last executing test programs:

18.933928299s ago: executing program 3 (id=2214):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000300)={[{@shortname_winnt}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@flush}, {@shortname_mixed}, {@fat=@tz_utc}, {@fat=@check_strict}, {@rodir}, {@numtail}], [{@uid_eq}]}, 0xfd, 0x289, &(0x7f0000000c40)="$eJzs3cFLNGUcB/Dfums7CrF7CMQInOhQp0WN6LoSBtFCUeyhTkmuFK4JCkId1Jv0P9S/UMegU9AhuvYPRBAWdMlOHoKNdVbdWXc39X3X5eX9fC7+/M3zZZ6ZZ3DxsM989MLO9ubu/tbZ2WkkSSFK9ajHeSGqMRPF6CrHcQwq3egAAE+O804n/u5kpj0XAOBh+PwHgKfPuM//wvFV792HnxkAMCmP9P//zESmBABM2PsffPj2WqOx/l6aJhE7JwfNg2b2Mzu+thWfRjtasRyV+DeicyWr33yrsb6cdv1RjWTnqJc/OmgW8/mVqES1P/99pftbN7+SZqLZn5+N+V7+1/loxWpU4rnh518dmn8mXnmp7/y1qMQvH8dutGMzutksX46Iw5U0feOdxkC+fDEOAAAAAAAAAAAAAAAAAAAAAAAmoZZeqeb3v8n276nVRh3P8v37A82N3R9ocH+eUjzvNYIAAAAAAAAAAAAAAAAAAABwYf/zL7Y32u3W3rjis5+/+fG0nAX+d/D4otA7791SJ7nO6y/npzF3u6sYKJ598fevhh0qR/lu96cY97sbsxHR30l7p/xh6f6398GKn04/WXx1f+G1UWOi1N/5snupuTHZCi4Oxkv3WspbFH9VIr9MS3H9PCd3fiD7i28vi/o/N8ZcPkqtvblpL9zC1/WN7w5/+/O6k1xMbOQKjtYpPu4/QwAAAAAAAAAAAAAAAAAAQO777dOeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMz/X7/y+LJCLyneFFOXKdZOTg42lfIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/BcAAP//S4aJvQ==")
fcntl$setsig(0xffffffffffffffff, 0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x43, &(0x7f0000000400)={&(0x7f0000000440)=@ipv4_delrule={0x48, 0x1e, 0x1, 0x0, 0x0, {0x2, 0x80, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8}, @FRA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @FRA_DST={0x0, 0x1, @empty}, @FRA_TUN_ID={0x0, 0xc, 0x1, 0x0, 0x57}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x1ff}]}, 0x48}}, 0x0)
mkdir(0x0, 0x0)
r3 = add_key$user(&(0x7f0000000100), &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="ed", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000280)={r3}, &(0x7f00000002c0)=ANY=[@ANYBLOB='enc=oaep \x00'/78], 0x0, 0x0)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4096, 0x1000)
keyctl$read(0xb, r4, &(0x7f00000020c0)=""/4079, 0xfffffffffffffd15)

14.872153961s ago: executing program 4 (id=2221):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0)
syz_socket_connect_nvme_tcp()

14.172705586s ago: executing program 4 (id=2223):
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_EXPBUF(r0, 0x2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000040)={0x5, <r3=>r1})
ioctl$DMA_BUF_IOCTL_SYNC(r3, 0xc0086202, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000080)={'wpan1\x00'})
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000000))
r6 = socket(0x1e, 0x1, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000080)=0x801, 0x0, 0x4)
write$binfmt_misc(r6, &(0x7f0000000080)=ANY=[], 0x2000011a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x6)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), 0xffffffffffffffff)

12.417777421s ago: executing program 4 (id=2225):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x2}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x3}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_BASECLASS={0x8}]}}]}, 0x3c}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

12.413955909s ago: executing program 3 (id=2226):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000140)={0x8, 0x2}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000240)=[{0x6, 0x6, 0x6}]}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000001c0)=0x5b40, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x92269daba00be9fa, &(0x7f0000000180)={0x2, 0x4e21, @remote}, 0xc)
sendto$inet(r0, &(0x7f00000004c0)="94dd53cd2bd61b21508170f7543eeda45dfb763d557c8dc8267bbb85f537c95b025c499ede1542332b2cffbd1d835a9cb1fad9978fc48238654b4ebf360ea5fe55f217a3a9b7c25ccff65300003ffcefcc80e1af74d211cbf531ef3b87386c4f54c9c025a3f01221bd2f7104b3e575b21f3af06c4bc8adc4c2b8ba8d1006b8c605071609c4329d35f383d4798c609cc7cf3e8e7a83f001aff76447a0e3f95bf6e5419973b6f1034bdda9d5e9c979ee9b2d834d7c66246d02a0e171aa0a7d8f0a1d6ce304cc3955a63ffc90b3835abc61e2cb7ab5f79a4f24d2d00203be41b4bfb39980bcac3722e0dfa69968d58ef43c290937d354e5aa2c84b1f35b54dbeac0fdfae5ac6001da28e23cd5969a03ad05a2126b3f3842589558e684306bdc3d685b", 0x59, 0x0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000600)=0x8, 0x4)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000680)="16a6fca1943537d9a6eb68dde62f5f62367dd37b02d7ac24a672321690c0215b73b201", 0x23}], 0x1}, 0x4009864)
connect$l2tp(r0, &(0x7f0000000180)={0x2, 0x0, @empty, 0x2}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000a5a000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x50550000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000006c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000480)={r3})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000440)='svc_stats_latency\x00', r4}, 0xffffffffffffff64)
r5 = socket(0x10, 0x1, 0x6)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000280)={'vxcan0\x00', <r6=>0x0})
bind$can_j1939(r5, &(0x7f0000000000)={0x1d, r6}, 0x18)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x20000023896)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000008207010300000000000000000000000004000780"], 0x18}}, 0x0)

12.147857726s ago: executing program 4 (id=2228):
open(&(0x7f0000000080)='./file0\x00', 0x410ebf, 0x11d)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/snmp\x00')
read(r1, &(0x7f0000001a00)=""/177, 0xb1)
open(0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@bloom_filter={0x1e, 0x101, 0x401, 0x100, 0x3330, r1, 0x0, '\x00', 0x0, r1, 0x1, 0x8000002, 0x4, 0xe}, 0x48)
socket$inet6(0xa, 0x80002, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r2, &(0x7f0000000140), &(0x7f0000000140)=""/82}, 0x20)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x4, 0x8}, 0x86)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@bloom_filter={0x1e, 0x0, 0x0, 0x400, 0x330, r4, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x7, 0xfffffffd}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r5, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0xc8040, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
connect$bt_l2cap(r6, &(0x7f00000000c0)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)

10.854669568s ago: executing program 3 (id=2232):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000f40)='./file0\x00', 0xa00010, &(0x7f0000000f80)=ANY=[@ANYBLOB='iocharset=iso8859-1,nostrict,uid=forget,anchor=00000000000000000145,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c646d6f64653d30303030303030303030303030303030303030323030342c756e64656c6574652c706172746974696f6e3d303030303030303030303030303030312c756e686964652c00a6a23b1c77357df200000000"], 0x2, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r0 = memfd_create(&(0x7f0000000200)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xac \xe8\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6)\x9f\x9cR\xae\x12G\xd8\xa4y\xef\x02?\xf2\xe7}\ra\x97F', 0x0)
r1 = dup(r0)
write$cgroup_pid(r1, &(0x7f0000000040)=0xffffffffffffffff, 0xe)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x10, r0, 0x0)
sendfile(r0, r1, &(0x7f0000000100), 0x6c03)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)

10.411307729s ago: executing program 0 (id=2236):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x4, 0x0, 0x31}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r1, 0x406, r0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r3, 0xc0506617, &(0x7f0000000080)={@id={0x2, 0x0, @a}, 0x21, 0x0, '\x00', @c})
ioctl$SIOCSIFHWADDR(r2, 0x89fe, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

10.242822058s ago: executing program 3 (id=2237):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000300)={[{@shortname_winnt}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@flush}, {@shortname_mixed}, {@fat=@tz_utc}, {@fat=@check_strict}, {@rodir}, {@numtail}], [{@uid_eq}]}, 0xfd, 0x289, &(0x7f0000000c40)="$eJzs3cFLNGUcB/Dfums7CrF7CMQInOhQp0WN6LoSBtFCUeyhTkmuFK4JCkId1Jv0P9S/UMegU9AhuvYPRBAWdMlOHoKNdVbdWXc39X3X5eX9fC7+/M3zZZ6ZZ3DxsM989MLO9ubu/tbZ2WkkSSFK9ajHeSGqMRPF6CrHcQwq3egAAE+O804n/u5kpj0XAOBh+PwHgKfPuM//wvFV792HnxkAMCmP9P//zESmBABM2PsffPj2WqOx/l6aJhE7JwfNg2b2Mzu+thWfRjtasRyV+DeicyWr33yrsb6cdv1RjWTnqJc/OmgW8/mVqES1P/99pftbN7+SZqLZn5+N+V7+1/loxWpU4rnh518dmn8mXnmp7/y1qMQvH8dutGMzutksX46Iw5U0feOdxkC+fDEOAAAAAAAAAAAAAAAAAAAAAAAmoZZeqeb3v8n276nVRh3P8v37A82N3R9ocH+eUjzvNYIAAAAAAAAAAAAAAAAAAABwYf/zL7Y32u3W3rjis5+/+fG0nAX+d/D4otA7791SJ7nO6y/npzF3u6sYKJ598fevhh0qR/lu96cY97sbsxHR30l7p/xh6f6398GKn04/WXx1f+G1UWOi1N/5snupuTHZCi4Oxkv3WspbFH9VIr9MS3H9PCd3fiD7i28vi/o/N8ZcPkqtvblpL9zC1/WN7w5/+/O6k1xMbOQKjtYpPu4/QwAAAAAAAAAAAAAAAAAAQO777dOeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMz/X7/y+LJCLyneFFOXKdZOTg42lfIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/BcAAP//S4aJvQ==")
fcntl$setsig(0xffffffffffffffff, 0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x43, &(0x7f0000000400)={&(0x7f0000000440)=@ipv4_delrule={0x48, 0x1e, 0x1, 0x0, 0x0, {0x2, 0x80, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8}, @FRA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @FRA_DST={0x0, 0x1, @empty}, @FRA_TUN_ID={0x0, 0xc, 0x1, 0x0, 0x57}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x1ff}]}, 0x48}}, 0x0)
mkdir(0x0, 0x0)
r3 = add_key$user(&(0x7f0000000100), &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="ed", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000280)={r3}, &(0x7f00000002c0)=ANY=[@ANYBLOB='enc=oaep \x00'/78], 0x0, 0x0)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4096, 0x1000)
keyctl$read(0xb, r4, &(0x7f00000020c0)=""/4079, 0xfffffffffffffd15)

9.956027327s ago: executing program 1 (id=2238):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000007c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@fwd={0x4}]}, {0x0, [0x0, 0x3e]}}, &(0x7f0000000b00)=""/208, 0x28, 0xd0, 0x1}, 0x20)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$vsock(0xffffffffffffff9c, 0x0, 0x200341, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000280), 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r4, 0x404c534a, &(0x7f0000000480))
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f00000000c0))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)

9.368182678s ago: executing program 4 (id=2239):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000300)={[{@shortname_winnt}, {@shortname_lower}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@fat=@flush}, {@shortname_mixed}, {@fat=@tz_utc}, {@fat=@check_strict}, {@rodir}, {@numtail}], [{@uid_eq}]}, 0xfd, 0x289, &(0x7f0000000c40)="$eJzs3cFLNGUcB/Dfums7CrF7CMQInOhQp0WN6LoSBtFCUeyhTkmuFK4JCkId1Jv0P9S/UMegU9AhuvYPRBAWdMlOHoKNdVbdWXc39X3X5eX9fC7+/M3zZZ6ZZ3DxsM989MLO9ubu/tbZ2WkkSSFK9ajHeSGqMRPF6CrHcQwq3egAAE+O804n/u5kpj0XAOBh+PwHgKfPuM//wvFV792HnxkAMCmP9P//zESmBABM2PsffPj2WqOx/l6aJhE7JwfNg2b2Mzu+thWfRjtasRyV+DeicyWr33yrsb6cdv1RjWTnqJc/OmgW8/mVqES1P/99pftbN7+SZqLZn5+N+V7+1/loxWpU4rnh518dmn8mXnmp7/y1qMQvH8dutGMzutksX46Iw5U0feOdxkC+fDEOAAAAAAAAAAAAAAAAAAAAAAAmoZZeqeb3v8n276nVRh3P8v37A82N3R9ocH+eUjzvNYIAAAAAAAAAAAAAAAAAAABwYf/zL7Y32u3W3rjis5+/+fG0nAX+d/D4otA7791SJ7nO6y/npzF3u6sYKJ598fevhh0qR/lu96cY97sbsxHR30l7p/xh6f6398GKn04/WXx1f+G1UWOi1N/5snupuTHZCi4Oxkv3WspbFH9VIr9MS3H9PCd3fiD7i28vi/o/N8ZcPkqtvblpL9zC1/WN7w5/+/O6k1xMbOQKjtYpPu4/QwAAAAAAAAAAAAAAAAAAQO777dOeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMz/X7/y+LJCLyneFFOXKdZOTg42lfIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/BcAAP//S4aJvQ==")
fcntl$setsig(0xffffffffffffffff, 0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x43, &(0x7f0000000400)={&(0x7f0000000440)=@ipv4_delrule={0x48, 0x1e, 0x1, 0x0, 0x0, {0x2, 0x80, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8}, @FRA_DST={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @FRA_DST={0x0, 0x1, @empty}, @FRA_TUN_ID={0x0, 0xc, 0x1, 0x0, 0x57}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x1ff}]}, 0x48}}, 0x0)
mkdir(0x0, 0x0)
r3 = add_key$user(&(0x7f0000000100), &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)="ed", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000280)={r3}, &(0x7f00000002c0)=ANY=[@ANYBLOB='enc=oaep \x00'/78], 0x0, 0x0)
r4 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r4, &(0x7f00000000c0)=""/4096, 0x1000)
keyctl$read(0xb, r4, &(0x7f00000020c0)=""/4079, 0xfffffffffffffd15)

9.341470679s ago: executing program 0 (id=2240):
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001b80)=@o_path={&(0x7f0000001b40)='./file0\x00', 0x0, 0x18}, 0x14)
open$dir(0x0, 0x1e1003, 0x0)
r1 = open(&(0x7f00000002c0)='./bus\x00', 0x60102, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffe1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001d80)={0x4, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x2, 0x1000, &(0x7f0000000740)=""/4096, 0x41000, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x3, 0x0, 0x2000000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001cc0)=[0xffffffffffffffff, r0, r1, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, '.\x00'}})
close(0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
getpid()
r3 = socket$inet(0x2, 0x6, 0x0)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f00000066c0), 0xa0d, 0x0, 0x0) (fail_nth: 14)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)

8.822036423s ago: executing program 0 (id=2241):
socket$kcm(0x10, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
epoll_create(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r3, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000001280), 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

7.648405734s ago: executing program 2 (id=2242):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfffffff9)
write$binfmt_misc(r1, 0x0, 0x4)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
epoll_create1(0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

7.647696819s ago: executing program 0 (id=2243):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r0, 0x4b4d, &(0x7f0000000000))
listen(0xffffffffffffffff, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendto$inet6(r2, &(0x7f0000000140), 0x0, 0x0, &(0x7f0000000100)={0xa, 0xfffe, 0x4, @local, 0x41}, 0x1c)
socket$netlink(0x10, 0x3, 0x0)
writev(r2, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
r3 = epoll_create1(0x80000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x93fb385ee512ca3a)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a80)=[{{&(0x7f0000000540)=@ethernet, 0x80, &(0x7f0000000380)=[{&(0x7f0000000180)=""/39, 0x27}], 0x1, &(0x7f00000003c0)=""/73, 0x49}, 0xd7}, {{&(0x7f0000000480)=@generic, 0x80, &(0x7f00000009c0)=[{0x0}, {&(0x7f0000000200)=""/56, 0x38}, {0x0}, {&(0x7f0000000780)=""/146, 0x92}, {&(0x7f0000000840)=""/42, 0x2a}, {&(0x7f0000000880)=""/27, 0x1b}, {&(0x7f0000000600)=""/89, 0x59}, {&(0x7f0000000940)=""/102, 0x66}], 0x8}}], 0x2, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/stat\x00', 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x81400, &(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRESHEX=r5])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r6, 0xc0189372, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r5, &(0x7f00000000c0)={0x60000001})
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_mount_image$hfsplus(&(0x7f0000000240), &(0x7f00000005c0)='./bus\x00', 0x80000c, &(0x7f0000000500)=ANY=[], 0x4, 0x6dc, &(0x7f00000011c0)="$eJzs3UtoHOcdAPD/7K5Wuyo4SuJHWgJZYkhLRW3JQmnVS91Sig6hhPTQ82LLsfBaDpJSZFMapY97Dzn1lB50Mz2U9G5ozw2BkquOgUIuOemmMrMzq13tU7YsKenvJ2bmm/me85+dmX0gJoD/WytzUXkSSazMvbWdru/tLrbKu4vTeXYrIqoRUYqotBeRrEeWezOf4tvpxrx8Mqyfj9aW3/n8q70v2muVfMrKl0bVG6Dav2knn6IREeV82W9qSIufHO2+p71bQ9ubVNLZwzRgV4vAxV+eqVV4Zgd9djp5j/+TzUdVP855C5xTSfu+2Wc2YiYiahHtu35+dSid7uhO3s5ZDwAAAACOq378Ki/sx35sx4XnMRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4psqf/5/kU6lINyIpnv9fzbdFnj6Huh6E+Lg8sMRn0+3lk1MaEQAAAAAAAAA8T6/tx35sx4Vi/SDJfvN/ves3/m/F+7EZq7ER12I7mrEVW7ERCxEx29VQdbu5tbWxkNWMuDii5o34dEDNG8PHePOE9xkAAAAAAAAAzrnamPx7U/3bfh8rh7//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAeZBElNuLbLpYpGejVImIWkRU03I7EZ8W6a+JZNDGJ6c/DgAAAHgmtd7VpDZBnRc+iP3YjgvF+kGSfea/nH1ersX7sR5bsRZb0YrVuJ1/hk4/9Zf2dhdbe7uL99Opv92ffnmsoWctRvu7h8E9v5KVqMedWMu2XItbkcRBppS38sre7mK6vD94XB+mY0p+khsxmnJX+nY6u/JJlv5z77cIlWPt4lMqDc2ZzXKnOhGZz8eW1nixiMDgSIw9OpWRPS1EqfPNz8XRPQ2O+Yeje585UmrgNzdn4mgkbkSpc4Quj45ExHf/8fjXd1vr9+7e2Zw7P7s00AdjSxyNxGJXJK58gyIx3nwWiUud9ZX4Rfwq5uLL6bdjI9biN9GMrVhtFPnN/PWczmdHR+qzme61t8eNJD0nG53r16AxNaJnTNGIn2epZryeHdMLsRZJPIiI1Xgz+7sRC52rweERvjTBWV+a4Erb5er3skUnTFEfXvZvkzV5UtK4vtgV1+5r7myW173lMEovDYxSca+b/H7UpfKdPJG28IeR94fTdjQSC12ReHnY66Ud0r8epPPN1vq9jbvN9ybs7418mZ5HfzpXd4n0CL8UtXznXszmSXZOzWd5L3fusL3x6v01pdSXd6lTr32m/jIexO2eM/WHsRRLsZyVvpyVnuq7Y6V5Vzot9V7D07z0nValM5Tu91sPotV+PwTA+Tbz/Zlq/b/1f9c/rv+xfrf+Vu1n0z+afrUaU/+a+nFlvvxG6dXk7/Fx/O7w8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD0Nh8+utdstVY3BidKg7OS0bWarYPiQWIjyvQkkvxRORMUTjYfPjoY2+DoxHQ+vKesfpKJ4mmN4ws3nuMwkp2jx6s2/lgUT3maoIukL+Bp5acec9Hz4Zapc3AojyYaJ9dg8YLtyjr+q7c+6HiVI2JQ4TEXjvJJXH2As3R96/571zcfPvrB2v3mu6vvrq5PLS0tzy8vvbl4/c5aa3W+Pe+qcCoPvwVOQ/fbiY5qRLw2vu6IB7UCAAAAAAAAAAAAz9Fp/C/EWe8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8PW2MheVJ5HEwvy1+XR9b3exlU5F+rBkJSJKEZH8NiL5Z8TNaE8x29VcMqyfj9aW3/n8q70vDtuqFOVLETtD601mJ5+iERHlfHlS7d0a3171MDk9IDvpRCYN2NUicHDW/hcAAP//onntMA==")
socket$inet6_sctp(0xa, 0x1, 0x84)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x0)

6.159985905s ago: executing program 2 (id=2244):
r0 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000100)={0x1, 0x0, {0x0, 0x0, 0x3001}})

