last executing test programs:

16.675969898s ago: executing program 2 (id=567):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @private, 0x0, 0x1, 'sh\x00', 0x0, 0x0, 0x10}, 0x2c)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x200000001, 'ovf\x00'}, 0x2c)

16.558976527s ago: executing program 4 (id=569):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00'}, 0x10)
sendmsg$SOCK_DIAG_BY_FAMILY(r0, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="2400000014000105000000000000000010"], 0x24}}, 0x0)

16.476302623s ago: executing program 2 (id=570):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x34, r1, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}]}, 0x34}}, 0x0)

16.319482417s ago: executing program 2 (id=572):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='timer_start\x00', r0}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))

16.259721426s ago: executing program 4 (id=573):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_FLUSH(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="0100006fd1fdafbdd22319"], 0x14}}, 0x0)

16.081954199s ago: executing program 2 (id=576):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0xca, &(0x7f0000000640)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000ed6a00942c00fe800000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="0001"], 0x0)

15.985689938s ago: executing program 4 (id=577):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f0000000680)=ANY=[], 0x8)
sendmsg$inet6(r0, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='`\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x00\v'], 0x60}, 0x0)

15.801466207s ago: executing program 4 (id=580):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x74, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x48, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x34, 0x1, 0x0, 0x1, @payload={{0xc}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_LEN={0x8}, @NFTA_PAYLOAD_BASE={0x8}, @NFTA_PAYLOAD_OFFSET={0x8}, @NFTA_PAYLOAD_SREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x9c}}, 0x0)

15.661255067s ago: executing program 4 (id=584):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f848100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={0x0, 0x700, &(0x7f0000000500)=[{&(0x7f00000000c0)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb440009000e000a000d000000ba8000001201", 0x2e}], 0x1}, 0x0)

15.596163221s ago: executing program 2 (id=585):
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000000)=ANY=[])

15.34638097s ago: executing program 2 (id=588):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x640, 0x1, 0x2, 0xd59f83, 0x19f2, 0x3f, 0x19ef, 0x3, 0x3, 0x2800, 0x2800, 0x2, 0xba2, 0x0, 0x38, {0x8, 0xffffffff}, 0xd0, 0x9}})

14.777412667s ago: executing program 4 (id=591):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
write(r0, &(0x7f0000000040), 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000080)={0xf0f046})

10.0159034s ago: executing program 1 (id=621):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x0, 0x0, {0x2, 0x20, 0x20}, [@RTA_SRC={0x8, 0x2, @broadcast}, @RTA_DST={0x8, 0x1, @local}]}, 0x2c}}, 0x0)

9.832035658s ago: executing program 1 (id=623):
r0 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f00000005c0)='asymmetric\x00', &(0x7f0000000600))
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000140)='asymmetric\x00', &(0x7f0000000440))

9.691719144s ago: executing program 1 (id=624):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000000200)={[{@noinline_xattr}, {@four_active_logs}, {@discard}, {@noinline_xattr}, {@age_extent_cache}, {@user_xattr}, {@noinline_xattr}, {@fastboot}, {@fsync_mode_strict}, {@discard_unit_section}]}, 0x21, 0x552d, &(0x7f000000abc0)="$eJzs3EtvG1UUAODjpOmbEiEW7DqoQkqk2qrTh2BXoBUP0aoqsGAFju1abmxPFDtOyIoFS8SCf4JAYsWS38CCNTvEAsQOCeS5E2gKlZDixKT5Pml85t65c+beURTpzFgO4NhazH77pRIX4kxEzEfE+Yhiv1JuhZspvBARFyNi7pGtUvb/1XEyIs5GxIVJ8pSzUh764vL40vWf3/712+9PnTj35Tc/zG7VwKy9FBH99bS/1U8x76T4sOxvjLtF7F8blzEd6K+V7TzFrfZqkWGrsTuuUcSrnTQ+X98cTuKDXqM5iZ3ug6J/fZAuOBx3dvMUJzxsbBTtVnu1iN1hXsTOTprX9k7637YzHKU8rTLfx0X6GI12Y+pvb7fTetbXitgcjMr+lDdvtbcncVzG8nLRzHutYh6r+7nT/2svvtMdbG5n4/bGsJsPsuu1+su1+o1qfSNvtUfta9VGv3XjWrbU6U2GVUftRv9mJ887vXatmfeXs6VOs1mt17OlW+3VbmOQ1eu1q7Ur1evL5d7l7I2772e9VrY0ia91B5ujbm+YPcg3snTGcrZSu/rKcnapnr1751527/7t23fuvffhrQ/uvnrnrdfLQf+YVra0cmVlpVq/Ul2pL+/vBhyp9X9aTnqK64d9qcx6AgBHj/ofmIWDq/837kccfP0f6v+pOFL173Gv/w9g/bAv6n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGPrx4Wv3ix2FlP7XNn/TNn1XNmuRMRcRPzxL+bj5J6c82WehSeMX3hsDt9VosgwucapcjsbETfL7fdnD/ouAAAAwNPr608ufp6q9fSxOOsJcZjSQ5u58x9NKV8lIhYWf5pStrnJx/NTSlb8fZ+I7SllKx5gnZ5SsvTI7cS0sv0n83vC6UdCJYW5x8+Y2moBAICZ2VsJHG4VAgAAwGH67IlH1g51HhyySuy+ytx9F1x88/7vl31nUturPwAAADi6KrOeAAAAAHDgivrf7/8BAADA0y39/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+ycy+5aQNxHID/NrjQl4qq7nuV7uAYPUKXXVYcoJfgCOQKuQBnILscIYIIj4NCRB7EY6xE3yfZgy3zmxkei5mRBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBLV9VydvHv5/+2OZttO3l6AwAAAByzrpaz+sUkXX9u7n9tbn1vrouIKCPi2Nh9EB8OMgdNTvXI89WDNlxG1Am7OkbN8SkifqVjG9+6/hQAAADgXRruTqv5YppG6+k06btVtHbCd5gmbcovvzNVXURENbnOlFbu8n5kCqt/38P4mymtnsAaZwpLU27DXGkvUv/d97N243tFkYry6fdn6zsAAHBGg4PivKMQAAAAzulP3w2gCx+ffaKIu6XM/VLgKBXjgwiLfQAAAPB2FX03AAAAAOhcPf4/Zf+/6Gf/v7ix/x8AAAC8Wtr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6tq+VsNV9M2+Zstu3k6Q0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9LCoRAEETBnPG/k77/YSVBzyBCBDQ8qqhFAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7Ny/b9xUHADwZ/t8/QGII6AbghBIDLDQ67W0dEMMoIiBPwEpSq8l9MqPNgOtKqQsbChzFwQjQkigsPUfYOqG1EpdytbhhiKxsByyz845TSUuRLEvyecjPb/vOY7f99lSlK+fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDR6bxon2aYzieNi373Ht1ay/v4TfebOxoPFrGVxVGfSB8Mr1Q9Rt7lEAAAAODqSsr4PITxMN5eyPu7k9X9aHpPV/N8/N4nLev7Jur/sy9o/a7/9+uilrYE6k3Gyk15aHQ5O70yltX+znG/P/+cRrfzK589ekvyGxB+uvzhK8+sZfXv37vvtPDxWR7YAwP9xquyLoPx9KOv7TSYGwJHRqhTeZf2fdJrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAOo/XwTBlHIYTF1jTO3H98a+Vp/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8GkJoavR3i+lf+XiGg0No5PrsV/DPeDze1Xcdbz7nPQVxcbPnJZ+DETT4QwkAgEMpLVpW1z9MN5eyfdFCCOMfttf/b1TiMGP9/+iT8/eqY1Xr/35tM5x/vbWrX/Su37j51urV5cuDy4PP3j7Tf6d/9sK5cxd6+bOSnicmAAAA7E27aNX6P17Yuf5/shKHGev/L7/rfz0d6Y98q/7fabro13QmAAAAR9sLr/39V/SU/VG7Hb5aXlu71p9stz6fmWwbSHXXjhWtWv8nC01nBQAAANRhtB5tW/+/WInDjOv/z/748s/VcyYhhBPF+v+plc+HF+ubzlyr48+Jm54jAAAAzTpRtOr6f5q//x9vvfIQhxDefH0SF/8GcKb6P/ngm5+qYyWV9//P1jfFuRR3J9cj77shtLrbvvx7Y4kBAABwKB0vWlbs/5luLn36y8mP2t7/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjbvwEAAP//E41CoA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x515001, 0x0)
write$FUSE_LK(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, {{0x3, 0x4}}}, 0x28)

