last executing test programs:

19.006174027s ago: executing program 1 (id=723):
syz_mount_image$exfat(&(0x7f0000000180), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000001c40)=ANY=[@ANYBLOB='errors=continue,namecase=1,iocharset=none,errors=continue,fmask=00000000000000000000011,iocharset=cp950,gid=', @ANYRESHEX=0x0, @ANYBLOB="0002440000e55c0000e3461fa77fa7e923043f4e97b337b46d", @ANYRESHEX=0x0, @ANYBLOB=',umask=00000000000000000127435,gid=', @ANYRESOCT, @ANYBLOB=',\x00', @ANYRES8=0x0, @ANYRESOCT], 0x5, 0x1510, &(0x7f0000000240)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)

17.375988781s ago: executing program 1 (id=726):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c4a616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

13.719875976s ago: executing program 1 (id=733):
socket$nl_xfrm(0x10, 0x3, 0x6)
inotify_init1(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x21, 0x0, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

13.279657202s ago: executing program 3 (id=737):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d64050000000000650404000100010104040000f1000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
clock_nanosleep(0xa, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f00000000c0)=0x20, 0x4)
ioctl(0xffffffffffffffff, 0x5, &(0x7f00000002c0)="2f57dc2df2f3f2d24a5b17fede7e55c34b8d0f8b2e97f479d5bf5e9b121131f316c31ea417ece8507aa228e7cfeeafc5260df3c390a9cb23e01707b13a8d2658d660ac34f421ae9d8d93fc191a8a017ade5d5f671c5937")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
ioctl$SG_IO(r0, 0x2285, 0x0)
prctl$PR_GET_THP_DISABLE(0x2a)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000504000000000000000005"], 0x114}], 0x1, 0x0, 0x0, 0x4041}, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000002c0)={'filter\x00', 0x5b, "96c815677d9dabbc0305d0b04262ce97c930720a35f648fe6727875e0ae5a8ec12a51d2943c504af303c1050d37d45e51e14963b87af55e38bcaa31039eb238b71431be64da852c6e1ebee1a429140239e6b1834a4fa785d693b37"}, &(0x7f00000000c0)=0x7f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x8, [{0x0, 0x2, 0x20}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x4a}, 0x20)

12.299035337s ago: executing program 2 (id=738):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000280), r0)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, 0x0, 0x80)

12.272594018s ago: executing program 3 (id=739):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x10, 0x2, 0x0)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

12.243948098s ago: executing program 1 (id=740):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x3, 0x6)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0xba01}, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000480)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@discard_sync}, {@datacow}, {@ref_verify}, {@datacow}, {@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@ssd_spread}, {@datasum}, {@barrier}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r4, 0x0, 0x0, 0x1001f0)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r5 = open(&(0x7f0000000040)='./bus\x00', 0x64142, 0xdd)
sendfile(r5, r5, 0x0, 0x1000200201005)

10.995790396s ago: executing program 2 (id=741):
open(0x0, 0x64842, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
renameat2(0xffffffffffffffff, &(0x7f0000000800)='./file0\x00', 0xffffffffffffffff, 0x0, 0x7)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000", @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400f400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000280)='sched_switch\x00', r4}, 0x18)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0xb4, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7ff}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xe470}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x401}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x5}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7f}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x401}], @NL80211_ATTR_DURATION={0x8, 0x57, 0xd}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x34}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9a3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x5}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x4}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x25}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x8}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}]]}, 0xb4}}, 0x0)

10.994812566s ago: executing program 3 (id=742):
unshare(0x20040400)
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x800)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000200)=0x7ffc)
ioctl$EVIOCGRAB(r0, 0x40044590, 0x0)

9.43564282s ago: executing program 3 (id=743):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
unshare(0x22020600)
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000fffffffe0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x72)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
sendmsg$NL80211_CMD_STOP_AP(r5, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r6, 0x200, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x9, 0x6d}}}}, ["", "", "", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4040084}, 0xc0)
r7 = openat$cgroup_ro(r5, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0)
read$FUSE(r7, &(0x7f0000000480)={0x2020}, 0x2020)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000042000b06"], 0x14}}, 0x0)
recvmmsg(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f00000004c0)=""/274, 0x112}, {&(0x7f00000003c0)=""/191, 0xbf}, {&(0x7f0000000880)=""/142, 0x8e}, {&(0x7f0000000680)=""/173, 0xad}, {&(0x7f0000000780)=""/165, 0xa5}, {&(0x7f00000009c0)=""/264, 0x108}, {&(0x7f0000000140)=""/16, 0x10}], 0x7}, 0x1008}], 0x1, 0x0, 0x0)

9.130987604s ago: executing program 1 (id=744):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f000001f480), 0x2, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGETKEYCODE(r1, 0x4b4c, &(0x7f0000000000)={0xe3, 0x2})
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==")
socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002000000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x82, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f00000003c0)={0x55, 0x8ea9, 0xfffd, {0x0, 0x5}, {0x51, 0x2}, @cond=[{0x1ff, 0x5388, 0x6f5, 0x800, 0xc7, 0xb}, {0xffff, 0x5, 0x1, 0x46, 0x6, 0xfd}]})
r4 = syz_open_dev$evdev(&(0x7f0000000080), 0x2, 0x842)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
accept4$inet(r5, &(0x7f0000000580)={0x2, 0x0, @loopback}, 0x0, 0x80000)
sendmsg$IPCTNL_MSG_EXP_GET(r5, &(0x7f00000049c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c080}, 0x0)
ioctl$EVIOCGBITSND(r4, 0x40044591, 0x0)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x2250)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004940)={0x2020, 0x0, <r6=>0x0, <r7=>0x0}, 0xfeb0)
lsetxattr$security_capability(&(0x7f0000000100)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v3={0x3000000, [{0x8, 0x3}, {0x3, 0xc76d}], r7}, 0x18, 0x2)
write$FUSE_INIT(r0, &(0x7f0000002140)={0x50, 0x0, r6, {0x7, 0x29, 0x0, 0x0, 0x0, 0x5}}, 0x50)
read$FUSE(r0, &(0x7f0000002900)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xffffffffffffffda, r8}, 0x10)

7.797459024s ago: executing program 2 (id=746):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000100), 0x9)
r2 = openat$cgroup_subtree(r0, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)={[{0x2b, 'cpu'}]}, 0x5)

7.796335144s ago: executing program 3 (id=747):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d64050000000000650404000100010104040000f1000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
clock_nanosleep(0xa, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f00000000c0)=0x20, 0x4)
ioctl(0xffffffffffffffff, 0x5, &(0x7f00000002c0)="2f57dc2df2f3f2d24a5b17fede7e55c34b8d0f8b2e97f479d5bf5e9b121131f316c31ea417ece8507aa228e7cfeeafc5260df3c390a9cb23e01707b13a8d2658d660ac34f421ae9d8d93fc191a8a017ade5d5f671c5937")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
ioctl$SG_IO(r0, 0x2285, 0x0)
prctl$PR_GET_THP_DISABLE(0x2a)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000080)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000040)="aa1d484ea0000000f7fc08fcd111fbdf23ea32db0e8f21d5bc27bd49eb067a0689fff2a41cfbf0e9d85e44", 0x2b}], 0x2)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000504000000000000000005"], 0x114}], 0x1, 0x0, 0x0, 0x4041}, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, &(0x7f00000002c0)={'filter\x00', 0x5b, "96c815677d9dabbc0305d0b04262ce97c930720a35f648fe6727875e0ae5a8ec12a51d2943c504af303c1050d37d45e51e14963b87af55e38bcaa31039eb238b71431be64da852c6e1ebee1a429140239e6b1834a4fa785d693b37"}, &(0x7f00000000c0)=0x7f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@struct={0x0, 0x1, 0x0, 0x4, 0x0, 0x8, [{0x0, 0x2, 0x20}]}, @volatile={0x0, 0x0, 0x0, 0x9, 0x3}, @restrict={0x0, 0x0, 0x0, 0x4}]}}, 0x0, 0x4a}, 0x20)

6.478663063s ago: executing program 2 (id=748):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030097850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
dup3(r2, r1, 0x0)

5.767426274s ago: executing program 3 (id=750):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000080)='task_rename\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

4.894218487s ago: executing program 2 (id=751):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x11, &(0x7f0000000340)={[{@delalloc}, {@noquota}, {@i_version}, {@usrjquota}, {@data_ordered}, {@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x2}}, {@block_validity}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}], [{@dont_measure}]}, 0x0, 0x607, &(0x7f0000000ac0)="$eJzs3ctvFdUfAPDvTJ+0v58txKi4kCbGQKK0tIAhxkTYGkLwsXNVaSFIoYTWaJHEkuDGxLhxYeLKhfhfKIlbF25duHFlSIgxLMQQuWZuZ8r09t4+bh+33H4+ydBzZrjnnCn3y5l77jkzAexaQ9kfacT+iLiaRAyUjnVGfnBo4e/d/+vGuWxLolJ5588kbnyazJfLSvKf/fmL/x2I5Jc0Yl/H8npn5q5fGp+amryW50dmL18dmZm7fvji5fELkxcmr4y9Onbi+LHjJ0aPbOj8klL69K0PPhr4/Mx7333zMBn9/rczSZyMR3nbsvOqfW3PhmrOfmdDUVnwoLw/+72e2GDZO8XfA8X75LGkdgc7Vpq/H7si4tkYiI7Sv+ZAfPZWSxsHbKlKEkUfBew6SVPx37v5DQG2WXEdUHy2r/c5eLl0i69KgO1w79TCAMBC7HdFRBH/nQtjg9FbHRvou58sGedJImJjI3MLsjp+/unMrWyLBuNwwNaYv1mMctf2/0k1Ngejt5rru58uif+0tGX7326y/qGa/LL4f7PJgoFVzd+MiOfy/r871hX/Q6X4f7/J+leNfwAAAAAAAGDN7pyKiFfqzf9LF+f/dNeZ/9MfESc3of7Vv/9L7+aJZBOqA0runYp4ve7838U5voMdee7/1fkAXcn5i1OTRyLiqYg4FF09WX60ptzyDOHDX+z7ulH95fl/2ZbVX8wFzEu621mzEHdifHZ8o+cNRNy7GfF8df7vgXzP0vk/Wf+f1On/s/i+usY69r10+2yjY6vHP7BVKt9GHKzb/z++3E5Wvj/HSPV6YKS4KljuhU++/KFR/eIfWifr//tWjv+epHy/npn1ld8dEUfnOiuNjjd7/d+dvNtRlJ/5eHx29tpoRHdyevn+sfW1GdpVEQ9FvGTxf+jFlcf/Fq//S3G4JyLm11jnM4/6f290TP8PrZPF/8TK/f/g0v5//Ymx24M/Nqr/7Jr6/2PVPv1Qvsf4H5Qtvx/HWgO0Jc0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCdcGhH/iyQdXkyn6fBwRH9EPB196dT0zOzL56c/vDKRHas+/z8tnvQ7sJBPiuf/D5byYzX5oxGxNyK+6thTzQ+fm56aaPXJAwAAAAAAAAAAAAAAAAAAwA7RX13zX+mpXf+f+aOj1a0Dtlxn/lO8w+7T2fQrKz2Nj/U2XSqwfZqPf+BJt/b479rSdgDbr3H8P3hYqdrW5gDbyPU/7F5Nxr+vC6AN6P9ht1rjmJ6v86At6f8BAAAAAKCt7D1w59ckIuZf21PdMt35MZP9ob2lrW4A0DLm8MLu1Tnd6hYAreIzPpAspv6pu9i/8ez/ZGsaBAAAAAAAAAAAAAAsc3C/9f+wW628/t/cfmhnK6z/rxf8bhcAbaTxoz/0/dDufMYHVuvtrf8HAAAAAAAAAAAAgB2g9/ql8ampyWszc09e4o2d0Yz1JebHd0QzNi9RTA3f/JK7ImIHnGALEsUtOFrYjBb+nwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACzxXwAAAP//elUjeQ==")
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{0x0}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x2}, 0x50)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',posixacl'])
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x5b32034f40ccc410, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x10e8, 0x1000, &(0x7f0000001100)=""/4096, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000004c0)={0x2, 0xc, 0x1, 0x8}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000008c0)=[0xffffffffffffffff, 0xffffffffffffffff, r4, 0xffffffffffffffff], 0x0, 0x10, 0x3}, 0x94)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r5, &(0x7f0000000000)="fa", 0xfffffdef)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

4.224516017s ago: executing program 0 (id=755):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b4050000000000007110350000000000a5000000000000019500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x3, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x49)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRESDEC=0x0, @ANYRESHEX=0x0, @ANYRES16=0x0, @ANYRES16, @ANYRESDEC, @ANYRESOCT=0x0, @ANYBLOB="3a4fb0d5257a8dc42063abba61234a33c707c0f2b9e86b72d7e82593dafd0e8a33664c0025ef12", @ANYRES64=0x0, @ANYRESDEC], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYBLOB="91837e331b7ff63e82a1200b13d0b66d295db1fa9e0f2c8e80760f81102d14d312a9a0d8271fe8535b225295223952b5c28f89c4dfd08b317c51697465532e4f7a", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='thread_noise\x00', r0, 0x0, 0xfffd}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000100)={{{@in=@local, @in=@broadcast}}, {{@in=@local}, 0x0, @in=@loopback}}, &(0x7f00000000c0)=0xe8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101000, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
socket$inet_icmp(0x2, 0x2, 0x1)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