6.01867434s ago: executing program 3 (id=2245):
r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000240), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000080)=0x2)
setxattr$security_ima(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/bus/input/devices\x00', 0x0, 0x0)
pipe(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b70200"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='mm_page_free\x00', r3}, 0x10)
readlinkat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
socket$inet6(0xa, 0x6, 0x2c)
pselect6(0x40, &(0x7f0000000600)={0x7}, 0x0, &(0x7f0000000680)={0xff, 0x0, 0x0, 0x0, 0x0, 0x20000000000}, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r4)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000680)=ANY=[@ANYRESHEX, @ANYRES64, @ANYRES32=r5, @ANYBLOB="50c0a79da426b58c17ab3db679435f71dd680d7df6f351a3185cda16b539f0961371eadc158f12dcd58bf5d5a39da8b88fcdecbb2fcaeab51f15e506228a9f77d34905bd8a2a1d96ba1687bbb5e0b2748ece785f249f7ab5c698fbc71a545ae93cc2addb9fbe0521c7ca798a46752c38a4214bd49a91c33f"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x21}, 0x90)
ioprio_get$uid(0x3, 0xffffffffffffffff)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791008000000000000700000000006000000000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xc6, &(0x7f0000000400)=""/198, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5.926990034s ago: executing program 2 (id=2246):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYBLOB="3db1bd3c9389ce300f92cc8091d7dfbdcfffeed8bb90e543382e29209562d6483c6fcfdf79d0b465e6bc8ea70762049054a683ca4394e098765d85fa3b798fc191119debc7d45cce724609d275eabc974abf88d2270db005808488efc289084aff3069b2b0a78cdfa1f780c10f6c51d7c9ced6ab3e8a7aa716d5ebe1e8cb6255366a32ca4bfad14e3b1315ec", @ANYRESHEX, @ANYRESHEX, @ANYRES16, @ANYRES64], 0x1, 0x61ca, &(0x7f0000006940)="$eJzs3cuOHFcZB/Cv+jaXEMfKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW732M509cz5/aRx1denavqU/119marqEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/PAHPz5bRcTlX6Ubjkd8LvoRvYiVpl6LiJW143n5QUQ8H9vN8VxEDJciqtz4TMRrEfHRsYh792+vNzed22c/vv+Xf/7hJ0/96B9/Gp7+319v9l+fttytW7/979/uPP72AgAAQInquq6r9DH/RPp83+u6UwDAXOTX/zrJt6sXrt5csP6o1Wq1+hDWbfVkd9pFRGy212neMzgcDwCHzGZ83HUX6JD8izaIiKe67gSw0KquO8CBuHf/9nqV8q3arwdrO+35XJA9+W9Wu9d3TJvOMn6OybweX1vRj2en9GdlTn1YJDn/3nj+l3faR2m5g85/XqblP9q59Kk4Of/+eP5jjk7+vYn5lyrnP3ik/PvyBwAAAACABZb//n+84+O/S0++KfvysOO/a3PqAwAAAAAAAAB81p50/L9dlfH/AAAAYFE1n9Ubvzv24LZp38XW3H6pinh6bHmgMOlimdWu+wEAAAAAAAAAAAAAJRnsnMN7qYoYRsTTq6t1XTc/beP1o3rS9Q+70rcfStb1kzwAAOz46NjYtfxVxHJEXErf9TdcXV2t6+WV1Xq1XlnK72dHS8v1SutzbZ42ty2N9vGGeDCqm1+23Fqvbdbn5Vnt47+vua9R3d9Hx+ajw8ABICJ2Xo3ueUU6Yur6mej6XQ6Hg/3/6LH/sx9dP04BAACAg1fXdV2lr/M+kY7597ruFAAwF/n1f/y4gFqtVqvV6qNXt9WT3WkXEbHZXqd5z2A4fgA4ZDbj4667QIfkX7RBRDzfdSeAhVZ13QEOxL37t9erlG/Vfj1I47vnc0H25L9Zba+X1580nWX8HJN5Pb62oh/PTunPc3PqwyLJ+ffG87+80z5Kyx10/vMyLf9mO4930J+u5fz74/mPOTr59ybmX6qc/+CR8u/LHwAAAAAAFlj++//xhTr+O3rczZnpYcd/1w7sXgEAAAAAAADgYN27f3s9X/eaj/9/YcJyrv88mnL+lfyLlPPvjeX/1bHl+q35u289yP8/92+v//Hmvz+fp/vNfynPVOmRVaVHRJXuqRqk6ZNs3adtDfuj5p6GVa8/SOf81MN34mpci404s2fZXvr/eNB+dk9709Phdnvd32k/t6d9sNue1z+/p32YznSqV3L7qViPn8e1eHu7vWlbmrH9yzPa6xntOf++/b9IOf9B66fJfzW1V2PTxt0Pe5/a79vTSffz5tUv/ubMwW/OTFvR3922tmb7XuygP9v/J0+N4pc3Nq6funXl5s3rZyNN9tx6LtLkM5bzH6af3ef/l3ba8/N+e3+9++HokfNfFFsxmJr/S635ZntfnnPfupDzH6WfnP/bqX3y/n+Y85++/7/SQX8AAAAAAAAAAAAAAADgYeq63r5E9M2IuJCu/+nq2kwAYL7y63+d5NvnVfcfd/0/792OrvqvVs+5rhasP3OtP6kXqz9q9WGs2+rJ3mgXEfH39jrNe4ZfT/plAMAi+yQi/tV1J+iM/AuWv++vmZ7sujPAXN14/4OfXrl2beP6ja57AgAAAAAAAAA8rjz+51pr/OeTdV3fGVtuz/ivb8Xak47/OcgzuwOMThmouv/o2/QwW71Rv9cabvyFmDb+93B37mHjfw9m3N9wRvtoRvvSjPblGe0TL/Royfm/0Brv/GREnBgbfr2E8V/Hx7wvQc7/xdbjucn/K2PLtfOvf3+Y8+/tyf/0zfd+cfrG+x+8evW9K+9uvLvxs/Nnz545f+HCxYsXT79z9drGmZ1/O+zxwcr557GvnQdalpx/zlz+Zcn5fynV8i9Lzv/LqZZ/WXL++f2e/MuS88+ffeRflpz/y6mWf1ly/l9LtfzLkvN/JdXyL0vO/+upln9Zcv6vplr+Zcn5n0q1/MuS8z+d6n3mv3LQ/WI+cv75CJf9vyw5/3xmg/zLkvM/l2r5lyXnfz7V8i9Lzv+1VMu/LDn/b6Ra/mXJ+V9ItfzLkvP/ZqrlX5ac/8VUy78sOf9vpVr+Zcn5fzvV8i9Lzv/1VMu/LDn/76Ra/mXJ+X831fIvS87/e6mWf1ly/m+kWv5lefD9/2bMmDGTZ7p+ZgIAAAAAAAAAAAAAxs3jdOKutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI9dZ3w/8zL557UBiIOTv5G/C2jHGOJvs+iV+oXUx4bXhrSSEQl+wXe/aLPgNr11CGtWOAiUSRkUVbcNFW0BRm5sKq8oFrQLKBWpVqRJpL+gNokLlIqoCCkiVaAXZauY8z7Mzs7Mza+/YOXPO5yORn3fmzJwzZ56Z3a/NdwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDZprfNfr6WZVmtVssvWJ9lr6jPtRPrG5e8+eU9PgAAAGD1ftn474s3pQsOruBGTdv80+3ffXphYWEh+8jwn45+eWEhXTGRZaNrsqxxXXT5hx+tNW8TPJaN14aavh7qsfvhHteP9Lh+tMf1Yz2uX9Pj+vEe1y85AUuszWrpzrY0/rg+P6XZzdlo47otHW71WG3NUP3cpdtmtcZtFkaPZXPZiWw2m27ZPt+21tj+mU31fb07i/saatrXxvoK+ekjR+Mx1MI53tKyr8X7jH781mziZz995Ohfn3vh1k6z52loub/8OLdtrh/nZ8Ml+bHWsjXpnMTjHGo6zo0dnpPhluOsNW5X/3P7cb64wuMcXjzM66r9OR/Phhp/fq5xnkZqWYfztDFc9vM7siy7uHjY7dss2Vc2lK1ruWRo8fkZz1dk/T7qS+nV2cgVrdNNK1in9TmzpXWdtr8m4vO/KdxuZJljaH6afvzoWNPz/ouFq1mnUf1RL/daaV+D/X6tFGUNxnXxXONBP95xDW4Jj/+RrcuvwY5rp8MaTI+7aQ1u7rUGh8aGG8ecnoRa4zaLa3BHy/bDjT3VGvP5rd3X4NS5k2em5j/z8F1zJ48cnz0+e2rXjh3Tu/bs2bdv39SxuROz0/l/r/JsF9+6bCi9BjaHcxdfA29s27Z5qS58bWzJ++/Vvg7Hu7wO17dt2+/X4Uj7g6tdnxfk0jWdvzY+VD/p45eGsmVeY43nZ/vqX4fpcTe9DkeaXocdv6d0eB2OrOB1WN/mzPaV/cwy0vS/Tsew/PeC1a3B9U1rsP3nkfY12O+fR4qyBsfDuvj+9uW/F2wMx/v45JX+PDK8ZA2mhxvee+qXpJ/3x/c1Rqd1eVv9ihvGsvPzs2fvfujIuXNnd2RhXBevaVor7et1XdNjypas16ErXq8H525//LYOl68P52r8rvp/xpd9rurb7L67+3PV+O7W+Xy2XLozC6PPrvf57PTdvH4+x7LsK9959P5vPfKVty17Put587NTq/9ZPOXSpvff0WXef2PufynfX7qrx4ZHR/LX73A6O6Mt78etT9VI472r1tj3i1Mrez8eDf+73u/HN3d5P97Qtm2/349H2x9cfD+u9frbjtVpfz7Hwzo5Md39/bi+zYadV7omR7q+H98RZi2c/zeFpJByUdPaWW7dpn2NjIyGxzUS99C6Tne1bB/XW31fT+28unW67Y78vobTo1t0vdbpRNu2/V6n6e++lluntV5/+3Z12p/P8bAubt7VfZ3Wt3l29+rfO9fGPza9d471WoOjw2P1Yx5Ni7Dxfp8trI1r8O7saHY6O5HNNK4da6ynWmNfk/esbA2Ohf9d7/fKDV3W4La2bfu9BtP3seXWXm1k6YPvg/bnczysiyfu6b4G69u8fW9/f3bdFi5J2zT97Nr+92vL/Z3XbW2n6VqtlZFwnN/Z2/3vZuvbnNh3pTmz+3m6M1xyQ4fz1P76Xe41NZNdn/O0IRznC/uWP0/146lv8+X9K1xPB7Msu/Cpext/3xv+feXvzn/v6ZZ/d+n0bzoXPnXvT1557B+v5PgBGHwv5WNd/r2u6V+mVvLv/wAAAMBAiLl/KMxE/gcAAIDSiLk//r/CE/kfAAAASiPm/pEwk4rk/w1vf2HupQtZauYvBPH6dBruy7eLHdfp8PXEwqL65fc+Ofvf/3BhZfseyrLsF/f9QcftN9wXjys3EY7z8jtaL1/i6btWtO/DD15I+23ur3813H98PCtdBp0quNNZlj1z0xcb+5n46KXGfPa+w415/8XHH6tv8+L+/Ot4++dfk2//F6H8e/DYkZbbPx/Ow4/CnH5P5/MRb/eNS2/auPfDi/uLt6ttvrHxsJ/4WH6/8ffkfOmxfPt4npc7/m994alv1Ld/6A2dj//CUOfjfyrc75Nh/s/r8u2bn4P61/F2nwvHH/cXb3f317/d8fgvfz7f/sw78+0Ohxn3vy18veWdL8w1n6+HakdaHlf2rny7uP/p7/1x4/p4f/H+249//NCllvPRvj6e/bf8fqbato+Xx/1Ef9+2//r9NK/PuP+n/uhwy3nutf/L9z//uvr9tu//zrbtznxqe2P/i/fX+hub/vJzX+y4v3g8B//2TMvjOfjB8DoO+3/iY2E9huv/93J+f+2/XeHwB1vff+L2X11/oeXxRO/+Wb7/y2853phrxteuu+EVr7zx4uvr5y7LnluT31+v/R//q9Mtx/+1W/LzEa+PHf32/S8n7v/spydPnZ4/PzeTzuojNzV+d8578+OJx3tTeG9t//rQ6XMfnz07MT0xnWUT5f0Velft62H+JB8Xu2+9sOQddPuD4fm87c+fWbf1X78QL//3D+WXX3pP/n3rjWG7L4XL14fn78r2v9QTm25pvL5rz4YjXFj6+4JXY+OW/9q3og3D42//uSCu9zOv/XjjPNSva3zfiK/rVR7/D2by+/lmOK8L4Tczb75lcX/N28ffjXDpgfz1vurzF97m4vP6N+H5ft+P8vuPxxUf7w/CzzHf3tD6fhfXxzcvDLXff+O3eFwM7yfZxfz6uFU835devKXj4cXfQ5JdvLXx9Z+k+7n1ih7mcuY/Mz91Yu7U+Yemzs3On5ua/8zDh06ePn/q3KHG7/I89Ilet198f1rXeH+amd2zO2u8W53OxzX2ch//mQePzuyd3joze+zI+WPnHjwze/b40fn5o7Mz81uPHDs2++let5+bObBj5/5de3dOHp+bObBv//5d+yfnTp2uH0Z+UD3smf7k5Kmzhxo3mT+we/+Oe+7ZPT158vTM7IG909OT53vdvvG9abJ+69+fPDt74si5uZOzk/NzD88e2LF/z56dPX8b4Mkzx+Ynps6ePzV1fn727FT+WCbONS6uf+/rdXvKaf4/8p9n29XyX8SXfeDOPen3s9Y9+eiyd5Vv0vYLRF8Iv4vmn191Zt9Kvo65fzTMpCL5HwAAAKog5v6xMBP5HwAAAEoj5v41YSbyPwAAAJRGzP3jYSYVyf+l6/9vuLCi/ev/6/83ny/9/4r1/x8oWv8/f7/Q/++P1fbv9f8D/X/9f/1//X/9f/qgaP3/mPvXZlkl8z8AAABUQcz968JM5H8AAAAojZj7bwgzkf8BAACgNGLuf0WYSUXyv/6//r/+v/6//n/n/ev/Dyb9/+70/3vQ/5/KqtX/v9jP49f/1/9nqaL1/2Puf2WYSUXyPwAAAFRBzP03hpnI/wAAAFAaMfffFGYi/wMAAEBpxNy/PsykIvlf/1//X/9f/1//v/P+9f8Hk/5/d/r/Pej/+/x//X/9f/qqaP3/mPtfFWZSkfwPAAAAVRBz/6vDTOR/AAAAKJ6Rq7tZzP2vCTNZkv+vcgcAAADAyy7m/puztiJ4Rf79X/9f/7/4/f816Tr9f/3/rJD9/+FM/7849P+70//vQf9f/1//X/+fvipa/7+R+7Px7LVhJhXJ/wAAAFAFMfffEmYi/wMAAEBpxNz//8JM5H8AAAAojZj7N4SZVCT/6//r/xe//+/z//X/i97/9/n/RaL/353+fw/6//r/+v/6//RV0fr/MfffGmZSkfwPAAAAVRBz/21hJvI/AAAAlEbM/f8/zET+BwAAgNKIuX9jmElF8r/+f8H7/7E5qv+v/6//r/+v/78i+v/d6f/3oP+v/6//r/9PXxWt/x9z/+vCTCqS/wEAAKAKYu6/PcxE/gcAAIDSiLn/9WEm8j8AAACURsz9E2EmFcn/+v8F7//nPfgxn/+v/6//r/+v/78y+v/d6f/3oP+v/9+X/v/CBf1//X9yRev/x9y/KcykIvkfAAAAqiDm/s1hJvI/AAAAlEbM/XeEmcj/AAAAUBox928JM6lI/tf/H4j+f6b/r/+v/6//r/+/Mvr/3en/96D/r//v8//1/+mrovX/Y+5/Q5hJRfI/AAAAVEHM/VvDTOR/AAAAKI2Y+98YZiL/AwAAQGnE3L8tzKQi+V//X/9f/1//X/+/8/71/weT/n93+v896P/r/+v/6//TV0Xr/8fc/6Ywk4rkfwAAAKiCmPu3h5nI/wAAAFAaMfffGWYi/wMAAEBpxNw/GWZSkfyv/6//r/+v/6//33n/+v+DSf+/O/3/HvT/+9WfH9b/1//X/ycrYP8/5v67wkwqkv8BAACgCmLuvzvMRP4HAACA0oi5fyrMRP4HAACA0oi5fzrMpCL5X/9f/3/V/f+mB6//X4H+/+sX71f/P6f/Xyz6/93p//fQv/7/SFbt/r/P/7/q/v+o/j+lUrT+f8z9O8JMKpL/AQAAoApi7t8ZZiL/AwAAQGnE3L8rzET+BwAAgNKIuX93mElF8r/+v/6/z//X//f5/533r/8/mPT/u+t//z8+RP1/n/+v/+/z//X/Wapo/f+Y++8JM6lI/gcAAIAqiLl/T5iJ/A8AAAClEXP/3jAT+R8AAABKI+b+fWEmFcn/+v/6//r/+v/6/533r/8/mPT/u6v65/+v73UA+v/6//r/+v+s0gN/2PxV0fr/MffvDzOpSP4HAACAKoi5/81hJvI/AAAAlEbM/b8SZiL/AwAAQGnE3P+rYSZlyf89mof6//r/+v/6//r/nfev/z+Y9P+7q3r/vyf9f/1//X/9f/qqaP3/mPsPhJmUJf8DAAAAKff/WpiJ/A8AAAClEXP/W8JM5H8AAAAojZj7D4aZVCT/6//r/+v/6//r/3fe//Xu/4/F+9X/XxX9/+70/3vQ/9f/1//X/6evitb/j7n/rWEmFcn/AAAAUAUx998bZiL/AwAAQGnE3P+2MBP5HwAAAEoj5v63h5lUJP/r/+v/6//r/+v/d96/z/8fTPr/3en/96D/r/+v/6//T18Vrf8fc/87wkwqkv8BAACgCmLuf2eYifwPAAAApRFz/7vCTOR/AAAAKI2Y+98dZlKR/K//r/+v/6//r//fef/6/4NJ/787/f8e9P/1//X/9f/pq6L1/2Pu//Uwk4rkfwAAAKiCmPvvCzOR/wEAAKA0Yu5/T5iJ/A8AAAClEXP/e8NMKpL/9f/1//X/9f/1/zvvX/9/MOn/dzdg/f9f3hgu1//P6f8X+/ivtP8/0vb1Nen//3C5/v/Cmvbb6/9zLRSt/x9z//vCTCqS/wEAAKAKYu5/f5iJ/A8AAAClEXP/B8JM5H8AAAAojZj7fyPMpCL5X/+/fhyL7WX9/7L2/4f0//X/9f8rQv+/uwHr//v8/zb6/8U+fp//r//PUkXr/8fc/8Ewk4rkfwAAAKiCmPvvDzOR/wEAAKA0Yu5/IMxE/gcAAIDSiLn/Q2EmFcn/+v8+/78a/X+f/5/p/+v/V4T+f3f6/z3o/+v/F63//5/6/wy2ovX/Y+5/MMykIvkfAAAAqiDm/g+Hmcj/AAAAUBox9/9mmIn8DwAAAKURc/9Hwkwqkv/1/wel/z8xoP3/R/X/r2H///Yb8+30//X/WaT/353+fw/6//r/Rev/+/x/BlzR+v8x9380zGTl+X98xVsCAAAAL4uY+38rzKQi//4PAAAAVRBz/2+Hmcj/AAAAUBox9/9OmElF8r/+/zXp/ze+9Pn/Pv+/fX34/H/9f/3/a+/69f/jO4/+v/6//n+k/6//r/9Pu6L1/2Pu/90wk4rkfwAAAKiCmPs/FmYi/wMAAMBA6PSZbO1i7j8UZiL/AwAAQGnE3H84zKQi+V//f1A+/1//P6ta///PNv/L97/7/sM79P/1//X/r8h1/fz/+ovf5//r/+v/J/r/+v/6/7QrWv8/5v4jYSYVyf8AAABQBTH3/16YifwPAAAApRFz/9EwE/kfAAAASiPm/pkwk4rkf/1//X/9/4L2/wf48//j+dD/b9W3/n9809X/7yjv36dVdG37/x9e7Inr/19p/3+s46X6//r/g3z8+v/6/yxVtP5/zP2zYSYVyf8AAABQBSH3Dx3L5+IV8j8AAACURsz9x8NM5H8AAAAojZj7Px5mUpH8r/+v/6//r//v8/87779b/7824vP/iyr173/eeKHo/7cpTv+/M/1//f9BPn79f/1/lipa/z/m/rkwk4rkfwAAAKiCmPs/EWYi/wMAAEBpxNz/yTAT+R8AAABKI+b+E2EmFcn/+v/6//r/+v/6/533X9jP/9f/72q1/Xv9/0D/X/9f/1//X/+fPiha/z/m/pNhJhXJ/wAAAFAFMfefCjOR/wEA/o+9O2myrKz2OHzy3iIqK7iDO7uDOzHCoR+BgY71Azhw4kAjDAeiomJPYd+iqNgrgn2DDQgiKtg3YIdiDyr2fYMdokQZZK61qjJz5z6VVScz937f5xmwrJTkHImKqvpX1s8NAM3I3X9+3GL/AwAAQDNy9z82bulk/+v/9f/N9v8P1P/v9vr6f/1/y/T/4/T/S+j/9f/6f/0/KzW1/j93/+Pilk72PwAAAPQgd//j4xb7HwAAAJqRu/+CuMX+BwAAgGbk7n9C3NLJ/t/W/68t+uz/M+PV/7fU/3v+/66vr//X/7fsYPv/i+/7kU//r//X/wf9/2n1/0d3+3z9Py2aWv+fu/+JcUsn+x8AAAB6kLv/SXGL/Q8AAADNyN1/Ydxi/wMAAEAzcvc/OW7pZP+v7vn/xzY+PtP+v+j/9f8bH9D/6//1/7Pl+f/jeur/L7jt3Mfcdd3/X7+X19f/6/89/1//z2pNrf/P3f+UuKWT/Q8AAAA9yN3/1LjF/gcAAIBm5O5/Wtxi/wMAAEAzcvc/PW7pZP+vrv+f9fP/i/5f/7/xAf2//l//P1v6/3E99f9n8vr6f/2//l//z2pNrf/P3f+MuKWT/Q8AAAA9yN3/zLjF/gcAAIBm5O6/KG6x/wEAAKAZufuPxy2d7H/9//73//fq//X/cfX/+n/9//7T/4/T/y+h/9f/6//1/6zU1Pr/3P0Xxy2d7H8AAADoQe7+Z8Ut9j8AAAA0I3f/s+MW+x8AAACakbv/OXFLJ/tf/+/5//p//b/+f/j19f/zpP8fp/9fQv9/tv38Ofp//b/+n1Ptsf+/Z+SH7ZX0/7n7nxu3dLL/AQAAoAe5+58Xt9j/AAAA0Izc/c+PW+x/AAAAaEbu/hfELZ3sf/2//l//r/8/4/5/53e9Dfr/Yfr/g6H/HzeZ/n/tyOCHu+3/7958ow30/57/r//X/7PF1J7/n7v/hXFLJ/sfAAAAepC7/0Vxy8j+3/Nv5gMAAACHKnf/i+MWX/8HAACA2cvqLHf/S+KWTva//l//r//X/3v+//Drj/X/15/y/vT/06L/HzeZ/n8X3fb/i5PvV/8/3/ev/9f/s9PU+v/c/S+NWzrZ/wAAANCD3P2XxC32PwAAADQjd//L4hb7HwAAAJqRu//lcUsn+3+4/z/53+v/T4/+f+v71/8Pf/9YVf+f/0T9/2j//yDP/++T/n/cwff/R/X/W//5+v99dNjvv/H+/9iyz9f/M2Rq/X/u/kvjlk72PwAAAPQgd/8r4hb7HwAAAJqRu/+VcYv9DwAAAM3I3f+quKWT/e/5//p//f/8+v/tz/9P+v9NB/H8/8WB9/9H9P+nSf8/zvP/l9D/6//1/57/z0pNrf/P3X9Z3NLJ/gcAAIAeXHb3YmP3v3qxsP8BAABgjk79swPb/0BpyN3/mrjF/gcAAIBm5O5/bdzSyf7X/+v/9f/z7/89/7+H/t/z/0+X/n+c/n8J/f9+9PNHGuv/L9/t86fQ/1+k/2ditvT/N578+GH1/7n7Xxe3dLL/AQAAoAe5+18ft9j/AAAA0Izc/W+IW+x/AAAAaEbu/jfGLZ3s/33v/4/t/tr6f/2//l//r//X/6+a/n+c/n8J/b/n/3v+v/6fldrS/5/isPr/3P1vils62f8AAADQg9z9b45b7H8AAABoRu7+y+MW+x8AAACakbv/LXFLJ/vf8//1//p//b/+f/j19f/zpP8fp/9fQv+v/9f/6/9Zqan1/7n7r4hbOtn/AAAA0IPc/VfGLfY/AAAANCN3/1vjFvsfAAAAmpG7/21xSyf7X/+/v/1/flz/r/9f6P/1//r/A9Ft/7829DPRTrv0/7c86vhDtn5E/6//1//r//X/rMAk+v8TJ391mbv/7XFLJ/sfAAAAepC7/x1xi/0PAAAAzcjd/864xf4HAACAZuTuf1fcssf9/78rfVcHR//v+f/6f/2//n/49fX/8zS7/v+crd/0/H/9v/5/vu9f/6//Z6dJ9P+nfDt3/7vjFl//BwAAgGbk7n9P3GL/AwAAQDNy9783brH/AQAAoBm5+98Xt3Sy//X/+n/9v/5f/z/8+mfa/68vhun/D8bs+v9t9P/6f/3/fN+//l//z05T6/9z918Vt3Sy/wEAAKAHufvfH7fY/wAAANCM3P0fiFvsfwAAAGhG7v4Pxi2d7H/9v/5f/6//1/8Pv77n/8+T/n+c/n+xWFw98gaG+v8TR/X/+n/9v/6fMzS1/j93/4filk72PwAAAPQgd//VcYv9DwAAAM3I3X9N3GL/AwAAQDNy9384bulk/+v/9f/6f/2//n/49fX/86T/H6f/X8Lz//X/+n/9Pys1tf4/d/+1cUsn+x8AAAB6kLv/urjF/gcAAIBm5O7/SNxi/wMAAEAzcvdfH7d0sv/1//p//b/+f1/6/+P6/+30/wdj//r/hf5f/6//X0L/r//X/7PdQfX/98SP98v6/9z9H41bOtn/AAAA0IPc/TfELfY/AAAANCN3/8fiFvsfAAAAmpG7/+NxSyf7X/+v/9f/6/89/3/49fX/8+T5/+P0/0vo//X/+n/9Pyt1UP3/br3/9m/n7v9E3NLJ/gcAAIAe5O6/MW6x/wEAAKAZuftvilvsfwAAAGhG7v5Pxi2d7H/9v/5/a/+/WOj/9f/6/00H0P+vL/T/K6f/H6f/X0L/32b//1+Lhvr/Y7t+vv6fKZpa/5+7/1NxSyf7HwAAAHqQu//TcYv9DwAAAM3I3f+ZuMX+BwAAgGbk7v9s3NLS/r939/Rt/v3/0W2fqP9fLBa3X+j5//r/kdfX/0+m/69/q/r/1dH/j9P/L6H/b7P/9/x//T+HZmr9f+7+z8UtLe1/AAAA6Fzu/s/HLfY/AAAANCN3/xfiFvsfAAAAmpG7/4txSyf7f/79//ZP1P8vzur5//r/jQ/o//X/+v/ZOtv+/or1+DlN/6//1/8P9vNru/y6Z6H/1//r/xkwtf4/d/+X4pZO9j8AAAD0IHf/zXGL/Q8AAADNyN1/S9xi/wMAAEAzcvd/OW7pZP/r//X/+v959v/r+n/9v/5/0FSe/3/eeQ++Vf+v/2+x/x+j/9f/6//Zbmr9f+7+r8Qtnex/AAAA6EHu/q/GLfY/AAAANCN3/9fiFvsfAAAAmpG7/+txSyf7f2f/f85is1DdNNT/R6Om/z+F/n/r+9f/D3//8Px//b/+f/9Npf/3/P8ze//6f/3/nN//nvr/++38fP0/LZpa/5+7/9a4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy998Wt3Sy/z3/X/+v/9f/6/+HX1//P0/6/3H6/yX0//p/z/8//xH/rf9ndabW/+fu/1bcsjH87v8/Z/g/EwAAAJiQ3P3fjls6+fo/AAAA9CB3/3fiFvsfAAAAmpG7/7txSyf7X/+v/9f/6//1/8Ovr/+fJ/3/OP3/Ev30/+tDHzzsfv5sHfb7b6b/9/x/Vmhq/X/u/u/FLZ3sfwAAAOhB7v7vxy32PwAAADQjd/8P4hb7HwAAAJqRu//2uKWT/a//1/+33/8/XP+/7fX1//r/lun/82f0Yfr/Jfrp/wcddj8/9/ev/9f/s9PU+v/c/XfELZ3sfwAAAOhB7v4fxi32PwAAADQjd/+P4hb7HwAAAJqRu//HcUsn+1//31f/v7bosf/3/H/9v/6/J/Pp/688MvRRz//X/+v/5/v+9f/6f3aaWv+fu//OtSNd7n8AAACYq4c+4NF3nO7fe+fGX9cXP4lb7H8AAABoRu7+n8Yt9j8AAAA0I3f/z+KWTva//r+v/r/P5//r//X/+v+ezKf/H6b/1//r/+f7/vX/+n92mlr/n7v/53HLKcNv8P+gBwAAAJiN3P2/iFs6+fo/AAAA9CB3/y/jlh37/8Rp/ql2AAAAYGpy9/8qbunk6//6/4n3/4t96v/j79P/b9L/6/+HXl//P0/6/3Fn2f+fWNP/6/9H6P/1//p/tpta/5+7/4ZrF13ufwAAAGjUlt9R+PXGX9cXv4lb7H8AAABoRu7+38Yt9j8AAAA0I3f/7+KWTva//n/i/f8ZPf//WP0nz//vvP+/ZH3w9fX/+v+W6f/Hef7/Evp//b/+X//PSu2h/98YpPvd/+fu/33c0sn+BwAAgB7k7v9D3GL/AwAAQDNy9/8xbrH/AQAAoBm5+/8Ut3Sy//X/h9D/X3p0sdjX/v80nv+v/++j/9/l9dvp///v3OM3P+yR11yl/+ekg+z/8/uC/l//r//fpP/X/+v/2W5qz//P3f/nuKWT/Q8AAAA9yN1/V9xi/wMAAEAzcvf/JW65b//fdFjvCgAAAFil3P1/jVs6+fq//r/F5//Ps//Pf9eH0P8fn1//n01x7/2/5//r/3fy/P9x+v8l9P/6f/2//p+Vmlr/n7v/b3FLJ/sfAAAAepC7/+9xS+7/tT3/1j0AAAAwMbn7/xG3+Po/AAAANCN3/91xSyf7X/+v/59K/588///k53n+/yb9v/5/L/T/4/T/S+j/9f/6f/0/KzW1/j93/z/jlk72PwAAAPQgd/89cYv9DwAAAM3I3f+vuMX+BwAAgGbk7v933NLJ/tf/6//1//p//f/w6+v/50n/P07/v4T+X/+v/9f/s1JT6/9z9/8nAAD//3flcr8=")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000100)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x5453, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000480)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440)
chdir(0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

