][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  189.777418][ T4180] Workqueue: hci3 hci_rx_work
[  189.782117][ T4180] Call Trace:
[  189.785403][ T4180]  <TASK>
[  189.788342][ T4180]  dump_stack_lvl+0x168/0x230
[  189.793048][ T4180]  ? show_regs_print_info+0x20/0x20
[  189.798268][ T4180]  ? load_image+0x3b0/0x3b0
[  189.802802][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  189.807922][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  189.812961][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  189.817647][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[  189.823119][ T4180]  ? hci_event_packet+0xe05/0x12f0
[  189.828236][ T4180]  ? process_one_work+0x863/0x1000
[  189.833362][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  189.838573][ T4180]  kobject_add_internal+0x662/0xd00
[  189.843790][ T4180]  kobject_add+0x152/0x210
[  189.848224][ T4180]  ? kobject_init+0x1d0/0x1d0
[  189.852917][ T4180]  ? klist_children_get+0x50/0x50
[  189.857952][ T4180]  ? get_device_parent+0x121/0x3f0
[  189.863078][ T4180]  device_add+0x483/0xfb0
[  189.867432][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  189.872388][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  189.877703][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  189.882837][ T4180]  ? __mutex_trylock_common+0x14f/0x250
[  189.888403][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  189.893280][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  189.898402][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  189.903522][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  189.908571][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  189.914651][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  189.920301][ T4180]  ? mark_lock+0x94/0x320
[  189.924644][ T4180]  ? mutex_unlock+0x10/0x10
[  189.929159][ T4180]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  189.935153][ T4180]  ? lock_chain_count+0x20/0x20
[  189.940111][ T4180]  ? __rwlock_init+0x140/0x140
[  189.944904][ T4180]  hci_event_packet+0xe05/0x12f0
[  189.949861][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  189.955090][ T4180]  ? rcu_lock_release+0x20/0x20
[  189.959962][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[  189.965182][ T4180]  hci_rx_work+0x255/0xa10
[  189.969627][ T4180]  process_one_work+0x863/0x1000
[  189.974591][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  189.980234][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  189.984769][ T5748] overlayfs: upper fs needs to support d_type.
[  189.985538][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  189.985606][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  190.002126][ T4180]  ? wq_worker_running+0x97/0x170
[  190.007168][ T4180]  worker_thread+0xaa8/0x12a0
[  190.011895][ T4180]  kthread+0x436/0x520
[  190.015979][ T4180]  ? rcu_lock_release+0x20/0x20
[  190.020846][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  190.025452][ T4180]  ret_from_fork+0x1f/0x30
[  190.029901][ T4180]  </TASK>
[  190.033917][ T5748] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  190.041198][ T4180] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  190.054490][ T4180] Bluetooth: hci3: failed to register connection device
[  190.125576][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  190.133133][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  190.168753][ T5748] overlayfs: failed to set xattr on upper
[  190.174508][ T5748] overlayfs: ...falling back to index=off,metacopy=off.
[  190.216482][ T5582] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.368501][ T4167] UDF-fs: error (device loop2): udf_read_inode: (ino 114) failed !bh
[  190.415022][ T4167] UDF-fs: error (device loop2): udf_read_inode: (ino 114) failed !bh
[  191.098902][ T5785] loop3: detected capacity change from 0 to 64
[  191.376528][ T5788] loop4: detected capacity change from 0 to 32768
[  191.601468][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  191.627884][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  191.660026][ T5788] XFS (loop4): Mounting V5 Filesystem
[  191.792292][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  191.814577][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  191.897367][ T5582] device veth0_vlan entered promiscuous mode
[  191.933758][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  191.978219][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  191.991948][ T5788] XFS (loop4): Ending clean mount
[  192.012191][ T5788] XFS (loop4): Quotacheck needed: Please wait.
[  192.040065][ T5582] device veth1_vlan entered promiscuous mode
[  192.127541][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  192.137627][ T4179] CPU: 1 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[  192.145973][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  192.156038][ T4179] Workqueue: hci3 hci_rx_work
[  192.160739][ T4179] Call Trace:
[  192.164026][ T4179]  <TASK>
[  192.166965][ T4179]  dump_stack_lvl+0x168/0x230
[  192.171666][ T4179]  ? show_regs_print_info+0x20/0x20
[  192.176881][ T4179]  ? load_image+0x3b0/0x3b0
[  192.181413][ T4179]  sysfs_create_dir_ns+0x252/0x280
[  192.186538][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  192.191578][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[  192.196274][ T4179]  ? preempt_schedule_irq+0xd0/0x150
[  192.201576][ T4179]  ? mark_lock+0x94/0x320
[  192.205922][ T4179]  ? do_raw_spin_unlock+0x11d/0x230
[  192.211138][ T4179]  kobject_add_internal+0x662/0xd00
[  192.216362][ T4179]  kobject_add+0x152/0x210
[  192.220791][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  192.226531][ T4179]  ? kobject_init+0x1d0/0x1d0
[  192.231224][ T4179]  ? get_device_parent+0x7c/0x3f0
[  192.236278][ T4179]  ? get_device_parent+0x121/0x3f0
[  192.241409][ T4179]  device_add+0x483/0xfb0
[  192.245765][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[  192.250724][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[  192.256036][ T4179]  ? lockdep_hardirqs_on+0x94/0x140
[  192.261274][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[  192.266396][ T4179]  ? __switch_to_asm+0x34/0x60
[  192.271178][ T4179]  ? __schedule+0x11c0/0x43b0
[  192.275865][ T4179]  ? __mutex_trylock_common+0x14f/0x250
[  192.281430][ T4179]  hci_le_meta_evt+0x289/0x3b80
[  192.286298][ T4179]  ? hci_event_packet+0x36d/0x12f0
[  192.291425][ T4179]  ? hci_event_packet+0x2e2/0x12f0
[  192.296546][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  192.301591][ T4179]  ? release_firmware_map_entry+0x190/0x190
[  192.307500][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[  192.313578][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  192.319227][ T4179]  ? mutex_unlock+0x10/0x10
[  192.323749][ T4179]  ? preempt_schedule+0xa7/0xb0
[  192.328610][ T4179]  ? schedule_preempt_disabled+0x20/0x20
[  192.334258][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  192.339907][ T4179]  hci_event_packet+0xe05/0x12f0
[  192.344868][ T4179]  ? rcu_lock_release+0x20/0x20
[  192.349731][ T4179]  ? hci_send_to_monitor+0x9c/0x4a0
[  192.354941][ T4179]  hci_rx_work+0x255/0xa10
[  192.359384][ T4179]  process_one_work+0x863/0x1000
[  192.364346][ T4179]  ? worker_detach_from_pool+0x240/0x240
[  192.369986][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[  192.375310][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[  192.380350][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  192.385740][ T4179]  ? wq_worker_running+0x97/0x170
[  192.390777][ T4179]  worker_thread+0xaa8/0x12a0
[  192.395497][ T4179]  kthread+0x436/0x520
[  192.399573][ T4179]  ? rcu_lock_release+0x20/0x20
[  192.404432][ T4179]  ? kthread_blkcg+0xd0/0xd0
[  192.409032][ T4179]  ret_from_fork+0x1f/0x30
[  192.413474][ T4179]  </TASK>
[  192.416529][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.450264][ T4179] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  192.466092][ T4179] Bluetooth: hci3: failed to register connection device
[  192.582073][ T5788] XFS (loop4): Quotacheck: Done.