6.743679496s ago: executing program 1 (id=635):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendfile(r1, r0, 0x0, 0xb)

6.269453162s ago: executing program 5 (id=636):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x7)
setfsuid(0xee00)

5.967547316s ago: executing program 5 (id=638):
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000003c0)={0x18})

5.867262208s ago: executing program 3 (id=639):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
ioctl$SG_IO(r0, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x3, 0x0}, &(0x7f0000000240)="3c8d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})

5.672161084s ago: executing program 5 (id=640):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='pids.current\x00', 0x275a, 0x0)
fsmount(r0, 0x0, 0x6)

5.553529039s ago: executing program 3 (id=641):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x8410, &(0x7f0000005f00)=ANY=[], 0x1, 0x5550, &(0x7f0000000500)="$eJzs3EtvG1UbAOAzTpN+vX4RYsGuI1VIiVRbdXoR7Aq04iJSRVwWrMCxHcut7YlixwnZgARLxIJ/gkBixZLfwII1O8QCxA4pyHPGlNDSi+zEvTyPNH5nzhy/c87ISvSesRyAZ9Zi+sdvSTgbToQQ5kIIp5OQ7yfFlrsWwwshhHMhhNI/tqRo/7thIYRwMoRwdpQ85kyKU19dGJ6/8utbv3//4/Fjp77+7qfZzRqYtRdDCN3NuL/TjTFrxXiraK8N23nsXh4WMZ7o3i6Osxh3mut5hp3auF8tj5dasX+2ud0fxY1OrT6KrfZG3r7ZixfsD1vjPPkbbtW28uNGcz2P7X6Wx9ZeHNfuXvzbttcfxDyNIt/HefowGIxjbG/uNuN8Nm/nsd4bFO0xb9Zo7o7isIjF5UI96zTycaxPcqcfb2+3e9u76bC51W9nvfRKpfpSpXq1XN3KGs1B83K51m1cvZwutTqjbuVBs9a91sqyVqdZqWfd5XSpVa+Xq9V06XpzvV3rpdVq5VLlYvnKcrF3IX395vtpp5EujeKr7d72QrvTTzeyrTS+YzldqVx6eTk9X03fXV1L1965cWN17b0Pr39w85XVN18rOt01rHRp5eLKSrl6sbxSXX4M5j/6v/uQ8x9MMv/Pi0E/wvyTyW4P3J8PGMAju6v+D+p/4PA9GfX/fh7vVf+Hadb/o5JK/f/g+rc0ef0/Uf173/p/4fDnP4X1j8ObP8yA+h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Jn18/w3b+Q7i/H4VNF+pmh6rjhOQgilEML+PcyFhQM554o88//Rf/5fY/ghCXmG0TWOF9vJEMK1Yvvz/4d9FwAAAODp9e2n576M1Xp8WZz1gDhKcdGmdPqjKeVLQgjzi79MKVtp9PL8lJLln+9jYXdK2fIFrP9NKVlccjs2rWwPZW4cPjtzpzGfUBJD6UiHAwAAHIm5A+FoqxAAAACO0hezHgCzkYTxo8zxs+D8m/d3Hm2eOHAOAAAAeAIlsx4AAAAAMJn9/f1PHtAlr//9/h8AAAA83eLv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAX+zcz23iQBQH4GeDgf2nRau9byt7gzJSQo45BgpIE5RAWkgD1EBuKSGCCHuE5AikSIxjBX2f5HHGjn4zA1zeWDIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KXnaj1/vP/3cGnObn+ZPKsBAAAATtlW63n9x7Tp/0jXf6VLf1K/iIgyIk7V7oMYtTIHKac68//Vuzk8RdQJhzHG6fgeEf/T8fq7608BAAAArtdmuZo11XrTTPueEJ+p2bQpf95kyisiopq+ZEorD83fTGH173sYd5nS6g2sSaawZsttePreKNcgbYPWKa1ksqi/xLpXdjMuAADQp3YlcKYKAQAA4Arc9j0B+lEcm+NzxnFzSg8Ev7V6AAAAwBdU9D0BAAAAoHN1/e/9fwAAAHDdmvf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KVttZ5vlqvZufuLD+bs9pfJtyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN7Yn3cUCIEwCIO96zuTuf9hpUFDY5MqED7+xmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN7/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hfP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GJ/XlIgBIIgCuaM/530/Q8rCXoGESKg4VFFLRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCLfvfL/4mpcSaZO20sHY8ka1eNravG3oPG0YPx9m8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GLn/nnjKKIAgL/bu738AYQxyIUBBYkCGmJfQkJKKEAWBR8ByXLOwXAhkLggkQVyAxVynQZBiRASyHT5DqljKU3oUrgwEjVo93Yvm8SQU2R2l/j3k2bn7Xk182bvZPl51gYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0u478VJSxN3sMDOOy9du7W2sZP3OA33mxtbt+axlcedRE33z9sEn324vV09OzFVOvqo/GQAAAA6HblnfR8SddHsp65OZvP5Py2uymv/7Z8ZxWc8/WPfv7G0cLb40X9b/v/1694XJRDPjebJBV9dGw8WHU+n9R0tsvWcfeUUvv/P57166+RuSvL/5/G6a38/OtzdvvtvPwyN1ZAsAPI6TZV8E5c9DWT9oMjEADo1epfAu6//uTLM5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANRhdzOeKuNORMz37sWZnb2Nlf36G1u358t29vr1reqY2RBpRKyujYZpjWtpuytXr32yPBoNL9cfnIiI5mYvgg+nuCbi368pPp7R3Cr+Oei0I41Gg6R4f9qSz0EG5Wfv4Edu6BsSAABPrLRoWV1/J91eyl7rzEb89cP99f9rlTimrP/vfnT2VnWuav0/qG2F7bewfvGzhStXr72xdnH5wvDC8NM3Tw3eGpw+d+bMuYXsXi0urEYyXGw6TQAAAP7H+kWr1v/J7MP7/8crcUxZ/3/+3eDL6lxd9f++7m36NZ0JAADAYdSfRM+98ucfnX2u6PT78cXy+vrlwfg4OT81Ptaa7mM6UrRq/d+dbTorAAAAoA67m5379v/PV+KYcv//6R9f/Lk6ZjcijkVciojhyZVLo/P1LafV6vhD5XyiftMrBQAAoCnHilbd/0/z5/+TySMPSUS8/uo4Lv/X1TT1f/e9r3+qzlV9/v90fUtspWRufD/yfi6iN9d0RgAAADzJjhYtK/Z/T7eXPv7l+Ad9z/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3vAAAA///zlzoi")
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
fchown(r0, 0xffffffffffffffff, 0x0)

5.154991261s ago: executing program 5 (id=643):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r0, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="170329bd080d0000000003"], 0x24}, 0x1, 0x0, 0x0, 0x4004c81}, 0x0)

4.900622775s ago: executing program 0 (id=644):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

4.495229623s ago: executing program 5 (id=646):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
poll(&(0x7f0000000040)=[{r0}], 0x1, 0x400)
syz_usb_connect(0x4, 0x0, 0x0, 0x0)

4.23977381s ago: executing program 0 (id=647):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000380)={{0x80}, 'port1\x00', 0xe3, 0x111c37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x9})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

3.899404644s ago: executing program 1 (id=648):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000080)={0x3000000})

3.792825109s ago: executing program 0 (id=649):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r0, 0x5434, 0x0)

3.25844488s ago: executing program 0 (id=650):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000001a40)={0x1, &(0x7f0000000740)=[{0x6}]}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0xd}}, [], {0x14}}, 0x28}}, 0x0)

2.745592774s ago: executing program 0 (id=651):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000007b3a6d7b850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="33fe000078009106000000000000004a07"], 0xfe33)

2.490838509s ago: executing program 5 (id=652):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000004600000000010000000c0002000800000000000000100007"], 0x30}}, 0x0)

1.965700213s ago: executing program 0 (id=653):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)={0x28, r1, 0x1, 0x0, 0x25dfdbfe, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x18}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}]}]}, 0x28}}, 0x0)

999.134299ms ago: executing program 3 (id=654):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r0, &(0x7f0000002240)={0x2020}, 0x2020)
writev(r0, &(0x7f0000000240)=[{&(0x7f0000002080)='T01\n', 0x4}, {&(0x7f0000000280)='7', 0x1}], 0x2)