3.671771035s ago: executing program 2 (id=756):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file1\x00', 0x84, &(0x7f0000000000)=ANY=[], 0xf9, 0x606c, &(0x7f00000084c0)="$eJzs3cuOHFcZB/CvL9NzCbGtCEXGYuE4EBJCfLch3OKwYAFIIKGssTWZRAYHkG0QiSw8kReIBZdHgE02LPIiYcca8QBYsllFglCops+xq9s902M809U95/eTe6q+PtXTp/yfmu6aquoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB859s/PNOJiMu/THccifhU9CK6Eat1fTzqmUt5+X5EHI2t5ng2InrLEfXjt74cjjgfER8dirh3/9Z6fffZXfbjwumb1z/57rf+/ps/3Dn64zd/9MF4+w8+fe7D396OOPL9Vz/85PberDsAAACUoqqqqpN2849tfR3u2wMAB9/w9X/4fqCW71er1eqC6s0ZPN/vu/OzvuqDVi9H7Hb5pmqy280iIjabj6nfMzgcDwALZjM+brsLtEj+RetHxFNtdwKYa522O8C+uHf/1non5dtpvh4MTwV5cC7ISP6bnQfXd2w3nWb8HJNZ/XzdiV48s01/VmfUh3mS8++O53952D5Iy+13/rOyXf6D4aVPxcn598bzHzOS/x8jYmHz707Mv1Q5//7j5L/ZW+DtX/4AAAAAABx8+e//R1o+/rv85KuyKzsd/z0+oz4AAAAAAAAAwF570vH/HjD+HwAAAMytel+99qdDD+/rRPzt8IRl6138NzoRT48tDxQmXSyz1nY/AAAAAAAAAAAAAKAk/eE5vG90IpYi4um1taqq6lvTeP24nvTxi6709YeStf1LHgAAhj46lK7lv7syvKOz9W8z0mf9La2trVXVyupatVatLuf3s4PllWq1sV+bp/V9y4NdvCHuD6r6m600Htc0bX95Wvv496ufa1D1dtGx2Wg5dACKN3w1uucV6YCpqsPR9rscFoPt/+Cx/bMbbf+cAgAAAPuvqqqqkz7O+1g65t9tu1MAwCys5Nf/8eMCarVarVarD17dVE12u1lEujYgq98zGI4fABbMZnzcdhdokfyL1o+Io213AphrnbY7wL64d//Weifl22m+HqTx3fO5ICP5b3a2HpcfP2k6zfg5JrP6+boTvXhmm/48O6M+zJOcf3c8/8vD9kFabr/zn5Xt8q/X80gL/Wlbzr83nv+Yg5N/d2L+pcr59x8r/578AQAAAABgjuW//x9x/DevMgAAAAAAAAAsnHv3b63n617z8f/PTliu05xz/eeBkfPv7Dp/1/8eJDn/7nj+Yyfk9Brzd19/mP+/7t9a/+DmPz+Tp3Of/1JvUD/3Uqfb66dzfqqlt+JqXIuNOP3I8v2R9jOPtC+NtJ+d0n7ukfZB3b6a20/GevwsrsWbD9qXp5wYtTKlvZrSnvPv2f6LlPPvN251/mupvTM2rd19v/vIdt+cTnqeS3/5zwuPbl17bTB1iTvRe7BuTfX6ndiXPu1s6//kqUH84sbG9ZO/unLz5vUzkSYj956NNNljOf+ldMv5v/j8sD3/3m9ur3ffHzx2/vPiTvS3zf/5xny9vi/NuG9tyPkP0i3nn1+BJm//i5z/9tv/yy30BwAAAAAAAAAAAAAAAHZSVdXWJaKXIuJiuv6nrWszAYCZ+t330kyVhFqtVqvV6r2q+3PWnxHVZK81i1gZfczFiPj1pG8GAMyz/0bEP9ruBK2Rf8Hy5/3V08+13Rlgpm68+95Prly7tnH9Rts9AQAAAAAAAAD+X3n8z+ON8Z+3zgMaGzd6ZPzX1+P4wo7/2R30tsY6Tyv0XOw8/veJ2Hn87/6U51ua0j5txOLlKe0rU9onXujRkPN/LmWc8z+WVqyk8V9fbKE/bcv5n0hjPef8vzC2XDP/6s+LnH93JP9TN9/5+akb7773ytV3rry98fbGT8+cvnj+3IXz5y5cOPXW1Wsbp4dfW+zx/sr557GvnQdalpx/zlz+Zcn5fz7V8i9Lzv+FVMu/LDn//H5P/mXJ+ed9H/mXJef/UqrlX5ac/xdTLf+y5PxfTrX8y5Lz/1Kq5V+WnP8rqZZ/WXL+J1Mt/7Lk/E+lWv5lyfnnI1zyL0vOP5/ZIP+y5PzPplr+Zcn5n0u1/MuS8z+favmXJed/IdXyL0vO/2Kq5V+WnP+XUy3/suT8v5Jq+Zcl5/9qquVflpz/V1Mt/7Lk/L+WavmXJef/9VTLvyw5/2+kWv5lyfl/M9XyL0vO/7VUy78sDz//38yMZ/7914g56MZ+zFRVVc1BN8w8wUzbv5kAAAAAAAAAAAAAgHGzOJ247XUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xchV33cAP3uz14YENxBCiBPWF4gJi3fXN3CIE+daSpqUkpA2Lalx7LVx4lu9dgIIhaXQlihIRWof6ENzUxpFvQgURWoq0Qipkdq38pSIl6iVeLBUqByUVEoV2OrM+f//OzM7O7O2d+0z53w+CP+8c/3PmTOz+13rOwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDZhg9P//lAlmX5/40/1mXZlfnf12R78y9nd13uFQIAAAAX6/XGn/9wVTph7xKu1HSZf3vXf/xgbm5uLvv8a2ff+Mu5uXTGWJYNrc6yxnnRv//ql3PNlwkez0YHBpu+Huxx90M9zh/ucf5Ij/NX9Th/dY/zR3ucv2ADLLCm+H1M48Y2N/66rtik2TXZSOO8zR2u9fjA6sHB+LuchoHGdeZGDmVHsqPZdDa54DoDjf+y7PkN+X3dmcX7Gmy6r/VZlp37+SMH4hoGwjbenLXcWUPzc/fqB7Ox137+yIHvnn7l7Z1mz82wYKVZtmVjvs4nsmz+11XZQLY6bZO4zsGmda7vsM6hlnUONK6X/719neeWuM74uEfDOl/sss714bQHN2VZNpstepl2j2eD2dq2e03be7TYI/LbyJ/Kt2TD57WfbFjCfpJf5+VNrftJ+z4Zt/+GsE2GF1lD89Px6mOrFmz3C91P8kddhn01v+278zsdHW3+1WrLvppf5pEbF98HOj53HfaBtC837QMbe+0Dg6uGGvvA4PyaN7bsA1MLrjOYDTTu6+yN3feBidPHTk7MPPTwrUeO7T88fXj6+NTkrh3bd+7YvnPnxKEjR6cniz/Pb5P2kbXZYNoHN4b3mrgPvrvtss275Ny3lu91MFqS10H+2D99U76gKwezRfbx/DJPbLn410H6vt/0Ohhueh10fE/t8DoYXsLrIL/MuS1L+5453PR/pzWs1HvhuqZ94HJ+P8zv876bF38vXB/W9eR7zvf74dCCfSA+rIHw2stPST/vjd4etsvC/eL6/IwrVmVnZqZPbX1w/+nTp6ayMC6Jq5ueq/b9ZW3TY8oW7C+D572/7P37X990fYfT14VtNXpL9+cqv8yO8e7PVePdvXV7rsqK7dly6rYsjGV2qbdnp+9m+fZMWaLL9swv88StF/+zYMolTe9/I73e/4ZGhov3v6G0NUZa3v8WPjVDjZVl2blbl/b+NxL+v9Tvf9eU5P0v31b3be2+D+SXeXLifPeB4a7vf5vCHAjruTkkhtGm3P9G4/zZYjdtei577jfDwyNhvxmO99i632xfcJ381vL73jJ5YfvNlk2tz1XLzy0V3G/ybfVXk933m/wyL0xd/HvHmvjXpveOVU37wJpOtzMytCpf70jaCYr3u7k1cR/Ymh3ITmRHs4PpOvmznN/W+Lal7QOrwv+X+r3jupLsA/m2emZb930gv8yPty/vz05bwinpMk0/O7X/fmGxzH/98PzttW+25c78+To/8pNPptM6ZYj8Mq/sON+c0X073RJOuaLDdlrV9h662D59MLs02+m6sM6jO7v/biq/zDW7lrg/7c2y7KWplxq/7wq/3/3+mZ/8oOX3vp1+p/zS1Et3Tdzz0/NZPwAAF+6Nxp+zq4qfNZv+xXop//4PAAAA9IWY+wfDTOR/AAAAqIyY+4fCTOR/AAAAqIyY+4fDTGqS/x+4ffezrz+apU8DnAvi+XEz3P3+4nKx4z0bvh6bm5ef/qHvjDz71UeXdt+DWZb9+q53dLz8A++P6yqcjOt8b+vpC1x3w5Lu//575y/X/PkJ53YXtx8fz1J3g9hVfn5iW+N2xx6aaswX7soa857ZJx8vbr/4Ol7+7Pbi8n8TPrRk76GBlutvCevZHOZY+EyZu/fOb4d8xus9u/5d/3r1Z+bvL15vYOObGw/zma8Utxs/I+rpq4vLx8e92Pr/5Wvfeza//IM3dl7/o4Od13823O7LYf5qT3H55m3+1ab1/2lYf7y/eL2t3/5Rx/U/97bi8s+F/eKbYbav/4N/8c7XOz1f8X723lFcL97/5P/uaFwv3l68/fb1jz461bI92m//hdeK29nzpV8MNV8+nh7vJ7r/jtb9eyA8vy098izLvvdnWct2zt5XXO+f29Yfb+/kHZ3Xf0vbOk8O3NC4/vzjWdfyuL7+t9s6Pt64nr3/uK7l8Tz90bD9Xpv4cX67Z+8J+2M4//9eLG6v/bNMn/to6/tNvPw31xWv23h7E23rf7pt/bM35Nuu9/rvfK1Y/3MfWN2y/r0fC/vTncXstf7D37iq5frf+m7xfJz68vjxEzNnjhxs2qrNr+PVo2vWXnHlm958VXgvbf9634nTD0yfGpscm8yysT78yMCVXv+3w/yfYswu/z0UfvqLYr976uPF9613/7L4+ulw+v3h+YzfH7/+1yMt+2v78z77gWJe7PrfE9axVG/72n/dsKQLnv3c82f+6U9eaf+5ID6ek28dbTy+ZzZc2zhv4IXi/Pb3q17+862tr+ufDU825g/Ddp0Ln8y88dri/tpvP342yVOfKl6/8Se5eP2s7fNE1g21Po6LXf/Pws8xP7qu9f0v7h8/fLTt05zXZQP5EmbD+0M2W5wfLxW391Pnru14f/FzeLLZt5/PMhc189DMxNEjx888OHF6eub0xMxDD+87duLM8dP7Gp9duu8Lva4///pe23h9H5zetSNrvNpPFGOFXe71n7z3wMHbJm86OH1o/5lDp+89OX3q8IGZmQPTB2du2n/o0PSXe13/yME9U9t2b79t2/jhIwf33L579/bd40eOn8iXUSyqh12TXxw/fmpf4yoze3bsntq5c8fk+LETB6f33DY5OX6m1/Ub35vG82t/afzU9NH9p48cmx6fOfLw9J6p3bt2bev56Y/HTh6aGZs4deb4xJmZ6VMTxWMZO904Of/e1+v61MPMifB+12Yg/HT+2Vt2pc/HzX3nsUVvqrhI64+n2avhs6Di97deX8fcPxJmUpP8DwAAAHUQc3/44P/5M+R/AAAAqIyY+1eHmcj/AAAAUBkx9xfJf3T+8O41yf/L1f9/TP+/Qf9f/z/T/0/0//X/M/3/uL/uu/nDmxq3o//fSv9f/7+f16//r/9Pb2Xr/4fcn63JMv/+DwAAABUVc//aMBP5HwAAACoj5v4rwkzkfwAAAKiMmPuvDDOpSf53/H/9f/3/bv3/eFn9/0z/vwz9/83/rf+/QJ/0/x3/fxH6//r//bz+Evb/1+j/UzZl6//H3P+mMJOa5H8AAACog5j73xxmIv8DAABAZcTcf1WYifwPAAAAlRFz/7owk5rkf/1//X/9f8f/1//vm/6/4/93oP+/8v3/5m+r+v+t9P/1/0vW/3f8f0qnbP3/mPt/I8ykJvkfAAAA6iDm/reEmcj/AAAAUBkx918dZiL/AwAAQGXE3H9NmElN8n89+/8vZ1mm/5/p/+v/t61T/1//fyXo//d//9/x/xen/6//r/+v/093Zev/x9z/1jCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7n9bmIn8DwAAAJURc/91YSY1yf/17P87/r/+f0H/v3Wdl6n//xX9f/3/i6H/r/+f6f9fsMvdn+/39ev/6//TW9n6/zH3vz3MpCb5HwAAAOog5v7rw0zkfwAAAKiMmPvfEWYi/wMAAEBlxNy/PsykJvlf/1//X/9f/9/x//X/V1J/9f8HFz1H/7+g/99q+fr/s/ML0P/vm/Xr/+v/01vZ+v8x978zzKQm+R8AAADqIOb+d4WZyP8AAABQGTH33xBmIv8DAABAZcTcPxZmUpP8r/+v/6//r/+v/6//v5L6q/+/OP3/gv5/K8f/1//X/9f/p7uy9f9j7t8QZlKT/A8AAAB1EHP/xjAT+R8AAAAqI+b+TWEm8j8AAABURsz9m8NMapL/9f/1//X/9f/1//X/V5L+v/5/N/r/+v/9vH79f/1/eitb/z/m/hvDTGqS/wEAAKAOYu6/KcxE/gcAAIDKiLn/3WEm8j8AAABURsz9W8JMapL/9f/1//X/+7j/P6T/n+n/l57+v/5/N/r/5er/D+v/6//r/7PMytb/j7n/5jCTmuR/AAAAqIOY+98TZiL/AwAAQGXE3H9LmIn8DwAAAJURc/94mElN8r/+v/6//n8f9/8d/79l/cvQ/x9pPl3/f3no/+v/d6P/X67+v+P/6//r/7Pcytb/j7n/1jCTmuR/AAAAqIOY+7eGmcj/AAAAUBkx90+Emcj/AAAAUBkx90+GmdQk/+v/X8r+f2Mb6//r/+v/h/NL2P93/P8VoP+v/9+N/r/+fz+vX/9f/5/eytb/j7l/KsykJvkfAAAA6iDm/m1hJvI/AAAAVEbM/dvDTOR/AAAAqIyY+3eEmdQk//dJ/39rKkD1df/f8f/1//uy/59eBvr/+v8XQv9f/78b/X/9/35ev/6//j+tBjucVrb+f8z9O8NMapL/AQAAoA5i7t8VZiL/AwAAQGXE3H9bmIn8DwAAAJURc//tYSY1yf990v+vyPH/9f/1//uy/58U/fkh/f9F1q//35n+v/5/N/r/+v/9vH79f/1/eitb/z/m/t1hJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/jjAT+R8AAAD6SqfjEEYx978vzKQm+V//v+r9/7nV+v/6/8vb/3f8f/3/86P/r//fjf6//n8/r1//X/+f3srW/4+5f0+YSU3yPwAAANRBzP3vDzOR/wEAAKAyYu7/QJiJ/A8AAACVEXP/3jCTmuR//f+q9/9rc/z/xvn6//r/+v/lo/+v/9+N/n9/9v/Djy36/yXq/+f7kP4/ZVS2/n/M/R8MM6lJ/gcAAIA6iLn/Q2Em8j8AAABURsz9Hw4zkf8BAACgMmLu/0iYSU3yv/6//n9F+v+O/6//r/9fUvr/K9b/b7wV6v8XFu3/r9H/72a+P3+V4//3ef/f8f8pq7L1/2Pu/2iYSU3yPwAAANRBzP0fCzOR/wEAAKAyYu7/zTAT+R8AAAAqI+b+O8NMapL/9f/1//X/9f/1//X/V5L+v+P/d+P4/2Xp/1+e/ny/r1//X/+f3srW/4+5/7fCTGqS/wEAAKAOYu6/K8xE/gcAAIDKiLn/42Em8j8AAAD0mVWLnhNz/2+HmdQk//df/3+sL/v/g+n29f/1//X/9f/1/5eT/r/+f6b/f8Eud3++39ev/6//T29l6//H3P+JMJOa5H8AAACog5j7PxlmIv8DAABAZcTc/zthJvI/AAAAVEbM/XeHmdQk/y93/7/9+t04/r/+f6b/r/+v/6//f5H6qf8/ov+/gP6//n8/r1//X/+f3srW/4+5/3fDTGqS/wEAAKAOYu6/J8xE/gcAAICSeuC8rxFz/6fCTOR/AAAAqIyY+z8dZlKT/N9/x//vv/5/fvv6//r/mf6//n/TVtX/Xz7d+/Pf+MRy3Y/j/xf0/1vp//dX/3/NMq9f/1//n97K1v+Puf/eMJOa5H8AAACog5j7PxNmIv8DAABAZcTc/3thJvI/AAAAVEbM/b8fZlKT/K//37P//3dLeSyO/995/fr/+v/6//r/tTr+/+jS+v/5e5j+f0H/X/+/n9ev/6//T29l6//H3P/ZMJOa5H8AAACog5j7/yDMRP4HAACAyoi5/w/DTOR/AAAAqIyY++8LM6lJ/tf/X/nj/+v/6//r/+v/6//XpP/v+P/6/4H+v/6//r/+P4Wy9f9j7v9cmElN8j8AAADUQcz9fxRmIv8DAABAZcTcvy/MRP4HAACAPtDeKO0s5v77w0xqkv/1//X/9f/1//X/9f9Xkv6//n83+v/6//28fv1//X96K1v/P+b+/WEme1vvBgAAAOhfMfd/PsykJv/+DwAAAHUQc/+BMBP5HwAAACoj5v6DYSY1yf/6//r/+v/6//r/+v8rSf9f/78b/X/9/35ev/6//j+9la3/H3P/dJhJTfI/AAAA1EHM/YfCTOR/AAAAqIyY+w+Hmcj/AAAAUBkx9z8QZlKT/K//r/+v/78C/f/wfGbl7v+/+P1we/r/+v8rSf9f/78b/X/9/35ev/6//j+9la3/H3P/kTCTmuR/AAAAqIOY+78QZiL/AwAAQGXE3P/FMBP5HwAAACoj5v6jYSY1yf/6//r/+v+O/9+1/79m/n71//X/L4T+v/5/N/r/+v/9vH79f/1/eitb/z/m/mNhJjXJ/wAAAFAHMfcfDzOR/wEAAKAyYu4/EWYi/wMAAEBlxNx/MsykJvlf///8+v8Di3QD9f87r1//vwL9/yb6//r/F0L/X/+/m0vQ/3+j+Sr6/60ud3++39ev/6//T2+l6P+PzH8dc/8fh5nUJP8DAABAHcTcfyrMRP4HAACA/2fvvpbsPKs8Du+RHOSamrkG3wJXwCVwDGdUcQcmp7LJJoPJOZmcTAaTc845mJwxmIyBKih3r7Vkhf52S+qtfr93Pc8BaxAa+1NZE/5l/+qdRu7+6+IW+x8AAACmkbv//nFLk/2v//f+v/5f/6//1//vkv5f/7/E+//6/zV/v/5f/892Q/T/d/v3ufsfELc02f8AAADQQe7+B8Yt9j8AAABMI3f/g+IW+x8AAACmkbv/wXFLk/2v/9f/6/+H7P9PbfT/+n/9/6Ho/9fb/+f/LtL/6//X+v36f/0/243W/+fuf0jc0mT/AwAAQAe5+x8at9j/AAAAMI3c/Q+LW+x/AAAAmEbu/ofHLU32v/5f/6//H7L/rz+O/l//r/9fpv9fb/+/8f6//n/l36//1/+z3Wj9f+7+R8QtTfY/AAAAdJC7/5Fxi/0PAAAA08jdf7cnt/bZ/wAAADCN3P3Xxy0t9v8V+n/9v/5/jf3/Ffp//f++6zbj0//r/5fo//X/a/5+/b/+n+1G6/9z998Qt7TY/wAAANBD7v5HxS32PwAAAKzAiUP9rNz9j45b7H8AAACYRu7+x8QtTfa//l//r/9fYf/v/X/9/4ro//X/S/T/+v81f7/+X//PdqP1/7n7Hxu3NNn/AAAA0EHu/sfFLfY/AAAATCN3/+PjFvsfAAAAppG7/wlxS5P9r//X/+v/9f/6f/3/Lun/9f9L1tz/58/V/+v/9f/6fw628/7/Xjfu3cP2/7n7b4xbmux/AAAA6CB3/xPjFvsfAAAAppG7/0lxi/0PAAAA08jd/+S4pcn+1//r/0/3///5H/2//l//f/rH9f9HQ/+v/1+y5v5/4/1//b/+X//PVjvv/7f0/mf/+9z9T4lbmux/AAAA6CB3/1PjFvsfAAAAppG7/2lxi/0PAAAA08jd//S4pcn+1//r/73/r//X/+v/d0n/P2z/f/b/6J1J/38o+n/9/0H9/z0P8f36fzoYrf/P3f+MuKXJ/gcAAIAOcvc/M26x/wEAAGAauftvilvsfwAAAJhG7v5nxS1N9r/+X/+v/9f/n9n/n2jZ/9/1Y/r/3dD/D9v/L9P/H4r+X//v/X/9P8tG6/9z9z87bmmy/wEAAKCD3P3PiVvsfwAAAJhG7v7nxi32PwAAAEwjd//z4pYm+1//r/+/pP7/av3/fP3/Bb7/f3KO/t/7/7uj/19t/39yo//fSv+v/9f/6/9ZNlr/n7v/+XFLk/0PAAAA0zuxqd3/grjF/gcAAIBp5O5/Ydxi/wMAAMA0cve/KG5psv/1//p/7//r/y+p/5/k/f919P/X6P/PQ//f4/3/jf6/fi36/3G+X/+v/2e70fr/3P0vjlua7H8AAADoIHf/S+IW+x8AAACmkbv/pXGL/Q8AAADTyN3/srilyf7X/+v/9f/6f/3/Wvp/7/+fj/6/R//v/f/Tvxb9/zjfr//X/7PdaP1/7v6Xxy1N9j8AAAB0kLv/FXGL/Q8AAADTyN3/yrjF/gcAAIBp5O5/Vdxy9v4/cTm/6vLR/+v/9f/6f/2//n+X9P/6/yX6//P3/6cO+PPp/8f6fv2//p/tRuv/c/ffHLf4+/8AAAAwjdz9r45b7H8AAACYRu7+18Qt9j8AAABMI3f/a+OWJvv/oP7/jv/d/8/1/4ej/z//9+v/9f+H7f/vvO30f5/+X/9/IfT/+v/NhP2/9//X8f36f/0/243W/+fuf13c0mT/AwAAQAe5+18ft9j/AAAAMI3c/W+IW+x/AAAAmEbu/jfGLU32/9G//3+t/l//r/+Pq//3/r/+X/+v/1+m/z/2/v/eV+3/l/p//b/+n504mv7/5Oao+v/c/W+KW5rsfwAAAOggd/+b4xb7HwAAAKaRu/8tcYv9DwAAANPI3f/WuKXJ/j/6/t/7//r/C+z/T+j/k/4//rrq//X/F0D/r//f6P8v2nH382v/fv2//p/tRnv/P3f/LXtTr9/+BwAAgA5u2fvXU5u3xS32PwAAAEwjd//b4xb7HwAAAKaRu/8dcUuT/a//1/8fe//v/f+i/4+/rvp//f8F0P/r/zf6/4t23P382r9f/6//Z7vR+v/c/e+MW5rsfwAAAJjMNef7wdz974pb7H8AAACYRuz+/X/43f4HAACAKb17719Pbd4TtzTZ/437/2svtf+/+z9Qov8///fr/4+k/7/l7N97+n/9/5ro//X/S/T/+v81f/84/X/8wPX6f8YzWv+fu/+9cUuT/Q8AAAAd5O5/X9xi/wMAAMA0cvffGrfY/wAAALBW53R1ufvfH7c02f+N+/9J3v+/7+3xBfr/eft/7//HXVX/f4f+P+n/9f9L9P/6/zV//zj9v/f/Gddo/X/u/g/ELU32PwAAAHSQu/+DcYv9DwAAANPI3f+huMX+BwAAgGnk7v9w3NJk/+v/197/e/9f/6//H7L/9/5/0f/r/5fo/0/s/X8i+v91fr/+X//PdqP1/7n7PxK3NNn/AAAA0EHu/o/GLfY/AAAATCN3/8fiFvsfAAAAppG7/+NxS5P9r//X/++q/7/rT6L/b9L/36D/3+j/D6T/1/8v0f97/3/N36//1/+z3Wj9f+7+T8QtTfY/AAAAdJC7/5Nxi/0PAAAA08jd/6m4xf4HAACAaeTu/3TccI//O75POlpXHvDj0Zvr//X/3v/X/3v/X/+/S5ev/9/7v+H6/y30/2f+OvT/+n/9v/6f3Rqt/8/d/5m4xd//BwAAgGnk7v9s3GL/AwAAwDRy938ubrH/AQAAYBq5+z8ftzTZ//p//b/+f7X9/zX6/zO/X/8/Ju//6/+X6P/1/2v+fv2//p/tRuv/c/d/IW5psv8BAACgg9z9X4xb7H8AAACYRu7+L8Ut9j8AAABMI3f/l+OWJvtf/6//1/+vtv/3/v9Z36//H5P+X/+/RP+v/1/z9+v/9f9sN1r/n7v/K3FLk/0PAAAAHeTu/2rcYv8DAADANHL3fy1usf8BAABgGrn7vx63NNn/+n/9v/5f/6//1//vkv5f/79E/6//P4Lvz98m+n/9PwMarf/P3f+NuKXJ/gcAAIAOcvd/M26x/wEAAGB0Z//jnQfK3f+tuMX+BwAAgGnk7v923NJk/8/c/y/9NP3/Pv2//n+j/9f/75j+/+L7/8P8YvT/+/T/F2eS/t/7//p/BjZa/5+7/ztxS5P9DwAAAB3k7v9u3GL/AwAAwDRy938vbrH/AQAAYBq5+78ftzTZ/zP3/0v0//v0//r/jf5f/79j+n/v/y/R/+v/1/z9+n/9P9sdU/9/5eaA/j93/w/ilib7HwAAADrI3X9b3GL/AwAAwDRy9/8wbrH/AQAAYBq5+38Ut8yz/+9368J/qP8/8v5/7zeR/l//v9H/6//1/3v0//r/Jfp//f+av1//r/9nu9He/8/d/+O4ZZ79DwAAAO3l7v9J3GL/AwAAwDRy9/80brH/AQAAYBq5+38WtzTZ//r/Md7/z2/Q/+v/d9z/n9zo//X/l5n+X/+/RP+v/1/z9+v/9f9sN1r/n7v/53FLk/0PAAAAHeTu/0XcYv8DAADANHL3/zJusf8BAABgGrn7fxW3NNn/l9z/Z6ih/99zsf3/pb3/f7qe1v8fZ/9/4pw//oD9v/f/9f+Xnf5f/79E/6//X/P3Z/+fv+/0//p/zjVa/5+7/9dxS5P9DwAAAB3k7v9N3GL/AwAAwDRy9/82brH/AQAAYBq5+38XtzTZ/97/n6H/9/7/GP3/uX98/f/u+v+7fkz/vw76f/3/Ev2//n/N3+/9f/0/243W/+fuvz1uabL/AQAAoIPc/b+PW+x/AAAAmEbu/j/ELfY/AAAATCN3/x1xS5P9r//X/0/Z/1+t/5+9//f+/3ro//X/S/T/+v81f7/+X//PdqP1/7n7/xi3NNn/AAAA0EHu/j/FLfY/AAAATCN3/5/jFvsfAAAAppG7/y9xS5P9r//X/194/39l/bqH7f+9/6//1/8PY97+/yr9v/7/kvv/m27e/2H9/zq/X/+v/2e70fr/3P1/jVua7H8AAADoIHf/3+IW+x8AAACmkbv/73GL/Q8AAADTyN3/j7ilyf6fvf+/zwE/Tf+/b9r3//X/+n/9/zDm7f+9/6//9/6//l//r/9nm9H6/9z9d8YtTfY/AAAAdJC7/59xi/0PAAAAY/v/w//U3P3/ilvsfwAAAJhG7v5/xy1N9v/s/f9B9P/79P/6/43+X/+/Y/p//f8S/b/+f83fr//X/7PdaP1/7v7/BgAA//8Z1SKq")
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0x0)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)