[  192.594681][ T5261] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  192.747869][ T5582] device veth0_macvtap entered promiscuous mode
[  192.795957][ T5582] device veth1_macvtap entered promiscuous mode
[  192.839033][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  192.871532][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  192.880796][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  193.174033][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  193.313370][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.425195][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.475834][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.533329][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.573175][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.605113][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.628476][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  193.649331][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.680692][ T4165] XFS (loop4): Unmounting Filesystem
[  193.688110][ T5582] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.744245][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  193.761440][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  193.797090][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.835238][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.855173][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.875154][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.905159][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.925152][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.935028][ T5582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.946726][ T5582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.976889][ T5582] batman_adv: batadv0: Interface activated: batadv_slave_1
[  194.002131][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  194.052431][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  194.074956][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.082467][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  194.509422][ T5582] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  194.584750][ T5582] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  194.597842][ T5582] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  194.607206][ T5582] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  194.691599][ T4285] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.855380][ T4964] Bluetooth: hci2: command 0x0409 tx timeout
[  194.876380][ T4285] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  194.999633][ T5845] loop4: detected capacity change from 0 to 4096
[  195.028264][ T4285] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.115017][ T5845] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  195.177829][  T427] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.227018][  T427] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  195.771605][ T4285] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.818445][ T4165] ntfs3: loop4: ntfs_sync_fs r=1a failed, -22.
[  195.820129][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  195.858952][ T5810] chnl_net:caif_netlink_parms(): no params data found
[  195.865879][ T4165] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  195.908400][ T4165] ntfs3: loop4: ntfs_evict_inode r=1a failed, -22.
[  195.917967][ T5867] loop3: detected capacity change from 0 to 64
[  195.963990][ T4277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  195.976806][ T4277] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  196.308688][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  197.263205][ T4967] Bluetooth: hci2: command 0x041b tx timeout
[  197.402100][ T5883] loop4: detected capacity change from 0 to 256
[  197.422145][ T5810] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.429676][ T5810] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.438557][ T5810] device bridge_slave_0 entered promiscuous mode
[  197.587613][ T4179] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  197.597751][ T4179] CPU: 1 PID: 4179 Comm: kworker/u5:4 Not tainted 5.15.180-syzkaller #0
[  197.606101][ T4179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  197.616166][ T4179] Workqueue: hci3 hci_rx_work
[  197.620863][ T4179] Call Trace:
[  197.624148][ T4179]  <TASK>
[  197.627083][ T4179]  dump_stack_lvl+0x168/0x230
[  197.631779][ T4179]  ? show_regs_print_info+0x20/0x20
[  197.636996][ T4179]  ? load_image+0x3b0/0x3b0
[  197.641527][ T4179]  sysfs_create_dir_ns+0x252/0x280
[  197.646654][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  197.652306][ T4179]  ? sysfs_warn_dup+0xa0/0xa0
[  197.656994][ T4179]  ? kobject_add_internal+0x654/0xd00
[  197.662385][ T4179]  kobject_add_internal+0x662/0xd00
[  197.667607][ T4179]  kobject_add+0x152/0x210
[  197.672063][ T4179]  ? kobject_init+0x1d0/0x1d0
[  197.676756][ T4179]  ? klist_children_get+0x50/0x50
[  197.681794][ T4179]  ? get_device_parent+0x121/0x3f0
[  197.686927][ T4179]  device_add+0x483/0xfb0
[  197.691283][ T4179]  hci_conn_add_sysfs+0xd1/0x1e0
[  197.696238][ T4179]  le_conn_complete_evt+0xcbc/0x1590
[  197.701536][ T4179]  ? lock_chain_count+0x20/0x20
[  197.706425][ T4179]  ? cs_le_create_conn+0x5e0/0x5e0
[  197.711552][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  197.717210][ T4179]  hci_le_meta_evt+0x289/0x3b80
[  197.722086][ T4179]  ? hci_event_packet+0x36d/0x12f0
[  197.727209][ T4179]  ? hci_event_packet+0x2e2/0x12f0
[  197.732331][ T4179]  ? __lock_acquire+0x7c60/0x7c60
[  197.737368][ T4179]  ? mark_lock+0x94/0x320
[  197.741716][ T4179]  ? hci_remote_host_features_evt+0x280/0x280
[  197.747938][ T4179]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  197.753590][ T4179]  ? mark_lock+0x94/0x320
[  197.757935][ T4179]  ? mutex_unlock+0x10/0x10
[  197.762455][ T4179]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  197.768456][ T4179]  ? lock_chain_count+0x20/0x20
[  197.773330][ T4179]  hci_event_packet+0xe05/0x12f0
[  197.778282][ T4179]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  197.783940][ T4179]  ? rcu_lock_release+0x20/0x20
[  197.788812][ T4179]  ? hci_rx_work+0x248/0xa10
[  197.793420][ T4179]  ? hci_event_packet+0x1/0x12f0
[  197.798373][ T4179]  hci_rx_work+0x255/0xa10
[  197.802829][ T4179]  process_one_work+0x863/0x1000
[  197.807795][ T4179]  ? worker_detach_from_pool+0x240/0x240
[  197.813444][ T4179]  ? lockdep_hardirqs_off+0x70/0x100
[  197.818746][ T4179]  ? _raw_spin_lock_irq+0xab/0xe0
[  197.823785][ T4179]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  197.829172][ T4179]  ? wq_worker_running+0x97/0x170
[  197.834212][ T4179]  worker_thread+0xaa8/0x12a0
[  197.838930][ T4179]  kthread+0x436/0x520