5.784111065s ago: executing program 1 (id=2247):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000f40)='./file0\x00', 0xa00010, &(0x7f0000000f80)=ANY=[@ANYBLOB='iocharset=iso8859-1,nostrict,uid=forget,anchor=00000000000000000145,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c646d6f64653d30303030303030303030303030303030303030323030342c756e64656c6574652c706172746974696f6e3d303030303030303030303030303030312c756e686964652c00a6a23b1c77357df200000000"], 0x2, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r0 = memfd_create(&(0x7f0000000200)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xac \xe8\xb6\xdf\x16J\xab\xecC\xe2{\xfd\x8a\xb4\x8e\x9c\xfb\xf6\xe9\xd8]B6)\x9f\x9cR\xae\x12G\xd8\xa4y\xef\x02?\xf2\xe7}\ra\x97F', 0x0)
r1 = dup(r0)
write$cgroup_pid(r1, &(0x7f0000000040)=0xffffffffffffffff, 0xe)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4, 0x10, r0, 0x0)
sendfile(r0, r1, &(0x7f0000000100), 0x6c03)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x107842, 0x0)

5.18688391s ago: executing program 0 (id=2248):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x4a4880, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet(0x2, 0x80001, 0x84)
sendmsg$nl_route(r0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
fchdir(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a00000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000028000000060a010400000000000000000100000008000b40000000010900010073797a3000000000140000001100010000000000000000000000000a6ca9f3f040f5e8921017bfc446d1c437665c81cad37b960b62ae31ad6bdfef6a4ff767f2700c2ef71535f5094de7268109ec95c995cf2e7e52ae20e91dc5be4e3b03623c5d0f34d69715e8985beee2c9094c46a3b1d83b7dec4ded394d5484840670ff1c200d39b571e763cdb48347e15d68070fd1319aa5a5ea9537305b48eecec06b887f098ff9281ce20cfb48ad5ef68e27bb5d5e30efa24db6171ce54e4005730c6e9aca9dd2663be366763b5b22913c2ffbf21bee446a4c86bf2eb2d794e93dd0b13a1af8ef63e056f0055ab6d296"], 0x9c}}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

5.183957447s ago: executing program 4 (id=2249):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)={0x74, r2, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}, @MPTCP_PM_ATTR_ADDR={0x40, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0xab}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xc3}]}, 0x74}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f0000000040)={0x4, 0x2, 0x1})
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc058560f, &(0x7f0000000180)={0x0, 0xa})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
syz_usb_control_io(r4, &(0x7f0000000000)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="000005"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r4, &(0x7f00000002c0)={0x24, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0003020000000203"], 0x0, 0x0}, 0x0)
mknod(0x0, 0x8000, 0xfffffffd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
fchmod(r3, 0x78)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRESHEX], 0x82)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="580000000206010100000000000000000000000005000100070000000900020073797a30000000000c00f480080008400000001014000300686173683a69702c706f72742c69700005000500020000000500040000000000", @ANYRESHEX=r7], 0x58}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$IPSET_CMD_SAVE(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c000000080601020000000000000000000000000500010007000000d4ac7e058002f0937688f389d0cc4c6b03db69a4be1dea83f0c03459e044f5795da021413293c3859c6b61ae447a7e1b88deb6ffa90383f370edbb6640e7a4c350a902229042f3f7f4e79e478b86da808988bdd7e09ef3f54f84ffff5a287d9495562121e2996002f7f1054ab223fb40168ed3770fd0d1ccf6164826558746b246858beec79b0af6d9173c04860f208046449f76121826ae"], 0x1c}}, 0x0)

4.947073087s ago: executing program 1 (id=2250):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000c00), 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
rename(&(0x7f0000000300)='./control/file0\x00', &(0x7f0000000280)='./control/file0\x00')
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000040)={0x80, 0x6, 0x0, 0x300, 0x1, 0x0, 0x0})

4.740027969s ago: executing program 1 (id=2251):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = syz_open_dev$rtc(&(0x7f0000000080), 0x6, 0x402c1)
fcntl$setstatus(r1, 0x4, 0x4c00)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x0, 0x4, 0x0, 0x0}, 0x90)
r4 = socket(0x28, 0x801, 0x0)
getsockopt$bt_BT_SECURITY(r4, 0x28, 0x6, 0x0, 0x20000000)
r5 = openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000280)={r6, 0x0, 0x25, 0x11, @void}, 0x10)
close_range(r5, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x442, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0x0, 0x0}, 0x0)
write$binfmt_script(r7, &(0x7f0000000500), 0xb7)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x0)

3.753881604s ago: executing program 1 (id=2252):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x5586, &(0x7f00000079c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx44SsumCJWPBPEEisWPIbWMASdogFiB0SyDMTaNoGSuM4avs80vjMHL8+874jK9KZiRzAU2sh/e2XJE7FsYiYi4iTSeT7SblF3Im4XIx9LiJOR0Tlri0p838lDkfE8Yg4NSle1EzKtz47Oz5z8ec3f/362yOHTnz+1XcHunDgQD0fEf3VYn+jX8SsU8RbZb4x7uaxf2FcxtUdNfpZkd9or+QVNhrb4xp5PN8pxmer68NJvNlrNCex072Z51cHxQmH4852nckH0luNtfy41V7JY3eY5bGzVZx3c6v427Y1HBV1WmW9j/LyMRptxyLf3mwX61m9ncfmYFTmi7pZq705ieMylqeLZtZr5fNYecSL/Bh4qztY30zH7bVhNxukF2v1F2r1S9X6WtZqj9oXqo1+69KFdLHTmwyrjtqN/uVOlnV67Voz6y+li51ms1qvp4tX2ivdxiCt12vna+eqF5fKvbPpa9ffS3utdHESX+kO1kfd3jC9ma2lxSeW0uXa+ReX0jP19J1rN9Ibb1+9eu3Gux9cef/6y9feeLUcdN+00sXlc8vL1fq56nJ96Sla/8flpP/D+pMHp3/4fm+XDQq7fMEA2N19/X/c2/+H/h+Yur30//3b5fH+9P/xMP1/TLP/n7RU+v9/738rB9D/zof+fx/XD3vyaP3/4anPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftx/ovX852F4vhEmf9fmXqmPE4iohIRfzzAXBzeUXOurDO/y/j5e+bwTRJ5hck5jpTb8Yi4XG6//3+/rwIAAAA8ub68c/rTolsvXhYOekLMUnHTpnLywynVSyJifuGnKVWrTF6enVKx/Pt9KDanVC2/gXV0SsWKW26HplXtocztCEfvCkkRKjOdDgAAMBM7O4HZdiEAAADM0if/+O5LM5sHM5bE9qPM7WfB+X/e//1A8NiO9wAAAIDHUHLQEwAAAAD2Xd7/+/0/AAAAeLIVv/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzP7lpA1EcgJ8Nhv5VUdV9r9IdHKNH6LLLwgF6CY5Ar9ALcAYiZZEjRBBhT5CcgBSJMU7Q90m2M+Po5xlg88bSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqpVrN/f77/PTdnuztPntkAAAAAx2yq1az+Y9K0P6b+z6nra2oXEVFGxLHafRCjVuYg5VQn/r96Mob/EXXCvn+cjg8R8SMd91+6/hQAAADgeq0Xy2lTrTentARw2++ouJBm0ab89DNTXhER1eQuU1q5P33LFFb/vofxO1NavYD1LlNYs+Q2PH5vlOshbYPW5XEm8/pLrFtlN88FAAD61K4ETlQhAAAAXIFffQ+AS3he2heH0+E947i5pBeC71stAAAA4A0q+h4AAAAA0Lm6/n9N+/8V9v8DAACA7Jr9/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSplrN1ovl9NT9+Qtztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLA/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxb799EZRhgEAf3anu1DUWKtpYtVgwkEvUhYEuRqjaTz4EUyassXqIgo9CGnEXryZnrkYPRpjoqm3fgfONOGCNw491MSTh5r5V2bbFRqUmUJ/v+Td99nZ4f23E9Jn3lkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKm+/Gq+0iTtKXiTwuj93eWp5P641ddWp99c50WtK4VfO4nwCvVd8cn2puIAAAABweSZnfR8TdztpsWrcnsvy/U56T5vw/PJfHZT6/O+/f2Fo+Wnw0Xeb/v/9276WdjiaSrJ+00YXFQf/U3qGMPaYpHnjPP/SMsWzls3svSfaFtD9ceXGzk61n67tbt97vZuGROkYLADyKk2VdBOXfQ2nda3JgABwaY5XEu8z/k4lmxwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh82VeKaMWxExPXY/Tm1sLc+Pqr9ZvTO9XpRzN2+uVttMm+hExMLioH+qxrkcXOVqXv9sbjDoX7l6re7geESM+OjG/v55Ugz/X8/pRsTQkRMvj2jn4330taudPUFxeUa9aziezu+hJ7eGjrT2LPh727kmLoC6gnbx/TyOLsZr/96Hg/La+/9brvm/IwAAnnqdoqSZ6N3O2mx6rDUZsf3jcP7/RiWOobx/+0Z+JH+/Xsn/731y7na1r2r+36tpfk+CmaVLX8xcvXb9rcVLcxf7F/ufv326907vzPmzZ8/PZPdKZhai7Y4JAAAA/0G3KNX8vz25d///WCWOB+z/51vCef7/5fe9r6t9JfL/ke5v+jU9EgAAgMOouxO98Ppff7ZGnNHqduOruaWlK738def96fy11uE+oiNFqeb/yWTTowIAAADqsLnSGtr/v1CJ4wH7/9Xn/5/96ZVfqm0mETEecTki+ifnLw8u1DedA62OHypnHXWbnikAAABNGS9Kdf+/kz3/39555KEdEW+eiPi7+A1/7DP/Tz749udqX9Xn/8/UOsuDpz2Vr0dWT0WMTTU9IgAAAJ5mR4uSJvt/dNZmP/312Eddz/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O2fAAAA//+FVSwP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
fdatasync(r2)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0)

2.974218729s ago: executing program 2 (id=2253):
socket$kcm(0x10, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
epoll_create(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_DEL(r3, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000001280), 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

2.747455588s ago: executing program 0 (id=2254):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90)
keyctl$session_to_parent(0x12)
socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
shutdown(r0, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x2, 0x4, 0x24b5, 0x9, 0x400}, 0x48)
sendmsg$inet(r2, &(0x7f0000000f80)={0x0, 0x2, &(0x7f0000000f40)=[{&(0x7f0000000040)="af", 0x1}], 0x1}, 0x2000c805)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x121)
socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000080000085000000060000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000a40)={0x2020}, 0x2020)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x0)

1.268078493s ago: executing program 3 (id=2255):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfffffff9)
write$binfmt_misc(r1, 0x0, 0x4)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

341.411961ms ago: executing program 2 (id=2256):
syz_open_dev$video4linux(&(0x7f0000000040), 0x5b6b694b, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000100)={0x1, 0x0, {0x0, 0x0, 0x3001}})

54.787855ms ago: executing program 2 (id=2257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x301, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfffffff9)
write$binfmt_misc(r1, 0x0, 0x4)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)
epoll_create1(0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 1 (id=2258):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x4a4880, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet(0x2, 0x80001, 0x84)
sendmsg$nl_route(r0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
fchdir(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a00000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000028000000060a010400000000000000000100000008000b40000000010900010073797a3000000000140000001100010000000000000000000000000a6ca9f3f040f5e8921017bfc446d1c437665c81cad37b960b62ae31ad6bdfef6a4ff767f2700c2ef71535f5094de7268109ec95c995cf2e7e52ae20e91dc5be4e3b03623c5d0f34d69715e8985beee2c9094c46a3b1d83b7dec4ded394d5484840670ff1c200d39b571e763cdb48347e15d68070fd1319aa5a5ea9537305b48eecec06b887f098ff9281ce20cfb48ad5ef68e27bb5d5e30efa24db6171ce54e4005730c6e9aca9dd2663be366763b5b22913c2ffbf21bee446a4c86bf2eb2d794e93dd0b13a1af8ef63e056f0055ab6d296"], 0x9c}}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

kernel console output (not intermixed with test programs):