2.874848047s ago: executing program 0 (id=757):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f00000000c0), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000100), 0x9)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040)={[{0x2b, 'cpu'}]}, 0x5)

2.64885708s ago: executing program 0 (id=758):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x10, 0x2, 0x0)
write(r5, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r5, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

2.595330971s ago: executing program 1 (id=759):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020200f8ffffffb703000008000000b704000000000000850000000100000095cbe7fbc8188d09034a81ae25b8c8160d713bb884b1d2bb4d68bcf32686585cb1820c9eb38c6157373b6658b37c496aab2b1de7a89c6159a83614a507580af28914a74c6119d40683ccb0e0ce2f2b7a7407ad3adc9f8b528ab992d6e000d6ec580da38b6351bb33f8f5dee42c562d5a4e61c7fddb265409a0609effb9ba383a382bfee3ab4c02a479bd2e97f6b71350e01e97d4166d6c3df08e117bd6b3a502f2b23d1e25f82d444a62784a1811689be52a97db976bc7d10a9e4657b56127ac5140fb8cf8c02990b283e7b1dae7d1580c5ed1b05a1bc9afe75a501281c67e149a49d8f6091a583ed5f66150e1e89b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x25, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r5, 0x7, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f00000003c0)={0x11042a28a754e1d, 0x3, 0xffffffffffffff12, 0xffffffffffffffff})
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000300)={0x4000000, {0x2, 0x4e24}, {0x2, 0x0, @local}, {0x2, 0x0, @broadcast}, 0x201, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x10000000000003})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000200)='net_dev_xmit_timeout\x00', r5}, 0x60)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x42, &(0x7f0000000080)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}]}, 0x4, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
io_setup(0x5, &(0x7f0000000240))
r6 = inotify_init()
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r7, 0x5420, &(0x7f0000000100)=0xcf5)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000380)={0x5, 0x0, 0xffffffff, 0x9000, 0xfe, "0062ba7d82000000000000000000f7ffffff00"})
ppoll(&(0x7f0000000140)=[{r7}], 0x1, 0x0, 0x0, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x80, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
dup3(0xffffffffffffffff, r7, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000180)=0x11)
ioctl$sock_inet_SIOCSIFDSTADDR(r4, 0x891b, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @multicast2=0xac14140a}})
inotify_add_watch(r6, &(0x7f0000000300)='.\x00', 0xa50003d1)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
clock_adjtime(0x0, &(0x7f0000000400)={0x8001, 0x3, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000300000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce60800070000000000140002007767"], 0x1c8}}, 0x0)

1.38383826s ago: executing program 0 (id=760):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000a80)=ANY=[@ANYBLOB="44010000100033060000000000000000fc020000000000000000000000000000fe8000000000000000000000000000fd00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000001fffffffd32000000ac1414aa00000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000276cc38735eb7764000099fcf450000500000000000a0000000000000000000000000001000000073500000a000400000000000000000048000200656362286369706865725f6e756c6c2900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c4661500590735000c000000be27f87a94c571864f791c1417801a6f3f2009e7c560adabc6da87f55515c86200ba1c85de58aaf89267adb16c659bf33bffcb2a39b40d0d5f54354afd76352c5035b94f3b7de70e463b01579ea0fe8964ca1a682d2bd9a2b09a113733a78746c5ad1ebf9a45617e9256cf23b546b8edb266168b0bf9bcc74ad5896401082436b20b75482de9223352bd01746f3ed9d59f885eb47864d97ee73a274cde37dbbdb6b128a8e726297c9f429ebd8a176336778acc40a265854fb685fd5b2a83059dacca834e69b6bb1219f2e29ab9b990238cf630cbd9947456ccb2b1423489490fed42747b5036938bab899663fde7383771a69ca462b22be1a1dbcd16be8a625d22772c4441d7f5b93fc419c550747cce33"], 0x144}}, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000a40)={0x2020}, 0x2020)
ioctl$UI_SET_PHYS(r6, 0x4008556c, &(0x7f0000000000)='syz0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

191.542787ms ago: executing program 0 (id=761):
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x3, 0x5, 0x8, 0x3, 0x1, {0x1, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
mount$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
setitimer(0x1, &(0x7f0000000180)={{}, {0x0, 0xea60}}, 0x0)