[  197.843008][ T4179]  ? rcu_lock_release+0x20/0x20
[  197.847871][ T4179]  ? kthread_blkcg+0xd0/0xd0
[  197.852473][ T4179]  ret_from_fork+0x1f/0x30
[  197.856916][ T4179]  </TASK>
[  197.860015][    C1] vkms_vblank_simulate: vblank timer overrun
[  197.907263][ T4179] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  197.922149][ T4179] Bluetooth: hci3: failed to register connection device
[  197.998172][ T5883] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  198.009895][ T5810] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.015904][ T5883] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  198.025893][ T5810] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.038251][ T5883] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  198.067320][ T5810] device bridge_slave_1 entered promiscuous mode
[  198.142032][ T5810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.226632][ T5810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.342945][ T5810] team0: Port device team_slave_0 added
[  198.456558][ T5810] team0: Port device team_slave_1 added
[  198.588257][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.599735][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.817015][ T5810] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.351217][ T4213] Bluetooth: hci2: command 0x040f tx timeout
[  199.630859][ T5810] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.706105][ T5810] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.804976][ T5810] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.904888][ T5925] loop5: detected capacity change from 0 to 512
[  199.980288][ T5925] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  199.998247][ T5894] infiniband syz2: set active
[  200.003599][ T5894] infiniband syz2: added bridge_slave_1
[  200.049981][ T5925] EXT4-fs (loop5): invalid journal inode
[  200.108941][ T5925] EXT4-fs (loop5): can't get journal size
[  200.253383][ T5810] device hsr_slave_0 entered promiscuous mode
[  200.314628][ T5894] infiniband syz2: Couldn't open port 1
[  200.353752][ T5925] EXT4-fs (loop5): 1 truncate cleaned up
[  200.422377][ T5810] device hsr_slave_1 entered promiscuous mode
[  200.450994][ T5925] EXT4-fs (loop5): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  200.578669][ T5810] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  200.695911][ T5810] Cannot create hsr debugfs directory
[  200.928542][ T5894] RDS/IB: syz2: added
[  200.933193][ T5894] smc: adding ib device syz2 with port count 1
[  201.018998][ T5894] smc:    ib device syz2 port 1 has pnetid 
[  201.483095][ T4967] Bluetooth: hci2: command 0x0419 tx timeout
[  201.839112][ T5944] loop5: detected capacity change from 0 to 4096
[  201.991338][ T5810] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  202.048798][ T5810] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  202.243839][ T5810] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  202.653442][ T5810] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  203.358486][ T5961] loop5: detected capacity change from 0 to 32768
[  203.642486][ T5810] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.733159][ T5961] XFS (loop5): Mounting V5 Filesystem
[  203.969016][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  204.009504][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  204.049583][ T5810] 8021q: adding VLAN 0 to HW filter on device team0
[  204.058620][ T5961] XFS (loop5): Ending clean mount
[  204.066895][ T5961] XFS (loop5): Quotacheck needed: Please wait.
[  204.127797][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  204.152863][ T5961] XFS (loop5): Quotacheck: Done.
[  204.187131][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  204.232607][ T5268] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.239760][ T5268] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.436962][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  204.484423][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  204.513744][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  204.535269][ T5268] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.542406][ T5268] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.995816][ T5810] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  205.052011][ T5810] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  205.121006][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  205.157872][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  205.169797][ T5582] XFS (loop5): Unmounting Filesystem
[  205.204980][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  205.263808][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  205.337344][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  205.346164][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  205.397254][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  205.417257][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  205.438336][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  205.454128][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  205.484789][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  205.527511][ T5268] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  205.847712][ T5810] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.855439][ T5265] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  205.884268][ T5265] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  206.659706][ T6009] loop3: detected capacity change from 0 to 512
[  206.737229][ T6015] loop4: detected capacity change from 0 to 64
[  206.789995][ T6009] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  206.808035][ T6009] EXT4-fs (loop3): invalid journal inode
[  206.808101][ T6009] EXT4-fs (loop3): can't get journal size
[  206.828642][ T6009] EXT4-fs (loop3): 1 truncate cleaned up
[  206.828669][ T6009] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  208.874539][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  209.132772][ T6047] loop3: detected capacity change from 0 to 32768
[  209.167162][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  209.333037][ T6047] XFS (loop3): Mounting V5 Filesystem
[  209.357067][ T4285] device hsr_slave_0 left promiscuous mode
[  209.439828][ T4285] device hsr_slave_1 left promiscuous mode
[  209.458456][ T6047] XFS (loop3): Ending clean mount
[  209.500341][ T4285] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  209.531783][ T4285] batman_adv: batadv0: Removing interface: batadv_slave_0
[  209.551719][ T6047] XFS (loop3): Quotacheck needed: Please wait.
[  209.571352][ T4285] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  209.615529][ T4285] batman_adv: batadv0: Removing interface: batadv_slave_1
[  209.636296][ T6047] XFS (loop3): Quotacheck: Done.