eld by syz.2.1964/17148:
[  989.426720][    C0]  #0: ffffffff8e9f2688 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x66/0x560
[  989.435918][    C0] 1 lock held by syz.1.1968/17151:
[  989.441029][    C0]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[  989.449854][    C0] 
[  989.452209][    C0] =============================================
[  989.452209][    C0] 
[  989.517872][    T8] usb 4-1: Using ep0 maxpacket: 16
[  989.580072][T13689] team0 (unregistering): Port device team_slave_1 removed
[  989.582437][T16377] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  989.721390][T13689] team0 (unregistering): Port device team_slave_0 removed
[  990.153711][ T5281] usb 3-1: new low-speed USB device number 54 using dummy_hcd
[  990.409201][ T5281] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  990.451771][ T5281] usb 3-1: string descriptor 0 read error: -22
[  990.464092][ T5281] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  990.473334][ T5281] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  990.501337][T17153] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  990.513759][ T5281] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  990.515593][    C0] DEBUG: waiting rtnl_mutex for 726 jiffies.
[  990.528101][    C0] task:dhcpcd          state:D stack:20672 pid:4898  tgid:4898  ppid:4897   flags:0x00000002
[  990.538390][    C0] Call Trace:
[  990.541718][    C0]  <TASK>
[  990.544750][    C0]  __schedule+0x1800/0x4a60
[  990.549359][    C0]  ? __pfx___schedule+0x10/0x10
[  990.554318][    C0]  ? __pfx_lock_release+0x10/0x10
[  990.559381][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  990.564922][    C0]  ? schedule+0x90/0x320
[  990.569244][    C0]  schedule+0x14b/0x320
[  990.573429][    C0]  schedule_preempt_disabled+0x13/0x30
[  990.578949][    C0]  __mutex_lock+0x6a4/0xd70
[  990.583552][    C0]  ? __mutex_lock+0x527/0xd70
[  990.588275][    C0]  ? devinet_ioctl+0x2ce/0x1bc0
[  990.593168][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  990.598324][    C0]  ? bpf_lsm_capable+0x9/0x10
[  990.603061][    C0]  ? security_capable+0x90/0xb0
[  990.608003][    C0]  ? get_rtnl_holder+0x144/0x190
[  990.612968][    C0]  devinet_ioctl+0x2ce/0x1bc0
[  990.617708][    C0]  ? get_user_ifreq+0x1bb/0x200
[  990.622601][    C0]  inet_ioctl+0x3d7/0x4f0
[  990.627016][    C0]  ? __pfx_inet_ioctl+0x10/0x10
[  990.631945][    C0]  sock_do_ioctl+0x158/0x460
[  990.636602][    C0]  ? __pfx_sock_do_ioctl+0x10/0x10
[  990.641751][    C0]  ? __pfx_lock_release+0x10/0x10
[  990.646865][    C0]  sock_ioctl+0x629/0x8e0
[  990.651256][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  990.656192][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  990.662261][    C0]  ? bpf_lsm_file_ioctl+0x9/0x10
[  990.667284][    C0]  ? security_file_ioctl+0x87/0xb0
[  990.672545][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  990.677475][    C0]  __se_sys_ioctl+0xfc/0x170
[  990.682107][    C0]  do_syscall_64+0xf3/0x230
[  990.686699][    C0]  ? clear_bhb_loop+0x35/0x90
[  990.691423][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.697366][    C0] RIP: 0033:0x7f844e95ad49
[  990.701810][    C0] RSP: 002b:00007ffd95c3e368 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  990.710304][    C0] RAX: ffffffffffffffda RBX: 00007f844e88c6c0 RCX: 00007f844e95ad49
[  990.718365][    C0] RDX: 00007ffd95c4e558 RSI: 0000000000008914 RDI: 000000000000000e
[  990.726425][    C0] RBP: 00007ffd95c5e718 R08: 00007ffd95c4e518 R09: 00007ffd95c4e4c8
[  990.734476][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  990.742497][    C0] R13: 00007ffd95c4e558 R14: 0000000000000028 R15: 0000000000008914
[  990.750636][    C0]  </TASK>
[  990.753731][    C0] DEBUG: waiting rtnl_mutex for 620 jiffies.
[  990.759755][    C0] task:syz.4.1963      state:D stack:23800 pid:17119 tgid:17115 ppid:15589  flags:0x00004004
[  990.770051][    C0] Call Trace:
[  990.770066][    C0]  <TASK>
[  990.770106][    C0]  __schedule+0x1800/0x4a60
[  990.770160][    C0]  ? __pfx___schedule+0x10/0x10
[  990.770201][    C0]  ? __pfx_lock_release+0x10/0x10
[  990.770255][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  990.770291][    C0]  ? schedule+0x90/0x320
[  990.770321][    C0]  schedule+0x14b/0x320
[  990.770356][    C0]  schedule_preempt_disabled+0x13/0x30
[  990.770412][    C0]  __mutex_lock+0x6a4/0xd70
[  990.770439][    C0]  ? __mutex_lock+0x527/0xd70
[  990.770465][    C0]  ? br_ioctl_stub+0xa4/0xb00
[  990.770494][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  990.770548][    C0]  ? __pfx___mutex_trylock_common+0x10/0x10
[  990.770573][    C0]  ? tomoyo_path_number_perm+0x71a/0x880
[  990.770605][    C0]  ? get_rtnl_holder+0x144/0x190
[  990.770633][    C0]  br_ioctl_stub+0xa4/0xb00
[  990.770689][    C0]  ? __pfx_br_ioctl_stub+0x10/0x10
[  990.770716][    C0]  ? sock_ioctl+0x5c6/0x8e0
[  990.770747][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  990.770779][    C0]  ? __pfx_br_ioctl_stub+0x10/0x10
[  990.770831][    C0]  sock_ioctl+0x5ee/0x8e0
[  990.770865][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  990.770894][    C0]  ? __fget_files+0x29/0x470
[  990.770919][    C0]  ? __fget_files+0x3f6/0x470
[  990.770966][    C0]  ? __fget_files+0x29/0x470
[  990.770996][    C0]  ? bpf_lsm_file_ioctl+0x9/0x10
[  990.771020][    C0]  ? security_file_ioctl+0x87/0xb0
[  990.771045][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[  990.771102][    C0]  __se_sys_ioctl+0xfc/0x170
[  990.771139][    C0]  do_syscall_64+0xf3/0x230
[  990.771163][    C0]  ? clear_bhb_loop+0x35/0x90
[  990.771198][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.771249][    C0] RIP: 0033:0x7f0729f773b9
[  990.771272][    C0] RSP: 002b:00007f072ad1a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  990.771301][    C0] RAX: ffffffffffffffda RBX: 00007f072a106130 RCX: 00007f0729f773b9
[  990.771319][    C0] RDX: 0000000020000040 RSI: 00000000000089a0 RDI: 000000000000000a
[  990.771335][    C0] RBP: 00007f0729fe48e6 R08: 0000000000000000 R09: 0000000000000000
[  990.771352][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  990.771393][    C0] R13: 000000000000006e R14: 00007f072a106130 R15: 00007ffc99325028
[  990.771427][    C0]  </TASK>
[  990.771439][    C0] DEBUG: waiting rtnl_mutex for 962 jiffies.
[  990.771454][    C0] task:kworker/1:6     state:D stack:20592 pid:5282  tgid:5282  ppid:2      flags:0x00004000
[  990.771495][    C0] Workqueue: events linkwatch_event
[  990.771549][    C0] Call Trace:
[  990.771560][    C0]  <TASK>
[  990.771575][    C0]  __schedule+0x1800/0x4a60
[  990.771629][    C0]  ? __pfx___schedule+0x10/0x10
[  990.771687][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  990.771718][    C0]  ? __pfx_lock_release+0x10/0x10
[  990.771749][    C0]  ? kick_pool+0x1bd/0x620
[  990.771784][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  990.771839][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  990.771871][    C0]  ? schedule+0x90/0x320
[  990.771900][    C0]  schedule+0x14b/0x320
[  990.771933][    C0]  schedule_preempt_disabled+0x13/0x30
[  990.771988][    C0]  __mutex_lock+0x6a4/0xd70
[  990.772017][    C0]  ? __mutex_lock+0x527/0xd70
[  990.772041][    C0]  ? linkwatch_event+0xe/0x60
[  990.772067][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  990.772122][    C0]  ? get_rtnl_holder+0x144/0x190
[  990.772150][    C0]  ? process_scheduled_works+0x945/0x1830
[  990.772186][    C0]  linkwatch_event+0xe/0x60
[  990.772210][    C0]  process_scheduled_works+0xa2c/0x1830
[  990.772279][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  990.772316][    C0]  ? assign_work+0x364/0x3d0
[  990.772351][    C0]  worker_thread+0x86d/0xd40
[  990.772413][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  990.772447][    C0]  ? __kthread_parkme+0x169/0x1d0
[  990.772482][    C0]  ? __pfx_worker_thread+0x10/0x10
[  990.772537][    C0]  kthread+0x2f0/0x390
[  990.772561][    C0]  ? __pfx_worker_thread+0x10/0x10
[  990.772591][    C0]  ? __pfx_kthread+0x10/0x10
[  990.772615][    C0]  ret_from_fork+0x4b/0x80
[  990.772646][    C0]  ? __pfx_kthread+0x10/0x10
[  990.772691][    C0]  ret_from_fork_asm+0x1a/0x30
[  990.772736][    C0]  </TASK>
[  990.772747][    C0] DEBUG: waiting rtnl_mutex for 960 jiffies.
[  990.772761][    C0] task:syz-executor    state:D stack:21728 pid:16949 tgid:16949 ppid:16934  flags:0x00000000
[  990.772827][    C0] Call Trace:
[  990.772838][    C0]  <TASK>
[  990.772853][    C0]  __schedule+0x1800/0x4a60
[  990.772905][    C0]  ? __pfx___schedule+0x10/0x10
[  990.772963][    C0]  ? __pfx_lock_release+0x10/0x10
[  990.772995][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  990.773030][    C0]  ? schedule+0x90/0x320
[  990.773059][    C0]  schedule+0x14b/0x320
[  990.773116][    C0]  schedule_preempt_disabled+0x13/0x30
[  990.773147][    C0]  __mutex_lock+0x6a4/0xd70
[  990.773174][    C0]  ? __mutex_lock+0x527/0xd70
[  990.773210][    C0]  ? rtnetlink_rcv_msg+0x6eb/0xd00
[  990.773269][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  990.773303][    C0]  ? get_rtnl_holder+0x144/0x190
[  990.773329][    C0]  rtnetlink_rcv_msg+0x6eb/0xd00
[  990.773361][    C0]  ? rtnetlink_rcv_msg+0x1a7/0xd00
[  990.773417][    C0]  ? __lock_acquire+0x1384/0x2050
[  990.773447][    C0]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  990.773546][    C0]  netlink_rcv_skb+0x1e3/0x430
[  990.773573][    C0]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  990.773607][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  990.773648][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[  990.773696][    C0]  netlink_unicast+0x7f6/0x990
[  990.773737][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[  990.773767][    C0]  ? __virt_addr_valid+0x183/0x530
[  990.773793][    C0]  ? __check_object_size+0x49c/0x900
[  990.773841][    C0]  ? bpf_lsm_netlink_send+0x9/0x10
[  990.773877][    C0]  netlink_sendmsg+0x8e4/0xcb0
[  990.773915][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  990.773941][    C0]  ? aa_sock_msg_perm+0x91/0x160
[  990.773997][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  990.774019][    C0]  ? security_socket_sendmsg+0x87/0xb0
[  990.774046][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[  990.774068][    C0]  __sock_sendmsg+0x221/0x270
[  990.774127][    C0]  __sys_sendto+0x3a4/0x4f0
[  990.774161][    C0]  ? __pfx___sys_sendto+0x10/0x10
[  990.774218][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  990.774278][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  990.774316][    C0]  __x64_sys_sendto+0xde/0x100
[  990.774346][    C0]  do_syscall_64+0xf3/0x230
[  990.774370][    C0]  ? clear_bhb_loop+0x35/0x90
[  990.774424][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  990.774450][    C0] RIP: 0033:0x7fd98a77914c
[  990.774470][    C0] RSP: 002b:00007ffd38d77050 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  990.774498][    C0] RAX: ffffffffffffffda RBX: 00007fd98b434620 RCX: 00007fd98a77914c
[  990.774517][    C0] RDX: 0000000000000038 RSI: 00007fd98b434670 RDI: 0000000000000003
[  990.774559][    C0] RBP: 0000000000000000 R08: 00007ffd38d770a4 R09: 000000000000000c
[  990.774575][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  990.774590][    C0] R13: 0000000000000000 R14: 00007fd98b434670 R15: 0000000000000000
[  990.774624][    C0]  </TASK>
[  990.774636][    C0] DEBUG: holding rtnl_mutex for 958 jiffies.
[  990.774650][    C0] task:kworker/u8:14   state:R  running task     stack:20248 pid:13689 tgid:13689 ppid:2      flags:0x00004008
[  990.774723][    C0] Workqueue: netns cleanup_net
[  990.774750][    C0] Call Trace:
[  990.774761][    C0]  <IRQ>
[  990.774773][    C0]  sched_show_task+0x506/0x6d0
[  990.774801][    C0]  ? report_rtnl_holders+0x2a5/0x400
[  990.774857][    C0]  ? __pfx__printk+0x10/0x10
[  990.774888][    C0]  ? __pfx_sched_show_task+0x10/0x10
[  990.774914][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  990.774945][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  990.775006][    C0]  report_rtnl_holders+0x327/0x400
[  990.775046][    C0]  call_timer_fn+0x18e/0x650
[  990.775071][    C0]  ? call_timer_fn+0xc0/0x650
[  990.775093][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  990.775147][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  990.775175][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  990.775213][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  990.775241][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  990.775294][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  990.775325][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  990.775356][    C0]  ? __pfx_report_rtnl_holders+0x10/0x10
[  990.775388][    C0]  __run_timer_base+0x66a/0x8e0
[  990.775455][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  990.775504][    C0]  run_timer_softirq+0xb7/0x170
[  990.775528][    C0]  handle_softirqs+0x2c4/0x970
[  990.775585][    C0]  ? __irq_exit_rcu+0xf4/0x1c0
[  990.775619][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  990.775651][    C0]  ? irqtime_account_irq+0xd4/0x1e0
[  990.775686][    C0]  __irq_exit_rcu+0xf4/0x1c0
[  990.775738][    C0]  ? __pfx___irq_exit_rcu+0x10/0x10
[  990.775778][    C0]  irq_exit_rcu+0x9/0x30
[  990.775804][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  990.775836][    C0]  </IRQ>
[  990.775869][    C0]  <TASK>
[  990.775881][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  990.775909][    C0] RIP: 0010:preempt_schedule_irq+0xf6/0x1c0
[  990.775941][    C0] Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 8b 00 00 00 bf 01 00 00 00 e8 45 c9 a0 f5 e8 c0 66 d9 f5 fb bf 01 00 00 00 <e8> 55 ad ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 45 3b 39 f6 48
[  990.775964][    C0] RSP: 0018:ffffc900033af460 EFLAGS: 00000286
[  990.776010][    C0] RAX: 756414c9a28fb000 RBX: 1ffff92000675e94 RCX: ffffffff817022ea
[  990.776030][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0ad560 RDI: 0000000000000001
[  990.776048][    C0] RBP: ffffc900033af510 R08: ffffffff9373780f R09: 1ffffffff26e6f01
[  990.776067][    C0] R10: dffffc0000000000 R11: fffffbfff26e6f02 R12: 1ffff92000675e8c
[  990.776085][    C0] R13: 1ffff92000675e90 R14: ffffc900033af480 R15: dffffc0000000000
[  990.776114][    C0]  ? mark_lock+0x9a/0x360
[  990.776176][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  990.776228][    C0]  irqentry_exit+0x5e/0x90
[  990.776258][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  990.776306][    C0] RIP: 0010:synchronize_rcu+0x0/0x360
[  990.776330][    C0] Code: e1 07 80 c1 03 38 c1 0f 8c 97 fe ff ff 4c 89 f7 e8 65 38 81 00 e9 8a fe ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48
[  990.776350][    C0] RSP: 0018:ffffc900033af5d8 EFLAGS: 00000206
[  990.776372][    C0] RAX: dffffc0000000000 RBX: 1ffff92000675ec4 RCX: ffffffff94f2f903
[  990.776391][    C0] RDX: 0000000000000001 RSI: ffffffff8c0ae240 RDI: ffffffff8c607c40
[  990.776408][    C0] RBP: ffffc900033af6b8 R08: ffffffff94f1ddff R09: 1ffffffff29e3bbf
[  990.776448][    C0] R10: dffffc0000000000 R11: fffffbfff29e3bc0 R12: ffffffff94f1aeb8
[  990.776467][    C0] R13: 1ffff92000675ec0 R14: 0000000000000a03 R15: ffffc900033af620
[  990.776502][    C0]  lockdep_unregister_key+0x4b7/0x540
[  990.776538][    C0]  ? __pfx_lockdep_unregister_key+0x10/0x10
[  990.776596][    C0]  ? rcu_is_watching+0x15/0xb0
[  990.776620][    C0]  ? qdisc_reset+0x3bf/0x5b0
[  990.776651][    C0]  __qdisc_destroy+0x165/0x410
[  990.776679][    C0]  dev_shutdown+0x357/0x450
[  990.776729][    C0]  unregister_netdevice_many_notify+0x97b/0x1c40
[  990.776778][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  990.776828][    C0]  ? unregister_netdevice_queue+0x26b/0x370
[  990.776888][    C0]  ? batadv_softif_destroy_netlink+0x1e3/0x270
[  990.776924][    C0]  default_device_exit_batch+0xa0f/0xa90
[  990.776959][    C0]  ? __pfx___might_resched+0x10/0x10
[  990.777010][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  990.777044][    C0]  ? cfg802154_pernet_exit+0xc3/0xe0
[  990.777075][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  990.777101][    C0]  cleanup_net+0x89d/0xcc0
[  990.777154][    C0]  ? __pfx_cleanup_net+0x10/0x10
[  990.777187][    C0]  ? process_scheduled_works+0x8a6/0x1830
[  990.777215][    C0]  ? process_scheduled_works+0x8e1/0x1830
[  990.777251][    C0]  ? process_scheduled_works+0x945/0x1830
[  990.777302][    C0]  process_scheduled_works+0xa2c/0x1830
[  990.777361][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  990.777401][    C0]  ? assign_work+0x364/0x3d0
[  990.777456][    C0]  worker_thread+0x86d/0xd40
[  990.777496][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  990.777532][    C0]  ? __kthread_parkme+0x169/0x1d0
[  990.777588][    C0]  ? __pfx_worker_thread+0x10/0x10
[  990.777618][    C0]  kthread+0x2f0/0x390
[  990.777640][    C0]  ? __pfx_worker_thread+0x10/0x10
[  990.777669][    C0]  ? __pfx_kthread+0x10/0x10
[  990.777693][    C0]  ret_from_fork+0x4b/0x80
[  990.777745][    C0]  ? __pfx_kthread+0x10/0x10
[  990.777768][    C0]  ret_from_fork_asm+0x1a/0x30
[  990.777812][    C0]  </TASK>
[  990.777824][    C0] 
[  990.777824][    C0] Showing all locks held in the system:
[  990.777836][    C0] 5 locks held by kworker/0:0/8:
[  990.777852][    C0]  #0: ffff888018ad1148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  990.777947][    C0]  #1: ffffc900000d7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  990.778039][    C0]  #2: ffff888023f22190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  990.778108][    C0]  #3: ffff888023f25518 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x25b9/0x5150
[  990.778207][    C0]  #4: ffff888023de0c68 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x25f7/0x5150
[  990.778334][    C0] 1 lock held by syslogd/4666:
[  990.778349][    C0]  #0: ffff8880b933ea18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[  990.778418][    C0] 1 lock held by klogd/4673:
[  990.778457][    C0] 1 lock held by dhcpcd/4898:
[  990.778471][    C0]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x2ce/0x1bc0
[  990.778537][    C0] 2 locks held by getty/4983:
[  990.778551][    C0]  #0: ffff88802b14d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  990.778644][    C0]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  990.778735][    C0] 3 locks held by kworker/1:6/5282:
[  990.778750][    C0]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  990.778820][    C0]  #1: ffffc90003f07d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  990.778910][    C0]  #2: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  990.778997][    C0] 6 locks held by kworker/u8:14/13689:
[  990.811602][T17154] tty tty24: ldisc open failed (-12), clearing slot 23
[  990.813720][    C0]  #0: ffff8880166e5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  990.813826][    C0]  #1: ffffc900033afd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  992.170513][    C0]  #2: ffffffff8fc751d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  992.180017][    C0]  #3: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: default_device_exit_batch+0xe9/0xa90
[  992.190127][    C0]  #4: ffffc90000007c00 (net/core/rtnetlink.c:83){+.-.}-{0:0}, at: call_timer_fn+0xc0/0x650
[  992.200308][    C0]  #5: ffffffff8e937a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  992.210255][    C0] 1 lock held by syz-executor/16949:
[  992.215607][    C0]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6eb/0xd00
[  992.225133][    C0] 2 locks held by syz.4.1963/17119:
[  992.230373][    C0]  #0: ffffffff8fc668e8 (br_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x5c6/0x8e0
[  992.239672][    C0]  #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: br_ioctl_stub+0xa4/0xb00
[  992.248763][    C0] 2 locks held by syz.3.1966/17134:
[  992.254038][    C0]  #0: ffff88806998c458 (sk_lock-AF_SMC){+.+.}-{0:0}, at: smc_connect+0xb7/0xde0
[  992.263266][    C0]  #1: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: smc_vlan_by_tcpsk+0x399/0x4e0
[  992.272725][    C0] 1 lock held by syz.3.1966/17136:
[  992.277872][    C0]  #0: ffff88806998c458 (sk_lock-AF_SMC){+.+.}-{0:0}, at: smc_shutdown+0x70/0x9c0
[  992.287173][    C0] 1 lock held by syz.1.1968/17151:
[  992.292296][    C0]  #0: ffffffff8fc81d48 (rtnl_mutex){+.+.}-{3:3}, at: dev_ioctl+0x86e/0x1340
[  992.301142][    C0] 2 locks held by syz.2.1969/17153:
[  992.306406][    C0]  #0: ffffffff8e7f25e8 (sched_core_mutex){+.+.}-{3:3}, at: sched_core_get+0x51/0x180
[  992.316114][    C0]  #1: ffffffff8e93ce38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  992.327126][    C0] 
[  992.329463][    C0] =============================================
[  992.329463][    C0] 
[  992.368426][ T5281] usb 3-1: USB disconnect, device number 54
[  992.451804][T17161] loop2: detected capacity change from 0 to 64
[  992.674477][    T8] usb 4-1: device descriptor read/all, error -71
[  992.946059][T16949] chnl_net:caif_netlink_parms(): no params data found
[  993.093642][    T8] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  993.307471][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[  993.335439][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  993.346644][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  993.389328][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  993.464110][    T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  993.473237][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  993.517510][T16949] bridge0: port 1(bridge_slave_0) entered blocking state
[  993.534966][    T8] usb 4-1: config 0 descriptor??
[  993.541601][T16949] bridge0: port 1(bridge_slave_0) entered disabled state
[  993.567400][T16949] bridge_slave_0: entered allmulticast mode
[  993.595382][T16949] bridge_slave_0: entered promiscuous mode
[  993.622733][T16949] bridge0: port 2(bridge_slave_1) entered blocking state
[  993.653754][T16949] bridge0: port 2(bridge_slave_1) entered disabled state
[  993.667837][T16949] bridge_slave_1: entered allmulticast mode
[  993.695247][T16949] bridge_slave_1: entered promiscuous mode
[  993.859149][T16949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  993.935069][T16949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  994.002346][T17163] loop3: detected capacity change from 0 to 2048
[  994.025873][T17167] loop1: detected capacity change from 0 to 32768
[  994.041086][T17163] EXT4-fs (loop3): Invalid log block size: 10
[  994.057593][T17167] 
[  994.057593][T17167]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  994.057593][T17167] 
[  994.260965][T16949] team0: Port device team_slave_0 added
[  994.292720][T16949] team0: Port device team_slave_1 added
[  994.865323][T16949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  994.899610][T16949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  995.026680][T14531] 
[  995.026680][T14531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  995.026680][T14531] 
[  995.043515][T16949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  995.043612][T14531] 
[  995.043612][T14531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  995.043612][T14531] 
[  995.077346][T16949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  995.093514][T16949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  995.162096][T16949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  995.362199][T16949] hsr_slave_0: entered promiscuous mode
[  995.403022][T16949] hsr_slave_1: entered promiscuous mode
[  995.428015][T16949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  995.466320][T16949] Cannot create hsr debugfs directory
[  995.912462][    T8] usbhid 4-1:0.0: can't add hid device: -71
[  995.920398][    T8] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  995.932537][    T8] usb 4-1: USB disconnect, device number 56
[  996.908519][   T29] audit: type=1326 audit(1722551895.941:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[  996.997623][   T29] audit: type=1326 audit(1722551895.941:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[  997.077083][   T29] audit: type=1326 audit(1722551895.941:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17225 comm="syz.4.1979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[  997.091594][T16949] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  997.164106][T16949] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  997.219653][T16949] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  997.252271][T16949] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  997.328489][   T29] audit: type=1326 audit(1722551896.371:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17235 comm="syz.2.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4368b773b9 code=0x7ffc0000
[  997.389370][   T29] audit: type=1326 audit(1722551896.371:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17235 comm="syz.2.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f4368b773b9 code=0x7ffc0000
[  997.404208][T17242] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  997.433732][   T29] audit: type=1326 audit(1722551896.371:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17235 comm="syz.2.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4368b773b9 code=0x7ffc0000
[  997.612890][   T29] audit: type=1326 audit(1722551896.371:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17235 comm="syz.2.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4368b773b9 code=0x7ffc0000
[  997.668088][T16949] 8021q: adding VLAN 0 to HW filter on device bond0
[  997.780826][T16949] 8021q: adding VLAN 0 to HW filter on device team0
[  997.828874][T16412] bridge0: port 1(bridge_slave_0) entered blocking state
[  997.836130][T16412] bridge0: port 1(bridge_slave_0) entered forwarding state
[  997.882372][T16412] bridge0: port 2(bridge_slave_1) entered blocking state
[  997.889684][T16412] bridge0: port 2(bridge_slave_1) entered forwarding state
[  998.776873][T16949] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  998.872551][T16949] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1000.090401][T16949] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1000.288010][T16949] veth0_vlan: entered promiscuous mode
[ 1000.333301][T16949] veth1_vlan: entered promiscuous mode
[ 1000.522928][T16949] veth0_macvtap: entered promiscuous mode
[ 1000.563240][T16949] veth1_macvtap: entered promiscuous mode
[ 1000.639774][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1000.674103][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1000.714323][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1000.770056][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1000.800552][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1000.846970][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1000.863545][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1000.893719][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1000.924456][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1000.957591][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1000.994861][T16949] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1001.053053][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1001.063144][T17262] loop1: detected capacity change from 0 to 40427
[ 1001.095703][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.141021][T17262] F2FS-fs (loop1): invalid crc value