0s ago: executing program 0 (id=762):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
read(r1, &(0x7f0000000840)=""/40, 0x28)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000180)={0x381, @time={0x5}, 0x40, {0xc0, 0xff}, 0x46, 0x1, 0x1})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f0000000bc0)={0x800100, 0x0, 0x0, 0x724f, 0x0, 0x55a})
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts.
[   82.572692][ T5762] cgroup: Unknown subsys name 'net'
[   82.715446][ T5762] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   84.412646][ T5762] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   86.120259][ T5788] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   86.131761][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   86.153309][ T5785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   86.161936][ T5784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   86.166907][ T5787] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   86.170902][ T5784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   86.178189][ T5787] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   86.184636][ T5784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   86.191735][ T5787] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   86.198348][ T5784] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   86.206393][ T5787] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   86.212861][ T5784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   86.218767][ T5787] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   86.233329][ T5787] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   86.237604][ T5784] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   86.241447][ T5788] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   86.248791][ T5784] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   86.255319][ T5788] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   86.269232][ T5784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   86.270373][ T5787] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   86.285106][ T5787] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   86.292355][ T5783] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   86.293533][ T5787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   86.300446][ T5783] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   86.761216][ T5776] chnl_net:caif_netlink_parms(): no params data found
[   86.891454][ T5773] chnl_net:caif_netlink_parms(): no params data found
[   87.000562][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   87.092237][ T5776] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.100335][ T5776] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.107860][ T5776] bridge_slave_0: entered allmulticast mode
[   87.114988][ T5776] bridge_slave_0: entered promiscuous mode
[   87.175683][ T5776] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.187105][ T5776] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.194698][ T5776] bridge_slave_1: entered allmulticast mode
[   87.205921][ T5776] bridge_slave_1: entered promiscuous mode
[   87.232720][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.240286][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.251340][ T5773] bridge_slave_0: entered allmulticast mode
[   87.259081][ T5773] bridge_slave_0: entered promiscuous mode
[   87.303020][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   87.332814][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.341737][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.353263][ T5773] bridge_slave_1: entered allmulticast mode
[   87.361184][ T5773] bridge_slave_1: entered promiscuous mode
[   87.397579][ T5776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.461567][ T5776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.504288][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.511805][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.520105][ T5774] bridge_slave_0: entered allmulticast mode
[   87.528628][ T5774] bridge_slave_0: entered promiscuous mode
[   87.575318][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.586483][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.593656][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.601335][ T5774] bridge_slave_1: entered allmulticast mode
[   87.609163][ T5774] bridge_slave_1: entered promiscuous mode
[   87.641884][ T5776] team0: Port device team_slave_0 added
[   87.650893][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.712798][ T5776] team0: Port device team_slave_1 added
[   87.750191][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   87.764165][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   87.802771][ T5773] team0: Port device team_slave_0 added
[   87.824328][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.831713][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.839286][ T5772] bridge_slave_0: entered allmulticast mode
[   87.846502][ T5772] bridge_slave_0: entered promiscuous mode
[   87.854971][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_0
[   87.862528][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.888946][ T5776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.903257][ T5776] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.910962][ T5776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.937688][ T5776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.952222][ T5773] team0: Port device team_slave_1 added
[   87.988158][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.995429][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.002941][ T5772] bridge_slave_1: entered allmulticast mode
[   88.010897][ T5772] bridge_slave_1: entered promiscuous mode
[   88.052010][ T5774] team0: Port device team_slave_0 added
[   88.060678][ T5774] team0: Port device team_slave_1 added
[   88.082329][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   88.095554][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   88.105368][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.112455][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.139831][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.182952][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.190048][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.216233][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.270360][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.278016][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.304804][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.319143][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.327445][ T5783] Bluetooth: hci3: command tx timeout
[   88.327461][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.327509][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.344245][   T50] Bluetooth: hci0: command tx timeout
[   88.384184][ T5776] hsr_slave_0: entered promiscuous mode
[   88.391278][ T5776] hsr_slave_1: entered promiscuous mode
[   88.402121][ T5772] team0: Port device team_slave_0 added
[   88.408139][   T50] Bluetooth: hci1: command tx timeout
[   88.408360][   T50] Bluetooth: hci2: command tx timeout
[   88.438342][ T5772] team0: Port device team_slave_1 added
[   88.481351][ T5773] hsr_slave_0: entered promiscuous mode
[   88.488560][ T5773] hsr_slave_1: entered promiscuous mode
[   88.495027][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.504409][ T5773] Cannot create hsr debugfs directory
[   88.525618][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   88.532697][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.559124][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   88.595894][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   88.603820][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   88.630250][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   88.704520][ T5774] hsr_slave_0: entered promiscuous mode
[   88.712391][ T5774] hsr_slave_1: entered promiscuous mode
[   88.720462][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.728254][ T5774] Cannot create hsr debugfs directory
[   88.820412][ T5772] hsr_slave_0: entered promiscuous mode
[   88.827412][ T5772] hsr_slave_1: entered promiscuous mode
[   88.833895][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   88.841658][ T5772] Cannot create hsr debugfs directory
[   89.223310][ T5776] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   89.245993][ T5776] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   89.258188][ T5776] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   89.271263][ T5776] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   89.352143][ T5774] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   89.372598][ T5774] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   89.400562][ T5774] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   89.412762][ T5774] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   89.491143][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   89.503269][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   89.521687][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   89.551938][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   89.628859][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   89.641602][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   89.665714][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   89.687453][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   89.762986][ T5776] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.855683][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.890246][ T5776] 8021q: adding VLAN 0 to HW filter on device team0
[   89.904697][ T2943] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.912176][ T2943] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.960302][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   89.979715][ T1120] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.987029][ T1120] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.998783][ T1120] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.006176][ T1120] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.028514][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.077676][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.084834][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.133646][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.169600][ T5773] 8021q: adding VLAN 0 to HW filter on device team0
[   90.205098][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   90.234696][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.241958][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.254914][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.262187][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.335053][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.342811][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.354545][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.361773][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.408824][   T50] Bluetooth: hci3: command tx timeout
[   90.408836][ T5783] Bluetooth: hci0: command tx timeout
[   90.487013][   T50] Bluetooth: hci2: command tx timeout
[   90.488317][ T5783] Bluetooth: hci1: command tx timeout
[   90.527811][ T5773] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   90.548549][ T5773] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   90.583960][ T5772] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   90.654246][ T5776] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.775665][ T5776] veth0_vlan: entered promiscuous mode
[   90.823261][ T5776] veth1_vlan: entered promiscuous mode
[   90.933110][ T5776] veth0_macvtap: entered promiscuous mode
[   90.960225][ T5776] veth1_macvtap: entered promiscuous mode
[   91.028553][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.050900][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.088550][ T5776] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.120286][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.135018][ T5776] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.147313][ T5776] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.156080][ T5776] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.165062][ T5776] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.302035][ T5774] veth0_vlan: entered promiscuous mode
[   91.345457][ T1112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.350950][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   91.360697][ T1112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.375759][ T5774] veth1_vlan: entered promiscuous mode
[   91.439846][ T1112] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.458498][ T1112] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.493422][ T5773] veth0_vlan: entered promiscuous mode
[   91.529163][ T5774] veth0_macvtap: entered promiscuous mode
[   91.542120][ T5774] veth1_macvtap: entered promiscuous mode
[   91.594912][ T5773] veth1_vlan: entered promiscuous mode
[   91.613680][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   91.628784][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.641665][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.665943][ T5772] veth0_vlan: entered promiscuous mode
[   91.680088][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.692501][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.708030][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.752040][ T5774] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.764401][ T5868] syz.3.4[5868]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.771080][ T5774] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.783803][ T5774] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.793915][ T5774] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.821220][ T5772] veth1_vlan: entered promiscuous mode
[   91.874852][ T5868] loop3: detected capacity change from 0 to 2048
[   91.886672][ T5868] EXT4-fs: Ignoring removed mblk_io_submit option
[   91.901933][ T5773] veth0_macvtap: entered promiscuous mode
[   91.957500][ T5773] veth1_macvtap: entered promiscuous mode
[   92.029333][ T5868] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.070009][ T5772] veth0_macvtap: entered promiscuous mode
[   92.095700][ T5772] veth1_macvtap: entered promiscuous mode
[   92.139948][ T5868] EXT4-fs: Ignoring removed orlov option
[   92.148652][ T5868] EXT4-fs error (device loop3): __ext4_remount:6741: comm syz.3.4: Abort forced by user
[   92.166760][ T1120] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.174653][ T1120] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.189611][ T5868] EXT4-fs (loop3): Remounting filesystem read-only
[   92.198250][ T5868] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[   92.218712][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.233962][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.245200][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.253536][    T8] cfg80211: failed to load regulatory.db
[   92.263989][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.281078][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.281980][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.363813][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.392056][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.404055][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.421888][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.432797][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   92.443430][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.457673][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   92.469280][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.480333][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.491961][ T5783] Bluetooth: hci0: command tx timeout
[   92.497305][   T50] Bluetooth: hci3: command tx timeout
[   92.504797][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.515827][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.528640][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.541092][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   92.550958][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   92.567377][ T5783] Bluetooth: hci2: command tx timeout
[   92.567386][   T50] Bluetooth: hci1: command tx timeout
[   92.580041][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.589605][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.598507][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.607706][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.619662][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.631691][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.642802][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.655737][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.665864][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   92.676712][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   92.688639][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   92.713880][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.728911][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.738217][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.747217][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.995594][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.005895][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.096659][ T1120] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.115177][ T1120] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.227620][ T1120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.250713][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   93.266384][ T1120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.279311][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   93.296744][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.326865][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   93.879766][ T5888] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[   94.576301][ T5783] Bluetooth: hci0: command tx timeout
[   94.581803][ T5783] Bluetooth: hci3: command tx timeout
[   94.651055][ T5783] Bluetooth: hci2: command tx timeout
[   94.657443][   T50] Bluetooth: hci1: command tx timeout
[   95.243359][ T5900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11'.
[   95.266434][ T5900] netlink: 24 bytes leftover after parsing attributes in process `syz.0.11'.
[   95.418973][    T8] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   96.056917][    T8] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   96.078341][    T8] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[   96.096882][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[   96.109470][    T8] usb 3-1: config 0 interface 0 has no altsetting 0
[   96.138578][    T8] usb 3-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[   96.176570][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.255675][    T8] usb 3-1: config 0 descriptor??
[   96.476801][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   96.486326][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[   96.646157][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   96.666164][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   96.676144][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   96.712050][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   97.017771][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   97.112938][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.225977][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.284695][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.331894][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.346251][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.353480][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.406318][    T8] hid-alps 0003:044E:120B.0001: unknown main item tag 0x0
[   97.423820][    T8] hid-alps 0003:044E:120B.0001: item fetching failed at offset 10/11
[   97.475633][    T8] hid-alps 0003:044E:120B.0001: parse failed
[   97.498661][    T8] hid-alps: probe of 0003:044E:120B.0001 failed with error -22
[   97.560880][    T8] usb 3-1: USB disconnect, device number 2
[   97.619212][ T5902] loop0: detected capacity change from 0 to 32768
[   97.795549][ T5902] BTRFS: device fsid 384aeb47-f1c2-4293-8350-e6dffa96895f devid 1 transid 8 /dev/loop0 scanned by syz.0.12 (5902)
[  100.905968][ T5902] BTRFS error (device loop0): open_ctree failed: -4
[  101.173397][ T5933] loop1: detected capacity change from 0 to 512
[  101.237103][ T5899] BTRFS: device fsid 384aeb47-f1c2-4293-8350-e6dffa96895f devid 1 transid 8 /dev/loop0 scanned by udevd (5899)
[  101.290306][ T5933] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.20: invalid indirect mapped block 256 (level 2)
[  101.423041][ T5933] EXT4-fs (loop1): 2 truncates cleaned up
[  101.487759][ T5933] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.846482][ T5937] EXT4-fs error (device loop1): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  104.158170][ T5947] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 9 with max blocks 7 with error 28
[  104.205676][ T5947] EXT4-fs (loop1): This should not happen!! Data will be lost
[  104.205676][ T5947] 
[  104.453520][ T5947] EXT4-fs (loop1): Total free blocks count 0
[  104.468327][ T5947] EXT4-fs (loop1): Free/Dirty block details
[  105.265496][ T5947] EXT4-fs (loop1): free_blocks=0
[  105.272156][ T5947] EXT4-fs (loop1): dirty_blocks=7
[  105.279347][ T5947] EXT4-fs (loop1): Block reservation details