[  209.833477][ T4285] device bridge_slave_1 left promiscuous mode
[  210.937141][ T4285] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.008394][ T4285] device bridge_slave_0 left promiscuous mode
[  211.020389][ T6074] rdma_rxe: rxe_register_device failed with error -23
[  211.037224][ T4285] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.055493][ T6074] rdma_rxe: failed to add bridge_slave_1
[  211.074113][ T4285] device veth1_macvtap left promiscuous mode
[  211.104073][ T4285] device veth0_macvtap left promiscuous mode
[  211.138329][ T4285] device veth1_vlan left promiscuous mode
[  211.207115][ T6076] loop1: detected capacity change from 0 to 64
[  211.213488][ T4285] device veth0_vlan left promiscuous mode
[  211.460865][ T4168] XFS (loop3): Unmounting Filesystem
[  212.473626][ T6086] loop5: detected capacity change from 0 to 1024
[  212.621425][ T6088] loop4: detected capacity change from 0 to 4096
[  212.648780][ T4180] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  212.659595][ T4180] CPU: 1 PID: 4180 Comm: kworker/u5:5 Not tainted 5.15.180-syzkaller #0
[  212.667950][ T4180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  212.678023][ T4180] Workqueue: hci4 hci_rx_work
[  212.682733][ T4180] Call Trace:
[  212.686020][ T4180]  <TASK>
[  212.688968][ T4180]  dump_stack_lvl+0x168/0x230
[  212.693667][ T4180]  ? show_regs_print_info+0x20/0x20
[  212.698884][ T4180]  ? load_image+0x3b0/0x3b0
[  212.703416][ T4180]  sysfs_create_dir_ns+0x252/0x280
[  212.708545][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  212.713584][ T4180]  ? sysfs_warn_dup+0xa0/0xa0
[  212.718270][ T4180]  ? le_conn_complete_evt+0xcbc/0x1590
[  212.723742][ T4180]  ? hci_event_packet+0xe05/0x12f0
[  212.728864][ T4180]  ? process_one_work+0x863/0x1000
[  212.733994][ T4180]  ? do_raw_spin_unlock+0x11d/0x230
[  212.739218][ T4180]  kobject_add_internal+0x662/0xd00
[  212.744441][ T4180]  kobject_add+0x152/0x210
[  212.748877][ T4180]  ? kobject_init+0x1d0/0x1d0
[  212.753571][ T4180]  ? klist_children_get+0x50/0x50
[  212.758611][ T4180]  ? get_device_parent+0x121/0x3f0
[  212.763745][ T4180]  device_add+0x483/0xfb0
[  212.768102][ T4180]  hci_conn_add_sysfs+0xd1/0x1e0
[  212.773073][ T4180]  le_conn_complete_evt+0xcbc/0x1590
[  212.778390][ T4180]  ? cs_le_create_conn+0x5e0/0x5e0
[  212.783522][ T4180]  ? __mutex_trylock_common+0x14f/0x250
[  212.789093][ T4180]  hci_le_meta_evt+0x289/0x3b80
[  212.793963][ T4180]  ? hci_event_packet+0x36d/0x12f0
[  212.799085][ T4180]  ? hci_event_packet+0x2e2/0x12f0
[  212.804210][ T4180]  ? __lock_acquire+0x7c60/0x7c60
[  212.809285][ T4180]  ? hci_remote_host_features_evt+0x280/0x280
[  212.815373][ T4180]  ? __mutex_unlock_slowpath+0x19e/0x6a0
[  212.821034][ T4180]  ? mark_lock+0x94/0x320
[  212.825382][ T4180]  ? mutex_unlock+0x10/0x10
[  212.829895][ T4180]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  212.835897][ T4180]  ? lock_chain_count+0x20/0x20
[  212.840765][ T4180]  ? __rwlock_init+0x140/0x140
[  212.845549][ T4180]  hci_event_packet+0xe05/0x12f0
[  212.850499][ T4180]  ? lockdep_hardirqs_on+0x94/0x140
[  212.855725][ T4180]  ? rcu_lock_release+0x20/0x20
[  212.860598][ T4180]  ? hci_send_to_monitor+0x9c/0x4a0
[  212.865816][ T4180]  hci_rx_work+0x255/0xa10
[  212.870277][ T4180]  process_one_work+0x863/0x1000
[  212.875248][ T4180]  ? worker_detach_from_pool+0x240/0x240
[  212.880891][ T4180]  ? lockdep_hardirqs_off+0x70/0x100
[  212.886196][ T4180]  ? _raw_spin_lock_irq+0xab/0xe0
[  212.891236][ T4180]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  212.896627][ T4180]  ? wq_worker_running+0x97/0x170
[  212.901665][ T4180]  worker_thread+0xaa8/0x12a0
[  212.906387][ T4180]  kthread+0x436/0x520
[  212.910467][ T4180]  ? rcu_lock_release+0x20/0x20
[  212.915330][ T4180]  ? kthread_blkcg+0xd0/0xd0
[  212.919931][ T4180]  ret_from_fork+0x1f/0x30
[  212.924379][ T4180]  </TASK>
[  212.927466][    C1] vkms_vblank_simulate: vblank timer overrun
[  212.939076][ T4180] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  212.959614][ T4180] Bluetooth: hci4: failed to register connection device
[  212.988123][ T6094] loop3: detected capacity change from 0 to 512
[  213.254362][ T6094] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  213.587701][ T6094] EXT4-fs (loop3): invalid journal inode
[  213.727493][ T6094] EXT4-fs (loop3): can't get journal size
[  213.781637][ T6094] EXT4-fs (loop3): 1 truncate cleaned up
[  213.788007][ T6094] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  213.893191][ T4285] team0 (unregistering): Port device team_slave_1 removed
[  213.926072][ T4285] team0 (unregistering): Port device team_slave_0 removed
[  213.940580][ T4285] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  213.956999][ T4285] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.273540][ T4285] bond0 (unregistering): Released all slaves
[  215.443980][ T5268] hfsplus: b-tree write err: -5, ino 4
[  215.478316][ T5261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  215.527071][ T5261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  215.567475][ T6104] loop1: detected capacity change from 0 to 512
[  215.588251][ T5261] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  215.596466][ T5261] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  215.623930][ T5810] device veth0_vlan entered promiscuous mode
[  215.667772][ T6104] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  215.708867][ T6104] EXT4-fs (loop1): invalid journal inode
[  215.718303][ T5810] device veth1_vlan entered promiscuous mode
[  215.737366][ T6104] EXT4-fs (loop1): can't get journal size
[  215.810820][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  215.831509][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  215.878890][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  215.910546][ T6104] EXT4-fs (loop1): 1 truncate cleaned up
[  215.916265][ T6104] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  215.932619][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  215.950231][ T5810] device veth0_macvtap entered promiscuous mode
[  216.340714][ T5265] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  216.468674][ T5810] device veth1_macvtap entered promiscuous mode
[  216.536256][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.560192][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.580035][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.623961][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.634089][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.707882][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.757875][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  216.860809][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.872229][ T6123] loop5: detected capacity change from 0 to 64
[  216.903268][ T6116] loop4: detected capacity change from 0 to 32768
[  216.912961][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_0
[  216.925278][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.936348][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.946801][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.957943][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.967813][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.980031][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.994474][ T5810] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.012113][ T5810] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.032010][ T5810] batman_adv: batadv0: Interface activated: batadv_slave_1
[  217.136718][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  217.169217][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  217.227389][ T6116] XFS (loop4): Mounting V5 Filesystem
[  217.232879][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  217.234168][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  217.329581][ T5810] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.375320][ T5810] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.375797][ T5810] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.376092][ T5810] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.445668][ T6116] XFS (loop4): Ending clean mount
[  217.448539][ T6116] XFS (loop4): Quotacheck needed: Please wait.