[ 1001.141069][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1001.205274][T17262] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1001.227771][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.259172][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1001.297988][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.330723][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1001.371145][T17262] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[ 1001.378764][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.575503][T16949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1001.639045][T16949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1001.692093][T16949] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1001.726822][T16949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.776205][T16949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.803011][T16949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.846548][T16949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1001.923058][T17315] loop2: detected capacity change from 0 to 256
[ 1002.206570][  T968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1002.247709][  T968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1002.314732][T17320] loop2: detected capacity change from 0 to 256
[ 1002.329551][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1002.332073][T17320] vfat: Bad value for 'uni_xlate'
[ 1002.371985][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1003.656053][T17333] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[ 1003.663374][T17333] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1003.786198][T17332] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1939'.
[ 1004.163718][T17332] loop0: detected capacity change from 0 to 256
[ 1005.453756][T17362] fuse: Unknown parameter 'r'
[ 1005.568163][T17364] loop4: detected capacity change from 0 to 256
[ 1005.725182][T17364] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1005.855676][T17342] loop2: detected capacity change from 0 to 32768
[ 1005.857027][T17364] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[ 1005.893622][T17342] XFS: attr2 mount option is deprecated.
[ 1005.914621][T17369] loop3: detected capacity change from 0 to 4096
[ 1005.933621][T17342] XFS: ikeep mount option is deprecated.
[ 1005.939324][T17342] XFS: noikeep mount option is deprecated.
[ 1005.943527][T17364] exFAT-fs (loop4): Filesystem has been set read-only
[ 1005.989382][T17369] NILFS (loop3): invalid segment: Checksum error in segment payload
[ 1006.006152][T17347] loop0: detected capacity change from 0 to 32768
[ 1006.026448][T17369] NILFS (loop3): trying rollback from an earlier position
[ 1006.045168][T17342] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1006.101110][T17369] NILFS (loop3): recovery complete
[ 1006.177768][T17342] XFS (loop2): Ending clean mount
[ 1006.197346][T17342] XFS (loop2): Quotacheck needed: Please wait.
[ 1006.220805][T17347] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1006.297283][T17395] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1006.453092][T17401] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[ 1006.460471][T17401] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1006.852751][T17342] XFS (loop2): Quotacheck: Done.
[ 1007.143639][T17347] XFS (loop0): Ending clean mount
[ 1007.167072][T17369] x_tables: duplicate underflow at hook 3
[ 1007.189224][T17347] XFS (loop0): Quotacheck needed: Please wait.
[ 1007.279024][T16377] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1007.423628][ T5243] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1007.433666][T17347] XFS (loop0): Quotacheck: Done.
[ 1007.569990][T17417] loop3: detected capacity change from 0 to 1764
[ 1007.649897][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1007.677209][ T5243] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1007.731233][ T5243] usb 2-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[ 1007.773431][T16949] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1007.794847][ T5243] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1007.822352][ T5243] usb 2-1: config 0 descriptor??
[ 1007.938076][T17427] loop3: detected capacity change from 0 to 764
[ 1008.024084][T17427] rock: directory entry would overflow storage
[ 1008.038926][T17427] rock: sig=0x4f50, size=4, remaining=3
[ 1008.053587][T17427] iso9660: Corrupted directory entry in block 4 of inode 1792
[ 1008.656918][   T29] audit: type=1326 audit(1722551914.704:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17405 comm="syz.1.2015" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0efdb773b9 code=0x0
[ 1008.711562][ T5243] hid (null): unknown global tag 0x40
[ 1008.737466][ T5243] itetech 0003:258A:6A88.000D: unexpected long global item
[ 1008.794609][ T5243] itetech 0003:258A:6A88.000D: probe with driver itetech failed with error -22
[ 1008.922370][   T29] audit: type=1326 audit(1722551914.964:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17456 comm="syz.2.2025" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4368b773b9 code=0x0
[ 1010.408327][   T58] usb 2-1: USB disconnect, device number 47
[ 1010.557407][T17481] loop2: detected capacity change from 0 to 512
[ 1010.796100][T17481] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1013.167774][T17481] EXT4-fs: error -4 creating inode table initialization thread
[ 1013.176046][T17481] EXT4-fs (loop2): mount failed
[ 1013.412865][T17496] loop0: detected capacity change from 0 to 128
[ 1013.549777][T17501] loop1: detected capacity change from 0 to 512
[ 1014.205249][T17501] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1014.236984][T17496] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1014.275360][T17501] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2031: bg 0: block 64: padding at end of block bitmap is not set
[ 1014.293444][T17501] Quota error (device loop1): write_blk: dquota write failed
[ 1014.301341][T17501] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1014.311341][T17501] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.2031: Failed to acquire dquot type 0
[ 1014.344078][T17496] ext4 filesystem being mounted at /4/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1014.376314][T17501] EXT4-fs (loop1): 1 truncate cleaned up
[ 1014.383018][T17501] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1014.549331][T14531] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1014.645493][T16949] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1015.151705][T17533] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[ 1015.159962][T17533] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1016.235701][   T58] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1016.270734][T17546] netlink: 'syz.1.2045': attribute type 4 has an invalid length.
[ 1016.433552][   T58] usb 1-1: Using ep0 maxpacket: 8
[ 1016.441994][   T58] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1016.453051][   T58] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1016.465926][   T58] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1016.519175][   T58] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1016.528394][T17546] netlink: 'syz.1.2045': attribute type 4 has an invalid length.
[ 1016.544923][   T58] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1016.561185][   T58] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1016.575933][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.815289][   T58] usb 1-1: GET_CAPABILITIES returned 0
[ 1016.823602][   T58] usbtmc 1-1:16.0: can't read capabilities
[ 1017.426148][T17540] loop2: detected capacity change from 0 to 32768
[ 1017.456251][T17540] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2042 (17540)
[ 1017.522890][T17540] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1017.571829][T17540] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[ 1017.621079][T17540] BTRFS info (device loop2): using free-space-tree
[ 1017.766072][T17595] loop3: detected capacity change from 0 to 256
[ 1017.809569][T17595] msdos: Unknown parameter 'flush�gid'
[ 1017.909936][T16377] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1018.120347][ T5281] usb 1-1: USB disconnect, device number 57
[ 1019.576243][T17617] omfs: Invalid superblock (0)
[ 1019.582827][T17615] netlink: 'syz.0.2057': attribute type 3 has an invalid length.
[ 1019.582903][    C0] eth0: bad gso: type: 1, size: 1408
[ 1021.178962][ T5243] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 1021.194291][   T58] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1021.195097][T17643] syz.1.2068[17643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1021.202055][T17643] syz.1.2068[17643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1021.261336][T17645] loop0: detected capacity change from 0 to 512
[ 1021.287756][T17645] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1021.429071][T17645] EXT4-fs error (device loop0): __ext4_fill_super:5435: inode #2: comm syz.0.2069: casefold flag without casefold feature
[ 1021.511548][T17645] EXT4-fs (loop0): get root inode failed
[ 1021.517940][T17645] EXT4-fs (loop0): mount failed
[ 1021.524169][   T58] usb 5-1: Using ep0 maxpacket: 16
[ 1021.525352][ T5243] usb 4-1: Using ep0 maxpacket: 8
[ 1021.539546][ T5243] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1021.556356][   T58] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1021.567986][   T58] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1021.580272][ T5243] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1021.580350][   T58] usb 5-1: Product: syz
[ 1021.591646][   T58] usb 5-1: Manufacturer: syz
[ 1021.603222][   T58] usb 5-1: SerialNumber: syz
[ 1021.622453][   T58] r8152-cfgselector 5-1: Unknown version 0x0000
[ 1021.629267][   T58] r8152-cfgselector 5-1: config 0 descriptor??
[ 1021.890229][ T5243] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1022.031225][ T5243] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1022.050354][ T5243] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1022.083945][ T5243] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1022.098103][ T5243] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1022.194584][   T58] r8152-cfgselector 5-1: USB disconnect, device number 58
[ 1023.278013][ T5243] usb 4-1: usb_control_msg returned -71
[ 1023.300221][ T5243] usbtmc 4-1:16.0: can't read capabilities
[ 1023.328377][ T5243] usb 4-1: USB disconnect, device number 57
[ 1023.643707][T16412] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1023.753610][ T5282] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1023.842681][T16412] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1023.875865][T16412] usb 2-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99
[ 1023.898891][T16412] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1023.928364][T16412] usb 2-1: config 0 descriptor??
[ 1023.961691][T16412] usb 2-1: interface 1 not found
[ 1023.982324][ T5282] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1023.987887][T17649] loop2: detected capacity change from 0 to 40427
[ 1024.010496][ T5282] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1024.033055][ T5282] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1024.066584][ T5282] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1024.068837][T17649] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[ 1024.096591][ T5282] usb 5-1: config 0 descriptor??
[ 1024.112918][T17649] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1024.135526][T17649] F2FS-fs (loop2): invalid crc value
[ 1024.163100][    T8] usb 2-1: USB disconnect, device number 48
[ 1024.202859][T17649] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1024.381503][T17649] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1024.398885][T17649] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1024.406760][T17659] loop3: detected capacity change from 0 to 40427
[ 1024.431352][T17659] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[ 1024.440704][T17659] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[ 1024.458378][T17659] F2FS-fs (loop3): invalid crc value
[ 1024.489259][T17659] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1024.511208][ T5282] hid (null): bogus close delimiter
[ 1024.603883][T17659] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[ 1024.623817][T17659] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1024.637245][T16377] F2FS-fs (loop2): access invalid blkaddr:2048
[ 1024.665527][T16377] CPU: 0 UID: 0 PID: 16377 Comm: syz-executor Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1024.676002][T16377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1024.686082][T16377] Call Trace:
[ 1024.689385][T16377]  <TASK>
[ 1024.692334][T16377]  dump_stack_lvl+0x241/0x360
[ 1024.697037][T16377]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1024.702252][T16377]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[ 1024.708170][T16377]  ? __lock_acquire+0x1384/0x2050
[ 1024.713231][T16377]  __f2fs_is_valid_blkaddr+0xe16/0x1460
[ 1024.718812][T16377]  f2fs_map_blocks+0xe35/0x4850
[ 1024.719832][ T5282] usb 5-1: string descriptor 0 read error: -22
[ 1024.723726][T16377]  ? xas_load+0x59b/0x5c0
[ 1024.730238][T11603] F2FS-fs (loop3): access invalid blkaddr:2048
[ 1024.734245][T16377]  ? __pfx_f2fs_map_blocks+0x10/0x10
[ 1024.734286][T16377]  ? xa_load+0x2dd/0x350
[ 1024.734316][T16377]  ? __pfx_xa_load+0x10/0x10
[ 1024.734350][T16377]  ? folio_index+0xab/0x350
[ 1024.734375][T16377]  f2fs_mpage_readpages+0xcd7/0x2170
[ 1024.734412][T16377]  ? mark_lock+0x9a/0x360
[ 1024.734459][T16377]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[ 1024.734516][T16377]  ? f2fs_readahead+0x184/0x340
[ 1024.734542][T16377]  read_pages+0x17e/0x840
[ 1024.784040][T16377]  ? __pfx_lru_add_fn+0x10/0x10
[ 1024.788933][T16377]  ? __pfx_read_pages+0x10/0x10
[ 1024.793822][T16377]  ? filemap_add_folio+0x26d/0x650
[ 1024.798974][T16377]  ? __pfx_filemap_add_folio+0x10/0x10
[ 1024.804474][T16377]  page_cache_ra_unbounded+0x6ce/0x7f0
[ 1024.809980][T16377]  f2fs_readdir+0x5bc/0xbf0
[ 1024.814509][T16377]  ? __pfx___might_resched+0x10/0x10
[ 1024.819840][T16377]  ? __pfx_f2fs_readdir+0x10/0x10
[ 1024.824934][T16377]  ? trace_contention_end+0x3c/0x120
[ 1024.830250][T16377]  ? iterate_dir+0x215/0x810
[ 1024.834909][T16377]  ? __fdget_pos+0x24e/0x310
[ 1024.839522][T16377]  ? common_file_perm+0x1a6/0x210
[ 1024.844574][T16377]  ? bpf_lsm_file_permission+0x9/0x10
[ 1024.849965][T16377]  iterate_dir+0x57a/0x810
[ 1024.854403][T16377]  __se_sys_getdents64+0x20d/0x4f0
[ 1024.859539][T16377]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1024.865543][T16377]  ? __pfx___se_sys_getdents64+0x10/0x10
[ 1024.871196][T16377]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1024.877194][T16377]  ? __pfx_filldir64+0x10/0x10
[ 1024.881980][T16377]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1024.888329][T16377]  ? exc_page_fault+0x590/0x8c0
[ 1024.893214][T16377]  ? do_syscall_64+0xb6/0x230
[ 1024.897910][T16377]  do_syscall_64+0xf3/0x230
[ 1024.902427][T16377]  ? clear_bhb_loop+0x35/0x90
[ 1024.907123][T16377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1024.913028][T16377] RIP: 0033:0x7f4368ba9453
[ 1024.917459][T16377] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 32 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 1024.937092][T16377] RSP: 002b:00007ffcd5111408 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 1024.938574][ T5282] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.000E/input/input24
[ 1024.945519][T16377] RAX: ffffffffffffffda RBX: 000055556e91b600 RCX: 00007f4368ba9453
[ 1024.945542][T16377] RDX: 0000000000008000 RSI: 000055556e91b600 RDI: 0000000000000005
[ 1024.945554][T16377] RBP: 000055556e91b5d4 R08: 0000000000000000 R09: 0000000000000000
[ 1024.945567][T16377] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[ 1024.945580][T16377] R13: 0000000000000010 R14: 000055556e91b5d0 R15: 00007ffcd51136b0
[ 1024.945617][T16377]  </TASK>
[ 1024.993351][T16377] syz-executor: attempt to access beyond end of device
[ 1024.993351][T16377] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1025.009073][T11603] CPU: 1 UID: 0 PID: 11603 Comm: syz-executor Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1025.027315][T11603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1025.037389][T11603] Call Trace:
[ 1025.039698][T16377] syz-executor: attempt to access beyond end of device
[ 1025.039698][T16377] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1025.040661][T11603]  <TASK>
[ 1025.040674][T11603]  dump_stack_lvl+0x241/0x360
[ 1025.040703][T11603]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1025.040720][T11603]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[ 1025.073313][T11603]  ? __lock_acquire+0x1384/0x2050
[ 1025.078384][T11603]  __f2fs_is_valid_blkaddr+0xe16/0x1460
[ 1025.083967][T11603]  f2fs_map_blocks+0xe35/0x4850
[ 1025.088903][T11603]  ? xas_load+0x59b/0x5c0
[ 1025.093266][T11603]  ? __pfx_f2fs_map_blocks+0x10/0x10
[ 1025.098588][T11603]  ? xa_load+0x2dd/0x350
[ 1025.102867][T11603]  ? __pfx_xa_load+0x10/0x10
[ 1025.107502][T11603]  ? folio_index+0xab/0x350
[ 1025.112042][T11603]  f2fs_mpage_readpages+0xcd7/0x2170
[ 1025.117369][T11603]  ? mark_lock+0x9a/0x360
[ 1025.121751][T11603]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[ 1025.127537][T11603]  ? f2fs_readahead+0x184/0x340
[ 1025.132419][T11603]  read_pages+0x17e/0x840
[ 1025.136767][T11603]  ? __pfx_lru_add_fn+0x10/0x10
[ 1025.141629][T11603]  ? __pfx_read_pages+0x10/0x10
[ 1025.146480][T11603]  ? filemap_add_folio+0x26d/0x650
[ 1025.151679][T11603]  ? __pfx_filemap_add_folio+0x10/0x10
[ 1025.157145][T11603]  page_cache_ra_unbounded+0x6ce/0x7f0
[ 1025.162616][T11603]  f2fs_readdir+0x5bc/0xbf0
[ 1025.167118][T11603]  ? __pfx___might_resched+0x10/0x10
[ 1025.172419][T11603]  ? __pfx_f2fs_readdir+0x10/0x10
[ 1025.177445][T11603]  ? trace_contention_end+0x3c/0x120
[ 1025.182825][T11603]  ? iterate_dir+0x215/0x810
[ 1025.187418][T11603]  ? __fdget_pos+0x24e/0x310
[ 1025.192008][T11603]  ? common_file_perm+0x1a6/0x210
[ 1025.197034][T11603]  ? bpf_lsm_file_permission+0x9/0x10
[ 1025.202426][T11603]  iterate_dir+0x57a/0x810
[ 1025.206852][T11603]  __se_sys_getdents64+0x20d/0x4f0
[ 1025.211965][T11603]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1025.217946][T11603]  ? __pfx___se_sys_getdents64+0x10/0x10
[ 1025.223582][T11603]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1025.229571][T11603]  ? __pfx_filldir64+0x10/0x10
[ 1025.234339][T11603]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1025.240677][T11603]  ? exc_page_fault+0x590/0x8c0
[ 1025.245532][T11603]  ? do_syscall_64+0xb6/0x230
[ 1025.250206][T11603]  do_syscall_64+0xf3/0x230
[ 1025.254702][T11603]  ? clear_bhb_loop+0x35/0x90
[ 1025.259377][T11603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.265267][T11603] RIP: 0033:0x7fa1f7da9453
[ 1025.269677][T11603] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 32 44 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[ 1025.289288][T11603] RSP: 002b:00007ffc07a1d468 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[ 1025.297702][T11603] RAX: ffffffffffffffda RBX: 0000555586db7600 RCX: 00007fa1f7da9453
[ 1025.305697][T11603] RDX: 0000000000008000 RSI: 0000555586db7600 RDI: 0000000000000005
[ 1025.313663][T11603] RBP: 0000555586db75d4 R08: 0000000000000000 R09: 0000000000000000
[ 1025.321626][T11603] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[ 1025.329678][T11603] R13: 0000000000000010 R14: 0000555586db75d0 R15: 00007ffc07a1f710
[ 1025.337660][T11603]  </TASK>
[ 1025.358108][ T5282] uclogic 0003:256C:006D.000E: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[ 1025.399345][T11603] syz-executor: attempt to access beyond end of device
[ 1025.399345][T11603] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1025.413938][T11603] syz-executor: attempt to access beyond end of device
[ 1025.413938][T11603] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1025.428247][ T5282] usb 5-1: USB disconnect, device number 59
[ 1025.522167][   T11] kworker/u8:0: attempt to access beyond end of device
[ 1025.522167][   T11] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[ 1025.540657][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1025.550817][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1025.568580][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1025.583276][   T11] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1025.656600][ T5243] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 1025.662157][T17675] loop1: detected capacity change from 0 to 512
[ 1025.670289][T13614] kworker/u8:2: attempt to access beyond end of device
[ 1025.670289][T13614] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[ 1025.708701][T13614] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1025.719874][T13614] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1025.727780][T13614] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1025.738074][T13614] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[ 1025.741923][T17675] EXT4-fs error (device loop1): ext4_orphan_get:1391: inode #15: comm syz.1.2079: casefold flag without casefold feature
[ 1025.759660][T17675] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.2079: couldn't read orphan inode 15 (err -117)
[ 1025.781903][T17675] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1025.873120][ T5243] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1025.899350][ T5243] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1025.916415][T14531] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1025.975686][ T5243] usb 1-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[ 1025.992825][ T5243] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.003576][ T5243] usb 1-1: config 0 descriptor??
[ 1026.136527][   T29] audit: type=1326 audit(1722551932.184:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17678 comm="syz.1.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x7ffc0000
[ 1026.243601][   T29] audit: type=1326 audit(1722551932.184:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17678 comm="syz.1.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x7ffc0000
[ 1026.348718][   T29] audit: type=1326 audit(1722551932.184:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17678 comm="syz.1.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f0efdb773b9 code=0x7ffc0000
[ 1026.387852][  T970] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.408832][   T29] audit: type=1326 audit(1722551932.184:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17678 comm="syz.1.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x7ffc0000
[ 1026.462340][   T29] audit: type=1326 audit(1722551932.184:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17678 comm="syz.1.2080" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x7ffc0000
[ 1026.772105][  T970] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.098693][ T5243] hid (null): unknown global tag 0x40
[ 1027.182471][   T29] audit: type=1326 audit(1722551933.044:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17671 comm="syz.0.2078" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd98a7773b9 code=0x0
[ 1027.411172][ T5243] itetech 0003:258A:6A88.000F: unexpected long global item
[ 1027.439302][ T5243] itetech 0003:258A:6A88.000F: probe with driver itetech failed with error -22
[ 1027.540605][  T970] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.770328][  T970] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1028.032783][T17681] loop4: detected capacity change from 0 to 32768
[ 1028.056736][T17681] XFS: ikeep mount option is deprecated.
[ 1028.078493][T17681] xfs: Unknown parameter 'mask'
[ 1028.107903][ T5232] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1028.121680][ T5232] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1028.146341][ T5232] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1028.157071][ T5232] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1028.174569][ T5232] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1028.182021][ T5232] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1028.230494][  T970] bridge_slave_1: left allmulticast mode
[ 1028.236581][   T29] audit: type=1326 audit(1722551934.264:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17680 comm="syz.4.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[ 1028.281336][  T970] bridge_slave_1: left promiscuous mode
[ 1028.300838][   T29] audit: type=1326 audit(1722551934.264:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17680 comm="syz.4.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[ 1028.321138][  T970] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1028.374582][   T29] audit: type=1326 audit(1722551934.344:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17680 comm="syz.4.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[ 1028.398168][  T970] bridge_slave_0: left allmulticast mode
[ 1028.437695][ T5232] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1028.450689][   T29] audit: type=1326 audit(1722551934.344:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17680 comm="syz.4.2081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0729f773b9 code=0x7ffc0000
[ 1028.450961][ T5232] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1028.484263][ T5232] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1028.522941][  T970] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1028.545456][ T5232] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1028.554873][ T5232] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1028.562392][ T5232] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1028.735028][ T5329] usb 1-1: USB disconnect, device number 58
[ 1028.913840][ T5243] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1028.990508][T17711] loop0: detected capacity change from 0 to 512
[ 1029.062864][T17711] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1029.127318][T17711] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1029.139152][ T5243] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1029.165384][ T5243] usb 5-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99
[ 1029.183584][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1029.194593][ T5243] usb 5-1: config 0 descriptor??
[ 1029.208274][ T5243] usb 5-1: interface 1 not found
[ 1029.545890][   T58] usb 5-1: USB disconnect, device number 60
[ 1029.598725][T17728] loop1: detected capacity change from 0 to 256
[ 1030.129746][T17728] FAT-fs (loop1): Directory bread(block 64) failed
[ 1030.163928][T17728] FAT-fs (loop1): Directory bread(block 65) failed
[ 1030.180640][T17728] FAT-fs (loop1): Directory bread(block 66) failed
[ 1030.195299][T17728] FAT-fs (loop1): Directory bread(block 67) failed
[ 1030.243768][T17728] FAT-fs (loop1): Directory bread(block 68) failed
[ 1030.260956][T17728] FAT-fs (loop1): Directory bread(block 69) failed
[ 1030.282535][ T5245] Bluetooth: hci2: command tx timeout
[ 1030.294722][T17728] FAT-fs (loop1): Directory bread(block 70) failed
[ 1030.331148][T16949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1030.335753][T17728] FAT-fs (loop1): Directory bread(block 71) failed
[ 1030.347941][T17728] FAT-fs (loop1): Directory bread(block 72) failed
[ 1030.375070][T17728] FAT-fs (loop1): Directory bread(block 73) failed
[ 1030.683019][ T5245] Bluetooth: hci3: command tx timeout
[ 1030.949980][T17737] loop1: detected capacity change from 0 to 512
[ 1030.964643][T17737] EXT4-fs: Ignoring removed nobh option