740.530755ms ago: executing program 3 (id=655):
sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002fc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9e09000000000000000a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a42a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666963c474c2a175e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436c101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521b3ebb0cc52f49129b204eb99b6150e320c9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757ca1e6bfdd4c968dacf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a337ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d255be1ed66d9051f22614d1f62734d6780393e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f231200743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76ef29f7f6e0a2be625eae975e02069fbff63a06578d6d184f5de7bfb6aa800016996d536256c02294cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e7005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09834b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e47dfa82caed44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1bfeb51f5c65a907f2217d5f80c580dc31b0963ff953ce09148e8dfe3a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e97c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20ab2b5baa1b07b16e81f278e54a479f1a068658e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce798c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f7c6294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b13287615b972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b773ef4c8a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a270ee0cca35b1331ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a3be30f50b2d9479c5bde0beb38030d0c0ce0590000130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80c4014ff11d9dbceba41d8dfce410333a054e82b1d050331c5bc4acb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6b93d28db8ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a82632ff3a9a48ff805202ae9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1ba89dfb12be7a7c6dae1028d1bc68b6336eb1a5d18f6148354df7e60a489dc543ccdee1fff9d8f8d78844f0c6a77ef1181d5055c2a193a5763ed7749a17296c76818b60426082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d6410000000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be07278dd12fa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2cea0d6269ffc8580a01e9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168eabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2835d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95bad8f8ed85cd5b03a7352a0fb83398566d1bc133582ce2d95636cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab4890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e00debbf9f623f75bfd4d83c4859ca9b652cea33daeeef47b60c78a21965bcf91919071c7ded19317dc0b7587d9322f8cec9e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e6442c32f5fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538bccd48a0325aa9b151855c800000000881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8ba35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba05b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406bdb59acbc997e8fd3d53b4c2c2a1b3145bf54a851f3c08931d4c2c32bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da86460f45c9e99d43264c929e7de4e9620000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b000000000afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c1713000000000000bb1ff447d6e12da208e9f0422a84f361684861169f498909c4841f4d5a0f5807a3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb71042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45a4450753b5d2b8b8414a7fe6a17661bdb5b1d080cfd974811e1d60763d8d9509c75aa729a334b55ee76b0c2d50270a1deec1a6d7441d0b5b8d7a4d048d156ebcff102e45c15d2a73b40d74807f5182a319d50edbf430f00b1c29a9e4bd92111caacbb1d4541545c2d262646070da42f76e3f3c6d139eed89cc9300000000000000000000000000000000000072d7e605eb8e978d76796d9d3a728c51a3145da8e1ca4973aa8fed855328e9d2509335c5386cac74e862eac50e9ba95b6a2a29e8ef08a9ae29792e77fb9952b1ac5c816db5c23a656db528f81f6a9465d2c94d701ee8646b30650c84b9510a337e82702baf368d29281d3d54b39014756ca5a1be1881000000000000006fbac0b9c9f97c920dfac7e2379ef6bb076118aa9bb24ee12e64aa530f852bf4f970a08a55531934e39fbae483129949a918115571d76740ca6a1cea59df290f2e63675ca30a289775825fe3e5d6f206f3f395346c0738035dc74368bb035fc65a40f8124369b8950ded31af64855c5c95ef5c83b18b23517ca935a0fa1b630d70c4ca4029a90d47701102045fff90675adb3c83983d125ae730b9497c681a912a6bb70300a2d7fba051f82b9d6f710426b5bd0d0bc0b08a0f801276789613da406905011bd6ebbac91ff17a21d1ed0882e73394025772f31dc8a3048789c703f920c55746f6fc955046f9332d72150be23c26cbb08d1b438e84b83fefc6a16958fd46dc7b8cbea1da2d541324e373e9157696d698a0b4bc84d7cc2fdb069db8a5a491a9d2bbc0a61b73f75d81d07d778a1577db3b06d20a21b19ea17e0000815a42318151feaad37f7abf9bfa0bcac3c1934854b3f6dc6de835952ebdda297dd3b29c07c69888cf029271449e035edc8a4459705f222bda537481e66ce3c665129f9829524eca8b5bef27adde96bd3ee95da4a176deff3408da050fe8d512e5a19379b403ee11d010bf86d0af4ac5c2057709b18cff438d0d58810670b222dfeb317bb935f925d2a070e68a701fd4316a677bb513c9476f25969097c165ca1705473341ea03f259dc5bee6a2d2e05176965192941abfae36b3a1e30784e6532c96ab971c5706a88b6f66860e31098b5b788788aad67507ffab2184a950065c1337259b63135fa060fc5ce3e4f6cdfb64f40e1a90351a01fd3d70f9dde03c335a931e58b8570316590ae22c7de567260849049e963ee15db15f592abb24111a219f0d128ceaf19764d92755abc9c313f65e7a220e64bb0d7139ce59da85bc710cea0c6553b336763bd3e39c2374b86885a32cdfae817196a7850257ead09f3e30e676b51062bb9000000000000000000000000000000000000000000000000000000aefb12dd3507c8dd24490bf9de062cd166a4dad6b9f2e53bad342546e546f6dece81d53cf717bd91ad72f4da82018f43259899e53e0b69a92180f1345699045fd23689e66d21d13be1a2d20eb1ce23eda84a63855173ca7f51d436306c"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r0, 0x0, 0xe40, 0xfffffe6d, &(0x7f0000000100)="5c71f91b05c413550230b4c817a628", 0x0, 0x1, 0x0, 0x302, 0x0, &(0x7f0000000180)='\x00', 0x0}, 0x48)

560.239348ms ago: executing program 1 (id=656):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000f00000008000300", @ANYRES64=r1], 0x34}}, 0x0)

340.814137ms ago: executing program 3 (id=657):
r0 = add_key$user(&(0x7f00000000c0), &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000180)="d3a24845fed3b644db111f6660fcd399052be391b829c18141634298ceeb56ee051e22d30dbb5f2c5ab2078c2c8cf5b9a0385ac162b836c7957ec2752acb894b12c965ca0e6ef3be0e26d7ce463ba7d45d493070046ee8bf617e890cd5321ff6387b3c061c485ebc22948c0292c94d7463b0a2daf8dd3e66c957e3aef3a4b95f4935d34e1bcbc49fc30eb919f98f0c8eeedbb598bc77f0ea766d13268eb19b0cfd6d9624efc20e49f72912e99e06f832a5d6a336636bcef1293071e0a88f8453", 0xc0, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)="f9", 0x1, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000300)={r1, r0, r0}, &(0x7f0000001480)=""/83, 0x53, &(0x7f0000000400)={&(0x7f00000002c0)={'sha256-ssse3\x00'}})

0s ago: executing program 3 (id=658):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x54, r1, 0x260915eb7438f565, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}, {0xc}, {0xc}}]}, 0x54}}, 0x0)

kernel console output (not intermixed with test programs):

00] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   89.372100][ T3000] batman_adv: batadv0: Removing interface: batadv_slave_0
[   89.406162][ T3000] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   89.434502][ T3000] batman_adv: batadv0: Removing interface: batadv_slave_1
[   89.515776][ T3000] veth1_macvtap: left promiscuous mode
[   89.521781][ T3000] veth0_macvtap: left promiscuous mode
[   89.550846][ T3000] veth1_vlan: left promiscuous mode
[   89.563280][ T3000] veth0_vlan: left promiscuous mode
[   90.367175][ T3000] team0 (unregistering): Port device team_slave_1 removed
[   90.410042][ T3000] team0 (unregistering): Port device team_slave_0 removed
[   90.727768][ T5249] Bluetooth: hci1: command tx timeout
[   90.734523][ T5249] Bluetooth: hci2: command tx timeout
[   90.833322][   T29] audit: type=1326 audit(1727369434.556:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.0.132" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f13e077df39 code=0x0
[   90.862850][ T5723] netlink: 32 bytes leftover after parsing attributes in process `syz.2.131'.
[   90.981017][ T5567] batman_adv: batadv0: Adding interface: batadv_slave_0
[   91.004183][ T5567] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.042323][ T5732] loop2: detected capacity change from 0 to 256
[   91.081044][ T5735] loop5: detected capacity change from 0 to 2048
[   91.134078][ T5736] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   91.141548][ T5567] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   91.171490][ T5567] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.179183][ T5567] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.188620][ T5732] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   91.206270][ T5567] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.423297][ T5738] batadv0: entered promiscuous mode
[   91.429988][ T5737] batadv0: left promiscuous mode
[   91.618850][ T5749] loop5: detected capacity change from 0 to 1024
[   91.646130][ T5567] hsr_slave_0: entered promiscuous mode
[   91.691018][ T5567] hsr_slave_1: entered promiscuous mode
[   91.702320][ T5567] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.710542][ T5567] Cannot create hsr debugfs directory
[   91.948190][ T5679] chnl_net:caif_netlink_parms(): no params data found
[   92.213666][ T5326] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[   92.376112][ T5326] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   92.404175][ T5679] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.419966][ T5778] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   92.433342][ T5326] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   92.461829][ T5679] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.485472][ T5326] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   92.486142][ T5679] bridge_slave_0: entered allmulticast mode
[   92.524181][ T5326] usb 6-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[   92.556890][ T5326] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.568184][ T5679] bridge_slave_0: entered promiscuous mode
[   92.602499][ T5326] usb 6-1: config 0 descriptor??
[   92.619693][ T5679] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.623717][ T5759] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[   92.649403][ T5679] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.698544][ T5679] bridge_slave_1: entered allmulticast mode
[   92.724345][ T5679] bridge_slave_1: entered promiscuous mode
[   92.806271][ T5249] Bluetooth: hci2: command tx timeout
[   92.806288][ T5237] Bluetooth: hci1: command tx timeout
[   93.031735][ T5679] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   93.037202][ T5795] netlink: 'syz.2.154': attribute type 1 has an invalid length.
[   93.093902][ T5326] aureal 0003:0755:2626.0004: unknown main item tag 0xd
[   93.101599][ T5795] netlink: 9352 bytes leftover after parsing attributes in process `syz.2.154'.
[   93.124055][ T5326] aureal 0003:0755:2626.0004: unknown main item tag 0x1
[   93.133765][ T5326] aureal 0003:0755:2626.0004: item fetching failed at offset 25/69
[   93.142307][ T5326] aureal 0003:0755:2626.0004: probe with driver aureal failed with error -22
[   93.184407][   T46] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   93.211402][ T3000] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.259459][ T5679] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   93.319666][ T5326] usb 6-1: USB disconnect, device number 3
[   93.383138][   T46] usb 4-1: Using ep0 maxpacket: 32
[   93.390962][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.404043][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.417402][   T46] usb 4-1: New USB device found, idVendor=056a, idProduct=00e3, bcdDevice= 0.00
[   93.428346][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.464440][   T46] usb 4-1: config 0 descriptor??
[   93.564542][ T3000] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.609833][ T5806] loop0: detected capacity change from 0 to 128
[   93.673509][ T5806] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   93.694679][ T5806] ext4 filesystem being mounted at /36/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   93.739004][ T5679] team0: Port device team_slave_0 added
[   93.771444][ T5239] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.797099][ T3000] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   93.888315][ T5679] team0: Port device team_slave_1 added
[   93.929581][   T46] wacom 0003:056A:00E3.0005: hidraw0: USB HID v0.00 Device [HID 056a:00e3] on usb-dummy_hcd.3-1/input0
[   94.091040][ T3000] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   94.114689][ T5326] usb 4-1: USB disconnect, device number 2
[   94.166463][ T5679] batman_adv: batadv0: Adding interface: batadv_slave_0
[   94.192710][ T5679] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.223343][ T5679] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   94.265616][ T5679] batman_adv: batadv0: Adding interface: batadv_slave_1
[   94.274519][ T5679] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.303811][ T5679] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   94.484092][ T5679] hsr_slave_0: entered promiscuous mode
[   94.529380][ T5679] hsr_slave_1: entered promiscuous mode
[   94.544205][ T5679] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   94.560557][ T5679] Cannot create hsr debugfs directory
[   94.719456][ T5815] loop5: detected capacity change from 0 to 32768
[   94.725047][ T3000] bridge_slave_1: left allmulticast mode
[   94.747684][ T3000] bridge_slave_1: left promiscuous mode
[   94.757307][ T3000] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.787010][ T3000] bridge_slave_0: left allmulticast mode
[   94.793769][ T3000] bridge_slave_0: left promiscuous mode
[   94.799909][ T3000] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.830116][ T5815] JBD2: Ignoring recovery information on journal
[   94.883781][ T5249] Bluetooth: hci1: command tx timeout
[   94.954738][ T5815] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[   95.065110][ T5229] ocfs2: Unmounting device (7,5) on (node local)
[   95.464304][ T5839] loop2: detected capacity change from 0 to 256
[   95.650988][ T5839] FAT-fs (loop2): Directory bread(block 64) failed
[   95.660536][ T5845] loop0: detected capacity change from 0 to 256
[   95.667832][ T5839] FAT-fs (loop2): Directory bread(block 65) failed
[   95.675237][ T5839] FAT-fs (loop2): Directory bread(block 66) failed
[   95.699186][ T5845] exfat: Deprecated parameter 'utf8'
[   95.713275][ T5839] FAT-fs (loop2): Directory bread(block 67) failed
[   95.729579][ T5839] FAT-fs (loop2): Directory bread(block 68) failed
[   95.743402][ T5839] FAT-fs (loop2): Directory bread(block 69) failed
[   95.750209][ T5839] FAT-fs (loop2): Directory bread(block 70) failed
[   95.756989][ T5839] FAT-fs (loop2): Directory bread(block 71) failed
[   95.764963][ T5839] FAT-fs (loop2): Directory bread(block 72) failed
[   95.779650][ T5839] FAT-fs (loop2): Directory bread(block 73) failed
[   95.791051][ T5849] loop5: detected capacity change from 0 to 512
[   95.811492][ T5845] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[   95.838328][ T5849] EXT4-fs: Ignoring removed nomblk_io_submit option
[   95.883763][ T5849] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[   95.910423][ T5849] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[   95.931152][ T5849] EXT4-fs (loop5): 1 truncate cleaned up
[   95.939973][ T5849] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.974295][ T3000] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   96.008706][ T3000] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   96.027909][ T5849] EXT4-fs: group quota file already specified
[   96.086309][ T3000] bond0 (unregistering): Released all slaves
[   96.137937][ T5229] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.416113][ T5860] loop3: detected capacity change from 0 to 128
[   96.501232][ T5864] loop2: detected capacity change from 0 to 256
[   96.532892][ T5864] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   96.598419][ T5864] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1e22868b, utbl_chksum : 0xe619d30d)
[   96.825998][ T5567] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   96.869892][ T5567] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   96.900667][ T5567] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   96.929328][ T5567] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   96.963320][ T5249] Bluetooth: hci1: command tx timeout
[   96.990122][ T5872] netlink: 'syz.2.189': attribute type 1 has an invalid length.
[   97.273899][ T5881] netlink: 'syz.5.194': attribute type 3 has an invalid length.
[   97.288203][ T5882] loop3: detected capacity change from 0 to 256
[   97.358474][ T3000] hsr_slave_0: left promiscuous mode
[   97.402121][ T5882] FAT-fs (loop3): Directory bread(block 64) failed
[   97.425212][ T5882] FAT-fs (loop3): Directory bread(block 65) failed
[   97.438183][ T3000] hsr_slave_1: left promiscuous mode
[   97.444785][ T3000] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   97.452447][ T3000] batman_adv: batadv0: Removing interface: batadv_slave_0
[   97.470360][ T5882] FAT-fs (loop3): Directory bread(block 66) failed
[   97.482185][ T3000] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   97.496362][ T5882] FAT-fs (loop3): Directory bread(block 67) failed
[   97.501907][ T3000] batman_adv: batadv0: Removing interface: batadv_slave_1
[   97.512868][ T5882] FAT-fs (loop3): Directory bread(block 68) failed
[   97.526414][ T5882] FAT-fs (loop3): Directory bread(block 69) failed
[   97.545690][ T3000] veth1_macvtap: left promiscuous mode
[   97.551264][ T3000] veth0_macvtap: left promiscuous mode
[   97.563314][ T5882] FAT-fs (loop3): Directory bread(block 70) failed
[   97.580239][ T3000] veth1_vlan: left promiscuous mode
[   97.587435][ T5882] FAT-fs (loop3): Directory bread(block 71) failed