[  217.494821][ T6116] XFS (loop4): Quotacheck: Done.
[  218.384573][ T4360] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.453934][ T4360] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.522683][  T427] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  218.535457][ T4165] XFS (loop4): Unmounting Filesystem
[  218.554762][ T4277] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.596571][ T4277] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.655010][ T4277] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  219.333514][ T6158] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  220.381004][ T6166] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  220.402455][ T6166] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  220.656071][ T6178] loop1: detected capacity change from 0 to 256
[  220.913092][ T6178] FAT-fs (loop1): Directory bread(block 64) failed
[  221.019900][ T6178] FAT-fs (loop1): Directory bread(block 65) failed
[  221.070681][ T6178] FAT-fs (loop1): Directory bread(block 66) failed
[  221.077273][ T6178] FAT-fs (loop1): Directory bread(block 67) failed
[  221.165394][ T6178] FAT-fs (loop1): Directory bread(block 68) failed
[  221.218358][ T6178] FAT-fs (loop1): Directory bread(block 69) failed
[  221.297643][ T6178] FAT-fs (loop1): Directory bread(block 70) failed
[  221.358639][ T6178] FAT-fs (loop1): Directory bread(block 71) failed
[  221.365297][ T6178] FAT-fs (loop1): Directory bread(block 72) failed
[  221.399113][ T6178] FAT-fs (loop1): Directory bread(block 73) failed
[  222.277229][ T6202] loop5: detected capacity change from 0 to 32768
[  222.313464][ T6205] loop3: detected capacity change from 0 to 2048
[  222.433714][ T6211] loop6: detected capacity change from 0 to 512
[  222.447146][ T6205] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  222.524169][ T6182] loop4: detected capacity change from 0 to 32768
[  222.530076][ T6211] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  222.554462][ T6202] XFS (loop5): Mounting V5 Filesystem
[  222.583364][ T6211] EXT4-fs (loop6): invalid journal inode
[  222.598770][ T6211] EXT4-fs (loop6): can't get journal size
[  222.646918][ T6205] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_lock,auto_da_alloc,nojournal_checksum,norecovery,auto_da_alloc,usrquota,nomblk_io_submit,grpid,grpjquota=,nouid32,grpid,,errors=continue. Quota mode: writeback.
[  222.682428][ T6211] EXT4-fs (loop6): 1 truncate cleaned up
[  222.724068][ T6182] JBD2: Ignoring recovery information on journal
[  222.778762][ T6211] EXT4-fs (loop6): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  222.785712][ T6202] XFS (loop5): Ending clean mount
[  222.829612][ T6202] XFS (loop5): Quotacheck needed: Please wait.
[  223.083262][ T6202] XFS (loop5): Quotacheck: Done.
[  223.316196][ T6182] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  223.914165][ T6203] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.461: bg 0: block 234: padding at end of block bitmap is not set
[  224.017883][ T5582] XFS (loop5): Unmounting Filesystem
[  224.129421][ T4165] ocfs2: Unmounting device (7,4) on (node local)
[  224.690852][ T6236] loop1: detected capacity change from 0 to 32768
[  224.799444][ T6236] (syz.1.464,6236,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  224.877451][ T6236] (syz.1.464,6236,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  225.014465][ T6236] JBD2: Ignoring recovery information on journal
[  225.094591][ T6260] loop4: detected capacity change from 0 to 512
[  225.124258][ T6256] loop5: detected capacity change from 0 to 4096
[  225.132466][ T6236] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  225.168878][ T6260] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  225.210014][ T6260] EXT4-fs (loop4): invalid journal inode
[  225.420000][ T6256] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512)
[  225.632850][ T6260] EXT4-fs (loop4): can't get journal size
[  225.875284][ T6260] EXT4-fs (loop4): 1 truncate cleaned up
[  225.885120][ T6260] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  226.581555][ T4175] ocfs2: Unmounting device (7,1) on (node local)
[  227.578339][ T6293] loop3: detected capacity change from 0 to 512
[  227.752016][ T6293] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  227.792639][ T6293] EXT4-fs (loop3): invalid journal inode
[  227.798453][ T6293] EXT4-fs (loop3): can't get journal size
[  227.860237][ T6307] loop1: detected capacity change from 0 to 64
[  227.870384][ T6293] EXT4-fs (loop3): 1 truncate cleaned up
[  227.876077][ T6293] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  228.637114][ T6319] loop4: detected capacity change from 0 to 1024
[  229.944605][ T5265] hfsplus: b-tree write err: -5, ino 4
[  230.670317][ T6321] loop3: detected capacity change from 0 to 32768
[  230.784010][ T6321] JBD2: Ignoring recovery information on journal
[  231.055745][ T6321] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  231.303834][ T6331] loop4: detected capacity change from 0 to 32768
[  231.388421][ T6331] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.480 (6331)
[  231.563629][ T4168] ocfs2: Unmounting device (7,3) on (node local)
[  231.642372][ T6331] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  231.659735][ T6331] BTRFS info (device loop4): enabling auto defrag