[  105.285393][ T5947] EXT4-fs (loop1): i_reserved_data_blocks=7
[  105.797571][ T5964] loop2: detected capacity change from 0 to 64
[  106.187697][ T5964] =======================================================
[  106.187697][ T5964] WARNING: The mand mount option has been deprecated and
[  106.187697][ T5964]          and is ignored by this kernel. Remove the mand
[  106.187697][ T5964]          option from the mount to silence this warning.
[  106.187697][ T5964] =======================================================
[  106.437044][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.396274][   T28] audit: type=1326 audit(1751022932.831:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5965 comm="syz.0.29" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  108.883477][   T28] audit: type=1326 audit(1751022934.501:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5992 comm="syz.0.36" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x0
[  110.584517][ T6004] sched: RT throttling activated
[  111.570667][ T6015] loop3: detected capacity change from 0 to 256
[  112.434044][ T6015] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  112.453818][ T6015] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  112.907424][ T6038] loop3: detected capacity change from 0 to 128
[  113.069950][ T6038] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  113.158112][ T6042] netlink: 165 bytes leftover after parsing attributes in process `syz.2.48'.
[  113.768198][ T6038] ext4 filesystem being mounted at /18/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  113.907109][   T28] audit: type=1326 audit(1751022939.521:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.026832][   T28] audit: type=1326 audit(1751022939.521:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.229547][   T28] audit: type=1326 audit(1751022939.521:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.252885][   T28] audit: type=1326 audit(1751022939.561:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.276737][   T28] audit: type=1326 audit(1751022939.561:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.300225][   T28] audit: type=1326 audit(1751022939.561:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.324434][   T28] audit: type=1326 audit(1751022939.561:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.347017][   T28] audit: type=1326 audit(1751022939.561:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.358780][ T5776] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  114.371264][   T28] audit: type=1326 audit(1751022939.581:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6037 comm="syz.3.49" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7ffc0000
[  114.403485][ T6047] loop2: detected capacity change from 0 to 1024
[  114.430824][ T6047] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  114.479062][ T6047] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.562437][ T6047] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  114.952891][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.220906][ T6057] fuse: Unknown parameter 'grou00000000000000000000'
[  116.351267][   T50] Bluetooth: hci3: command tx timeout
[  118.228837][ T6073] netlink: 165 bytes leftover after parsing attributes in process `syz.1.59'.
[  118.678635][ T6085] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  119.388623][ T6090] fuse: Unknown parameter 'grou00000000000000000000'
[  123.350699][ T6121] netlink: 165 bytes leftover after parsing attributes in process `syz.0.72'.
[  123.936268][ T6129] fuse: Unknown parameter 'grou00000000000000000000'
[  124.473389][ T6135] input: syz1 as /devices/virtual/input/input5
[  125.552247][ T6137] loop1: detected capacity change from 0 to 40427
[  125.565244][ T6137] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  125.573375][ T6137] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  125.592671][ T6137] F2FS-fs (loop1): invalid crc value
[  125.617971][ T6137] F2FS-fs (loop1): Found nat_bits in checkpoint
[  125.702485][ T6137] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  125.709922][ T6137] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  125.731505][ T6127] loop0: detected capacity change from 0 to 32768
[  125.957925][ T6127] 
[  125.957925][ T6127]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  125.957925][ T6127] 
[  127.451731][ T6152] netlink: 165 bytes leftover after parsing attributes in process `syz.2.84'.
[  127.463248][ T6155] process 'syz.1.80' launched './file1' with NULL argv: empty string added
[  128.779902][ T6160] fuse: Unknown parameter 'group_i00000000000000000000'
[  128.789191][ T5772] 
[  128.789191][ T5772]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  128.789191][ T5772] 
[  128.847994][ T5772] 
[  128.847994][ T5772]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  128.847994][ T5772] 
[  129.030643][ T6158] loop2: detected capacity change from 0 to 4096
[  129.804709][ T6167] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  129.850759][ T6166] loop0: detected capacity change from 0 to 256
[  130.867357][ T6158] syz.2.85 (6158) used greatest stack depth: 19408 bytes left
[  133.242688][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  133.253916][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  133.808205][ T6197] fuse: Unknown parameter 'group_i00000000000000000000'
[  134.043318][ T6206] loop0: detected capacity change from 0 to 512
[  134.151972][ T6206] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.100: invalid indirect mapped block 256 (level 2)
[  134.208321][ T6206] EXT4-fs (loop0): 2 truncates cleaned up
[  134.266529][ T6206] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.929913][ T6211] EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz.0.100: bg 0: block 5: invalid block bitmap
[  135.037528][ T6211] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 9 with max blocks 55 with error 28
[  135.056419][ T6211] EXT4-fs (loop0): This should not happen!! Data will be lost
[  135.056419][ T6211] 
[  135.079796][ T6202] loop2: detected capacity change from 0 to 32768
[  135.089600][ T6211] EXT4-fs (loop0): Total free blocks count 0
[  135.102278][ T6202] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.98 (6202)
[  135.115246][ T6211] EXT4-fs (loop0): Free/Dirty block details
[  135.126790][ T6211] EXT4-fs (loop0): free_blocks=0
[  135.133130][ T6211] EXT4-fs (loop0): dirty_blocks=55
[  135.139997][ T6211] EXT4-fs (loop0): Block reservation details
[  135.146916][ T6211] EXT4-fs (loop0): i_reserved_data_blocks=55
[  135.166430][ T6202] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  135.194831][ T6202] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  135.250594][ T6202] BTRFS info (device loop2): setting nodatacow, compression disabled
[  135.305610][ T6202] BTRFS info (device loop2): max_inline at 0
[  135.338468][ T6202] BTRFS info (device loop2): enabling disk space caching
[  135.345592][ T6202] BTRFS info (device loop2): setting datasum, datacow enabled
[  135.366852][ T6202] BTRFS info (device loop2): turning off barriers
[  135.373367][ T6202] BTRFS info (device loop2): turning on flush-on-commit
[  135.402309][ T6202] BTRFS info (device loop2): doing ref verification
[  135.415511][ T6202] BTRFS info (device loop2): force clearing of disk cache
[  135.435737][ T6202] BTRFS info (device loop2): enabling ssd optimizations
[  135.458185][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.473213][ T6202] BTRFS info (device loop2): max_inline at 4096
[  135.489369][ T6202] BTRFS info (device loop2): disk space caching is enabled
[  135.786168][ T6202] BTRFS info (device loop2): auto enabling async discard
[  135.867174][ T6202] BTRFS info (device loop2): rebuilding free space tree
[  135.936725][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  135.945570][ T6237] nbd1: detected capacity change from 0 to 1073741828
[  135.967299][   T95] block nbd1: Send control failed (result -89)
[  135.974250][   T95] block nbd1: Request send failed, requeueing
[  135.982737][   T50] block nbd1: Receive control failed (result -32)
[  135.991602][   T95] block nbd1: Dead connection, failed to find a fallback
[  136.002883][   T95] block nbd1: shutting down sockets
[  136.009432][   T95] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.019123][   T95] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.028224][   T95] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.038784][   T95] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.051409][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.062201][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.072806][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.083311][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.093049][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.093104][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.093426][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.093452][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.093947][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.093971][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.094119][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.094143][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.094312][ T5790] ldm_validate_partition_table(): Disk read failed.
[  136.094485][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.094511][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.094980][   T54] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  136.095006][   T54] Buffer I/O error on dev nbd1, logical block 0, async page read
[  136.095672][ T5790] Dev nbd1: unable to read RDB block 0
[  136.097415][ T5790]  nbd1: unable to read partition table
[  136.102688][ T6239] ldm_validate_partition_table(): Disk read failed.
[  136.103344][ T6239] Dev nbd1: unable to read RDB block 0
[  136.105867][ T6239]  nbd1: unable to read partition table
[  136.128780][ T6202] BTRFS info (device loop2): disabling free space tree
[  136.128923][ T6202] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  136.129033][ T6202] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  136.142218][ T5790] ldm_validate_partition_table(): Disk read failed.
[  136.146680][ T5790] Dev nbd1: unable to read RDB block 0
[  136.149788][ T5790]  nbd1: unable to read partition table
[  136.160003][    T9] usb 4-1: Using ep0 maxpacket: 8
[  136.194696][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  136.194754][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  136.194780][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  136.194803][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  136.194859][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  136.194883][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.266340][ T6245] fuse: Unknown parameter 'group_i00000000000000000000'
[  136.426860][    T9] usb 4-1: GET_CAPABILITIES returned 0
[  136.426960][    T9] usbtmc 4-1:16.0: can't read capabilities
[  136.537491][ T5773] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.681433][    C0] usbtmc 4-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  136.681944][ T6223] usbtmc 4-1:16.0: Unable to send data, error -71
[  136.697302][  T967] usb 4-1: USB disconnect, device number 2
[  137.609246][ T6257] netlink: 165 bytes leftover after parsing attributes in process `syz.3.112'.
[  138.542804][ T6253] loop1: detected capacity change from 0 to 40427
[  138.551195][  T967] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  138.565943][ T6253] F2FS-fs (loop1): invalid crc value
[  138.578613][ T6253] F2FS-fs (loop1): Found nat_bits in checkpoint
[  138.705673][ T6253] F2FS-fs (loop1): Start checkpoint disabled!
[  138.731344][ T6264] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  138.765329][ T6253] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  138.767717][ T6264] netlink: 44 bytes leftover after parsing attributes in process `syz.3.114'.
[  138.816890][  T967] usb 1-1: config 0 has an invalid interface number: 29 but max is 0
[  138.835477][  T967] usb 1-1: config 0 has no interface number 0
[  138.844581][  T967] usb 1-1: config 0 interface 29 has no altsetting 0
[  138.953014][  T967] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  138.985962][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.014616][  T967] usb 1-1: Product: syz
[  139.020192][  T967] usb 1-1: Manufacturer: syz
[  139.024869][  T967] usb 1-1: SerialNumber: syz
[  139.040137][  T967] usb 1-1: config 0 descriptor??
[  139.679249][ T1140] kworker/u4:9: attempt to access beyond end of device
[  139.679249][ T1140] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  139.727634][ T1140] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  139.734990][ T1140] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  140.086914][ T6271] fuse: Unknown parameter 'group_id00000000000000000000'
[  140.431053][   T50] Bluetooth: hci0: link tx timeout
[  140.439242][   T50] Bluetooth: hci0: killing stalled connection 10:aa:aa:aa:aa:aa
[  140.850762][  T967] usb 1-1: can't set config #0, error -71
[  140.875757][  T967] usb 1-1: USB disconnect, device number 2
[  141.116433][   T23] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  141.298488][   T23] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  141.359011][   T23] usb 4-1: config 0 has no interface number 0
[  141.391040][   T23] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  142.144300][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.211432][   T23] usb 4-1: config 0 descriptor??
[  142.243871][   T23] usb 4-1: selecting invalid altsetting 1
[  142.264996][   T23] dvb_ttusb_budget: ttusb_init_controller: error
[  142.287652][ T6299] tipc: Started in network mode
[  142.302180][   T23] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  142.306370][ T6299] tipc: Node identity 522f8aa13a9f, cluster identity 4711
[  142.338648][ T6299] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  142.388029][ T6299] syzkaller0: MTU too low for tipc bearer
[  142.426349][ T6299] tipc: Disabling bearer <eth:syzkaller0>
[  142.496782][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[  142.543895][   T23] DVB: Unable to find symbol cx22700_attach()
[  142.706981][   T23] DVB: Unable to find symbol tda10046_attach()
[  142.713224][   T23] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  142.769183][   T23] usb 4-1: USB disconnect, device number 3
[  144.302936][ T6310] loop2: detected capacity change from 0 to 32768
[  144.345131][ T6310] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.129 (6310)
[  144.450445][ T6310] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  144.469398][ T6310] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  144.480671][ T6310] BTRFS info (device loop2): setting nodatacow, compression disabled
[  144.491831][ T6310] BTRFS info (device loop2): max_inline at 0
[  144.500183][ T6310] BTRFS info (device loop2): enabling disk space caching
[  144.511307][ T6310] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  144.558616][ T6310] BTRFS info (device loop2): force lzo compression, level 0
[  144.580680][ T6310] BTRFS info (device loop2): turning on flush-on-commit
[  144.587939][ T6310] BTRFS info (device loop2): turning on async discard
[  144.594773][ T6310] BTRFS info (device loop2): doing ref verification
[  144.612564][ T6310] BTRFS info (device loop2): force clearing of disk cache
[  144.630568][ T6310] BTRFS info (device loop2): enabling ssd optimizations
[  144.639515][ T6310] BTRFS info (device loop2): turning off barriers
[  144.654397][ T6310] BTRFS info (device loop2): max_inline at 4096
[  144.661475][ T6310] BTRFS info (device loop2): disk space caching is enabled
[  144.744125][ T1132] BTRFS warning (device loop2): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x16636aeb level 0
[  144.760303][ T6316] loop3: detected capacity change from 0 to 32768
[  144.764996][ T6310] BTRFS warning (device loop2): couldn't read tree root
[  144.784613][ T6316] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.132 (6316)
[  144.938778][ T6316] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  144.969365][ T6316] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  145.021929][ T6316] BTRFS info (device loop3): use zlib compression, level 3
[  145.039937][ T6316] BTRFS info (device loop3): using free space tree
[  145.042709][ T6310] BTRFS error (device loop2): open_ctree failed: -5
[  145.340287][ T6316] BTRFS info (device loop3): enabling ssd optimizations
[  145.374590][ T6316] BTRFS info (device loop3): auto enabling async discard
[  146.376960][ T5776] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  146.537117][ T6366] syz.0.137[6366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.537282][ T6366] syz.0.137[6366] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.561834][ T6366] loop0: detected capacity change from 0 to 256
[  146.584992][ T6366] exfat: Deprecated parameter 'utf8'
[  146.590643][ T6366] exfat: Deprecated parameter 'utf8'
[  146.605652][ T6366] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  146.670990][ T5899] blk_print_req_error: 40 callbacks suppressed
[  146.671006][ T5899] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  149.448336][   T50] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  149.457833][   T50] Bluetooth: hci1: Injecting HCI hardware error event
[  149.467904][ T5783] Bluetooth: hci1: hardware error 0x00
[  151.062290][ T6401] loop1: detected capacity change from 0 to 512
[  151.089464][ T6401] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  151.636481][ T5783] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  151.682772][   T28] audit: type=1107 audit(1751023489.192:13): pid=6400 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  152.257235][ T6411] loop3: detected capacity change from 0 to 128
[  152.473914][ T6411] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  152.555772][ T6411] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  153.230907][ T5776] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  153.441234][ T6405] loop2: detected capacity change from 0 to 40427
[  153.515886][ T6405] F2FS-fs (loop2): invalid crc value
[  153.556207][ T6405] F2FS-fs (loop2): Found nat_bits in checkpoint
[  153.711032][ T6405] F2FS-fs (loop2): Start checkpoint disabled!
[  153.736314][ T6405] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  154.034087][   T11] kworker/u4:0: attempt to access beyond end of device
[  154.034087][   T11] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  154.051866][   T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  154.060656][   T11] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  155.724234][ T6440] loop3: detected capacity change from 0 to 512
[  155.747677][ T6442] loop2: detected capacity change from 0 to 512
[  155.770327][ T6440] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  155.790319][ T6442] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  155.813690][ T6442] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  155.913895][ T6442] EXT4-fs (loop2): 1 truncate cleaned up
[  155.954197][ T6442] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.145596][   T28] audit: type=1107 audit(1751023749.760:14): pid=6439 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  159.426690][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.626348][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  159.850019][    T8] usb 4-1: Using ep0 maxpacket: 32
[  159.884003][    T8] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xA6, skipping
[  159.922678][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  159.947127][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  159.966351][    T8] usb 4-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  159.977305][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.985363][    T8] usb 4-1: Product: syz
[  159.989833][    T8] usb 4-1: Manufacturer: syz
[  160.010803][    T8] usb 4-1: SerialNumber: syz
[  160.040369][    T8] usb 4-1: config 0 descriptor??
[  160.099718][ T6467] 9pnet_fd: Insufficient options for proto=fd
[  160.140329][ T6467] loop2: detected capacity change from 0 to 512
[  160.183967][ T6467] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  160.232178][ T6467] EXT4-fs (loop2): 1 truncate cleaned up
[  160.282854][ T6467] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  161.461208][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.554827][ T5835] usb 4-1: USB disconnect, device number 4
[  164.303767][ T6497] syz.2.171[6497] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.303926][ T6497] syz.2.171[6497] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  164.322728][ T6497] loop2: detected capacity change from 0 to 256
[  164.341393][ T6497] exfat: Deprecated parameter 'utf8'
[  164.346804][ T6497] exfat: Deprecated parameter 'utf8'
[  164.395992][ T6492] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  164.424700][ T6492] cramfs: wrong magic
[  164.491335][ T6497] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  165.382007][ T6515] loop2: detected capacity change from 0 to 512
[  165.464039][ T6515] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  165.541589][ T6515] EXT4-fs (loop2): 1 truncate cleaned up
[  165.552207][ T6515] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.890642][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.394060][ T6528] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  168.276459][ T6528] loop2: detected capacity change from 0 to 1024