[ 1031.000875][T17737] EXT4-fs (loop1): Test dummy encryption mode enabled
[ 1031.033627][T17737] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1031.052604][T17733] loop0: detected capacity change from 0 to 32768
[ 1031.061187][T17733] btrfs: Deprecated parameter 'usebackuproot'
[ 1031.087793][T17733] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1031.120550][T17733] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2095 (17733)
[ 1031.122964][T17737] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[ 1031.157619][  T970] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1031.171804][T17733] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1031.189744][  T970] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1031.195130][T17737] EXT4-fs (loop1): 1 truncate cleaned up
[ 1031.203585][T17733] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 1031.224340][T17733] BTRFS info (device loop0): using free-space-tree
[ 1031.231442][T17737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1031.241202][T17733] workqueue: max_active 3218 requested for btrfs-worker is out of range, clamping between 1 and 512
[ 1031.256918][  T970] bond0 (unregistering): Released all slaves
[ 1031.279895][T17731] loop4: detected capacity change from 0 to 32768
[ 1031.287179][T17733] workqueue: max_active 3218 requested for btrfs-delalloc is out of range, clamping between 1 and 512
[ 1031.336754][T17733] workqueue: max_active 3218 requested for btrfs-endio is out of range, clamping between 1 and 512
[ 1031.428069][T14531] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1031.443694][T17733] workqueue: max_active 3218 requested for btrfs-endio-meta is out of range, clamping between 1 and 512
[ 1031.479240][T17733] workqueue: max_active 3218 requested for btrfs-rmw is out of range, clamping between 1 and 512
[ 1031.491740][T17731] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1031.492315][T17733] workqueue: max_active 3218 requested for btrfs-endio-write is out of range, clamping between 1 and 512
[ 1031.513446][T17733] workqueue: max_active 3218 requested for btrfs-compressed-write is out of range, clamping between 1 and 512
[ 1031.691258][T17733] BTRFS info (device loop0): rebuilding free space tree
[ 1031.710622][T17731] XFS (loop4): Ending clean mount
[ 1031.734158][T17731] XFS (loop4): Quotacheck needed: Please wait.
[ 1031.913621][ T5281] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1031.969206][T17731] XFS (loop4): Quotacheck: Done.
[ 1031.980317][T16949] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1032.076942][   T29] kauditd_printk_skb: 1 callbacks suppressed
[ 1032.076962][   T29] audit: type=1800 audit(1722551938.124:552): pid=17731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2094" name="bus" dev="loop4" ino=9292 res=0 errno=0
[ 1032.153323][ T5281] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1032.179426][ T5281] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1032.242463][ T5281] usb 2-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[ 1032.340950][T15589] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1032.341957][ T5281] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1032.351620][ T5245] Bluetooth: hci2: command tx timeout
[ 1032.464429][ T5281] usb 2-1: config 0 descriptor??
[ 1032.490619][  T970] hsr_slave_0: left promiscuous mode
[ 1032.551405][  T970] hsr_slave_1: left promiscuous mode
[ 1032.608802][  T970] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1032.617571][  T970] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1032.654620][  T970] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1032.693876][  T970] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1032.759712][ T5245] Bluetooth: hci3: command tx timeout
[ 1032.796536][T17780] loop0: detected capacity change from 0 to 512
[ 1032.806334][T17780] EXT4-fs (loop0): blocks per group (255) and clusters per group (8192) inconsistent
[ 1032.851909][  T970] veth1_macvtap: left promiscuous mode
[ 1032.858122][  T970] veth0_macvtap: left promiscuous mode
[ 1032.873710][  T970] veth1_vlan: left promiscuous mode
[ 1032.882760][  T970] veth0_vlan: left promiscuous mode
[ 1032.983134][T17786] loop0: detected capacity change from 0 to 1024
[ 1033.097337][T17786] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1033.548831][ T5281] hid (null): unknown global tag 0x40
[ 1033.622220][   T29] audit: type=1326 audit(1722551939.484:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17762 comm="syz.1.2098" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0efdb773b9 code=0x0
[ 1033.840192][ T5281] itetech 0003:258A:6A88.0010: unexpected long global item
[ 1033.894438][ T5281] itetech 0003:258A:6A88.0010: probe with driver itetech failed with error -22
[ 1034.431478][ T5245] Bluetooth: hci2: command tx timeout
[ 1034.563563][  T970] team0 (unregistering): Port device team_slave_1 removed
[ 1034.622411][  T970] team0 (unregistering): Port device team_slave_0 removed
[ 1034.825306][ T5245] Bluetooth: hci3: command tx timeout
[ 1035.091921][ T5277] usb 2-1: USB disconnect, device number 49
[ 1035.730783][T17786] tipc: Started in network mode
[ 1035.735922][T17786] tipc: Node identity 1, cluster identity 4711
[ 1035.742101][T17786] tipc: Node number set to 1
[ 1035.764379][T17786] tipc: Cannot configure node identity twice
[ 1035.855933][T16949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1035.944516][ T5277] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1036.068307][T17698] chnl_net:caif_netlink_parms(): no params data found
[ 1036.176069][ T5277] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1036.185485][T17695] chnl_net:caif_netlink_parms(): no params data found
[ 1036.203781][ T5277] usb 2-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99
[ 1036.254739][ T5277] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1036.283934][ T5277] usb 2-1: config 0 descriptor??
[ 1036.310567][ T5277] usb 2-1: interface 1 not found
[ 1036.504023][ T5245] Bluetooth: hci2: command tx timeout
[ 1036.516657][ T5329] usb 2-1: USB disconnect, device number 50
[ 1036.620025][T17698] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1036.654824][T17698] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1036.662065][T17698] bridge_slave_0: entered allmulticast mode
[ 1036.695675][T17698] bridge_slave_0: entered promiscuous mode
[ 1036.715381][T17698] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1036.753900][T17698] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1036.761200][T17698] bridge_slave_1: entered allmulticast mode
[ 1036.804232][T17698] bridge_slave_1: entered promiscuous mode
[ 1036.904346][ T5245] Bluetooth: hci3: command tx timeout
[ 1036.976292][T17695] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1036.991731][T17695] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1037.008592][T17695] bridge_slave_0: entered allmulticast mode
[ 1037.019685][T17695] bridge_slave_0: entered promiscuous mode
[ 1037.064899][T17698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1037.108977][T17698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1037.146291][T17695] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1037.170042][T17695] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1037.189306][T17695] bridge_slave_1: entered allmulticast mode
[ 1037.209132][T17695] bridge_slave_1: entered promiscuous mode
[ 1037.359022][T17856] loop4: detected capacity change from 0 to 1024
[ 1037.367089][T17698] team0: Port device team_slave_0 added
[ 1037.382112][T17856] EXT4-fs: Mount option(s) incompatible with ext2
[ 1037.478842][  T970] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1037.520115][T17695] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1037.540129][T17698] team0: Port device team_slave_1 added
[ 1037.569386][T17695] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1037.777670][  T970] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1037.937029][T17698] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1037.956256][T17698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1038.006898][T17698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1038.093392][   T29] audit: type=1326 audit(1722551944.134:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.138288][  T970] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.161386][   T29] audit: type=1326 audit(1722551944.134:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.189746][T17883] fuse: Bad value for 'fd'
[ 1038.189861][   T29] audit: type=1326 audit(1722551944.134:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.278587][   T29] audit: type=1326 audit(1722551944.134:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.310844][T17695] team0: Port device team_slave_0 added
[ 1038.340023][T17695] team0: Port device team_slave_1 added
[ 1038.374920][   T29] audit: type=1326 audit(1722551944.134:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.406541][   T29] audit: type=1326 audit(1722551944.134:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.469556][   T29] audit: type=1326 audit(1722551944.134:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.562093][T17698] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1038.599339][T17698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1038.697372][T17698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1038.718669][   T29] audit: type=1326 audit(1722551944.134:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1038.880875][   T29] audit: type=1326 audit(1722551944.134:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fd98a775c57 code=0x7ffc0000
[ 1038.943121][  T970] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1038.961494][   T29] audit: type=1326 audit(1722551944.134:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17875 comm="syz.0.2121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd98a7773b9 code=0x7ffc0000
[ 1039.053337][T17883] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2122'.
[ 1039.183588][ T5329] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1039.280892][T17695] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1039.303290][T17695] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1039.383632][ T5329] usb 5-1: Using ep0 maxpacket: 32
[ 1039.383948][T17695] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1039.423829][T17695] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1039.456804][T17695] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1039.466422][ T5329] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1039.524677][T17890] loop0: detected capacity change from 0 to 32768
[ 1039.531246][T17695] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1039.553762][ T5329] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1039.582841][ T5329] usb 5-1: Product: syz
[ 1039.587285][ T5329] usb 5-1: Manufacturer: syz
[ 1039.608244][ T5329] usb 5-1: SerialNumber: syz
[ 1039.610425][T17890] 
[ 1039.610425][T17890]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1039.610425][T17890] 
[ 1039.636629][ T5329] usb 5-1: config 0 descriptor??
[ 1039.645423][T17698] hsr_slave_0: entered promiscuous mode
[ 1039.652236][T17698] hsr_slave_1: entered promiscuous mode
[ 1039.676516][ T5329] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1039.697595][T17698] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1039.843729][T14836] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1039.868432][T17698] Cannot create hsr debugfs directory
[ 1040.330177][T14836] usb 2-1: Using ep0 maxpacket: 32
[ 1040.421529][T14836] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1040.496940][T14836] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1040.538598][T16949] 
[ 1040.538598][T16949]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1040.538598][T16949] 
[ 1040.575188][T17695] hsr_slave_0: entered promiscuous mode
[ 1040.577098][T14836] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1040.589940][T17695] hsr_slave_1: entered promiscuous mode
[ 1040.599226][T16949] 
[ 1040.599226][T16949]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1040.599226][T16949] 
[ 1040.611728][T17695] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1040.619803][T14836] usb 2-1: Product: syz
[ 1040.628476][T17695] Cannot create hsr debugfs directory
[ 1040.633782][T14836] usb 2-1: Manufacturer: syz
[ 1040.648818][T14836] usb 2-1: SerialNumber: syz
[ 1040.712165][T14836] usb 2-1: config 0 descriptor??
[ 1040.746088][T17901] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1041.034329][ T5329] gspca_stk1135: reg_w 0x5 err -110
[ 1041.035908][T17901] loop1: detected capacity change from 0 to 128
[ 1041.054628][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.083643][ T5329] gspca_stk1135: Sensor write failed
[ 1041.089002][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.101533][  T970] bridge_slave_1: left allmulticast mode
[ 1041.117358][T17901] vfat: Unknown parameter '.'
[ 1041.133593][  T970] bridge_slave_1: left promiscuous mode
[ 1041.139414][  T970] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1041.151554][ T5329] gspca_stk1135: Sensor write failed
[ 1041.180434][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.208811][ T5329] gspca_stk1135: Sensor read failed
[ 1041.213520][T17910] loop0: detected capacity change from 0 to 1024
[ 1041.215131][  T970] bridge_slave_0: left allmulticast mode
[ 1041.232381][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.243562][ T5329] gspca_stk1135: Sensor read failed
[ 1041.251279][T17910] ext2: Bad value for 'stripe'
[ 1041.271760][  T970] bridge_slave_0: left promiscuous mode
[ 1041.277791][ T5329] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1041.289080][  T970] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1041.307549][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.325688][ T5329] gspca_stk1135: Sensor read failed
[ 1041.350393][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.382936][ T5329] gspca_stk1135: Sensor read failed
[ 1041.424337][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.430690][ T5329] gspca_stk1135: Sensor write failed
[ 1041.480270][ T5329] gspca_stk1135: serial bus timeout: status=0x00
[ 1041.523757][ T5329] gspca_stk1135: Sensor write failed
[ 1041.548678][ T5329] stk1135 5-1:0.0: probe with driver stk1135 failed with error -110
[ 1041.730698][   T58] usb 5-1: USB disconnect, device number 61
[ 1042.446752][ T5329] usb 2-1: USB disconnect, device number 51
[ 1042.907814][T17923] loop4: detected capacity change from 0 to 40427
[ 1042.940128][T17923] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[ 1042.954950][T17923] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[ 1042.989407][T17923] F2FS-fs (loop4): invalid crc value
[ 1043.016302][T17923] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1043.081261][  T970] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1043.105464][T17923] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[ 1043.112547][T17923] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1043.132385][  T970] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1043.157695][T17939] tmpfs: Bad value for 'mpol'
[ 1043.165646][  T970] bond0 (unregistering): Released all slaves
[ 1043.263660][ T5329] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1043.465912][ T5329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1043.489151][ T5329] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1043.509816][ T5329] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1043.539354][ T5329] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1043.569891][ T5329] usb 2-1: config 0 descriptor??
[ 1043.965333][  T970] hsr_slave_0: left promiscuous mode
[ 1044.001430][  T970] hsr_slave_1: left promiscuous mode
[ 1044.022703][  T970] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1044.032714][  T970] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1044.072877][  T970] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1044.111234][  T970] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1044.256483][  T970] veth1_macvtap: left promiscuous mode
[ 1044.291703][  T970] veth0_macvtap: left promiscuous mode
[ 1044.304191][  T970] veth1_vlan: left promiscuous mode
[ 1044.333800][  T970] veth0_vlan: left promiscuous mode
[ 1044.436462][T14836] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[ 1044.486694][ T5329] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1044.666215][T14836] usb 1-1: Using ep0 maxpacket: 32
[ 1044.687504][T14836] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1044.723610][T14836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1044.744378][T14836] usb 1-1: Product: syz
[ 1044.748756][T14836] usb 1-1: Manufacturer: syz
[ 1044.767169][T14836] usb 1-1: SerialNumber: syz
[ 1044.805833][T14836] usb 1-1: config 0 descriptor??
[ 1044.858243][T14836] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1045.930981][T17959] loop4: detected capacity change from 0 to 32768
[ 1046.049548][T14836] gspca_stk1135: reg_w 0x5 err -110
[ 1046.080112][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.116672][T17959] 
[ 1046.116672][T17959]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1046.116672][T17959] 
[ 1046.136995][T14836] gspca_stk1135: Sensor write failed
[ 1046.185813][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.192195][T14836] gspca_stk1135: Sensor write failed
[ 1046.229456][ T5329] uclogic 0003:256C:006D.0011: failed retrieving Huion firmware version: -71
[ 1046.233566][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.370703][ T5329] uclogic 0003:256C:006D.0011: failed probing parameters: -71
[ 1046.379760][ T5329] uclogic 0003:256C:006D.0011: probe with driver uclogic failed with error -71
[ 1046.392948][ T5329] usb 2-1: USB disconnect, device number 52
[ 1046.433078][T14836] gspca_stk1135: Sensor read failed
[ 1046.468944][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.628924][T14836] gspca_stk1135: Sensor read failed
[ 1046.652907][T14836] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1046.700293][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.803693][T14836] gspca_stk1135: Sensor read failed
[ 1046.808964][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.833164][T17970] loop1: detected capacity change from 0 to 1024
[ 1046.874934][T14836] gspca_stk1135: Sensor read failed
[ 1046.885972][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1046.892338][T14836] gspca_stk1135: Sensor write failed
[ 1046.901428][T17970] ext2: Bad value for 'stripe'
[ 1046.939680][T14836] gspca_stk1135: serial bus timeout: status=0x00
[ 1047.076514][T14836] gspca_stk1135: Sensor write failed
[ 1047.081921][T14836] stk1135 1-1:0.0: probe with driver stk1135 failed with error -110
[ 1047.123788][T15589] 
[ 1047.123788][T15589]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1047.123788][T15589] 
[ 1047.136731][T15589] 
[ 1047.136731][T15589]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1047.136731][T15589] 
[ 1047.233442][ T5245] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1047.243193][ T5245] Bluetooth: hci0: Injecting HCI hardware error event
[ 1047.255743][ T5245] Bluetooth: hci0: hardware error 0x00
[ 1047.394120][T14836] usb 1-1: USB disconnect, device number 59
[ 1047.903927][  T970] team0 (unregistering): Port device team_slave_1 removed
[ 1048.013674][ T5329] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1048.027057][  T970] team0 (unregistering): Port device team_slave_0 removed
[ 1048.198057][ T5329] usb 1-1: Using ep0 maxpacket: 32
[ 1048.246275][ T5329] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1048.288089][ T5329] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1048.314480][ T5329] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1048.323408][ T5329] usb 1-1: Product: syz
[ 1048.342084][ T5329] usb 1-1: Manufacturer: syz
[ 1048.358569][ T5329] usb 1-1: SerialNumber: syz
[ 1048.372536][ T5329] usb 1-1: config 0 descriptor??
[ 1048.398025][T17979] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1048.742296][T17979] loop0: detected capacity change from 0 to 128
[ 1048.766772][T17979] vfat: Unknown parameter '.'
[ 1048.783814][T14836] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1048.982225][T14836] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1049.006182][T14836] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1049.020140][T14836] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1049.029901][T14836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1049.051311][T14836] usb 2-1: SerialNumber: syz
[ 1049.209660][   T29] kauditd_printk_skb: 20 callbacks suppressed
[ 1049.209702][   T29] audit: type=1326 audit(1722551955.254:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17991 comm="syz.4.2144" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0729f773b9 code=0x0
[ 1049.284096][T14836] usb 2-1: 0:2 : does not exist
[ 1049.292728][T14836] usb 2-1: unit 5 not found!
[ 1049.353999][T14836] usb 2-1: USB disconnect, device number 53
[ 1049.463630][ T5245] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1049.468276][ T5232] Bluetooth: hci1: unexpected event for opcode 0x080d
[ 1049.479472][T17994] tmpfs: Bad value for 'mpol'
[ 1049.631273][T16226] udevd[16226]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1050.742942][ T5281] usb 1-1: USB disconnect, device number 60
[ 1050.849391][T18003] loop1: detected capacity change from 0 to 32768
[ 1050.897895][T18003] 
[ 1050.897895][T18003]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1050.897895][T18003] 
[ 1051.209562][T18019] loop4: detected capacity change from 0 to 1024
[ 1051.229002][T18019] ext2: Bad value for 'stripe'
[ 1051.718677][ T5245] Bluetooth: hci1: command 0x0406 tx timeout
[ 1051.775440][T14531] 
[ 1051.775440][T14531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1051.775440][T14531] 
[ 1051.802914][T14531] 
[ 1051.802914][T14531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1051.802914][T14531] 
[ 1051.903595][ T5281] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1052.084380][ T5281] usb 1-1: Using ep0 maxpacket: 32
[ 1052.144350][ T5281] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1052.153447][ T5281] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1052.173231][ T5281] usb 1-1: Product: syz
[ 1052.184089][ T5281] usb 1-1: Manufacturer: syz
[ 1052.188723][ T5281] usb 1-1: SerialNumber: syz
[ 1052.204675][ T5281] usb 1-1: config 0 descriptor??
[ 1052.213014][ T5281] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1052.396409][T17695] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1052.466704][T17695] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1052.532811][T17695] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1052.643941][T17695] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1052.766664][T17698] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1052.832003][T17698] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1052.876842][T17698] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1052.917885][T17698] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1052.983701][ T5243] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1053.185705][ T5243] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1053.195566][T17695] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1053.210571][ T5243] usb 5-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99
[ 1053.237330][ T5243] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.250850][ T5243] usb 5-1: config 0 descriptor??
[ 1053.271188][ T5243] usb 5-1: interface 1 not found
[ 1053.333878][ T5281] gspca_stk1135: reg_w 0x5 err -110
[ 1053.348199][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.372761][ T5281] gspca_stk1135: Sensor write failed
[ 1053.382760][T17695] 8021q: adding VLAN 0 to HW filter on device team0
[ 1053.389268][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.400055][ T5281] gspca_stk1135: Sensor write failed
[ 1053.406152][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.412767][ T5281] gspca_stk1135: Sensor read failed
[ 1053.425149][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.431997][ T5277] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1053.439195][ T5277] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1053.450536][ T5281] gspca_stk1135: Sensor read failed
[ 1053.465234][ T5281] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1053.488084][T17698] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1053.495338][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.517870][ T5281] gspca_stk1135: Sensor read failed
[ 1053.520236][ T5277] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.530273][ T5277] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1053.532547][T16412] usb 5-1: USB disconnect, device number 62
[ 1053.544813][ T5245] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1053.557348][ T5245] Bluetooth: hci1: Injecting HCI hardware error event
[ 1053.568867][ T5245] Bluetooth: hci1: hardware error 0x00
[ 1053.586989][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.596886][ T5281] gspca_stk1135: Sensor read failed
[ 1053.610421][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.619177][ T5281] gspca_stk1135: Sensor write failed
[ 1053.627653][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1053.638409][ T5281] gspca_stk1135: Sensor write failed
[ 1053.645686][ T5281] stk1135 1-1:0.0: probe with driver stk1135 failed with error -110
[ 1053.652448][T17698] 8021q: adding VLAN 0 to HW filter on device team0
[ 1053.732218][ T5279] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1053.739488][ T5279] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1053.841940][ T5279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1053.849153][ T5279] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1053.940309][T17695] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1054.052655][T17698] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1054.108028][T17698] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1054.364376][   T29] audit: type=1326 audit(1722551960.404:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18055 comm="syz.1.2153" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x0
[ 1054.386204][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1054.439191][ T5243] usb 1-1: USB disconnect, device number 61
[ 1054.720503][T17698] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1054.746563][ T1261] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.817870][ T5232] Bluetooth: hci5: unexpected event for opcode 0x080d
[ 1054.825604][T17695] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1054.826344][T18068] tmpfs: Bad value for 'mpol'
[ 1054.932694][T17698] veth0_vlan: entered promiscuous mode
[ 1054.982498][T17698] veth1_vlan: entered promiscuous mode
[ 1055.029593][T17695] veth0_vlan: entered promiscuous mode
[ 1055.102586][T17695] veth1_vlan: entered promiscuous mode
[ 1055.133903][ T5279] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1055.190889][T17698] veth0_macvtap: entered promiscuous mode
[ 1055.242178][T17698] veth1_macvtap: entered promiscuous mode
[ 1055.266447][T17695] veth0_macvtap: entered promiscuous mode
[ 1055.297210][T17695] veth1_macvtap: entered promiscuous mode
[ 1055.348086][ T5279] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1055.352094][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.388059][ T5279] usb 1-1: New USB device found, idVendor=0582, idProduct=007d, bcdDevice=3f.99