[   97.599111][ T3000] veth0_vlan: left promiscuous mode
[   97.609427][ T5882] FAT-fs (loop3): Directory bread(block 72) failed
[   97.617580][ T5882] FAT-fs (loop3): Directory bread(block 73) failed
[   97.625257][ T5237] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   97.645317][ T5237] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   97.654297][ T5237] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   97.686139][ T5237] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   97.695954][ T5237] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   97.704313][ T5237] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   97.732872][ T5289] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[   97.870689][ T5878] loop2: detected capacity change from 0 to 32768
[   97.898933][ T5878] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.192 (5878)
[   97.914323][ T5289] usb 6-1: Using ep0 maxpacket: 16
[   97.934365][ T5289] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   97.959437][ T5878] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   97.964066][ T5289] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   97.980376][ T5878] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[   97.998359][ T5878] BTRFS info (device loop2): using free-space-tree
[   97.998622][ T5289] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[   98.017348][ T5289] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.033413][ T5289] usb 6-1: config 0 descriptor??
[   98.287076][ T5227] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   98.463685][ T5289] cp2112 0003:10C4:EA90.0006: unbalanced delimiter at end of report description
[   98.489511][ T5289] cp2112 0003:10C4:EA90.0006: parse failed
[   98.511687][ T5289] cp2112 0003:10C4:EA90.0006: probe with driver cp2112 failed with error -22
[   98.746119][ T5281] usb 6-1: USB disconnect, device number 4
[   98.805561][ T5249] Bluetooth: hci0: command tx timeout
[   98.862820][ T3000] team0 (unregistering): Port device team_slave_1 removed
[   98.899507][ T3000] team0 (unregistering): Port device team_slave_0 removed
[   99.363766][ T5890] netlink: 'syz.3.197': attribute type 29 has an invalid length.
[   99.772943][ T5249] Bluetooth: hci5: command tx timeout
[   99.900485][ T5932] capability: warning: `syz.5.202' uses deprecated v2 capabilities in a way that may be insecure
[   99.918193][ T5927] warning: `syz.3.204' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  100.087340][ T5567] 8021q: adding VLAN 0 to HW filter on device bond0
[  100.441075][ T5567] 8021q: adding VLAN 0 to HW filter on device team0
[  100.465796][ T2912] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.473212][ T2912] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.523654][ T5958] netlink: 8 bytes leftover after parsing attributes in process `syz.2.214'.
[  100.645088][ T5567] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  100.655593][ T5567] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  100.703688][ T2912] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.710863][ T2912] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.754582][ T5885] chnl_net:caif_netlink_parms(): no params data found
[  101.114145][ T5679] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  101.394853][ T5679] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  101.436785][ T5679] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  101.455770][ T5679] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  101.614761][ T1126] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.648409][ T5885] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.662657][ T5885] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.671621][ T5885] bridge_slave_0: entered allmulticast mode
[  101.704103][ T5885] bridge_slave_0: entered promiscuous mode
[  101.853648][ T5281] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  101.861456][ T5237] Bluetooth: hci5: command tx timeout
[  101.950051][ T1126] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.026022][ T5281] usb 3-1: Using ep0 maxpacket: 8
[  102.035291][ T5885] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.042874][ T5885] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.047799][ T5281] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  102.058275][ T5885] bridge_slave_1: entered allmulticast mode
[  102.069459][ T5281] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.079211][ T5885] bridge_slave_1: entered promiscuous mode
[  102.093925][ T5281] usb 3-1: Product: syz
[  102.099869][ T5281] usb 3-1: Manufacturer: syz
[  102.110009][ T5281] usb 3-1: SerialNumber: syz
[  102.128382][ T5281] usb 3-1: config 0 descriptor??
[  102.196554][ T5281] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244)
[  102.253190][ T1126] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.349115][ T5885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.427806][ T1126] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.474087][ T5885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  102.540071][ T6036] loop5: detected capacity change from 0 to 256
[  102.542735][ T5323] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  102.554621][ T6036] exfat: Deprecated parameter 'namecase'
[  102.585505][ T5567] 8021q: adding VLAN 0 to HW filter on device batadv0
[  102.617085][ T5885] team0: Port device team_slave_0 added
[  102.636158][ T6036] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  102.677077][ T5885] team0: Port device team_slave_1 added
[  102.734407][ T5323] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  102.792140][ T5323] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  102.826124][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_0
[  102.835412][ T5281] radio-usb-si4713 3-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  102.836769][ T5323] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  102.853305][ T5281] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  102.863036][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  102.875639][ T5281] usb 3-1: USB disconnect, device number 4
[  102.906737][ T5323] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  102.932324][ T5885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  102.978079][ T5323] usb 4-1: SerialNumber: syz
[  103.029452][ T5885] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.046280][ T5885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.109193][ T5885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.185276][ T5567] veth0_vlan: entered promiscuous mode
[  103.316454][ T6053] loop5: detected capacity change from 0 to 512
[  103.320628][ T5323] usb 4-1: 0:2 : does not exist
[  103.371181][ T6053] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  103.380010][ T6053] EXT4-fs (loop5): orphan cleanup on readonly fs
[  103.393300][ T6053] Quota error (device loop5): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  103.401528][ T5323] usb 4-1: USB disconnect, device number 3
[  103.442427][ T6053] EXT4-fs warning (device loop5): ext4_enable_quotas:7097: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  103.460502][ T6053] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  103.522782][ T6053] EXT4-fs error (device loop5): ext4_orphan_get:1388: inode #16: comm syz.5.235: casefold flag without casefold feature
[  103.539865][ T1126] bridge_slave_1: left allmulticast mode
[  103.543775][ T6053] EXT4-fs error (device loop5): ext4_orphan_get:1393: comm syz.5.235: couldn't read orphan inode 16 (err -117)
[  103.556402][ T1126] bridge_slave_1: left promiscuous mode
[  103.575572][ T6053] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  103.589165][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.646919][ T1126] bridge_slave_0: left allmulticast mode
[  103.660246][   T29] audit: type=1800 audit(1727369447.386:3): pid=6053 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.235" name="file1" dev="loop5" ino=15 res=0 errno=0
[  103.685911][ T1126] bridge_slave_0: left promiscuous mode
[  103.691683][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.694521][ T5229] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.922884][ T5237] Bluetooth: hci5: command tx timeout
[  104.354225][ T6077] netlink: 8 bytes leftover after parsing attributes in process `syz.3.245'.
[  104.458573][ T6079] loop3: detected capacity change from 0 to 64
[  104.514289][ T1126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  104.532053][ T1126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  104.552209][ T1126] bond0 (unregistering): Released all slaves
[  104.585718][ T5567] veth1_vlan: entered promiscuous mode
[  104.688590][ T5679] 8021q: adding VLAN 0 to HW filter on device bond0
[  104.738479][ T5885] hsr_slave_0: entered promiscuous mode
[  104.773374][ T5885] hsr_slave_1: entered promiscuous mode
[  105.160027][ T5679] 8021q: adding VLAN 0 to HW filter on device team0
[  105.323463][ T2950] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.330740][ T2950] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.376866][ T2950] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.379917][ T6104] ebtables: ebtables: counters copy to user failed while replacing table
[  105.385242][ T2950] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.505065][ T5567] veth0_macvtap: entered promiscuous mode
[  105.718167][ T5567] veth1_macvtap: entered promiscuous mode
[  105.735066][ T6112] netlink: 32 bytes leftover after parsing attributes in process `syz.2.256'.
[  105.765057][ T6112] netlink: 44 bytes leftover after parsing attributes in process `syz.2.256'.
[  105.795637][ T6112] netlink: 44 bytes leftover after parsing attributes in process `syz.2.256'.
[  105.910051][ T1126] hsr_slave_0: left promiscuous mode
[  105.937661][ T1126] hsr_slave_1: left promiscuous mode
[  105.967268][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  105.983598][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.002891][ T5237] Bluetooth: hci5: command tx timeout
[  106.014268][ T1126] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.031922][ T1126] batman_adv: batadv0: Removing interface: batadv_slave_1
[  106.058989][ T1126] veth1_macvtap: left promiscuous mode
[  106.064903][ T1126] veth0_macvtap: left promiscuous mode
[  106.070629][ T1126] veth1_vlan: left promiscuous mode
[  106.076774][ T1126] veth0_vlan: left promiscuous mode
[  106.271166][ T6106] loop3: detected capacity change from 0 to 32768
[  106.379595][ T6114] loop5: detected capacity change from 0 to 32768
[  106.414861][ T6114] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  106.557186][ T6114] XFS (loop5): Ending clean mount
[  106.586336][ T6114] XFS (loop5): Quotacheck needed: Please wait.
[  106.650707][ T6114] XFS (loop5): Quotacheck: Done.
[  106.780377][ T5229] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  107.299651][ T1126] team0 (unregistering): Port device team_slave_1 removed