[  168.628240][ T6528] hfsplus: unable to parse mount options
[  169.731577][ T6550] loop2: detected capacity change from 0 to 512
[  170.027584][ T6550] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  170.316870][ T6550] EXT4-fs (loop2): 1 truncate cleaned up
[  170.331693][ T6550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.586884][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.938996][ T6568] loop0: detected capacity change from 0 to 32768
[  171.011738][ T6568] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.193 (6568)
[  171.106163][ T6568] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  171.126439][ T6568] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  171.135312][ T6568] BTRFS info (device loop0): setting nodatacow, compression disabled
[  171.146676][ T6568] BTRFS info (device loop0): max_inline at 0
[  171.152749][ T6568] BTRFS info (device loop0): enabling disk space caching
[  171.203293][ T6568] BTRFS info (device loop0): setting datasum, datacow enabled
[  171.250304][ T6568] BTRFS info (device loop0): turning off barriers
[  171.262556][ T6568] BTRFS info (device loop0): turning on flush-on-commit
[  171.294322][ T6568] BTRFS info (device loop0): doing ref verification
[  171.306261][ T6568] BTRFS info (device loop0): force clearing of disk cache
[  171.323458][ T6568] BTRFS info (device loop0): enabling ssd optimizations
[  171.341020][ T6568] BTRFS info (device loop0): max_inline at 4096
[  171.357185][ T6568] BTRFS info (device loop0): disk space caching is enabled
[  172.330418][ T6572] loop2: detected capacity change from 0 to 32768
[  172.436924][ T6572] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.195 (6572)
[  172.461334][ T6568] BTRFS info (device loop0): auto enabling async discard
[  172.494410][ T6568] BTRFS info (device loop0): rebuilding free space tree
[  172.559060][ T6568] BTRFS info (device loop0): disabling free space tree
[  172.567192][ T6568] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  172.616239][ T6568] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  172.729119][ T5790] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (5790)
[  172.943742][ T5772] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.720712][ T6608] netlink: 12 bytes leftover after parsing attributes in process `syz.0.199'.
[  173.967372][ T6610] loop0: detected capacity change from 0 to 512
[  173.990490][ T6610] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  174.033671][ T6610] EXT4-fs (loop0): 1 truncate cleaned up
[  174.065497][ T6610] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  174.422157][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.625374][ T6618] syz_tun: entered allmulticast mode
[  174.651159][ T6616] syz_tun: left allmulticast mode
[  176.186619][ T6638] netlink: 12 bytes leftover after parsing attributes in process `syz.2.211'.
[  176.461115][ T6644] loop0: detected capacity change from 0 to 512
[  176.500005][ T6644] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  176.557673][ T6644] EXT4-fs (loop0): 1 truncate cleaned up
[  176.607422][ T6644] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.937278][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.269423][ T6650] loop2: detected capacity change from 0 to 32768
[  177.413894][ T6650] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.216 (6650)
[  177.544494][ T6650] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.856184][ T5783] Bluetooth: hci3: command tx timeout
[  178.916403][ T6650] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  178.935162][ T6650] BTRFS info (device loop2): setting nodatacow, compression disabled
[  179.055006][ T6650] BTRFS info (device loop2): max_inline at 0
[  179.120492][ T6650] BTRFS info (device loop2): enabling disk space caching
[  179.143409][ T6650] BTRFS info (device loop2): setting datasum, datacow enabled
[  179.172229][ T6650] BTRFS info (device loop2): turning off barriers
[  179.195106][ T6650] BTRFS info (device loop2): turning on flush-on-commit
[  179.206879][ T6650] BTRFS info (device loop2): doing ref verification
[  179.223038][ T6650] BTRFS info (device loop2): force clearing of disk cache
[  179.281960][ T6650] BTRFS info (device loop2): enabling ssd optimizations
[  179.304047][ T6650] BTRFS info (device loop2): max_inline at 4096
[  179.315269][ T6650] BTRFS info (device loop2): disk space caching is enabled
[  179.501129][ T6650] BTRFS info (device loop2): auto enabling async discard
[  179.572421][ T6650] BTRFS info (device loop2): rebuilding free space tree
[  179.678178][ T6650] BTRFS info (device loop2): disabling free space tree
[  179.704564][ T6650] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  179.733080][ T6650] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  179.878635][ T5773] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.715825][ T6700] loop2: detected capacity change from 0 to 512
[  180.786464][ T6700] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  180.876687][ T6700] EXT4-fs (loop2): 1 truncate cleaned up
[  180.885635][ T6700] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.158881][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.502052][ T5783] block nbd0: Receive control failed (result -11)
[  183.724257][ T6736] loop0: detected capacity change from 0 to 512
[  184.063471][ T6736] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  184.121931][ T6736] EXT4-fs (loop0): 1 truncate cleaned up
[  184.144619][ T6736] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  184.453259][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.616904][ T6748] fuse: Invalid rootmode
[  186.716167][   T28] audit: type=1326 audit(1751024804.330:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  186.783047][   T28] audit: type=1326 audit(1751024804.330:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  186.860989][   T28] audit: type=1326 audit(1751024804.330:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  186.883111][    C0] vkms_vblank_simulate: vblank timer overrun
[  186.898182][ T6774] loop0: detected capacity change from 0 to 512
[  186.905772][   T28] audit: type=1326 audit(1751024804.330:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  186.928194][    C0] vkms_vblank_simulate: vblank timer overrun
[  186.937339][   T28] audit: type=1326 audit(1751024804.330:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  186.960510][   T28] audit: type=1326 audit(1751024804.330:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  186.982965][    C0] vkms_vblank_simulate: vblank timer overrun
[  186.991658][ T6774] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  187.005918][   T28] audit: type=1326 audit(1751024804.330:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  187.028093][    C0] vkms_vblank_simulate: vblank timer overrun
[  187.044648][   T28] audit: type=1326 audit(1751024804.330:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  187.067735][   T28] audit: type=1326 audit(1751024804.330:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  187.091582][   T28] audit: type=1326 audit(1751024804.330:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6759 comm="syz.1.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449dd8e929 code=0x7fc00000
[  187.113688][    C0] vkms_vblank_simulate: vblank timer overrun
[  187.238737][ T6776] fuse: Invalid rootmode
[  187.306759][ T5826] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[  187.508838][ T5826] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  187.625259][ T5826] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  187.819177][ T5826] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  187.856181][ T5826] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  188.030100][ T5826] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  188.092770][ T5826] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  188.185960][ T5826] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  188.203586][ T5826] usb 3-1: string descriptor 0 read error: -22
[  188.210433][ T5826] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  188.219975][ T5826] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.353300][ T5826] usb 3-1: config 0 descriptor??
[  188.364200][ T5826] hub 3-1:0.0: bad descriptor, ignoring hub
[  189.178784][ T5826] hub: probe of 3-1:0.0 failed with error -5
[  189.221090][ T5826] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6
[  189.456975][ T5826] usb 3-1: USB disconnect, device number 3
[  190.684073][ T6804] fuse: Invalid rootmode
[  190.760867][ T6807] loop2: detected capacity change from 0 to 512
[  190.789141][ T6807] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  191.921682][   T28] kauditd_printk_skb: 60 callbacks suppressed
[  191.921698][   T28] audit: type=1326 audit(1751025065.540:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6800 comm="syz.3.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7fc00000
[  192.025824][   T28] audit: type=1326 audit(1751025065.540:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6800 comm="syz.3.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a8178e929 code=0x7fc00000
[  192.297224][   T28] audit: type=1326 audit(1751025065.540:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6800 comm="syz.3.258" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7fc00000
[  193.689121][ T6826] veth3: entered promiscuous mode
[  193.932573][ T6831] fuse: Bad value for 'rootmode'
[  194.092406][ T6833] loop3: detected capacity change from 0 to 512
[  194.125908][ T6833] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  194.193133][ T5922] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  195.175743][   T28] audit: type=1107 audit(1751025068.170:88): pid=6832 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  195.192151][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  195.198741][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  195.459012][ T6829] loop2: detected capacity change from 0 to 32768
[  195.495442][ T6829] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.268 (6829)
[  195.569884][ T6829] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  195.604769][ T6829] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  195.641089][ T6829] BTRFS info (device loop2): turning off barriers
[  195.656569][ T6829] BTRFS info (device loop2): setting nodatasum
[  195.671592][ T6829] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  195.691780][ T6829] BTRFS info (device loop2): use zstd compression, level 3
[  195.707336][ T6829] BTRFS info (device loop2): using free space tree
[  196.311295][   T28] audit: type=1326 audit(1751025069.930:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a8178e929 code=0x7fc00000
[  196.622629][   T28] audit: type=1326 audit(1751025069.960:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6836 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a8178e929 code=0x7fc00000
[  197.320832][ T6871] netlink: 165 bytes leftover after parsing attributes in process `syz.3.276'.
[  197.902654][ T6870] loop1: detected capacity change from 0 to 1764
[  197.944232][ T6873] loop0: detected capacity change from 0 to 512
[  198.006247][ T6873] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  198.039769][ T5790] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  198.169442][ T5773] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  198.466320][   T28] audit: type=1107 audit(1751025072.050:91): pid=6872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  199.116869][ T6880] xt_connbytes: Forcing CT accounting to be enabled
[  199.144879][ T6880] Cannot find set identified by id 0 to match
[  199.981670][ T6886] fuse: Bad value for 'rootmode'
[  200.225709][ T6875] loop3: detected capacity change from 0 to 32768
[  200.596360][   T28] audit: type=1326 audit(1751025074.190:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6881 comm="syz.0.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  200.957425][   T28] audit: type=1326 audit(1751025074.190:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6881 comm="syz.0.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  201.086640][   T28] audit: type=1326 audit(1751025074.190:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6881 comm="syz.0.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  201.108911][   T28] audit: type=1326 audit(1751025074.200:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6881 comm="syz.0.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  201.162099][ T6875] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  201.186504][   T28] audit: type=1326 audit(1751025074.200:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6881 comm="syz.0.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  201.256248][   T28] audit: type=1326 audit(1751025074.200:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6881 comm="syz.0.282" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f55ccb8e929 code=0x7fc00000
[  201.389611][ T5776] ocfs2: Unmounting device (7,3) on (node local)
[  201.880238][ T6908] netlink: 165 bytes leftover after parsing attributes in process `syz.3.288'.
[  202.740939][ T6910] loop3: detected capacity change from 0 to 512
[  202.832937][ T6910] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  203.213912][   T28] audit: type=1107 audit(1751025076.830:98): pid=6909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  203.937023][ T6919] fuse: Bad value for 'rootmode'
[  207.046727][ T6937] netlink: 165 bytes leftover after parsing attributes in process `syz.0.298'.
[  209.235929][ T6954] fuse: Unknown parameter 'use00000000000000000000'
[  209.262072][ T6955] loop1: detected capacity change from 0 to 512
[  209.312160][ T6955] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  210.797205][   T28] audit: type=1107 audit(1751025084.200:99): pid=6951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  211.400320][ T6969] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  211.816870][ T6976] netlink: 165 bytes leftover after parsing attributes in process `syz.2.309'.
[  212.684497][ T6982] fuse: Unknown parameter 'use00000000000000000000'
[  212.979566][ T5787] Bluetooth: hci3: command 0x0406 tx timeout
[  212.985673][ T5787] Bluetooth: hci2: command 0x0406 tx timeout
[  213.872113][ T6973] loop0: detected capacity change from 0 to 32768
[  214.017258][   T28] audit: type=1800 audit(1751025087.630:100): pid=6973 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.310" name="file1" dev="loop0" ino=4 res=0 errno=0
[  214.252800][ T6980] loop3: detected capacity change from 0 to 32768
[  214.278315][ T6980] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.312 (6980)
[  214.378403][ T6980] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  214.416561][ T6992] loop0: detected capacity change from 0 to 512
[  214.422171][ T6980] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  214.453955][ T6980] BTRFS info (device loop3): metadata ratio 4
[  214.482140][ T6980] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  214.491655][ T6992] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  214.522290][ T6980] BTRFS info (device loop3): force lzo compression, level 0
[  214.549026][ T6980] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  214.565334][ T6980] BTRFS info (device loop3): trying to use backup root at mount time
[  214.586904][ T6980] BTRFS info (device loop3): doing ref verification
[  214.594370][ T6980] BTRFS info (device loop3): enabling ssd optimizations
[  214.625962][ T6980] BTRFS info (device loop3): using spread ssd allocation scheme
[  214.636021][ T6980] BTRFS info (device loop3): using free space tree
[  215.019052][   T28] audit: type=1107 audit(1751025088.580:101): pid=6991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  215.327219][ T2952] BTRFS warning (device loop3): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  215.443362][ T6980] BTRFS warning (device loop3): couldn't read tree root
[  215.462864][ T6980] BTRFS warning (device loop3): try to load backup roots slot 1
[  215.529610][   T48] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  215.580213][ T6980] BTRFS warning (device loop3): couldn't read tree root
[  215.609427][ T6980] BTRFS warning (device loop3): try to load backup roots slot 2
[  215.672630][   T48] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  215.711527][ T6980] BTRFS warning (device loop3): couldn't read tree root
[  215.731424][ T6980] BTRFS warning (device loop3): try to load backup roots slot 3
[  215.844973][ T6980] BTRFS error (device loop3): open_ctree failed: -4
[  215.862202][ T5922] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by udevd (5922)
[  216.509220][ T7024] netlink: 165 bytes leftover after parsing attributes in process `syz.3.321'.
[  217.399667][ T7026] fuse: Unknown parameter 'use00000000000000000000'
[  218.038607][ T7035] loop1: detected capacity change from 0 to 512
[  218.333013][ T7035] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  218.951671][   T28] audit: type=1107 audit(1751025092.570:102): pid=7034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  219.628026][ T7057] fuse: Unknown parameter 'user_i00000000000000000000'
[  220.835259][ T7055] loop3: detected capacity change from 0 to 40427
[  220.886075][ T7055] F2FS-fs (loop3): invalid crc value
[  221.003478][ T7055] F2FS-fs (loop3): Found nat_bits in checkpoint
[  221.239837][ T7055] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  221.858636][ T7080] loop0: detected capacity change from 0 to 512
[  221.870903][ T7080] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
[  224.156090][   T28] audit: type=1107 audit(1751025097.350:103): pid=7079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  224.463645][ T7092] fuse: Unknown parameter 'user_i00000000000000000000'
[  226.050368][ T7111] loop2: detected capacity change from 0 to 512
[  226.058736][ T7113] loop1: detected capacity change from 0 to 512
[  226.078451][ T7111] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  226.100526][ T7113] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  226.151907][ T7111] EXT4-fs (loop2): 1 truncate cleaned up
[  226.289859][ T7111] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.616552][   T28] audit: type=1107 audit(1751025100.170:104): pid=7112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  227.141571][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.246161][ T7107] loop3: detected capacity change from 0 to 40427
[  227.276468][ T7107] F2FS-fs (loop3): invalid crc value
[  227.311610][ T7107] F2FS-fs (loop3): Found nat_bits in checkpoint
[  227.477057][ T7107] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  227.539837][ T7130] fuse: Unknown parameter 'user_i00000000000000000000'
[  228.287852][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.356'.
[  229.368487][ T7149] loop0: detected capacity change from 0 to 512
[  230.138865][ T7157] loop1: detected capacity change from 0 to 256
[  230.145909][ T7157] exfat: Deprecated parameter 'utf8'
[  230.151349][ T7157] exfat: Deprecated parameter 'utf8'
[  230.296915][ T7149] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  230.347937][ T7157] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  230.449705][ T7149] EXT4-fs (loop0): 1 truncate cleaned up
[  230.467594][ T7149] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.914849][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.201814][ T7167] fuse: Unknown parameter 'user_id00000000000000000000'
[  231.542395][ T7150] overlayfs: failed to resolve './file0': -2
[  232.041902][ T7164] loop2: detected capacity change from 0 to 40427
[  232.096346][ T7164] F2FS-fs (loop2): invalid crc value
[  232.224909][ T7164] F2FS-fs (loop2): Found nat_bits in checkpoint
[  233.126611][ T7164] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  234.692087][ T7193] fuse: Unknown parameter 'user_id00000000000000000000'
[  235.284789][ T7198] loop3: detected capacity change from 0 to 512
[  235.495906][ T7198] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  235.589120][ T7198] EXT4-fs (loop3): 1 truncate cleaned up
[  235.602776][ T7198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.946827][ T7211] loop2: detected capacity change from 0 to 256
[  235.954852][ T7211] exfat: Deprecated parameter 'utf8'
[  235.960531][ T7211] exfat: Deprecated parameter 'utf8'
[  239.736693][ T7211] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  239.911702][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.940324][ T5922] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  240.966835][ T7218] loop2: detected capacity change from 0 to 40427
[  240.989685][ T7218] F2FS-fs (loop2): invalid crc value
[  241.006913][ T7218] F2FS-fs (loop2): Found nat_bits in checkpoint
[  241.073299][ T7218] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  241.098536][ T7232] overlayfs: failed to resolve './file0': -2
[  241.610845][ T7236] fuse: Unknown parameter 'user_id00000000000000000000'
[  242.019180][ T7243] syz.3.389 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  242.110688][ T7246] loop0: detected capacity change from 0 to 256
[  242.118782][ T7246] exfat: Deprecated parameter 'utf8'
[  242.124174][ T7246] exfat: Deprecated parameter 'utf8'
[  242.262218][ T7246] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  245.955312][ T7263] fuse: Bad value for 'fd'
[  246.633544][ T7259] delete_channel: no stack
[  246.959100][ T7272] loop3: detected capacity change from 0 to 512