[ 1055.389489][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.423592][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.423873][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1055.453543][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.466977][ T5279] usb 1-1: config 0 descriptor??
[ 1055.475523][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.493298][ T5279] usb 1-1: interface 1 not found
[ 1055.498321][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.498346][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.498363][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.500066][T17698] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1055.572644][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.588847][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.606514][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.622014][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.639102][ T5245] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1055.647558][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.673560][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.694829][T17698] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1055.713991][T17698] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.755226][T17698] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1055.788212][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.795278][ T5279] usb 1-1: USB disconnect, device number 62
[ 1055.837851][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.863753][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.903554][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.933588][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1055.952372][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1055.980034][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1056.011125][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1056.030693][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1056.052612][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1056.054712][T18093] loop1: detected capacity change from 0 to 32768
[ 1056.074544][T17695] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1056.082101][T18093] 
[ 1056.082101][T18093]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1056.082101][T18093] 
[ 1056.253182][T17698] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.266128][T17698] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.276683][T17698] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.285778][T17698] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1057.452208][T14531] 
[ 1057.452208][T14531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1057.452208][T14531] 
[ 1057.599032][T14531] 
[ 1057.599032][T14531]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1057.599032][T14531] 
[ 1057.614273][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1057.648699][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1057.659011][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1057.670292][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1057.680689][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1057.700730][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1057.711114][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1057.721909][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1057.732213][T17695] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1057.743165][T17695] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1057.756997][T17695] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1057.770507][T17695] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1057.785510][T17695] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1057.797026][T17695] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1057.808843][T17695] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.168600][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1058.193112][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1058.237607][T18106] loop4: detected capacity change from 0 to 32768
[ 1058.302117][T18106] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2158 (18106)
[ 1058.339577][  T968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1058.355894][T18106] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1058.371562][  T968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1058.381736][T18106] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[ 1058.393106][T18106] BTRFS info (device loop4): using free-space-tree
[ 1058.432967][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1058.506634][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1058.694669][T13614] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1058.739476][T13614] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1058.824555][ T5245] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1058.833826][ T5245] Bluetooth: hci5: Injecting HCI hardware error event
[ 1058.846289][ T5245] Bluetooth: hci5: hardware error 0x00
[ 1059.102131][ T5279] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1059.619369][ T5279] usb 1-1: Using ep0 maxpacket: 16
[ 1059.639774][ T5279] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1059.639804][T15589] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1059.683958][ T5279] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1059.733903][ T5279] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1059.823582][ T5279] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[ 1059.832673][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1059.894602][ T5279] usb 1-1: config 0 descriptor??
[ 1060.118935][T18167] loop3: detected capacity change from 0 to 8192
[ 1060.317483][ T5279] usbhid 1-1:0.0: can't add hid device: -71
[ 1060.350152][ T5279] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1060.406687][ T5279] usb 1-1: USB disconnect, device number 63
[ 1060.685894][   T29] audit: type=1326 audit(1722551966.734:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18169 comm="syz.1.2165" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x0
[ 1060.983820][ T5245] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1061.065058][ T5243] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1061.173047][T18184] tmpfs: Bad value for 'mpol'
[ 1061.263651][ T5243] usb 5-1: Using ep0 maxpacket: 32
[ 1061.290572][ T5243] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1061.311541][ T5243] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1061.341955][ T5243] usb 5-1: Product: syz
[ 1061.350904][ T5243] usb 5-1: Manufacturer: syz
[ 1062.096506][ T5243] usb 5-1: SerialNumber: syz
[ 1062.164601][ T5243] usb 5-1: config 0 descriptor??
[ 1062.264272][ T5243] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1063.458299][T18193] loop0: detected capacity change from 0 to 32768
[ 1063.499731][ T5243] gspca_stk1135: reg_w 0x5 err -110
[ 1063.526928][T18193] 
[ 1063.526928][T18193]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1063.526928][T18193] 
[ 1063.557530][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611639][ T5243] gspca_stk1135: Sensor write failed
[ 1063.611676][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611691][ T5243] gspca_stk1135: Sensor write failed
[ 1063.611716][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611729][ T5243] gspca_stk1135: Sensor read failed
[ 1063.611753][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611765][ T5243] gspca_stk1135: Sensor read failed
[ 1063.611775][ T5243] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1063.611804][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611816][ T5243] gspca_stk1135: Sensor read failed
[ 1063.611839][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611850][ T5243] gspca_stk1135: Sensor read failed
[ 1063.611869][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.611879][ T5243] gspca_stk1135: Sensor write failed
[ 1063.622213][ T5243] gspca_stk1135: serial bus timeout: status=0x00
[ 1063.622237][ T5243] gspca_stk1135: Sensor write failed
[ 1063.622336][ T5243] stk1135 5-1:0.0: probe with driver stk1135 failed with error -110
[ 1064.315338][ T5277] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1064.374437][T16949] 
[ 1064.374437][T16949]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1064.374437][T16949] 
[ 1064.374631][T16949] 
[ 1064.374631][T16949]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1064.374631][T16949] 
[ 1064.523812][ T5277] usb 2-1: Using ep0 maxpacket: 32
[ 1064.526164][ T5277] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1064.528533][ T5277] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1064.528565][ T5277] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1064.528589][ T5277] usb 2-1: Product: syz
[ 1064.528606][ T5277] usb 2-1: Manufacturer: syz
[ 1064.528621][ T5277] usb 2-1: SerialNumber: syz
[ 1064.547308][ T5277] usb 2-1: config 0 descriptor??
[ 1064.554443][T18216] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1065.123959][T18216] loop1: detected capacity change from 0 to 128
[ 1065.130998][T18216] vfat: Unknown parameter '.'
[ 1065.542423][ T5277] usb 5-1: USB disconnect, device number 63
[ 1066.183916][    T9] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1066.343384][T18239] loop3: detected capacity change from 0 to 32768
[ 1066.386240][T18239] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2175 (18239)
[ 1066.453559][    T9] usb 3-1: Using ep0 maxpacket: 16
[ 1066.466445][T14836] usb 2-1: USB disconnect, device number 54
[ 1066.483966][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1066.497286][T18239] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1066.553715][T18239] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[ 1066.562512][T18239] BTRFS info (device loop3): using free-space-tree
[ 1066.638761][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1066.729907][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1066.835302][    T9] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[ 1066.939148][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1066.969896][    T9] usb 3-1: config 0 descriptor??
[ 1067.360656][T18291] btrfs: Unknown parameter '��0xffffffffffffffff�	Z*��� m�.Dc�8�'�@��C9G�9���?�9�S�{�1��J���լ��5æ�Ԍ�����qq���Y�糔����'
[ 1067.434434][    T9] usbhid 3-1:0.0: can't add hid device: -71
[ 1067.503739][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1067.562642][    T9] usb 3-1: USB disconnect, device number 55
[ 1067.581319][   T29] audit: type=1326 audit(1722551973.624:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18265 comm="syz.1.2181" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0efdb773b9 code=0x0
[ 1068.890953][T18293] tmpfs: Bad value for 'mpol'
[ 1069.028048][T17695] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1069.072137][T18314] netlink: 180 bytes leftover after parsing attributes in process `syz.0.2187'.
[ 1069.353173][T18318] loop0: detected capacity change from 0 to 1024
[ 1069.384831][T18318] ext2: Bad value for 'stripe'
[ 1070.022217][T18307] loop4: detected capacity change from 0 to 32768
[ 1070.053777][   T58] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1070.111038][T18307] 
[ 1070.111038][T18307]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1070.111038][T18307] 
[ 1070.803694][   T58] usb 2-1: Using ep0 maxpacket: 32
[ 1070.818943][   T58] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1070.833838][T15589] 
[ 1070.833838][T15589]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1070.833838][T15589] 
[ 1070.863540][   T58] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1070.871584][   T58] usb 2-1: Product: syz
[ 1070.923032][T15589] 
[ 1070.923032][T15589]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1070.923032][T15589] 
[ 1070.963536][   T58] usb 2-1: Manufacturer: syz
[ 1070.984046][   T58] usb 2-1: SerialNumber: syz
[ 1071.033637][   T58] usb 2-1: config 0 descriptor??
[ 1071.082718][   T58] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1071.473648][ T5277] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 1071.713700][ T5277] usb 1-1: Using ep0 maxpacket: 32
[ 1071.733208][ T5277] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1071.926517][ T5277] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1071.939283][T18312] loop2: detected capacity change from 0 to 40427
[ 1071.984231][ T5277] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1071.992473][ T5277] usb 1-1: Product: syz
[ 1072.098408][ T5277] usb 1-1: Manufacturer: syz
[ 1072.130988][ T5277] usb 1-1: SerialNumber: syz
[ 1072.205063][ T5277] usb 1-1: config 0 descriptor??
[ 1072.209541][T18345] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1072.360881][   T58] gspca_stk1135: reg_w 0x5 err -110
[ 1072.362000][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362032][   T58] gspca_stk1135: Sensor write failed
[ 1072.362153][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362166][   T58] gspca_stk1135: Sensor write failed
[ 1072.362318][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362364][   T58] gspca_stk1135: Sensor read failed
[ 1072.362486][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362530][   T58] gspca_stk1135: Sensor read failed
[ 1072.362583][   T58] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1072.362613][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362626][   T58] gspca_stk1135: Sensor read failed
[ 1072.362717][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362760][   T58] gspca_stk1135: Sensor read failed
[ 1072.362880][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.362924][   T58] gspca_stk1135: Sensor write failed
[ 1072.363044][   T58] gspca_stk1135: serial bus timeout: status=0x00
[ 1072.363088][   T58] gspca_stk1135: Sensor write failed
[ 1072.363423][   T58] stk1135 2-1:0.0: probe with driver stk1135 failed with error -110
[ 1072.621186][T18345] loop0: detected capacity change from 0 to 128
[ 1072.812645][T18345] vfat: Unknown parameter '.'
[ 1074.207341][T18363] loop4: detected capacity change from 0 to 256
[ 1074.224076][ T5329] usb 1-1: USB disconnect, device number 64
[ 1074.329316][T18363] FAT-fs (loop4): Directory bread(block 64) failed
[ 1074.372563][T18363] FAT-fs (loop4): Directory bread(block 65) failed
[ 1074.382430][T18363] FAT-fs (loop4): Directory bread(block 66) failed
[ 1074.408676][T18363] FAT-fs (loop4): Directory bread(block 67) failed
[ 1074.428466][T18363] FAT-fs (loop4): Directory bread(block 68) failed
[ 1074.447359][T18363] FAT-fs (loop4): Directory bread(block 69) failed
[ 1074.469949][T18363] FAT-fs (loop4): Directory bread(block 70) failed
[ 1074.485296][T18363] FAT-fs (loop4): Directory bread(block 71) failed
[ 1074.508025][T18363] FAT-fs (loop4): Directory bread(block 72) failed
[ 1074.532476][T18363] FAT-fs (loop4): Directory bread(block 73) failed
[ 1074.539338][ T5245] Bluetooth: hci3: link tx timeout
[ 1074.545403][ T5245] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1074.623641][   T58] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1074.736246][    T9] usb 2-1: USB disconnect, device number 55
[ 1074.760940][T18369] Cannot find del_set index 2 as target
[ 1074.816920][T18369] overlay: ./file0 is not a directory
[ 1074.873626][   T58] usb 3-1: Using ep0 maxpacket: 16
[ 1074.918876][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1074.970740][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1074.984139][   T58] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1074.997566][   T58] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[ 1075.065668][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1075.094344][   T58] usb 3-1: config 0 descriptor??
[ 1075.196038][T18374] loop3: detected capacity change from 0 to 1024
[ 1075.241798][T18374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1075.422156][T17695] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1075.512246][   T58] usbhid 3-1:0.0: can't add hid device: -71
[ 1075.545127][   T58] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1075.593874][   T58] usb 3-1: USB disconnect, device number 56
[ 1076.371796][T18383] loop3: detected capacity change from 0 to 32768
[ 1076.386102][T18383] 
[ 1076.386102][T18383]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1076.386102][T18383] 
[ 1076.678846][ T5232] Bluetooth: hci3: command 0x0406 tx timeout
[ 1077.842234][T18404] loop4: detected capacity change from 0 to 2048
[ 1077.893617][T18404] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1078.094338][T17695] 
[ 1078.094338][T17695]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1078.094338][T17695] 
[ 1078.113902][T17695] 
[ 1078.113902][T17695]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1078.113902][T17695] 
[ 1078.451770][T18410] loop0: detected capacity change from 0 to 2048
[ 1078.582811][T18410] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1078.636077][T18419] loop1: detected capacity change from 0 to 256
[ 1078.701420][T18398] loop2: detected capacity change from 0 to 40427
[ 1078.724963][T18398] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1078.732751][T18398] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1078.762336][T18419] FAT-fs (loop1): Directory bread(block 64) failed
[ 1078.780175][T18398] F2FS-fs (loop2): invalid crc value
[ 1078.813060][T18419] FAT-fs (loop1): Directory bread(block 65) failed
[ 1078.814395][T18398] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1078.827331][ T5281] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1078.845435][T18419] FAT-fs (loop1): Directory bread(block 66) failed
[ 1078.864924][T18419] FAT-fs (loop1): Directory bread(block 67) failed
[ 1078.885512][T18419] FAT-fs (loop1): Directory bread(block 68) failed
[ 1078.904536][T18419] FAT-fs (loop1): Directory bread(block 69) failed
[ 1078.926928][T18419] FAT-fs (loop1): Directory bread(block 70) failed
[ 1078.966218][T18419] FAT-fs (loop1): Directory bread(block 71) failed
[ 1078.972928][T18419] FAT-fs (loop1): Directory bread(block 72) failed
[ 1079.005817][T16949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1079.055185][ T5281] usb 5-1: Using ep0 maxpacket: 32
[ 1079.060526][T18419] FAT-fs (loop1): Directory bread(block 73) failed
[ 1079.076280][T18398] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1079.090865][ T5281] usb 5-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1079.096051][T18398] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1079.131351][ T5281] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1079.166906][ T5281] usb 5-1: Product: syz
[ 1079.179996][ T5281] usb 5-1: Manufacturer: syz
[ 1079.200333][ T5281] usb 5-1: SerialNumber: syz
[ 1079.239436][ T5281] usb 5-1: config 0 descriptor??
[ 1079.283114][ T5281] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1079.495343][T18434] loop3: detected capacity change from 0 to 256
[ 1080.231334][ T5281] gspca_stk1135: reg_w 0x0 err -110
[ 1080.238758][T18431] Cannot find del_set index 2 as target
[ 1080.268168][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.314815][T18431] overlay: ./file0 is not a directory
[ 1080.325138][ T5281] gspca_stk1135: Sensor write failed
[ 1080.374971][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.407411][ T5281] gspca_stk1135: Sensor write failed
[ 1080.433856][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.493668][ T5281] gspca_stk1135: Sensor read failed
[ 1080.498935][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.541980][ T5281] gspca_stk1135: Sensor read failed
[ 1080.584271][ T5281] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1080.590944][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.708817][ T5281] gspca_stk1135: Sensor read failed
[ 1080.742512][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.805414][ T5281] gspca_stk1135: Sensor read failed
[ 1080.810674][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.894350][ T5281] gspca_stk1135: Sensor write failed
[ 1080.913639][ T5281] gspca_stk1135: serial bus timeout: status=0x00
[ 1080.920032][ T5281] gspca_stk1135: Sensor write failed
[ 1081.004185][ T5281] stk1135 5-1:0.0: probe with driver stk1135 failed with error -110
[ 1082.377312][ T5281] usb 5-1: USB disconnect, device number 64
[ 1083.275924][T18461] ALSA: seq fatal error: cannot create timer (-22)
[ 1083.408519][T18464] loop2: detected capacity change from 0 to 2048
[ 1083.469110][T18464] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1084.105711][T18470] binder: 18467:18470 ioctl 4018620d 0 returned -22
[ 1084.120942][T18470] FAULT_INJECTION: forcing a failure.
[ 1084.120942][T18470] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.133728][T18470] CPU: 1 UID: 0 PID: 18470 Comm: syz.2.2222 Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1084.143980][T18470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1084.154046][T18470] Call Trace:
[ 1084.157333][T18470]  <TASK>
[ 1084.160286][T18470]  dump_stack_lvl+0x241/0x360
[ 1084.164984][T18470]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1084.170196][T18470]  ? __pfx__printk+0x10/0x10
[ 1084.174798][T18470]  ? kmem_cache_alloc_lru_noprof+0x49/0x2b0
[ 1084.180703][T18470]  ? __pfx___might_resched+0x10/0x10
[ 1084.186008][T18470]  should_fail_ex+0x3b0/0x4e0
[ 1084.190697][T18470]  ? new_inode_pseudo+0x8b/0x1a0
[ 1084.195648][T18470]  should_failslab+0xac/0x100
[ 1084.200344][T18470]  ? new_inode_pseudo+0x8b/0x1a0
[ 1084.205297][T18470]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[ 1084.211035][T18470]  new_inode_pseudo+0x8b/0x1a0
[ 1084.215808][T18470]  path_from_stashed+0x486/0xb90
[ 1084.220760][T18470]  ? __pfx_lock_release+0x10/0x10
[ 1084.225805][T18470]  ? path_from_stashed+0x142/0xb90
[ 1084.230933][T18470]  ? __pfx_path_from_stashed+0x10/0x10
[ 1084.236407][T18470]  ? pidns_get+0x20/0x200
[ 1084.240744][T18470]  ? pidns_get+0x1bf/0x200
[ 1084.245173][T18470]  proc_ns_get_link+0xf9/0x240
[ 1084.249949][T18470]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1084.255336][T18470]  ? bpf_lsm_inode_follow_link+0x9/0x10
[ 1084.260887][T18470]  ? security_inode_follow_link+0xc2/0x110
[ 1084.266698][T18470]  ? __pfx_proc_ns_get_link+0x10/0x10
[ 1084.272085][T18470]  pick_link+0x631/0xd50
[ 1084.276364][T18470]  step_into+0xca9/0x1080
[ 1084.280722][T18470]  ? __pfx_step_into+0x10/0x10
[ 1084.285497][T18470]  ? proc_ns_dir_lookup+0x352/0x3a0
[ 1084.290713][T18470]  path_openat+0x184b/0x3470
[ 1084.295352][T18470]  ? __pfx_path_openat+0x10/0x10
[ 1084.300321][T18470]  do_filp_open+0x235/0x490
[ 1084.304838][T18470]  ? __pfx_do_filp_open+0x10/0x10
[ 1084.309898][T18470]  ? _raw_spin_unlock+0x28/0x50
[ 1084.314758][T18470]  ? alloc_fd+0x5a1/0x640
[ 1084.319096][T18470]  do_sys_openat2+0x13e/0x1d0
[ 1084.323787][T18470]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1084.328997][T18470]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1084.334993][T18470]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1084.341338][T18470]  __x64_sys_openat+0x247/0x2a0
[ 1084.346203][T18470]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1084.351605][T18470]  do_syscall_64+0xf3/0x230
[ 1084.356117][T18470]  ? clear_bhb_loop+0x35/0x90
[ 1084.360805][T18470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1084.366706][T18470] RIP: 0033:0x7ff9e4175d50
[ 1084.371129][T18470] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8e 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8e 02 00 8b 44
[ 1084.390753][T18470] RSP: 002b:00007ff9e3bbcf20 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1084.399186][T18470] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007ff9e4175d50
[ 1084.407156][T18470] RDX: 0000000000000002 RSI: 00007ff9e3bbcfb0 RDI: 00000000ffffff9c
[ 1084.415123][T18470] RBP: 00007ff9e3bbcfb0 R08: 0000000000000000 R09: 0000000000000000
[ 1084.423091][T18470] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 1084.431058][T18470] R13: 000000000000006e R14: 00007ff9e4306130 R15: 00007ffc4c1c77f8
[ 1084.439035][T18470]  </TASK>
[ 1084.534841][T18457] loop0: detected capacity change from 0 to 32768
[ 1084.706018][T18457] 
[ 1084.706018][T18457]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1084.706018][T18457] 
[ 1087.532280][T18504] loop3: detected capacity change from 0 to 2048
[ 1087.622035][T18507] loop1: detected capacity change from 0 to 256
[ 1087.640654][T18504] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1087.803174][   T29] audit: type=1800 audit(1722551993.844:588): pid=18508 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2232" name="file1" dev="loop3" ino=1346 res=0 errno=0
[ 1087.842831][T16949] 
[ 1087.842831][T16949]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1087.842831][T16949] 
[ 1087.873857][T16949] 
[ 1087.873857][T16949]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1087.873857][T16949] 
[ 1087.968545][T18511] loop1: detected capacity change from 0 to 256
[ 1088.073910][T18511] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1088.227655][T18515] loop3: detected capacity change from 0 to 256
[ 1088.514891][T18519] bridge0: port 3(hsr0) entered blocking state
[ 1088.532570][T18519] bridge0: port 3(hsr0) entered disabled state
[ 1088.565349][T18519] hsr0: entered allmulticast mode
[ 1088.584878][T18519] hsr_slave_0: entered allmulticast mode
[ 1088.602920][T18519] hsr_slave_1: entered allmulticast mode
[ 1088.648998][T18519] hsr0: entered promiscuous mode
[ 1088.679928][T18519] bridge0: port 3(hsr0) entered blocking state
[ 1088.688183][T18519] bridge0: port 3(hsr0) entered forwarding state
[ 1088.949837][T18521] loop4: detected capacity change from 0 to 256
[ 1088.992287][T18523] FAULT_INJECTION: forcing a failure.
[ 1088.992287][T18523] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1089.010595][T18505] loop2: detected capacity change from 0 to 40427
[ 1089.038423][T18505] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[ 1089.048553][T18523] CPU: 0 UID: 0 PID: 18523 Comm: syz.0.2240 Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1089.058829][T18523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1089.068904][T18523] Call Trace:
[ 1089.072197][T18523]  <TASK>
[ 1089.075143][T18523]  dump_stack_lvl+0x241/0x360
[ 1089.079834][T18523]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1089.085022][T18523]  ? __pfx__printk+0x10/0x10
[ 1089.089602][T18523]  ? __pfx_lock_release+0x10/0x10
[ 1089.094620][T18523]  should_fail_ex+0x3b0/0x4e0
[ 1089.099287][T18523]  _copy_from_user+0x2f/0xe0
[ 1089.103867][T18523]  copy_msghdr_from_user+0xae/0x680
[ 1089.109055][T18523]  ? __pfx___might_resched+0x10/0x10
[ 1089.114328][T18523]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1089.120125][T18523]  ? __might_fault+0xaa/0x120
[ 1089.124798][T18523]  do_recvmmsg+0x40f/0xae0
[ 1089.129207][T18523]  ? __pfx_lock_release+0x10/0x10
[ 1089.134226][T18523]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1089.139166][T18523]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1089.145044][T18523]  ? ksys_write+0x23e/0x2c0
[ 1089.149534][T18523]  ? __pfx_lock_release+0x10/0x10
[ 1089.154564][T18523]  ? vfs_write+0x7c4/0xc90
[ 1089.158982][T18523]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1089.164617][T18523]  ? __fget_files+0x3f6/0x470
[ 1089.169294][T18523]  __x64_sys_recvmmsg+0x199/0x250
[ 1089.174311][T18523]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1089.179847][T18523]  ? do_syscall_64+0x100/0x230
[ 1089.184601][T18523]  ? do_syscall_64+0xb6/0x230
[ 1089.189264][T18523]  do_syscall_64+0xf3/0x230
[ 1089.193752][T18523]  ? clear_bhb_loop+0x35/0x90
[ 1089.198414][T18523]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1089.204293][T18523] RIP: 0033:0x7fd98a7773b9