[  231.681039][ T6331] BTRFS info (device loop4): doing ref verification
[  231.721306][ T6361] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  231.758408][ T6331] BTRFS info (device loop4): max_inline at 0
[  231.806972][ T6331] BTRFS info (device loop4): force clearing of disk cache
[  232.266009][ T6331] BTRFS info (device loop4): turning on sync discard
[  232.309618][ T6331] BTRFS info (device loop4): disabling free space tree
[  232.369597][ T6331] BTRFS info (device loop4): has skinny extents
[  232.447218][ T6366] atomic_op ffff88807d23d998 conn xmit_atomic 0000000000000000
[  232.616597][ T6384] loop3: detected capacity change from 0 to 512
[  232.750090][ T6331] BTRFS info (device loop4): enabling ssd optimizations
[  232.815532][ T6384] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  232.845882][ T6331] BTRFS info (device loop4): clearing free space tree
[  232.854421][ T6384] EXT4-fs (loop3): invalid journal inode
[  232.992178][ T6384] EXT4-fs (loop3): can't get journal size
[  233.003333][ T6331] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  233.132808][ T6395] loop1: detected capacity change from 0 to 512
[  233.228226][ T6395] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  233.319380][ T6331] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  233.326259][ T6384] EXT4-fs (loop3): 1 truncate cleaned up
[  233.335544][ T6384] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  233.348609][ T6395] EXT4-fs (loop1): invalid journal inode
[  233.370562][ T6395] EXT4-fs (loop1): can't get journal size
[  234.310666][ T6395] EXT4-fs (loop1): 1 truncate cleaned up
[  234.316366][ T6395] EXT4-fs (loop1): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  234.856346][ T6421] crypto_alloc_aead failed rc=-2
[  235.633661][ T6447] loop5: detected capacity change from 0 to 64
[  236.097698][ T6458] loop4: detected capacity change from 0 to 64
[  236.195882][ T6434] loop6: detected capacity change from 0 to 32768
[  236.466124][ T6434] JBD2: Ignoring recovery information on journal
[  236.557183][ T6434] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  236.699035][ T5810] ocfs2: Unmounting device (7,6) on (node local)
[  239.187610][ T6506] loop6: detected capacity change from 0 to 512
[  239.321113][ T6506] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  239.329619][ T6506] EXT4-fs (loop6): invalid journal inode
[  239.380488][ T6506] EXT4-fs (loop6): can't get journal size
[  239.428785][ T6506] EXT4-fs (loop6): 1 truncate cleaned up
[  239.465367][ T6506] EXT4-fs (loop6): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  239.743998][ T6520] loop6: detected capacity change from 0 to 64
[  239.857086][ T6520] ==================================================================
[  239.865550][ T6520] BUG: KASAN: slab-out-of-bounds in hfs_bnode_read+0x17b/0x450
[  239.873119][ T6520] Write of size 94 at addr ffff8880231df500 by task syz.6.509/6520
[  239.881025][ T6520] 
[  239.883364][ T6520] CPU: 0 PID: 6520 Comm: syz.6.509 Not tainted 5.15.180-syzkaller #0
[  239.891441][ T6520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  239.901516][ T6520] Call Trace:
[  239.904816][ T6520]  <TASK>
[  239.907765][ T6520]  dump_stack_lvl+0x168/0x230
[  239.912488][ T6520]  ? show_regs_print_info+0x20/0x20
[  239.917708][ T6520]  ? _printk+0xcc/0x110
[  239.921883][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  239.926760][ T6520]  ? load_image+0x3b0/0x3b0
[  239.931288][ T6520]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[  239.936693][ T6520]  print_address_description+0x60/0x2d0
[  239.942268][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  239.947135][ T6520]  kasan_report+0xdf/0x130
[  239.951583][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  239.956458][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  239.961329][ T6520]  kasan_check_range+0x27b/0x290
[  239.966294][ T6520]  memcpy+0x3c/0x60
[  239.970123][ T6520]  hfs_bnode_read+0x17b/0x450
[  239.974824][ T6520]  hfs_bnode_read_key+0x159/0x1f0
[  239.979869][ T6520]  ? hfs_bnode_read_u8+0xc0/0xc0
[  239.984823][ T6520]  ? do_raw_spin_unlock+0x11d/0x230
[  239.990042][ T6520]  hfs_brec_insert+0x809/0xbc0
[  239.994865][ T6520]  ? hfs_brec_keylen+0x350/0x350
[  239.999825][ T6520]  ? mutex_lock_nested+0x17/0x20
[  240.004781][ T6520]  hfs_cat_create+0x353/0x8d0
[  240.009480][ T6520]  ? hfs_cat_build_key+0x170/0x170
[  240.014625][ T6520]  ? _raw_spin_unlock+0x24/0x40
[  240.019510][ T6520]  ? hfs_new_inode+0x8d0/0xb50
[  240.024305][ T6520]  hfs_create+0x62/0xd0
[  240.028437][ T6493] loop3: detected capacity change from 0 to 32768
[  240.028480][ T6520]  ? hfs_lookup+0x2a0/0x2a0
[  240.039404][ T6520]  path_openat+0x11e1/0x2f30
[  240.044050][ T6520]  ? do_filp_open+0x3e0/0x3e0
[  240.048772][ T6520]  do_filp_open+0x1b3/0x3e0
[  240.053304][ T6520]  ? vfs_tmpfile+0x300/0x300
[  240.057945][ T6520]  ? _raw_spin_unlock+0x24/0x40
[  240.062820][ T6520]  ? alloc_fd+0x598/0x630
[  240.067178][ T6520]  do_sys_openat2+0x142/0x4a0
[  240.071884][ T6520]  ? __lock_acquire+0x7c60/0x7c60
[  240.076933][ T6520]  ? do_sys_open+0xe0/0xe0
[  240.081466][ T6520]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  240.087475][ T6520]  ? lock_chain_count+0x20/0x20