[  107.370533][ T1126] team0 (unregistering): Port device team_slave_0 removed
[  107.478571][ T6145] loop5: detected capacity change from 0 to 1024
[  107.652786][ T5281] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  107.695570][ T6147] loop5: detected capacity change from 0 to 4096
[  107.719729][ T6147] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512).
[  107.782446][ T6147] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  107.824466][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.836968][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.848133][ T5281] usb 4-1: New USB device found, idVendor=05ac, idProduct=0062, bcdDevice= 0.00
[  107.857684][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.878285][ T5281] usb 4-1: config 0 descriptor??
[  108.190978][ T6149] tipc: Started in network mode
[  108.200384][ T6149] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  108.210284][ T6149] tipc: New replicast peer: 0000:0000:0000:0000:0000:ffff:e000:0002
[  108.219097][ T6149] tipc: Enabled bearer <udp:syz2>, priority 10
[  108.320079][   T29] audit: type=1326 audit(1727369452.056:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.350439][ T5567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.364779][ T5567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.386863][ T5281] hid-generic 0003:05AC:0062.0007: unbalanced delimiter at end of report description
[  108.396448][ T5567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.408049][   T29] audit: type=1326 audit(1727369452.096:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.411374][ T5567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.433188][ T5281] hid-generic 0003:05AC:0062.0007: probe with driver hid-generic failed with error -22
[  108.458377][ T5567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  108.481247][   T29] audit: type=1326 audit(1727369452.096:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.499867][ T5567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.511336][   T29] audit: type=1326 audit(1727369452.096:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.543700][   T29] audit: type=1326 audit(1727369452.096:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.560615][ T5567] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.573136][   T29] audit: type=1326 audit(1727369452.096:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.629822][ T5567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.663737][ T5281] usb 4-1: USB disconnect, device number 4
[  108.676368][ T5567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.686669][   T29] audit: type=1326 audit(1727369452.096:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.711308][ T5567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.718063][   T29] audit: type=1326 audit(1727369452.096:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6150 comm="syz.5.270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7ffc0000
[  108.725403][ T5567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.754667][ T5567] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.765316][ T5567] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.777757][ T5567] batman_adv: batadv0: Interface activated: batadv_slave_1
[  108.799329][ T6153] netlink: 2 bytes leftover after parsing attributes in process `syz.5.271'.
[  108.827607][ T6155] sp0: Synchronizing with TNC
[  108.860673][ T5567] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.901256][ T5567] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.910283][ T5567] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.919222][ T5567] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.217384][ T6163] trusted_key: encrypted_key: insufficient parameters specified
[  109.334019][ T5352] tipc: Node number set to 1
[  109.511336][ T6174] loop5: detected capacity change from 0 to 256
[  109.535103][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.548384][ T1126] IPVS: stop unused estimator thread 0...
[  109.593140][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.709003][ T6174] FAT-fs (loop5): Directory bread(block 64) failed
[  109.735412][ T6174] FAT-fs (loop5): Directory bread(block 65) failed
[  109.742083][ T6174] FAT-fs (loop5): Directory bread(block 66) failed
[  109.751944][ T1126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.762222][ T1126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.770234][ T6174] FAT-fs (loop5): Directory bread(block 67) failed
[  109.778249][ T6174] FAT-fs (loop5): Directory bread(block 68) failed
[  109.793271][ T6174] FAT-fs (loop5): Directory bread(block 69) failed
[  109.811410][ T5679] 8021q: adding VLAN 0 to HW filter on device batadv0
[  109.822884][ T6174] FAT-fs (loop5): Directory bread(block 70) failed
[  109.829440][ T6174] FAT-fs (loop5): Directory bread(block 71) failed
[  109.837914][ T6174] FAT-fs (loop5): Directory bread(block 72) failed
[  109.844831][ T6174] FAT-fs (loop5): Directory bread(block 73) failed
[  109.999411][ T5885] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  110.012917][ T5281] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  110.052618][ T5885] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  110.122824][ T5885] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  110.194486][ T5281] usb 4-1: Using ep0 maxpacket: 32
[  110.244512][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.257328][ T5885] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  110.263438][ T5281] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.302799][ T5281] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  110.342829][ T5281] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.375905][ T6195] loop1: detected capacity change from 0 to 2048
[  110.404428][ T5281] usb 4-1: config 0 descriptor??
[  110.429853][ T6195] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  110.454515][ T5281] hub 4-1:0.0: USB hub found
[  110.545958][ T6195] syz.1.283: attempt to access beyond end of device
[  110.545958][ T6195] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  110.571343][ T6202] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  110.676310][ T5885] 8021q: adding VLAN 0 to HW filter on device bond0
[  110.682779][ T5281] hub 4-1:0.0: 1 port detected
[  110.720308][ T6205] loop5: detected capacity change from 0 to 2048
[  110.750631][ T5885] 8021q: adding VLAN 0 to HW filter on device team0
[  110.803185][ T6205] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  110.884149][ T5281] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  110.890881][ T5281] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  110.908266][ T5281] usbhid 4-1:0.0: can't add hid device: -71
[  110.922894][ T5281] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  110.954653][ T5281] usb 4-1: USB disconnect, device number 5
[  110.990458][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  110.996606][ T6177] loop2: detected capacity change from 0 to 32768
[  110.997647][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  111.013415][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[  111.020533][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[  111.043283][ T5229] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.079822][ T5679] veth0_vlan: entered promiscuous mode
[  111.092410][ T5679] veth1_vlan: entered promiscuous mode
[  111.137839][   T29] audit: type=1800 audit(1727369454.816:12): pid=6177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.281" name="bus" dev="loop2" ino=7 res=0 errno=0
[  111.303859][ T5679] veth0_macvtap: entered promiscuous mode
[  111.327380][ T5679] veth1_macvtap: entered promiscuous mode
[  111.443599][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.470494][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.489177][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.541581][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.594976][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.614744][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.653393][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  111.692917][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.728973][ T5679] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.846505][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.870242][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.902674][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.934950][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  111.965286][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  111.994244][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.017187][ T5679] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.041347][ T5679] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.079750][ T5679] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.164028][ T5679] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.207445][ T5679] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.244030][ T5679] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.266527][ T6244] loop5: detected capacity change from 0 to 128
[  112.287948][ T5679] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.425360][ T5885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  112.695768][ T2912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.726311][ T2912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.799473][ T5885] veth0_vlan: entered promiscuous mode
[  112.839115][ T2950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.853075][ T2950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.874282][ T5293] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  112.898495][ T5885] veth1_vlan: entered promiscuous mode
[  112.925174][ T6222] loop3: detected capacity change from 0 to 32768
[  113.011841][ T6222] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  113.036526][ T5885] veth0_macvtap: entered promiscuous mode
[  113.048374][ T5885] veth1_macvtap: entered promiscuous mode
[  113.067238][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.078132][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.088254][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.099351][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.103765][ T5293] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  113.109987][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.131854][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.142420][ T5293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  113.143213][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.163992][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.173912][ T5293] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  113.177792][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  113.200188][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.212474][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_0