[  246.977963][ T7272] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  247.375035][   T28] audit: type=1107 audit(1751025120.990:105): pid=7269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  248.474391][ T7289] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  248.474391][ T7289]    program syz.3.402 not setting count and/or reply_len properly
[  248.606734][ T7290] loop2: detected capacity change from 0 to 256
[  248.613944][ T7290] exfat: Deprecated parameter 'utf8'
[  248.619403][ T7290] exfat: Deprecated parameter 'utf8'
[  248.694887][ T7290] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  249.267213][ T7288] netlink: 256 bytes leftover after parsing attributes in process `syz.3.402'.
[  249.504494][ T7298] fuse: Bad value for 'fd'
[  250.220532][ T7312] netlink: 12 bytes leftover after parsing attributes in process `syz.2.406'.
[  250.842870][ T7326] loop1: detected capacity change from 0 to 512
[  250.874174][ T7326] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  251.184834][ T7330] loop3: detected capacity change from 0 to 16
[  251.254090][ T7330] erofs: (device loop3): mounted with root inode @ nid 36.
[  252.180263][ T7336] capability: warning: `syz.3.413' uses deprecated v2 capabilities in a way that may be insecure
[  252.284525][ T7336] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  252.295044][ T7336] erofs: (device loop3): z_erofs_readahead: readahead error at folio 2 @ nid 89
[  252.304497][ T7336] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  252.314493][ T7336] erofs: (device loop3): z_erofs_readahead: readahead error at folio 1 @ nid 89
[  252.334202][ T7336] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  252.344340][ T7336] erofs: (device loop3): z_erofs_readahead: readahead error at folio 0 @ nid 89
[  252.353854][ T7336] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  252.365146][ T7336] erofs: (device loop3): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  252.375074][ T7336] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 0 of nid 89
[  252.406091][   T28] audit: type=1800 audit(1751025126.000:106): pid=7336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.413" name="file2" dev="loop3" ino=89 res=0 errno=0
[  252.942068][ T7346] loop1: detected capacity change from 0 to 256
[  252.949273][ T7346] exfat: Deprecated parameter 'utf8'
[  252.954645][ T7346] exfat: Deprecated parameter 'utf8'
[  256.633523][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  256.640907][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  256.647686][ T7346] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  257.468741][ T7365] netlink: 12 bytes leftover after parsing attributes in process `syz.1.420'.
[  258.983429][ T7376] loop1: detected capacity change from 0 to 512
[  259.044270][ T7376] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  262.076100][ T7391] loop1: detected capacity change from 0 to 256
[  262.089871][ T7391] exfat: Deprecated parameter 'utf8'
[  262.095428][ T7391] exfat: Deprecated parameter 'utf8'
[  264.393152][ T7391] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  265.416979][ T7404] loop1: detected capacity change from 0 to 32768
[  265.484856][ T7404] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  265.590357][ T7404] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  265.899882][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[  265.906774][ T7416] loop3: detected capacity change from 0 to 512
[  265.928852][ T7416] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  267.224238][ T7427] loop2: detected capacity change from 0 to 256
[  267.231415][ T7427] exfat: Deprecated parameter 'utf8'
[  267.236897][ T7427] exfat: Deprecated parameter 'utf8'
[  267.276307][ T7428] loop3: detected capacity change from 0 to 64
[  268.326245][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[  272.100386][ T7427] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  272.278611][ T7428] hfs: unable to open extent tree
[  272.284432][ T7428] hfs: can't find a HFS filesystem on dev loop3
[  276.809002][ T7461] loop0: detected capacity change from 0 to 32768
[  276.928641][ T7461] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  277.120834][   T28] audit: type=1800 audit(1751025150.740:107): pid=7461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.447" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  277.193629][   T28] audit: type=1800 audit(1751025150.740:108): pid=7475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.447" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  277.313372][ T7464] loop1: detected capacity change from 0 to 40427
[  277.360090][ T7464] F2FS-fs (loop1): invalid crc value
[  277.408839][ T7468] loop2: detected capacity change from 0 to 32768
[  277.419965][ T7464] F2FS-fs (loop1): Found nat_bits in checkpoint
[  277.419990][ T7468] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.450 (7468)
[  277.454533][ T7468] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  277.500243][ T7468] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  277.543863][ T7468] BTRFS info (device loop2): enabling auto defrag
[  277.574145][ T7468] BTRFS info (device loop2): doing ref verification
[  277.615946][ T7468] BTRFS info (device loop2): use no compression
[  277.650069][ T7468] BTRFS info (device loop2): force clearing of disk cache
[  277.682566][ T7464] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  277.693118][ T7468] BTRFS info (device loop2): setting nodatacow, compression disabled
[  277.716545][ T7468] BTRFS info (device loop2): disabling free space tree
[  277.828735][ T7468] BTRFS info (device loop2): enabling ssd optimizations
[  277.844657][ T7468] BTRFS info (device loop2): auto enabling async discard
[  277.860735][ T7468] BTRFS info (device loop2): rebuilding free space tree
[  278.000915][ T7468] BTRFS info (device loop2): disabling free space tree
[  278.041982][ T7468] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  278.083401][ T7468] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  278.397516][ T5773] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  278.918678][   T28] audit: type=1800 audit(1751025152.500:109): pid=7461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.447" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  278.923598][ T7461] syz.0.447 (7461) used greatest stack depth: 19376 bytes left
[  279.536350][ T7475] syz.0.447 (7475) used greatest stack depth: 18704 bytes left
[  279.709468][ T5772] ocfs2: Unmounting device (7,0) on (node local)
[  280.218873][ T7522] mmap: syz.1.459 (7522) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  280.321031][ T7525] fuse: Unknown parameter 'fd00000000000000000000003'
[  281.563010][ T7533] warning: `syz.3.464' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  282.028435][ T7544] loop2: detected capacity change from 0 to 512
[  282.072548][ T7544] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  282.354053][ T7544] EXT4-fs (loop2): 1 truncate cleaned up
[  282.668308][ T7544] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.064695][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.081470][ T7553] fuse: Unknown parameter 'fd00000000000000000000003'
[  283.358054][ T7538] loop1: detected capacity change from 0 to 40427
[  283.445131][ T7538] F2FS-fs (loop1): invalid crc value
[  283.618166][ T7564] loop2: detected capacity change from 0 to 16
[  285.484805][ T7564] erofs: (device loop2): mounted with root inode @ nid 36.
[  285.544645][ T7538] F2FS-fs (loop1): Failed to start F2FS issue_checkpoint_thread (-4)
[  288.559634][ T7585] loop3: detected capacity change from 0 to 512
[  288.635472][ T7585] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  288.766627][ T7585] EXT4-fs (loop3): 1 truncate cleaned up
[  288.773836][ T7585] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  289.049819][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.780991][ T7632] loop2: detected capacity change from 0 to 512
[  293.817584][ T7632] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  293.868515][ T7632] EXT4-fs (loop2): 1 truncate cleaned up
[  293.880722][ T7636] loop1: detected capacity change from 0 to 256
[  293.901583][ T7632] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.025905][ T7636] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  294.075499][ T7636] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  294.279636][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.645784][ T7661] xt_connbytes: Forcing CT accounting to be enabled
[  296.652941][ T7661] set match dimension is over the limit!
[  297.266306][ T7671] Zero length message leads to an empty skb
[  297.947738][ T7664] loop1: detected capacity change from 0 to 40427
[  297.974213][ T7664] F2FS-fs (loop1): invalid crc value
[  297.990102][ T7664] F2FS-fs (loop1): Found nat_bits in checkpoint
[  298.080116][ T7664] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  298.404256][ T7684] netlink: 'syz.2.507': attribute type 1 has an invalid length.
[  298.457180][ T7684] 8021q: adding VLAN 0 to HW filter on device bond1
[  298.505208][ T7686] bond1: (slave geneve2): making interface the new active one
[  298.521849][ T7686] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  298.662299][ T7684] bond1: entered promiscuous mode
[  298.671720][ T7684] geneve2: entered promiscuous mode
[  300.335569][ T7699] set match dimension is over the limit!
[  300.611578][ T7702] loop1: detected capacity change from 0 to 256
[  300.681394][ T7702] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  300.725017][ T7702] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  301.223734][ T7705] loop2: detected capacity change from 0 to 32768
[  301.281386][   T28] audit: type=1800 audit(1751025174.900:110): pid=7705 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.512" name="file1" dev="loop2" ino=4 res=0 errno=0
[  301.409272][ T7707] loop0: detected capacity change from 0 to 32768
[  301.474028][ T7710] loop3: detected capacity change from 0 to 40427
[  301.498072][ T7710] F2FS-fs (loop3): invalid crc value
[  301.527678][ T7707] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  301.573172][ T7710] F2FS-fs (loop3): Found nat_bits in checkpoint
[  301.769311][ T7707] XFS (loop0): Ending clean mount
[  301.812624][ T7710] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  301.870230][ T7707] XFS (loop0): Quotacheck needed: Please wait.
[  302.102855][ T7707] XFS (loop0): Quotacheck: Done.
[  302.591656][ T5772] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  303.733763][ T7739] tipc: Started in network mode
[  303.746136][ T7739] tipc: Node identity 4000004, cluster identity 4711
[  303.763635][ T7739] tipc: Node number set to 67108868
[  307.482159][ T7767] loop2: detected capacity change from 0 to 512
[  307.559010][ T7767] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  307.590446][ T7771] loop3: detected capacity change from 0 to 512
[  307.603351][ T7771] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  307.659951][ T7773] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  307.713187][ T7767] EXT4-fs (loop2): 1 truncate cleaned up
[  307.753359][ T7767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.109088][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.611769][   T28] audit: type=1107 audit(1751025183.230:111): pid=7770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  310.810638][ T7789] loop2: detected capacity change from 0 to 65536
[  310.883598][ T7789] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  310.893006][ T7789] XFS (loop2): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  310.975767][ T7789] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[  310.990169][ T7804] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  311.013155][ T7789] XFS (loop2): Starting recovery (logdev: internal)
[  311.058572][ T7789] XFS (loop2): Ending recovery (logdev: internal)
[  311.075407][ T7789] XFS (loop2): Quotacheck needed: Please wait.
[  311.124617][ T7808] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  311.161202][ T7789] XFS (loop2): Quotacheck: Done.
[  311.182901][   T50] Bluetooth: hci0: unexpected event for opcode 0x080c
[  311.297679][ T5773] XFS (loop2): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  311.841000][ T7816] loop0: detected capacity change from 0 to 512
[  311.868715][ T7816] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  311.890394][ T7816] EXT4-fs (loop0): 1 truncate cleaned up
[  311.909106][ T7816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.214933][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.400208][ T7847] loop2: detected capacity change from 0 to 256
[  316.588593][ T7847] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  316.713243][ T7847] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  317.016279][ T7854] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  317.342358][ T7860] loop2: detected capacity change from 0 to 512
[  317.416318][ T7860] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  317.515983][ T7860] EXT4-fs (loop2): 1 truncate cleaned up
[  317.537376][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  317.551970][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  317.591797][ T7866] vivid-000: disconnect
[  317.608410][ T7866] vivid-000: reconnect
[  317.755162][ T7860] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.114099][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.411348][ T7878] loop9: detected capacity change from 0 to 7
[  319.447347][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.456664][    C0] buffer_io_error: 39 callbacks suppressed
[  319.456678][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.681510][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.690916][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.701726][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.711105][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.722082][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.731335][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.768464][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.777751][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.791923][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.801335][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.813562][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.822870][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.830976][ T7878] ldm_validate_partition_table(): Disk read failed.
[  319.839832][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.849233][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.862485][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.871825][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.911130][    C0] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  319.920652][    C0] Buffer I/O error on dev loop9, logical block 0, async page read
[  319.935222][ T7878] Dev loop9: unable to read RDB block 0
[  319.985742][ T7878]  loop9: unable to read partition table
[  319.993434][ T7878] loop9: partition table beyond EOD, truncated
[  320.000057][ T7878] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  320.263049][ T7874] 8021q: adding VLAN 0 to HW filter on device bond0
[  320.311717][ T7874] bond0: (slave rose0): Enslaving as an active interface with an up link
[  320.341235][ T7883] netlink: 12 bytes leftover after parsing attributes in process `syz.3.557'.
[  320.487085][ T7883] 8021q: adding VLAN 0 to HW filter on device bond1
[  320.740804][ T7897] loop2: detected capacity change from 0 to 256
[  320.850360][ T7897] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  320.925413][ T7897] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  322.271002][ T7916] loop0: detected capacity change from 0 to 512
[  322.335955][ T7916] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  322.426867][ T7916] EXT4-fs (loop0): 1 truncate cleaned up
[  322.437597][ T7916] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.957007][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.970802][ T7939] netlink: 12 bytes leftover after parsing attributes in process `syz.2.568'.
[  325.825334][ T7969] netlink: 256 bytes leftover after parsing attributes in process `syz.1.575'.
[  325.883935][ T7973] loop2: detected capacity change from 0 to 128
[  325.954833][ T7973] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  326.023117][ T7973] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  326.180509][ T7980] loop0: detected capacity change from 0 to 512
[  326.236619][ T7980] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  326.306821][ T7980] EXT4-fs (loop0): 1 truncate cleaned up
[  326.313902][ T7980] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.865200][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.237191][ T8004] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  328.237191][ T8004]    program syz.0.582 not setting count and/or reply_len properly
[  328.798609][ T7992] netlink: 12 bytes leftover after parsing attributes in process `syz.2.580'.
[  329.361703][ T8030] Cannot find set identified by id 0 to match
[  329.822996][ T8032] loop3: detected capacity change from 0 to 512
[  329.853119][ T8032] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  329.981511][ T8013] loop0: detected capacity change from 0 to 32768
[  330.110205][ T8013] JBD2: Ignoring recovery information on journal
[  330.184637][ T8032] EXT4-fs (loop3): 1 truncate cleaned up
[  330.224064][ T8013] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  330.237305][ T8032] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.268209][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.595071][ T8056] loop1: detected capacity change from 0 to 256
[  331.605838][ T8056] exfat: Deprecated parameter 'utf8'
[  331.611535][ T8056] exfat: Deprecated parameter 'utf8'
[  331.945397][ T8056] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  332.566356][ T5772] ocfs2: Unmounting device (7,0) on (node local)
[  332.978436][ T8060] loop3: detected capacity change from 0 to 256
[  333.114104][ T8060] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  333.186612][ T8060] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  333.936435][ T8072] netlink: 12 bytes leftover after parsing attributes in process `syz.3.600'.
[  336.498298][ T8090] loop2: detected capacity change from 0 to 512
[  336.516156][ T8090] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  336.612948][ T8090] EXT4-fs (loop2): 1 truncate cleaned up
[  336.630589][ T8090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  336.874189][ T5773] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.048557][ T8103] netlink: 8 bytes leftover after parsing attributes in process `syz.2.610'.
[  337.470906][ T8095] loop0: detected capacity change from 0 to 32768
[  337.537887][ T8095] JBD2: Ignoring recovery information on journal
[  337.707647][ T8095] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  338.702567][ T5772] ocfs2: Unmounting device (7,0) on (node local)
[  339.273053][ T8133] Invalid option length (158) for dns_resolver key
[  340.052385][ T8131] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  340.052385][ T8131]    program syz.3.619 not setting count and/or reply_len properly
[  340.115784][ T8134] netlink: 256 bytes leftover after parsing attributes in process `syz.3.619'.
[  340.862892][ T8136] loop2: detected capacity change from 0 to 40427
[  340.904030][ T8136] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  340.912520][ T8136] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  340.931222][ T8136] F2FS-fs (loop2): invalid crc value
[  340.969053][ T8136] F2FS-fs (loop2): Found nat_bits in checkpoint
[  340.978901][ T8141] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  341.050288][ T8136] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  341.057537][ T8136] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  345.304015][ T8183] loop3: detected capacity change from 0 to 2048
[  345.434326][ T8183] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.604265][ T8183] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  345.757242][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.989993][ T8205] netlink: 165 bytes leftover after parsing attributes in process `syz.1.634'.
[  349.102302][ T8216] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  349.102302][ T8216]    program syz.1.638 not setting count and/or reply_len properly
[  349.140188][ T8216] netlink: 256 bytes leftover after parsing attributes in process `syz.1.638'.
[  350.700254][ T8226] team_slave_1: entered promiscuous mode
[  350.744345][ T8226] netlink: 'syz.3.641': attribute type 10 has an invalid length.
[  350.901562][ T8226] team0: Port device team_slave_0 removed
[  350.945904][ T8230] loop1: detected capacity change from 0 to 512
[  350.996535][ T8230] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  351.195143][ T8230] EXT4-fs (loop1): 1 truncate cleaned up
[  351.208742][ T8230] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.401432][ T8242] netlink: 165 bytes leftover after parsing attributes in process `syz.0.644'.
[  352.115587][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.406622][ T8250] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  352.406622][ T8250]    program syz.0.649 not setting count and/or reply_len properly
[  352.979359][ T8248] netlink: 256 bytes leftover after parsing attributes in process `syz.0.649'.
[  354.534883][ T8270] loop1: detected capacity change from 0 to 512