[  240.092351][ T6520]  ? vtime_user_exit+0x2dc/0x400
[  240.097309][ T6520]  __x64_sys_openat+0x135/0x160
[  240.102179][ T6520]  do_syscall_64+0x4c/0xa0
[  240.106616][ T6520]  ? clear_bhb_loop+0x15/0x70
[  240.111306][ T6520]  ? clear_bhb_loop+0x15/0x70
[  240.116002][ T6520]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  240.121930][ T6520] RIP: 0033:0x7f9e7608a969
[  240.123952][ T6526] loop5: detected capacity change from 0 to 64
[  240.126619][ T6520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.126642][ T6520] RSP: 002b:00007f9e73ef2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  240.160805][ T6520] RAX: ffffffffffffffda RBX: 00007f9e762b1fa0 RCX: 00007f9e7608a969
[  240.168804][ T6520] RDX: 000000000000275a RSI: 0000200000000140 RDI: ffffffffffffff9c
[  240.176797][ T6520] RBP: 00007f9e7610cab1 R08: 0000000000000000 R09: 0000000000000000
[  240.184788][ T6520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  240.192773][ T6520] R13: 0000000000000000 R14: 00007f9e762b1fa0 R15: 00007ffd4e34e8f8
[  240.200772][ T6520]  </TASK>
[  240.203798][ T6520] 
[  240.206123][ T6520] Allocated by task 6520:
[  240.210466][ T6520]  __kasan_kmalloc+0xb5/0xf0
[  240.215070][ T6520]  hfs_find_init+0x84/0x1d0
[  240.219584][ T6520]  hfs_cat_create+0x175/0x8d0
[  240.224271][ T6520]  hfs_create+0x62/0xd0
[  240.228431][ T6520]  path_openat+0x11e1/0x2f30
[  240.233035][ T6520]  do_filp_open+0x1b3/0x3e0
[  240.237549][ T6520]  do_sys_openat2+0x142/0x4a0
[  240.242236][ T6520]  __x64_sys_openat+0x135/0x160
[  240.247098][ T6520]  do_syscall_64+0x4c/0xa0
[  240.251521][ T6520]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  240.257428][ T6520] 
[  240.259752][ T6520] Last potentially related work creation:
[  240.265472][ T6520]  kasan_save_stack+0x35/0x60
[  240.270167][ T6520]  kasan_record_aux_stack+0xb8/0x100
[  240.275473][ T6520]  kvfree_call_rcu+0x10a/0x7c0
[  240.280243][ T6520]  cfg80211_update_known_bss+0x177/0x9d0
[  240.285888][ T6520]  cfg80211_bss_update+0x15f/0x2250
[  240.291098][ T6520]  cfg80211_inform_bss_frame_data+0x873/0x1f30
[  240.297263][ T6520]  ieee80211_bss_info_update+0x6c2/0xaa0
[  240.302908][ T6520]  ieee80211_ibss_rx_queued_mgmt+0x16d0/0x29c0
[  240.309076][ T6520]  ieee80211_iface_work+0x70e/0xc60
[  240.314294][ T6520]  process_one_work+0x863/0x1000
[  240.319246][ T6520]  worker_thread+0xaa8/0x12a0
[  240.323933][ T6520]  kthread+0x436/0x520
[  240.328006][ T6520]  ret_from_fork+0x1f/0x30
[  240.332450][ T6520] 
[  240.334779][ T6520] Second to last potentially related work creation:
[  240.341366][ T6520]  kasan_save_stack+0x35/0x60
[  240.346065][ T6520]  kasan_record_aux_stack+0xb8/0x100
[  240.351358][ T6520]  kvfree_call_rcu+0x10a/0x7c0
[  240.356138][ T6520]  cfg80211_update_known_bss+0x177/0x9d0
[  240.361786][ T6520]  cfg80211_bss_update+0x15f/0x2250
[  240.367001][ T6520]  cfg80211_inform_bss_frame_data+0x873/0x1f30
[  240.373171][ T6520]  ieee80211_bss_info_update+0x6c2/0xaa0
[  240.378821][ T6520]  ieee80211_ibss_rx_queued_mgmt+0x16d0/0x29c0
[  240.384988][ T6520]  ieee80211_iface_work+0x70e/0xc60
[  240.390201][ T6520]  process_one_work+0x863/0x1000
[  240.395147][ T6520]  worker_thread+0xaa8/0x12a0
[  240.399837][ T6520]  kthread+0x436/0x520
[  240.403911][ T6520]  ret_from_fork+0x1f/0x30
[  240.408337][ T6520] 
[  240.410663][ T6520] The buggy address belongs to the object at ffff8880231df500
[  240.410663][ T6520]  which belongs to the cache kmalloc-96 of size 96
[  240.424546][ T6520] The buggy address is located 0 bytes inside of
[  240.424546][ T6520]  96-byte region [ffff8880231df500, ffff8880231df560)
[  240.437569][ T6520] The buggy address belongs to the page:
[  240.443220][ T6520] page:ffffea00008c77c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x231df
[  240.453385][ T6520] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  240.460958][ T6520] raw: 00fff00000000200 ffffea00017cde00 0000000f0000000f ffff888016841780
[  240.469554][ T6520] raw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000
[  240.478158][ T6520] page dumped because: kasan: bad access detected
[  240.484587][ T6520] page_owner tracks the page as allocated
[  240.490306][ T6520] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL), pid 4166, ts 63007922270, free_ts 62951610802
[  240.507778][ T6520]  get_page_from_freelist+0x1b77/0x1c60
[  240.513353][ T6520]  __alloc_pages+0x1e1/0x470
[  240.517962][ T6520]  new_slab+0xc0/0x4b0
[  240.522045][ T6520]  ___slab_alloc+0x81e/0xdf0
[  240.526650][ T6520]  kmem_cache_alloc_trace+0x1a5/0x2a0
[  240.532031][ T6520]  dst_cow_metrics_generic+0x52/0x1b0
[  240.537412][ T6520]  icmp6_dst_alloc+0x2d8/0x4a0
[  240.542186][ T6520]  ndisc_send_skb+0x3e2/0x14a0
[  240.546964][ T6520]  addrconf_rs_timer+0x2b8/0x600
[  240.551913][ T6520]  call_timer_fn+0x16c/0x530
[  240.556519][ T6520]  __run_timers+0x525/0x7c0
[  240.561032][ T6520]  run_timer_softirq+0x63/0xf0
[  240.565815][ T6520]  handle_softirqs+0x328/0x820
[  240.570593][ T6520]  __irq_exit_rcu+0x12f/0x220
[  240.575279][ T6520]  irq_exit_rcu+0x5/0x20
[  240.579527][ T6520]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  240.585193][ T6520] page last free stack trace:
[  240.589872][ T6520]  free_unref_page_prepare+0x637/0x6c0