[  113.242253][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.253358][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.263363][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.274047][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.283985][ T5293] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  113.285362][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.302923][ T6269] loop2: detected capacity change from 0 to 512
[  113.309272][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.324534][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.338544][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.348470][ T5885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  113.359414][ T5885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  113.382198][ T5885] batman_adv: batadv0: Interface activated: batadv_slave_1
[  113.392147][ T6269] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.437200][ T5293] usb 6-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  113.461357][ T5293] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.472096][ T6269] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  113.480421][ T5885] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.493154][ T5293] usb 6-1: config 0 descriptor??
[  113.532490][ T5885] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.541484][ T5885] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.550336][ T5885] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.568279][ T6269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  113.571383][ T6222] XFS (loop3): Ending clean mount
[  113.576676][ T6269] System zones: 1-12
[  113.641581][ T6269] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.301: corrupted in-inode xattr: e_value size too large
[  113.663269][ T6222] XFS (loop3): Quotacheck needed: Please wait.
[  113.790093][ T2912] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.790565][ T3000] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.806007][ T3000] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.815496][ T2912] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.830368][ T6269] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.301: couldn't read orphan inode 15 (err -117)
[  113.899060][ T6269] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.926174][ T6222] XFS (loop3): Quotacheck: Done.
[  113.935556][ T5293] hid-picolcd 0003:04D8:C002.0008: unbalanced collection at end of report description
[  113.969726][ T5293] hid-picolcd 0003:04D8:C002.0008: device report parse failed
[  114.059204][ T5293] hid-picolcd 0003:04D8:C002.0008: probe with driver hid-picolcd failed with error -22
[  114.162775][ T5235] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  114.204482][ T5227] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.227366][ T5293] usb 6-1: USB disconnect, device number 5
[  114.302665][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  114.508435][    T9] usb 5-1: Using ep0 maxpacket: 16
[  114.524627][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.582949][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.631561][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  114.662704][    T9] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0014, bcdDevice= 0.00
[  114.692710][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.717788][    T9] usb 5-1: config 0 descriptor??
[  114.875682][ T6303] pim6reg: entered allmulticast mode
[  115.283296][    T9] cmedia_hs100b 0003:0D8C:0014.0009: item fetching failed at offset 0/2
[  115.292188][    T9] cmedia_hs100b 0003:0D8C:0014.0009: probe with driver cmedia_hs100b failed with error -22
[  115.377635][ T6293] loop0: detected capacity change from 0 to 32768
[  115.507660][    T9] usb 5-1: USB disconnect, device number 3
[  115.570198][ T6293] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.188 (6293)
[  115.775624][ T6322] loop1: detected capacity change from 0 to 32768
[  115.836986][ T6293] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  115.879618][ T6293] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  115.912275][ T6322] JBD2: Ignoring recovery information on journal
[  115.940099][ T6293] BTRFS info (device loop0): using free-space-tree
[  116.046894][ T6322] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  116.082733][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  116.213851][ T5567] ocfs2: Unmounting device (7,1) on (node local)
[  116.244041][ T5885] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  116.246391][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.263988][ T5291] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  116.307255][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.337562][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  116.411589][    T9] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  116.437973][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.464532][ T5291] usb 6-1: Using ep0 maxpacket: 32
[  116.489898][ T5291] usb 6-1: config 0 has an invalid interface number: 219 but max is 0
[  116.491973][    T9] usb 3-1: config 0 descriptor??
[  116.528840][ T5291] usb 6-1: config 0 has no interface number 0
[  116.569226][ T5291] usb 6-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  116.602660][ T5291] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.635218][ T5291] usb 6-1: Product: syz
[  116.662660][ T5291] usb 6-1: Manufacturer: syz
[  116.667344][ T5291] usb 6-1: SerialNumber: syz
[  116.713844][ T5291] usb 6-1: config 0 descriptor??
[  116.963350][    T9] pyra 0003:1E7D:2C24.000A: hidraw0: USB HID v0.00 Device [HID 1e7d:2c24] on usb-dummy_hcd.2-1/input0
[  117.124956][ T6372] loop4: detected capacity change from 0 to 128
[  117.144745][ T5291] etas_es58x 6-1:0.219: Starting syz syz (Serial Number syz)
[  117.182101][ T5291] usb 6-1: USB disconnect, device number 6
[  117.212420][ T6372] VFS: Found a Xenix FS (block size = 512) on device loop4
[  117.254258][ T5289] usb 3-1: USB disconnect, device number 5
[  117.331456][ T5679] sysv_free_block: trying to free block not in datazone
[  117.347579][ T5679] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  117.412658][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  117.597814][    T9] usb 1-1: config 0 has an invalid interface number: 216 but max is 0
[  117.609031][    T9] usb 1-1: config 0 has no interface number 0
[  117.617275][    T9] usb 1-1: config 0 interface 216 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  117.632994][    T9] usb 1-1: config 0 interface 216 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  117.654925][    T9] usb 1-1: New USB device found, idVendor=0499, idProduct=1002, bcdDevice=df.d7
[  117.695742][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.704724][    T9] usb 1-1: Product: syz
[  117.708918][    T9] usb 1-1: Manufacturer: syz
[  117.714300][    T9] usb 1-1: SerialNumber: syz
[  117.725750][    T9] usb 1-1: config 0 descriptor??
[  117.743001][    T9] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  117.764054][ T5291] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  117.775425][    T9] snd-usb-audio 1-1:0.216: probe with driver snd-usb-audio failed with error -2
[  117.878610][ T5486] udevd[5486]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.216/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  117.949153][ T5291] usb 2-1: Using ep0 maxpacket: 16
[  117.975701][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.007215][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.069450][ T5291] usb 2-1: New USB device found, idVendor=6666, idProduct=8804, bcdDevice= 0.00
[  118.070593][ T5323] usb 1-1: USB disconnect, device number 3
[  118.140205][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.200537][ T5291] usb 2-1: config 0 descriptor??
[  118.402757][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  118.479403][ T6375] loop3: detected capacity change from 0 to 32768
[  118.552949][    T9] usb 3-1: Using ep0 maxpacket: 32
[  118.568882][ T6375] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.579989][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.591681][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.619476][    T9] usb 3-1: New USB device found, idVendor=044f, idProduct=b320, bcdDevice= 0.00
[  118.673118][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.681398][ T6393] loop4: detected capacity change from 0 to 32768
[  118.708830][ T5291] smartjoyplus 0003:6666:8804.000B: hidraw0: USB HID v0.00 Device [HID 6666:8804] on usb-dummy_hcd.1-1/input0
[  118.721029][ T5291] smartjoyplus 0003:6666:8804.000B: no output reports found
[  118.769819][    T9] usb 3-1: config 0 descriptor??
[  118.796152][ T6375] XFS (loop3): Ending clean mount
[  118.883495][ T6393] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  118.920183][ T5352] usb 2-1: USB disconnect, device number 2
[  118.929524][ T6393] OCFS2: ERROR (device loop4): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature 
[  118.949841][ T6393] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  118.961709][ T6393] OCFS2: File system is now read-only.
[  118.967590][ T6393] (syz.4.340,6393,0):ocfs2_find_entry_dx:1029 ERROR: status = -30
[  119.000209][ T5235] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  119.147828][ T5679] ocfs2: Unmounting device (7,4) on (node local)
[  119.285880][    T9] thrustmaster 0003:044F:B320.000C: unknown main item tag 0x0
[  119.299228][    T9] thrustmaster 0003:044F:B320.000C: unknown main item tag 0x0
[  119.345969][    T9] thrustmaster 0003:044F:B320.000C: unknown main item tag 0x0
[  119.402638][    T9] thrustmaster 0003:044F:B320.000C: unknown main item tag 0x0
[  119.410188][    T9] thrustmaster 0003:044F:B320.000C: unknown main item tag 0x0
[  119.526399][    T9] thrustmaster 0003:044F:B320.000C: hidraw0: USB HID v0.00 Device [HID 044f:b320] on usb-dummy_hcd.2-1/input0
[  119.602935][    T9] thrustmaster 0003:044F:B320.000C: no inputs found
[  119.792609][    T9] usb 3-1: USB disconnect, device number 6
[  119.808300][ T6437] loop4: detected capacity change from 0 to 512
[  119.858800][ T6437] EXT4-fs: Ignoring removed i_version option
[  119.869791][ T6437] EXT4-fs: Ignoring removed nobh option
[  119.892097][ T6441] loop3: detected capacity change from 0 to 2048
[  119.913803][ T5352] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  119.944281][ T6437] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  119.967057][ T6441] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  119.973267][ T6437] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  120.072523][ T6437] EXT4-fs (loop4): 1 truncate cleaned up
[  120.074603][ T5486] udevd[5486]: incorrect nilfs2 checksum on /dev/loop3
[  120.080892][ T6437] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.309166][ T5352] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  120.320758][ T5352] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 96, setting to 64