[  354.571969][ T8270] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  354.612781][ T8270] EXT4-fs (loop1): 1 truncate cleaned up
[  354.632192][ T8270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.868080][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.460654][ T8289] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  356.460654][ T8289]    program syz.3.661 not setting count and/or reply_len properly
[  356.617512][ T8290] netlink: 256 bytes leftover after parsing attributes in process `syz.3.661'.
[  357.438495][ T8305] loop1: detected capacity change from 0 to 512
[  357.469505][ T8305] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  357.517341][ T8305] EXT4-fs (loop1): 1 truncate cleaned up
[  357.545529][ T8305] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  357.806291][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.112810][ T8301] loop2: detected capacity change from 0 to 32768
[  358.143748][ T8301] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  358.156124][ T8301] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  358.167303][ T8299] loop0: detected capacity change from 0 to 40427
[  358.305218][ T8301] BTRFS info (device loop2): setting nodatacow, compression disabled
[  358.442781][ T8301] BTRFS info (device loop2): max_inline at 0
[  358.617974][ T8301] BTRFS info (device loop2): enabling disk space caching
[  358.625472][ T8299] F2FS-fs (loop0): invalid crc value
[  358.696769][ T8301] BTRFS info (device loop2): setting datasum, datacow enabled
[  358.809428][ T8301] BTRFS info (device loop2): turning off barriers
[  358.817686][ T8301] BTRFS info (device loop2): turning on flush-on-commit
[  358.824905][ T8301] BTRFS info (device loop2): doing ref verification
[  358.831859][ T8301] BTRFS info (device loop2): force clearing of disk cache
[  358.856181][ T8301] BTRFS info (device loop2): enabling ssd optimizations
[  358.869489][ T8299] F2FS-fs (loop0): Found nat_bits in checkpoint
[  358.975914][ T8301] BTRFS info (device loop2): max_inline at 4096
[  358.992492][ T8301] BTRFS info (device loop2): disk space caching is enabled
[  359.043903][ T8299] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  359.948643][ T8301] BTRFS info (device loop2): auto enabling async discard
[  360.012301][ T8301] BTRFS info (device loop2): rebuilding free space tree
[  360.093913][ T8301] BTRFS info (device loop2): disabling free space tree
[  360.137777][ T8301] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  360.147619][ T8301] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  360.311663][ T5773] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  360.519064][ T8351] loop3: detected capacity change from 0 to 512
[  360.532619][ T8351] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  360.542658][ T5922] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop2 scanned by udevd (5922)
[  360.622589][ T8351] EXT4-fs (loop3): 1 truncate cleaned up
[  360.703065][ T8351] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.950548][ T8360] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  360.950548][ T8360]    program syz.2.675 not setting count and/or reply_len properly
[  361.053896][ T8361] netlink: 256 bytes leftover after parsing attributes in process `syz.2.675'.
[  361.760730][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.838017][ T8365] nfs: Unknown parameter 'smackfshat'
[  361.956405][ T5835] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  362.138827][ T5835] usb 2-1: Using ep0 maxpacket: 32
[  362.157450][ T5835] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  362.176218][ T5835] usb 2-1: config 0 has no interface number 0
[  362.185622][ T5835] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  362.227224][ T5835] usb 2-1: config 0 interface 85 has no altsetting 0
[  362.367969][ T5835] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  362.494478][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.623696][ T5835] usb 2-1: Product: syz
[  362.685542][ T5835] usb 2-1: Manufacturer: syz
[  362.734524][ T5835] usb 2-1: SerialNumber: syz
[  363.039879][ T5835] usb 2-1: config 0 descriptor??
[  363.659882][ T8374] loop0: detected capacity change from 0 to 32768
[  363.703946][ T8370] loop2: detected capacity change from 0 to 40427
[  363.715565][ T8374] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  363.733654][ T8370] F2FS-fs (loop2): invalid crc value
[  363.740455][ T5835] appletouch 2-1:0.85: Geyser mode initialized.
[  363.760591][ T1120] (kworker/u4:7,1120,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  363.800760][ T5835] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input12
[  363.809351][ T8374] (syz.0.681,8374,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  363.821815][ T8370] F2FS-fs (loop2): Found nat_bits in checkpoint
[  363.826188][ T8374] (syz.0.681,8374,0):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2
[  363.842092][ T8374] (syz.0.681,8374,0):__ocfs2_prepare_orphan_dir:2171 ERROR: status = -2
[  363.851389][ T8374] (syz.0.681,8374,0):ocfs2_prepare_orphan_dir:2213 ERROR: status = -2
[  363.882687][ T8374] (syz.0.681,8374,0):ocfs2_prepare_orphan_dir:2229 ERROR: status = -2
[  363.936191][ T8374] (syz.0.681,8374,0):ocfs2_unlink:965 ERROR: status = -2
[  364.117875][ T8370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  364.126395][ T5835] usb 2-1: USB disconnect, device number 2
[  364.126468][    C0] appletouch 2-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  365.011588][ T5835] appletouch 2-1:0.85: input: appletouch disconnected
[  365.060378][ T5772] ocfs2: Unmounting device (7,0) on (node local)
[  365.372470][ T8396] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  365.372470][ T8396]    program syz.3.690 not setting count and/or reply_len properly
[  365.914620][ T8395] netlink: 256 bytes leftover after parsing attributes in process `syz.3.690'.
[  366.246679][ T5783] Bluetooth: hci3: command 0x0406 tx timeout
[  367.135113][ T8403] loop0: detected capacity change from 0 to 512
[  367.178448][ T8403] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  367.321556][ T8403] EXT4-fs (loop0): 1 truncate cleaned up
[  367.819238][ T8403] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.260377][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.410272][    T9] IPVS: starting estimator thread 0...
[  369.529928][ T8430] IPVS: using max 26 ests per chain, 62400 per kthread
[  371.802437][ T8449] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  371.802437][ T8449]    program syz.3.701 not setting count and/or reply_len properly
[  372.274508][ T8442] netlink: 256 bytes leftover after parsing attributes in process `syz.3.701'.
[  372.509359][ T8454] loop3: detected capacity change from 0 to 512
[  372.535274][ T8454] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  372.696285][ T8454] EXT4-fs (loop3): 1 truncate cleaned up
[  372.785556][ T8454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.772967][ T5776] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.153654][ T8452] loop2: detected capacity change from 0 to 40427
[  375.213842][ T8452] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  375.286438][ T8452] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  375.370770][ T8452] F2FS-fs (loop2): build fault injection attr: rate: 18446, type: 0x7ffff
[  375.575666][ T8452] F2FS-fs (loop2): invalid crc value
[  375.681673][ T8452] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4)
[  376.254936][ T8488] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  376.254936][ T8488]    program syz.1.714 not setting count and/or reply_len properly
[  376.890451][ T8487] netlink: 256 bytes leftover after parsing attributes in process `syz.1.714'.
[  377.310447][ T8480] loop0: detected capacity change from 0 to 32768
[  377.324021][ T8480] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 11
[  377.573450][ T5922] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 11
[  378.974135][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  378.986377][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  379.038981][ T8492] loop2: detected capacity change from 0 to 40427
[  379.077241][ T8492] F2FS-fs (loop2): invalid crc value
[  379.120954][ T8495] loop1: detected capacity change from 0 to 32768
[  379.128338][ T8492] F2FS-fs (loop2): Found nat_bits in checkpoint
[  379.204279][ T8495] JBD2: Ignoring recovery information on journal
[  379.314419][ T8492] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  379.363653][ T8495] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  379.659866][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[  380.031032][ T8507] loop3: detected capacity change from 0 to 40427
[  381.011036][ T8507] F2FS-fs (loop3): Found nat_bits in checkpoint
[  381.017721][ T8528] loop1: detected capacity change from 0 to 256
[  381.025277][ T8528] exfat: Deprecated parameter 'namecase'
[  381.088858][ T8528] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  381.165243][ T8507] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  381.323420][ T8535] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  381.323420][ T8535]    program syz.0.725 not setting count and/or reply_len properly
[  381.867989][ T5776] syz-executor: attempt to access beyond end of device
[  381.867989][ T5776] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  381.885216][ T5776] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  381.920856][ T8533] netlink: 256 bytes leftover after parsing attributes in process `syz.0.725'.
[  382.216270][  T967] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  382.436095][  T967] usb 2-1: Using ep0 maxpacket: 8
[  382.455429][  T967] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[  382.479582][  T967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.499952][  T967] usb 2-1: Product: syz
[  382.504200][  T967] usb 2-1: Manufacturer: syz
[  382.526051][  T967] usb 2-1: SerialNumber: syz
[  382.557508][  T967] usb 2-1: config 0 descriptor??
[  382.576439][  T967] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  383.244107][ T8548] loop2: detected capacity change from 0 to 32768
[  383.800948][ T8548] JBD2: Ignoring recovery information on journal
[  383.958566][ T8546] loop0: detected capacity change from 0 to 40427
[  383.970447][  T967] gspca_sonixj: reg_r err -71
[  383.975276][  T967] sonixj: probe of 2-1:0.0 failed with error -71
[  383.994067][  T967] usb 2-1: USB disconnect, device number 3
[  384.010628][ T8546] F2FS-fs (loop0): invalid crc value
[  384.017006][ T8548] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  384.104567][ T8546] F2FS-fs (loop0): Found nat_bits in checkpoint
[  384.853768][ T8546] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  385.201171][ T5773] ocfs2: Unmounting device (7,2) on (node local)
[  385.525787][ T8570] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  385.525787][ T8570]    program syz.3.737 not setting count and/or reply_len properly
[  386.246760][ T8570] netlink: 256 bytes leftover after parsing attributes in process `syz.3.737'.
[  386.321648][ T5783] Bluetooth: hci0: unexpected cc 0x2007 length: 100 > 2
[  386.330400][ T5783] Bluetooth: hci0: unexpected event for opcode 0x2007
[  386.811366][ T8575] loop1: detected capacity change from 0 to 32768
[  386.823416][ T8575] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.740 (8575)
[  386.843219][ T8575] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  386.854246][ T8575] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  386.863247][ T8575] BTRFS info (device loop1): setting nodatacow, compression disabled
[  386.871650][ T8575] BTRFS info (device loop1): turning on sync discard
[  386.878888][ T8575] BTRFS info (device loop1): setting datacow
[  386.885032][ T8575] BTRFS info (device loop1): doing ref verification
[  386.892104][ T8575] BTRFS info (device loop1): turning off barriers
[  386.898799][ T8575] BTRFS info (device loop1): enabling ssd optimizations
[  386.905862][ T8575] BTRFS info (device loop1): using spread ssd allocation scheme
[  386.914166][ T8575] BTRFS info (device loop1): setting datasum
[  386.920839][ T8575] BTRFS info (device loop1): turning on barriers
[  386.928069][ T8575] BTRFS info (device loop1): not using ssd optimizations
[  386.935666][ T8575] BTRFS info (device loop1): not using spread ssd allocation scheme
[  386.944788][ T8575] BTRFS info (device loop1): using free space tree
[  387.650791][ T8581] loop0: detected capacity change from 0 to 2048
[  387.949368][ T8581] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  389.544187][   T28] audit: type=1804 audit(1751025262.810:112): pid=8586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.736" name="/newroot/169/file1/bus" dev="loop0" ino=18 res=1 errno=0
[  389.873726][   T28] audit: type=1804 audit(1751025263.390:113): pid=8581 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.736" name="/newroot/169/file1/bus" dev="loop0" ino=18 res=1 errno=0
[  390.004591][ T8614] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  390.015033][ T8614] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  390.021936][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.034427][ T8614] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  390.642333][ T5783] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  390.651805][ T5783] Bluetooth: hci0: Injecting HCI hardware error event
[  390.681242][   T28] audit: type=1800 audit(1751025263.620:114): pid=8614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.741" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  390.717365][   T50] Bluetooth: hci0: hardware error 0x00
[  391.069270][ T5774] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  392.189845][ T8628] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  392.189845][ T8628]    program syz.3.747 not setting count and/or reply_len properly
[  392.844460][ T8626] netlink: 256 bytes leftover after parsing attributes in process `syz.3.747'.
[  392.891432][   T50] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  394.050465][ T8647] loop2: detected capacity change from 0 to 1024
[  394.087570][ T8647] EXT4-fs: Ignoring removed i_version option
[  394.111546][ T8647] EXT4-fs: quotafile must be on filesystem root
[  395.684252][ T8637] loop1: detected capacity change from 0 to 40427
[  395.742196][ T8637] F2FS-fs (loop1): invalid crc value
[  395.833718][ T8637] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-4)
[  397.423772][ T8663] loop2: detected capacity change from 0 to 32768
[  397.653744][ T8663] syz.2.756: attempt to access beyond end of device
[  397.653744][ T8663] loop2: rw=1, sector=4701696, nr_sectors = 8 limit=32768
[  397.741531][ T8663] metapage_write_end_io: I/O error
[  397.787682][ T8678] netlink: 12 bytes leftover after parsing attributes in process `syz.0.760'.
[  398.402368][ T8685] loop1: detected capacity change from 0 to 128
[  398.459095][ T8663] ERROR: (device loop2): diWrite: ixpxd invalid
[  398.459095][ T8663] 
[  398.511205][ T8685] EXT4-fs (loop1): Test dummy encryption mode enabled
[  398.589767][ T8663] ERROR: (device loop2): remounting filesystem as read-only
[  398.607496][ T8685] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  398.670808][ T8663] ERROR: (device loop2): txCommit: 
[  398.670808][ T8663] 
[  398.693661][ T8685] ext4 filesystem being mounted at /190/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  398.756293][ T8663] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  398.768199][ T8663] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  398.776941][ T8663] CPU: 0 PID: 8663 Comm: syz.2.756 Not tainted 6.6.94-syzkaller #0
[  398.785145][ T8663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  398.793322][ T8695] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  398.795327][ T8663] RIP: 0010:metapage_writepage+0xa8/0x1170
[  398.818250][ T8663] Code: f3 e8 ec 78 85 fe 4c 8d 73 18 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 f2 1f de fe 4d 8b 36 4c 89 f0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 f7 e8 d9 1f de fe 4d 8b 26 4c 8d 73 20
[  398.838249][ T8663] RSP: 0018:ffffc90004fd73e0 EFLAGS: 00010246
[  398.844447][ T8663] RAX: 0000000000000000 RBX: ffffea00006fd900 RCX: 0000000000080000
[  398.852554][ T8663] RDX: ffffc9000d76d000 RSI: 0000000000038a55 RDI: 0000000000038a56
[  398.860653][ T8663] RBP: ffffc90004fd74d0 R08: ffffea00006fd937 R09: 1ffffd40000dfb26
[  398.869027][ T8663] R10: dffffc0000000000 R11: fffff940000dfb27 R12: 0000000000000081
[  398.877120][ T8663] R13: ffffea00006fd934 R14: 0000000000000000 R15: dffffc0000000000
[  398.885134][ T8663] FS:  00007fb8bef266c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  398.894195][ T8663] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  398.900827][ T8663] CR2: 00007fe492004e9c CR3: 000000002619a000 CR4: 00000000003506f0
[  398.909437][ T8663] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  398.917643][ T8663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  398.925928][ T8663] Call Trace:
[  398.929228][ T8663]  <TASK>
[  398.932371][ T8663]  ? mark_lock+0x94/0x320
[  398.936845][ T8663]  ? metapage_exit+0x30/0x30
[  398.941732][ T8663]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  398.947938][ T8663]  metapage_write_one+0x2b1/0x760
[  398.953094][ T8663]  ? lockdep_hardirqs_on+0x98/0x150
[  398.958631][ T8663]  ? force_metapage+0x320/0x320
[  398.963515][ T8663]  ? lmGroupCommit+0x791/0xbb0
[  398.969042][ T8663]  ? folio_mapping+0x1be/0x4c0
[  398.973898][ T8663]  ? folio_mark_dirty+0x17/0x330
[  398.978972][ T8663]  ? noop_dirty_folio+0xf4/0x2b0
[  398.983949][ T8663]  force_metapage+0x15d/0x320
[  398.988745][ T8663]  txCommit+0x4a6b/0x5250
[  398.993317][ T8663]  ? txLinelock+0x160/0x160
[  398.998148][ T8663]  ? do_raw_spin_unlock+0x121/0x230
[  399.003410][ T8663]  duplicateIXtree+0x293/0x480
[  399.008204][ T8663]  ? flush_metapage+0x40/0x40
[  399.012903][ T8663]  ? do_raw_spin_unlock+0x121/0x230
[  399.018222][ T8663]  ? _raw_spin_unlock+0x28/0x40
[  399.023103][ T8663]  ? txEnd+0x2a9/0x520
[  399.027201][ T8663]  diAllocAG+0x1795/0x1de0
[  399.031653][ T8663]  ? diNewExt+0x3120/0x3120
[  399.036213][ T8663]  ? dbNextAG+0x52e/0x640
[  399.040598][ T8663]  ? __lock_acquire+0x7c80/0x7c80
[  399.045661][ T8663]  diAlloc+0x1d5/0x1660
[  399.049838][ T8663]  ? do_raw_spin_unlock+0x121/0x230
[  399.055159][ T8663]  ? _raw_spin_unlock+0x28/0x40
[  399.060344][ T8663]  ? new_inode+0x19e/0x1b0
[  399.065088][ T8663]  ialloc+0x8c/0x950
[  399.069019][ T8663]  jfs_mkdir+0x191/0xa30
[  399.073292][ T8663]  ? jfs_symlink+0xe50/0xe50
[  399.077939][ T8663]  ? make_vfsuid+0x51/0xb0
[  399.082484][ T8663]  ? generic_permission+0x1f3/0x590
[  399.087812][ T8663]  ? inode_permission+0xf3/0x480
[  399.092820][ T8663]  ? bpf_lsm_inode_mkdir+0x9/0x10
[  399.098242][ T8663]  ? security_inode_mkdir+0xb7/0x100
[  399.104212][ T8663]  vfs_mkdir+0x296/0x440
[  399.108493][ T8663]  do_mkdirat+0x1d4/0x440
[  399.112849][ T8663]  ? vfs_mkdir+0x440/0x440
[  399.117665][ T8663]  __x64_sys_mkdirat+0x89/0xa0
[  399.122447][ T8663]  do_syscall_64+0x55/0xb0
[  399.126889][ T8663]  ? clear_bhb_loop+0x40/0x90
[  399.131787][ T8663]  ? clear_bhb_loop+0x40/0x90
[  399.136809][ T8663]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  399.143242][ T8663] RIP: 0033:0x7fb8be18e929
[  399.147994][ T8663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.169343][ T8663] RSP: 002b:00007fb8bef26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  399.179408][ T8663] RAX: ffffffffffffffda RBX: 00007fb8be3b5fa0 RCX: 00007fb8be18e929
[  399.188117][ T8663] RDX: 0000000000000000 RSI: 0000200000000840 RDI: ffffffffffffff9c
[  399.196575][ T8663] RBP: 00007fb8be210b39 R08: 0000000000000000 R09: 0000000000000000
[  399.204582][ T8663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  399.213563][ T8663] R13: 0000000000000000 R14: 00007fb8be3b5fa0 R15: 00007ffcb6e39198
[  399.222159][ T8663]  </TASK>
[  399.225209][ T8663] Modules linked in:
[  399.265951][ T8663] ---[ end trace 0000000000000000 ]---
[  399.276384][ T8663] RIP: 0010:metapage_writepage+0xa8/0x1170
[  399.296439][ T8663] Code: f3 e8 ec 78 85 fe 4c 8d 73 18 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 f2 1f de fe 4d 8b 36 4c 89 f0 48 c1 e8 03 <42> 80 3c 38 00 74 08 4c 89 f7 e8 d9 1f de fe 4d 8b 26 4c 8d 73 20
[  399.358531][ T8663] RSP: 0018:ffffc90004fd73e0 EFLAGS: 00010246
[  399.358549][ T8697] can0: slcan on ptm0.
[  399.398530][ T8663] 
[  399.400999][ T8663] RAX: 0000000000000000 RBX: ffffea00006fd900 RCX: 0000000000080000
[  399.427014][ T8663] RDX: ffffc9000d76d000 RSI: 0000000000038a55 RDI: 0000000000038a56
[  399.435300][ T8663] RBP: ffffc90004fd74d0 R08: ffffea00006fd937 R09: 1ffffd40000dfb26
[  399.461237][ T8663] R10: dffffc0000000000 R11: fffff940000dfb27 R12: 0000000000000081
[  399.469792][ T8663] R13: ffffea00006fd934 R14: 0000000000000000 R15: dffffc0000000000
[  399.486149][ T8663] FS:  00007fb8bef266c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  399.505180][ T8663] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  399.521409][ T8663] CR2: 00007f935b8d2000 CR3: 000000002619a000 CR4: 00000000003526f0
[  399.537434][ T8663] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  399.545849][ T8663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  399.589385][ T8663] Kernel panic - not syncing: Fatal exception
[  399.595817][ T8663] Kernel Offset: disabled
[  399.600347][ T8663] Rebooting in 86400 seconds..