[  240.595352][ T6520]  free_unref_page+0x94/0x280
[  240.600055][ T6520]  __unfreeze_partials+0x1a5/0x200
[  240.605181][ T6520]  put_cpu_partial+0x12d/0x190
[  240.609960][ T6520]  qlist_free_all+0x35/0x90
[  240.614475][ T6520]  kasan_quarantine_reduce+0x150/0x160
[  240.619949][ T6520]  __kasan_slab_alloc+0x2f/0xd0
[  240.624821][ T6520]  slab_post_alloc_hook+0x4c/0x380
[  240.629942][ T6520]  kmem_cache_alloc_trace+0x103/0x2a0
[  240.635323][ T6520]  ____ip_mc_inc_group+0x2ad/0xac0
[  240.640444][ T6520]  ip_mc_up+0x121/0x2f0
[  240.644606][ T6520]  inetdev_event+0xe02/0x1360
[  240.649312][ T6520]  raw_notifier_call_chain+0xcb/0x160
[  240.654692][ T6520]  __dev_notify_flags+0x178/0x2d0
[  240.659725][ T6520]  dev_change_flags+0xe3/0x1a0
[  240.664498][ T6520]  do_setlink+0xc01/0x3980
[  240.668933][ T6520] 
[  240.671272][ T6520] Memory state around the buggy address:
[  240.676934][ T6520]  ffff8880231df400: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  240.685007][ T6520]  ffff8880231df480: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  240.693080][ T6520] >ffff8880231df500: 00 00 00 00 00 00 00 00 00 06 fc fc fc fc fc fc
[  240.701151][ T6520]                                               ^
[  240.707582][ T6520]  ffff8880231df580: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  240.715653][ T6520]  ffff8880231df600: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc
[  240.723719][ T6520] ==================================================================
[  240.731785][ T6520] Disabling lock debugging due to kernel taint
[  240.739456][ T6520] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  240.746682][ T6520] CPU: 0 PID: 6520 Comm: syz.6.509 Tainted: G    B             5.15.180-syzkaller #0
[  240.756146][ T6520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  240.766205][ T6520] Call Trace:
[  240.769490][ T6520]  <TASK>
[  240.772422][ T6520]  dump_stack_lvl+0x168/0x230
[  240.777138][ T6520]  ? show_regs_print_info+0x20/0x20
[  240.782355][ T6520]  ? load_image+0x3b0/0x3b0
[  240.786880][ T6520]  panic+0x2c9/0x7f0
[  240.790784][ T6520]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  240.796955][ T6520]  ? bpf_jit_dump+0xd0/0xd0
[  240.801485][ T6520]  ? _raw_spin_unlock_irqrestore+0xa5/0x100
[  240.807407][ T6520]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  240.813322][ T6520]  ? _raw_spin_unlock+0x40/0x40
[  240.818195][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  240.823065][ T6520]  check_panic_on_warn+0x80/0xa0
[  240.828026][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  240.832896][ T6520]  end_report+0x6d/0xf0
[  240.837070][ T6520]  kasan_report+0x102/0x130
[  240.841603][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  240.846468][ T6520]  ? hfs_bnode_read+0x17b/0x450
[  240.851328][ T6520]  kasan_check_range+0x27b/0x290
[  240.856284][ T6520]  memcpy+0x3c/0x60
[  240.860115][ T6520]  hfs_bnode_read+0x17b/0x450
[  240.864811][ T6520]  hfs_bnode_read_key+0x159/0x1f0
[  240.869850][ T6520]  ? hfs_bnode_read_u8+0xc0/0xc0
[  240.874808][ T6520]  ? do_raw_spin_unlock+0x11d/0x230
[  240.880022][ T6520]  hfs_brec_insert+0x809/0xbc0
[  240.884816][ T6520]  ? hfs_brec_keylen+0x350/0x350
[  240.889769][ T6520]  ? mutex_lock_nested+0x17/0x20
[  240.894737][ T6520]  hfs_cat_create+0x353/0x8d0
[  240.899433][ T6520]  ? hfs_cat_build_key+0x170/0x170
[  240.904564][ T6520]  ? _raw_spin_unlock+0x24/0x40
[  240.909430][ T6520]  ? hfs_new_inode+0x8d0/0xb50
[  240.914217][ T6520]  hfs_create+0x62/0xd0
[  240.918385][ T6520]  ? hfs_lookup+0x2a0/0x2a0
[  240.922897][ T6520]  path_openat+0x11e1/0x2f30
[  240.927522][ T6520]  ? do_filp_open+0x3e0/0x3e0
[  240.932258][ T6520]  do_filp_open+0x1b3/0x3e0
[  240.936781][ T6520]  ? vfs_tmpfile+0x300/0x300
[  240.941395][ T6520]  ? _raw_spin_unlock+0x24/0x40
[  240.946268][ T6520]  ? alloc_fd+0x598/0x630
[  240.950622][ T6520]  do_sys_openat2+0x142/0x4a0
[  240.955309][ T6520]  ? __lock_acquire+0x7c60/0x7c60
[  240.960353][ T6520]  ? do_sys_open+0xe0/0xe0
[  240.964782][ T6520]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  240.970776][ T6520]  ? lock_chain_count+0x20/0x20
[  240.975647][ T6520]  ? vtime_user_exit+0x2dc/0x400
[  240.980603][ T6520]  __x64_sys_openat+0x135/0x160
[  240.985470][ T6520]  do_syscall_64+0x4c/0xa0
[  240.989894][ T6520]  ? clear_bhb_loop+0x15/0x70
[  240.994575][ T6520]  ? clear_bhb_loop+0x15/0x70
[  240.999266][ T6520]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  241.005185][ T6520] RIP: 0033:0x7f9e7608a969
[  241.009616][ T6520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.029234][ T6520] RSP: 002b:00007f9e73ef2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  241.037664][ T6520] RAX: ffffffffffffffda RBX: 00007f9e762b1fa0 RCX: 00007f9e7608a969
[  241.045656][ T6520] RDX: 000000000000275a RSI: 0000200000000140 RDI: ffffffffffffff9c
[  241.053645][ T6520] RBP: 00007f9e7610cab1 R08: 0000000000000000 R09: 0000000000000000
[  241.061632][ T6520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  241.069615][ T6520] R13: 0000000000000000 R14: 00007f9e762b1fa0 R15: 00007ffd4e34e8f8
[  241.077615][ T6520]  </TASK>
[  241.080758][ T6520] Kernel Offset: disabled
[  241.085081][ T6520] Rebooting in 86400 seconds..