[ 1089.208690][T18523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1089.228283][T18523] RSP: 002b:00007fd98b578048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1089.236685][T18523] RAX: ffffffffffffffda RBX: 00007fd98a905f80 RCX: 00007fd98a7773b9
[ 1089.244641][T18523] RDX: 0000000000000a0d RSI: 00000000200066c0 RDI: 0000000000000005
[ 1089.252600][T18523] RBP: 00007fd98b5780a0 R08: 0000000000000000 R09: 0000000000000000
[ 1089.260557][T18523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1089.268512][T18523] R13: 000000000000000b R14: 00007fd98a905f80 R15: 00007ffd38d773d8
[ 1089.276480][T18523]  </TASK>
[ 1089.290763][T18505] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[ 1089.309103][T18505] F2FS-fs (loop2): invalid crc value
[ 1089.377332][T18505] F2FS-fs (loop2): Found nat_bits in checkpoint
[ 1089.628958][T18505] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[ 1089.687053][T18505] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1089.777869][T18535] ALSA: seq fatal error: cannot create timer (-22)
[ 1090.490436][T18541] No control pipe specified
[ 1090.737954][T18541] loop0: detected capacity change from 0 to 1024
[ 1092.672333][T18554] loop1: detected capacity change from 0 to 2048
[ 1092.731628][T18554] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1092.880359][   T29] audit: type=1800 audit(1722551998.914:589): pid=18555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2247" name="file1" dev="loop1" ino=1346 res=0 errno=0
[ 1093.003248][T13688] hfsplus: b-tree write err: -5, ino 4
[ 1093.473876][ T5329] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 1093.547658][T18550] loop3: detected capacity change from 0 to 32768
[ 1093.669497][T18550] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2245 (18550)
[ 1093.705966][T18552] loop2: detected capacity change from 0 to 32768
[ 1093.841774][ T5329] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1093.864488][T18552] 
[ 1093.864488][T18552]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1093.864488][T18552] 
[ 1093.877926][ T5329] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1094.222165][ T5329] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1094.279498][ T5329] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1094.385308][ T5329] usb 5-1: config 0 descriptor??
[ 1094.481861][T18550] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1094.666628][T18550] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[ 1094.878907][T18550] BTRFS info (device loop3): using free-space-tree
[ 1095.262689][T17698] 
[ 1095.262689][T17698]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1095.262689][T17698] 
[ 1095.314470][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[ 1095.315674][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[ 1095.334616][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[ 1095.350139][T17698] 
[ 1095.350139][T17698]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1095.350139][T17698] 
[ 1095.397260][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[ 1095.398388][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[ 1095.446006][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[ 1095.515017][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[ 1095.582635][T18550] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1095.652240][ T5329] usb 5-1: language id specifier not provided by device, defaulting to English
[ 1095.887363][T18550] BTRFS error (device loop3): open_ctree failed
[ 1097.072946][    T9] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 1097.253639][    T9] usb 1-1: device descriptor read/64, error -71
[ 1098.146457][    T9] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1098.344650][    T9] usb 1-1: device descriptor read/64, error -71
[ 1203.343470][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1203.343493][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P18572/1:b..l P18598/1:b..l
[ 1203.343540][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=127141, q=458 ncpus=2)
[ 1203.343564][    C0] task:syz.1.2258      state:R  running task     stack:24672 pid:18598 tgid:18598 ppid:14531  flags:0x00004000
[ 1203.343608][    C0] Call Trace:
[ 1203.343616][    C0]  <TASK>
[ 1203.343629][    C0]  __schedule+0x1800/0x4a60
[ 1203.343681][    C0]  ? __pfx___schedule+0x10/0x10
[ 1203.343711][    C0]  ? __pfx___schedule+0x10/0x10
[ 1203.343740][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1203.343777][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[ 1203.343807][    C0]  preempt_schedule_irq+0xfb/0x1c0
[ 1203.343833][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1203.343874][    C0]  irqentry_exit+0x5e/0x90
[ 1203.343900][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1203.343923][    C0] RIP: 0010:kasan_check_range+0x5/0x290
[ 1203.343946][    C0] Code: 8e e8 7f 2c e3 ff 90 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 <41> 57 41 56 41 54 53 b0 01 48 85 f6 0f 84 a0 01 00 00 4c 8d 04 37
[ 1203.343963][    C0] RSP: 0018:ffffc90002def750 EFLAGS: 00000207
[ 1203.343979][    C0] RAX: 0000000000000002 RBX: ffff88801fd17800 RCX: ffffffff8baf6694
[ 1203.343994][    C0] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff95346be0
[ 1203.344007][    C0] RBP: ffffc90002def950 R08: ffffffff8baf6662 R09: ffffffff8bb152ab
[ 1203.344021][    C0] R10: 0000000000000004 R11: ffff888029c60000 R12: 1ffff11003fa2f00
[ 1203.344034][    C0] R13: dffffc0000000000 R14: ffff88801fd17e1e R15: 0000000000000003
[ 1203.344054][    C0]  ? mas_get_slot+0x5b/0x250
[ 1203.344074][    C0]  ? mt_validate+0x2e72/0x4aa0
[ 1203.344091][    C0]  ? mt_validate+0x2ea4/0x4aa0
[ 1203.344115][    C0]  mt_validate+0x2ea4/0x4aa0
[ 1203.344148][    C0]  ? mt_validate+0x1a1/0x4aa0
[ 1203.344166][    C0]  ? __pfx_mt_validate+0x10/0x10
[ 1203.344187][    C0]  ? __pfx_validate_mm+0x10/0x10
[ 1203.344227][    C0]  validate_mm+0xe7/0x530
[ 1203.344252][    C0]  ? vma_set_page_prot+0x1d7/0x530
[ 1203.344281][    C0]  ? __pfx_validate_mm+0x10/0x10
[ 1203.344324][    C0]  mmap_region+0x1a61/0x2090
[ 1203.344342][    C0]  ? mark_lock+0x9a/0x360
[ 1203.344387][    C0]  ? __pfx_mmap_region+0x10/0x10
[ 1203.344411][    C0]  ? thp_get_unmapped_area_vmflags+0x269/0x380
[ 1203.344431][    C0]  ? cap_mmap_addr+0x163/0x2c0
[ 1203.344462][    C0]  ? __get_unmapped_area+0x2f0/0x360
[ 1203.344489][    C0]  do_mmap+0x8f9/0x1010
[ 1203.344519][    C0]  ? __pfx_do_mmap+0x10/0x10
[ 1203.344539][    C0]  ? __pfx_down_write_killable+0x10/0x10
[ 1203.344558][    C0]  ? __pfx_ima_file_mmap+0x10/0x10
[ 1203.344582][    C0]  ? security_mmap_file+0x178/0x1a0
[ 1203.344608][    C0]  vm_mmap_pgoff+0x1dd/0x3d0
[ 1203.344636][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1203.344656][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1203.344681][    C0]  ? do_syscall_64+0x100/0x230
[ 1203.344697][    C0]  ? ksys_mmap_pgoff+0xdf/0x720
[ 1203.344715][    C0]  ? __x64_sys_mmap+0x7f/0x140
[ 1203.344742][    C0]  do_syscall_64+0xf3/0x230
[ 1203.344761][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1203.344784][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.344805][    C0] RIP: 0033:0x7f0efdb773f3
[ 1203.344819][    C0] RSP: 002b:00007ffdd4ee6ab8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1203.344838][    C0] RAX: ffffffffffffffda RBX: 00007f0efbe006c0 RCX: 00007f0efdb773f3
[ 1203.344853][    C0] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
[ 1203.344864][    C0] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[ 1203.344876][    C0] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffdd4ee6c10
[ 1203.344888][    C0] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[ 1203.344917][    C0]  </TASK>
[ 1203.709098][    C0] task:syz.4.2249      state:R  running task     stack:23224 pid:18572 tgid:18558 ppid:15589  flags:0x00004006
[ 1203.709146][    C0] Call Trace:
[ 1203.709155][    C0]  <TASK>
[ 1203.709168][    C0]  __schedule+0x1800/0x4a60
[ 1203.709222][    C0]  ? __pfx___schedule+0x10/0x10
[ 1203.709259][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1203.709298][    C0]  ? preempt_schedule_irq+0xf0/0x1c0
[ 1203.709328][    C0]  preempt_schedule_irq+0xfb/0x1c0
[ 1203.709355][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1203.709397][    C0]  irqentry_exit+0x5e/0x90
[ 1203.709423][    C0]  asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1203.709445][    C0] RIP: 0010:lock_acquire+0x264/0x550
[ 1203.709472][    C0] Code: 2b 00 74 08 4c 89 f7 e8 4a 9f 8b 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1203.709487][    C0] RSP: 0018:ffffc90000a0e780 EFLAGS: 00000206
[ 1203.709503][    C0] RAX: 0000000000000001 RBX: 1ffff92000141cfc RCX: b65daaf9bd510300
[ 1203.709517][    C0] RDX: dffffc0000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c607c40
[ 1203.709532][    C0] RBP: ffffc90000a0e8d8 R08: ffffffff93737807 R09: 1ffffffff26e6f00
[ 1203.709546][    C0] R10: dffffc0000000000 R11: fffffbfff26e6f01 R12: 1ffff92000141cf8
[ 1203.709561][    C0] R13: dffffc0000000000 R14: ffffc90000a0e7e0 R15: 0000000000000246
[ 1203.709592][    C0]  ? cond_resched_rcu+0x87/0x170
[ 1203.709625][    C0]  ? __pfx_lock_acquire+0x10/0x10
[ 1203.709651][    C0]  ? cond_resched_rcu+0x87/0x170
[ 1203.709677][    C0]  ? __pfx___might_resched+0x10/0x10
[ 1203.709714][    C0]  ? cond_resched_rcu+0x87/0x170
[ 1203.709743][    C0]  cond_resched_rcu+0xd4/0x170
[ 1203.709768][    C0]  ? cond_resched_rcu+0x87/0x170
[ 1203.709793][    C0]  hash_netiface6_list+0x308/0x1160
[ 1203.709824][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 1203.709847][    C0]  ? hash_netiface6_list+0x185/0x1160
[ 1203.709869][    C0]  ? __local_bh_enable_ip+0x168/0x200
[ 1203.709893][    C0]  ? hash_netiface6_uref+0x58/0x520
[ 1203.709911][    C0]  ? __pfx_hash_netiface6_list+0x10/0x10
[ 1203.709932][    C0]  ? hash_netiface6_uref+0x58/0x520
[ 1203.709951][    C0]  ? hash_netiface6_uref+0x488/0x520
[ 1203.709968][    C0]  ? nla_put+0x131/0x1e0
[ 1203.709995][    C0]  ip_set_dump_do+0xf46/0x1750
[ 1203.710030][    C0]  ? __pfx_ip_set_dump_do+0x10/0x10
[ 1203.710050][    C0]  ? napi_build_skb+0x200/0x270
[ 1203.710072][    C0]  ? __pfx_lock_release+0x7/0x10
[ 1203.710095][    C0]  ? __mutex_trylock_common+0x183/0x2e0
[ 1203.710122][    C0]  netlink_dump+0x647/0xd80
[ 1203.710154][    C0]  ? __pfx_netlink_dump+0x10/0x10
[ 1203.710170][    C0]  ? ip_set_dump_start+0x3a1/0x530
[ 1203.710217][    C0]  __netlink_dump_start+0x5a2/0x790
[ 1203.710261][    C0]  ip_set_dump+0x16d/0x1f0
[ 1203.710288][    C0]  ? nfnetlink_rcv_msg+0xa5c/0x1180
[ 1203.710307][    C0]  ? nfnetlink_rcv_msg+0x225/0x1180
[ 1203.710328][    C0]  ? __pfx_ip_set_dump+0x10/0x10
[ 1203.710353][    C0]  ? __pfx_ip_set_dump_start+0x10/0x10
[ 1203.710370][    C0]  ? __pfx_ip_set_dump_do+0x10/0x10
[ 1203.710387][    C0]  ? __pfx_ip_set_dump_done+0x10/0x10
[ 1203.710416][    C0]  ? nfnetlink_rcv_msg+0x225/0x1180
[ 1203.710437][    C0]  nfnetlink_rcv_msg+0xbec/0x1180
[ 1203.710457][    C0]  ? kernel_text_address+0xa7/0xe0
[ 1203.710477][    C0]  ? nfnetlink_rcv_msg+0x225/0x1180
[ 1203.710518][    C0]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1203.710563][    C0]  ? netlink_deliver_tap+0x19d/0x1b0
[ 1203.710581][    C0]  ? netlink_unicast+0x7c4/0x990
[ 1203.710603][    C0]  ? netlink_sendmsg+0x8e4/0xcb0
[ 1203.710621][    C0]  ? __sock_sendmsg+0x221/0x270
[ 1203.710645][    C0]  ? ____sys_sendmsg+0x525/0x7d0
[ 1203.710666][    C0]  ? __sys_sendmsg+0x2b0/0x3a0
[ 1203.710686][    C0]  ? do_syscall_64+0xf3/0x230
[ 1203.710702][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.710739][    C0]  netlink_rcv_skb+0x1e3/0x430
[ 1203.710767][    C0]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1203.710790][    C0]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1203.710821][    C0]  ? apparmor_capable+0x13b/0x1b0
[ 1203.710842][    C0]  ? bpf_lsm_capable+0x9/0x10
[ 1203.710865][    C0]  ? security_capable+0x90/0xb0
[ 1203.710897][    C0]  nfnetlink_rcv+0x297/0x2a90
[ 1203.710923][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1203.710953][    C0]  ? __dev_queue_xmit+0x2da/0x3e90
[ 1203.710979][    C0]  ? __dev_queue_xmit+0x1763/0x3e90
[ 1203.711001][    C0]  ? kasan_save_track+0x51/0x80
[ 1203.711026][    C0]  ? do_syscall_64+0xf3/0x230
[ 1203.711047][    C0]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1203.711066][    C0]  ? __dev_queue_xmit+0x2da/0x3e90
[ 1203.711093][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1203.711133][    C0]  ? ref_tracker_free+0x643/0x7e0
[ 1203.711156][    C0]  ? __asan_memcpy+0x40/0x70
[ 1203.711180][    C0]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1203.711218][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1203.711241][    C0]  ? skb_clone+0x240/0x390
[ 1203.711264][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1203.711290][    C0]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1203.711320][    C0]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1203.711342][    C0]  netlink_unicast+0x7f6/0x990
[ 1203.711376][    C0]  ? __pfx_netlink_unicast+0x10/0x10
[ 1203.711400][    C0]  ? __virt_addr_valid+0x183/0x530
[ 1203.711423][    C0]  ? __check_object_size+0x49c/0x900
[ 1203.711444][    C0]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1203.711473][    C0]  netlink_sendmsg+0x8e4/0xcb0
[ 1203.711503][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1203.711525][    C0]  ? __import_iovec+0x536/0x820
[ 1203.711549][    C0]  ? aa_sock_msg_perm+0x91/0x160
[ 1203.711574][    C0]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1203.711591][    C0]  ? security_socket_sendmsg+0x87/0xb0
[ 1203.711613][    C0]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1203.711631][    C0]  __sock_sendmsg+0x221/0x270
[ 1203.711661][    C0]  ____sys_sendmsg+0x525/0x7d0
[ 1203.711693][    C0]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1203.711732][    C0]  __sys_sendmsg+0x2b0/0x3a0
[ 1203.711758][    C0]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1203.711823][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1203.711851][    C0]  ? do_syscall_64+0x100/0x230
[ 1203.711872][    C0]  ? do_syscall_64+0xb6/0x230
[ 1203.711892][    C0]  do_syscall_64+0xf3/0x230
[ 1203.711911][    C0]  ? clear_bhb_loop+0x35/0x90
[ 1203.711935][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.711956][    C0] RIP: 0033:0x7f0729f773b9
[ 1203.711972][    C0] RSP: 002b:00007f072ad3b048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1203.711990][    C0] RAX: ffffffffffffffda RBX: 00007f072a106058 RCX: 00007f0729f773b9
[ 1203.712004][    C0] RDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000007
[ 1203.712017][    C0] RBP: 00007f0729fe48e6 R08: 0000000000000000 R09: 0000000000000000
[ 1203.712029][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1203.712040][    C0] R13: 000000000000006e R14: 00007f072a106058 R15: 00007ffc99325028
[ 1203.712070][    C0]  </TASK>
[ 1204.356888][    C0] rcu: rcu_preempt kthread starved for 10560 jiffies! g127141 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1204.356914][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1204.356922][    C0] rcu: RCU grace-period kthread stack dump:
[ 1204.356927][    C0] task:rcu_preempt     state:R  running task     stack:24176 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1204.356962][    C0] Call Trace:
[ 1204.356968][    C0]  <TASK>
[ 1204.356979][    C0]  __schedule+0x1800/0x4a60
[ 1204.357025][    C0]  ? __pfx___schedule+0x10/0x10
[ 1204.357050][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1204.357073][    C0]  ? __asan_memset+0x23/0x50
[ 1204.357098][    C0]  ? __pfx_lockdep_init_map_type+0x10/0x10
[ 1204.357122][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1204.357147][    C0]  ? schedule+0x90/0x320
[ 1204.357168][    C0]  schedule+0x14b/0x320
[ 1204.357192][    C0]  schedule_timeout+0x1be/0x310
[ 1204.357215][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1204.357238][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1204.357271][    C0]  ? prepare_to_swait_event+0x32e/0x350
[ 1204.357298][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1204.357323][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 1204.357350][    C0]  ? rcu_gp_init+0x1256/0x1630
[ 1204.357378][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1204.357399][    C0]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[ 1204.357425][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1204.357453][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1204.357483][    C0]  ? finish_swait+0xd4/0x1e0
[ 1204.357509][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 1204.357532][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1204.357555][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1204.357578][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1204.357605][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1204.357629][    C0]  kthread+0x2f0/0x390
[ 1204.357645][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1204.357669][    C0]  ? __pfx_kthread+0x10/0x10
[ 1204.357687][    C0]  ret_from_fork+0x4b/0x80
[ 1204.357710][    C0]  ? __pfx_kthread+0x10/0x10
[ 1204.357728][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1204.357766][    C0]  </TASK>
[ 1204.357775][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1204.357784][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1204.357819][    C1] NMI backtrace for cpu 1
[ 1204.357834][    C1] CPU: 1 UID: 0 PID: 17695 Comm: syz-executor Not tainted 6.11.0-rc1-next-20240729-syzkaller #0
[ 1204.357855][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[ 1204.357866][    C1] RIP: 0010:check_preemption_disabled+0x19/0x120
[ 1204.357889][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 41 57 41 56 41 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 <65> 8b 1d bc 23 4a 74 65 8b 05 b1 23 4a 74 a9 ff ff ff 7f 74 26 65
[ 1204.357904][    C1] RSP: 0018:ffffc90000a17fc8 EFLAGS: 00000082
[ 1204.357920][    C1] RAX: bed97395ece0ea00 RBX: 0000000000000001 RCX: ffffffff816fafd4
[ 1204.357933][    C1] RDX: 0000000000000000 RSI: ffffffff8c607c20 RDI: ffffffff8c607be0
[ 1204.357946][    C1] RBP: ffffc90000a18168 R08: ffffffff9017d76f R09: 1ffffffff202faed
[ 1204.357960][    C1] R10: dffffc0000000000 R11: fffffbfff202faee R12: 1ffff9200014300c
[ 1204.357974][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff92000143030
[ 1204.357987][    C1] FS:  0000555586b32500(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000
[ 1204.358003][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1204.358015][    C1] CR2: 000000110c30e724 CR3: 000000005d160000 CR4: 00000000003506f0
[ 1204.358031][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1204.358042][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1204.358053][    C1] Call Trace:
[ 1204.358060][    C1]  <NMI>
[ 1204.358067][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1204.358088][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1204.358113][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1204.358133][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1204.358159][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1204.358181][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1204.358203][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1204.358221][    C1]  ? check_preemption_disabled+0x19/0x120
[ 1204.358239][    C1]  ? default_do_nmi+0x63/0x160
[ 1204.358261][    C1]  ? exc_nmi+0x123/0x1f0
[ 1204.358280][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1204.358305][    C1]  ? lock_acquire+0xd4/0x550
[ 1204.358329][    C1]  ? check_preemption_disabled+0x19/0x120
[ 1204.358347][    C1]  ? check_preemption_disabled+0x19/0x120
[ 1204.358367][    C1]  ? check_preemption_disabled+0x19/0x120
[ 1204.358385][    C1]  </NMI>
[ 1204.358391][    C1]  <IRQ>
[ 1204.358399][    C1]  rcu_is_watching+0x15/0xb0
[ 1204.358417][    C1]  lock_acquire+0xe3/0x550
[ 1204.358443][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1204.358470][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1204.358493][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[ 1204.358520][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1204.358544][    C1]  ? timekeeping_get_ns+0x5c/0x420
[ 1204.358567][    C1]  seqcount_lockdep_reader_access+0xfc/0x220
[ 1204.358590][    C1]  ? timekeeping_get_ns+0x5c/0x420
[ 1204.358612][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 1204.358637][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[ 1204.358663][    C1]  ? seqcount_lockdep_reader_access+0x1c1/0x220
[ 1204.358687][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[ 1204.358714][    C1]  timekeeping_get_ns+0x5c/0x420
[ 1204.358741][    C1]  ktime_get_update_offsets_now+0x90/0x250
[ 1204.358771][    C1]  hrtimer_interrupt+0x133/0x990
[ 1204.358792][    C1]  ? sched_clock_cpu+0x76/0x490
[ 1204.358813][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1204.358835][    C1]  ? validate_chain+0x11e/0x5920
[ 1204.358855][    C1]  __sysvec_apic_timer_interrupt+0x110/0x3f0
[ 1204.358883][    C1]  sysvec_apic_timer_interrupt+0x52/0xc0
[ 1204.358908][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1204.358928][    C1] RIP: 0010:memset_orig+0x52/0xb0
[ 1204.358946][    C1] Code: 06 74 35 0f 1f 44 00 00 48 ff c9 48 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 <48> 8d 7f 40 75 d8 0f 1f 84 00 00 00 00 00 89 d1 83 e1 38 74 14 c1
[ 1204.358960][    C1] RSP: 0018:ffffc90000a18508 EFLAGS: 00000206
[ 1204.358974][    C1] RAX: 0000000000000000 RBX: ffff888049d9baf0 RCX: 0000000000000005
[ 1204.358986][    C1] RDX: 0000000000000200 RSI: 0000000000000000 RDI: ffffc90000a18590
[ 1204.358998][    C1] RBP: ffffc90000a18738 R08: ffffffff897fdfe7 R09: 0000000000000000
[ 1204.359011][    C1] R10: ffffc90000a18510 R11: ffff888061465a00 R12: 00000000000000f0
[ 1204.359023][    C1] R13: ffff8880196e7780 R14: 0000000000000820 R15: ffffc90000a18510
[ 1204.359040][    C1]  ? __alloc_skb+0x167/0x440
[ 1204.359064][    C1]  kasan_save_track+0x30/0x80
[ 1204.359100][    C1]  ? mark_lock+0x9a/0x360
[ 1204.359126][    C1]  ? __lock_acquire+0x1384/0x2050
[ 1204.359154][    C1]  __kasan_slab_alloc+0x66/0x80
[ 1204.359172][    C1]  ? __alloc_skb+0x1c3/0x440
[ 1204.359194][    C1]  kmem_cache_alloc_node_noprof+0x16b/0x320
[ 1204.359220][    C1]  __alloc_skb+0x1c3/0x440
[ 1204.359239][    C1]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[ 1204.359265][    C1]  ? __pfx___alloc_skb+0x10/0x10
[ 1204.359286][    C1]  ? do_raw_spin_lock+0x14f/0x370
[ 1204.359309][    C1]  skb_copy+0x12b/0x820
[ 1204.359330][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1204.359356][    C1]  mac80211_hwsim_tx_frame_no_nl+0x106b/0x18d0
[ 1204.359389][    C1]  ? __pfx_mac80211_hwsim_tx_frame_no_nl+0x10/0x10
[ 1204.359413][    C1]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[ 1204.359443][    C1]  ? mac80211_hwsim_monitor_rx+0x1bc/0x810
[ 1204.359469][    C1]  mac80211_hwsim_tx_frame+0x1cc/0x220
[ 1204.359496][    C1]  mac80211_hwsim_beacon_tx+0x3bf/0x850
[ 1204.359524][    C1]  __iterate_interfaces+0x222/0x510
[ 1204.359545][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1204.359569][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[ 1204.359592][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x170
[ 1204.359614][    C1]  ieee80211_iterate_active_interfaces_atomic+0xd8/0x170
[ 1204.359637][    C1]  mac80211_hwsim_beacon+0xd4/0x1f0
[ 1204.359657][    C1]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1204.359677][    C1]  __hrtimer_run_queues+0x59b/0xd50
[ 1204.359698][    C1]  ? ktime_get_update_offsets_now+0x3c/0x250
[ 1204.359732][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1204.359754][    C1]  ? ktime_get_update_offsets_now+0x22d/0x250
[ 1204.359783][    C1]  hrtimer_run_softirq+0x19a/0x2c0
[ 1204.359808][    C1]  handle_softirqs+0x2c4/0x970
[ 1204.359833][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[ 1204.359857][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1204.359882][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[ 1204.359908][    C1]  __irq_exit_rcu+0xf4/0x1c0
[ 1204.359930][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1204.359957][    C1]  irq_exit_rcu+0x9/0x30
[ 1204.359977][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1204.360001][    C1]  </IRQ>
[ 1204.360006][    C1]  <TASK>
[ 1204.360013][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1204.360034][    C1] RIP: 0010:finish_task_switch+0x1ea/0x870
[ 1204.360053][    C1] Code: c9 50 e8 39 b8 0b 00 48 83 c4 08 4c 89 f7 e8 dd 38 00 00 e9 de 04 00 00 4c 89 f7 e8 e0 b8 5f 0a e8 fb 85 37 00 fb 48 8b 5d c0 <48> 8d bb f8 15 00 00 48 89 f8 48 c1 e8 03 49 be 00 00 00 00 00 fc
[ 1204.360068][    C1] RSP: 0018:ffffc900044f7988 EFLAGS: 00000282
[ 1204.360082][    C1] RAX: bed97395ece0ea00 RBX: ffff888061465a00 RCX: ffffffff94f2f903
[ 1204.360095][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0ad560 RDI: ffffffff8c607c40
[ 1204.360108][    C1] RBP: ffffc900044f79d0 R08: ffffffff9017d76f R09: 1ffffffff202faed
[ 1204.360122][    C1] R10: dffffc0000000000 R11: fffffbfff202faee R12: 1ffff11017267ef3
[ 1204.360136][    C1] R13: dffffc0000000000 R14: ffff8880b923ea00 R15: ffff8880b933f798
[ 1204.360158][    C1]  ? finish_task_switch+0x1e5/0x870
[ 1204.360179][    C1]  __schedule+0x1808/0x4a60
[ 1204.360220][    C1]  ? __pfx___schedule+0x10/0x10
[ 1204.360245][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1204.360269][    C1]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 1204.360295][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1204.360319][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1204.360345][    C1]  ? schedule+0x90/0x320
[ 1204.360367][    C1]  schedule+0x14b/0x320
[ 1204.360391][    C1]  do_nanosleep+0x197/0x600
[ 1204.360415][    C1]  ? do_nanosleep+0x80/0x600
[ 1204.360437][    C1]  ? __pfx_do_nanosleep+0x10/0x10
[ 1204.360458][    C1]  ? __asan_memset+0x23/0x50
[ 1204.360482][    C1]  ? __hrtimer_init+0x170/0x250
[ 1204.360503][    C1]  hrtimer_nanosleep+0x227/0x470
[ 1204.360525][    C1]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[ 1204.360548][    C1]  ? __pfx_hrtimer_wakeup+0x10/0x10
[ 1204.360570][    C1]  ? __pfx_get_timespec64+0x10/0x10
[ 1204.360593][    C1]  __se_sys_clock_nanosleep+0x32b/0x3c0
[ 1204.360614][    C1]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[ 1204.360633][    C1]  ? do_syscall_64+0x100/0x230
[ 1204.360651][    C1]  ? do_syscall_64+0xb6/0x230
[ 1204.360669][    C1]  do_syscall_64+0xf3/0x230
[ 1204.360685][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1204.360707][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.360727][    C1] RIP: 0033:0x7ff5cf5a93a5
[ 1204.360742][    C1] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 c6 57 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 1f 58 ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[ 1204.360756][    C1] RSP: 002b:00007ffce98f5780 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[ 1204.360773][    C1] RAX: ffffffffffffffda RBX: 000000000000003d RCX: 00007ff5cf5a93a5
[ 1204.360785][    C1] RDX: 00007ffce98f57c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 1204.360796][    C1] RBP: 00007ffce98f581c R08: 0000000000000000 R09: 7fffffffffffffff
[ 1204.360809][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000032
[ 1204.360819][    C1] R13: 000000000010c22e R14: 000000000010c141 R15: 00007ffce98f5870
[ 1204.360841][    C1]  </TASK>
[ 1204.402986][ T1261] ieee802154 phy1 wpan1: encryption failed: -22