[  120.380531][ T5352] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  120.415315][ T6456] vivid-007: =================  START STATUS  =================
[  120.418072][ T5679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.438807][ T6458] loop3: detected capacity change from 0 to 1024
[  120.448083][ T5352] usb 1-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  120.450839][ T6456] vivid-007: Enable Output Cropping: true grabbed
[  120.499564][ T5352] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.544407][ T6456] vivid-007: Enable Output Composing: true grabbed
[  120.571704][ T5352] usb 1-1: config 0 descriptor??
[  120.574685][ T6456] vivid-007: Enable Output Scaler: true grabbed
[  120.604413][ T6456] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  120.619332][ T6430] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  120.652145][ T6456] vivid-007: Transmit Mode: HDMI grabbed
[  120.688975][   T11] hfsplus: b-tree write err: -5, ino 4
[  120.691808][ T6456] vivid-007: Hotplug Present: 0x00000000
[  120.716577][ T6460] loop2: detected capacity change from 0 to 1024
[  120.723397][ T6456] vivid-007: RxSense Present: 0x00000000
[  120.729191][ T6456] vivid-007: EDID Present: 0x00000000
[  120.782696][ T6456] vivid-007: ==================  END STATUS  ==================
[  120.984162][ T6467] loop4: detected capacity change from 0 to 512
[  121.074054][ T5352] input: HID 28bd:0909 Mouse as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:28BD:0909.000D/input/input9
[  121.117282][ T6467] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.191519][ T5352] uclogic 0003:28BD:0909.000D: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.0-1/input0
[  121.210278][ T6467] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  121.288847][ T5293] usb 1-1: USB disconnect, device number 4
[  121.363050][ T5291] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  121.377773][ T6482] Bluetooth: MGMT ver 1.23
[  121.424285][ T5679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.548754][ T6486] netlink: 'syz.2.380': attribute type 29 has an invalid length.
[  121.564768][ T6486] netlink: 'syz.2.380': attribute type 29 has an invalid length.
[  121.569759][ T5291] usb 4-1: config 220 has too many interfaces: 184, using maximum allowed: 32
[  121.572713][ T5352] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  121.586614][ T5291] usb 4-1: config 220 has 1 interface, different from the descriptor's value: 184
[  121.614246][ T5291] usb 4-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  121.626919][ T5291] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.679880][ T6492] loop2: detected capacity change from 0 to 16
[  121.703161][ T5291] gspca_main: sn9c2028-2.14.0 probing 0c45:8008
[  121.749677][ T6492] erofs: (device loop2): mounted with root inode @ nid 36.
[  121.793405][ T5352] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.810474][ T5352] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.828393][ T6494] process 'syz.4.383' launched './file1' with NULL argv: empty string added
[  121.840499][ T5352] usb 2-1: config 0 interface 0 altsetting 129 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.878881][ T5352] usb 2-1: config 0 interface 0 has no altsetting 0
[  121.896394][ T5352] usb 2-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  121.922275][ T5291] gspca_sn9c2028: read1 error -32
[  121.922466][ T5352] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.994491][ T5352] usb 2-1: config 0 descriptor??
[  121.998764][ T5227] erofs: (device loop2): erofs_fill_dentries: bogus dirent @ nid 46
[  122.050396][ T5227] erofs: (device loop2): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  122.097329][ T5227] erofs: (device loop2): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  122.164180][ T5291] gspca_sn9c2028: read1 error -71
[  122.169320][ T5291] sn9c2028 4-1:220.0: probe with driver sn9c2028 failed with error -71
[  122.232627][ T5291] usb 4-1: USB disconnect, device number 6
[  122.412465][   T29] audit: type=1326 audit(1727369466.136:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6510 comm="syz.4.391" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb958d7df39 code=0x0
[  122.425616][ T6505] loop2: detected capacity change from 0 to 4096
[  122.444673][ T6505] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  122.459338][ T5352] zeroplus 0003:0C12:0005.000E: unknown main item tag 0x0
[  122.469732][ T5352] zeroplus 0003:0C12:0005.000E: unknown main item tag 0x0
[  122.513816][ T5352] zeroplus 0003:0C12:0005.000E: unknown main item tag 0x0
[  122.526778][ T5486] udevd[5486]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  122.532640][ T5352] zeroplus 0003:0C12:0005.000E: unknown main item tag 0x0
[  122.546034][ T5352] zeroplus 0003:0C12:0005.000E: unknown main item tag 0x0
[  122.576464][ T5486] udevd[5486]: symlink '../../loop2' '/dev/disk/by-uuid/7089678B273CDB5C.tmp-b7:2' failed: Read-only file system
[  122.579387][ T5352] zeroplus 0003:0C12:0005.000E: hidraw0: USB HID v0.00 Device [HID 0c12:0005] on usb-dummy_hcd.1-1/input0
[  122.638461][ T5352] zeroplus 0003:0C12:0005.000E: no inputs found
[  122.669846][ T5352] usb 2-1: USB disconnect, device number 3
[  122.696266][ T6514] loop5: detected capacity change from 0 to 4096
[  122.755816][ T6514] NILFS (loop5): invalid segment: Checksum error in segment payload
[  122.789009][ T6514] NILFS (loop5): trying rollback from an earlier position
[  122.871448][ T6514] NILFS (loop5): recovery complete
[  122.938382][ T6524] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.976496][ T5241] udevd[5241]: symlink '../../loop5' '/dev/disk/by-uuid/53ef1790-6acb-496c-bd13-8113447d28c8.tmp-b7:5' failed: Read-only file system
[  123.319486][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.400'.
[  123.339124][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.2.400'.
[  123.380651][ T6533] veth1_to_bridge: entered promiscuous mode
[  123.386937][ T6533] macvlan2: entered promiscuous mode
[  123.402846][ T6533] macvlan2: entered allmulticast mode
[  123.413047][ T6533] veth1_to_bridge: entered allmulticast mode
[  123.612921][ T6536] loop4: detected capacity change from 0 to 4096
[  123.642014][ T6538] netlink: 16 bytes leftover after parsing attributes in process `syz.1.402'.
[  123.652047][ T6540] mmap: syz.2.403 (6540) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  123.668404][ T6536] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  123.737278][ T6541] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0
[  123.771114][ T6536] ntfs3: loop4: Failed to initialize $Extend/$ObjId.
[  123.826361][ T5486] udevd[5486]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  123.890818][ T5486] udevd[5486]: symlink '../../loop4' '/dev/disk/by-uuid/4C6CE0A9116F2120.tmp-b7:4' failed: Read-only file system
[  123.936804][ T6525] loop3: detected capacity change from 0 to 32768
[  123.968691][ T6525] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.396 (6525)
[  124.052598][ T6525] BTRFS info (device loop3): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  124.058559][ T5486] udevd[5486]: symlink '../../loop3' '/dev/disk/by-uuid/e0cb6322-611b-4325-acdf-015f79de3787.tmp-b7:3' failed: Read-only file system
[  124.092758][ T6548] netlink: 4096 bytes leftover after parsing attributes in process `syz.1.405'.
[  124.108985][ T6525] BTRFS info (device loop3): using sha256 (sha256-ni) checksum algorithm
[  124.114139][ T6548] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  124.203717][ T6525] BTRFS info (device loop3): using free-space-tree
[  124.912133][ T6532] syz.5.398: vmalloc error: size 3932160, failed to allocated page array size 7680, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  124.930276][ T6532] CPU: 1 UID: 0 PID: 6532 Comm: syz.5.398 Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  124.940560][ T6532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  124.950635][ T6532] Call Trace:
[  124.953931][ T6532]  <TASK>
[  124.956878][ T6532]  dump_stack_lvl+0x241/0x360
[  124.961593][ T6532]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.965208][ T6572] netlink: 24 bytes leftover after parsing attributes in process `syz.2.413'.
[  124.966805][ T6532]  ? __pfx__printk+0x10/0x10
[  124.980264][ T6532]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  124.986735][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  124.992430][ T6532]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  124.998979][ T6532]  warn_alloc+0x278/0x410
[  125.003369][ T6532]  ? __pfx_warn_alloc+0x10/0x10
[  125.008271][ T6532]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  125.014460][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.020121][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.025778][ T6532]  ? __get_vm_area_node+0x23d/0x270
[  125.031007][ T6532]  __vmalloc_node_range_noprof+0x691/0x13f0
[  125.036960][ T6532]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  125.042974][ T6532]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  125.049332][ T6532]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  125.055512][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.061168][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.066827][ T6532]  ? __get_vm_area_node+0x23d/0x270
[  125.072055][ T6532]  __vmalloc_node_range_noprof+0x59c/0x13f0
[  125.077981][ T6532]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  125.084167][ T6532]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  125.089923][ T6532]  ? rcu_is_watching+0x15/0xb0
[  125.094705][ T6532]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  125.101056][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.106712][ T6532]  ? rcu_is_watching+0x15/0xb0
[  125.111490][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.117143][ T6532]  ? __kmalloc_node_noprof+0x247/0x440
[  125.122626][ T6532]  ? __kvmalloc_node_noprof+0x72/0x190
[  125.128129][ T6532]  __kvmalloc_node_noprof+0x142/0x190
[  125.133526][ T6532]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  125.139710][ T6532]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  125.145721][ T6532]  ? tpg_update_mv_step+0x361/0x4f0
[  125.150936][ T6532]  vivid_update_format_cap+0x133c/0x2090
[  125.156607][ T6532]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  125.162611][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.168268][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.173931][ T6532]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  125.179770][ T6532]  __video_do_ioctl+0xc25/0xdd0
[  125.184653][ T6532]  ? __pfx___video_do_ioctl+0x10/0x10
[  125.190048][ T6532]  ? srso_alias_return_thunk+0x5/0xfbef5
[  125.195705][ T6532]  ? __might_fault+0xc6/0x120
[  125.200416][ T6532]  video_usercopy+0x89d/0x1180
[  125.205207][ T6532]  ? __pfx___video_do_ioctl+0x10/0x10
[  125.210592][ T6532]  ? __pfx_video_usercopy+0x10/0x10
[  125.215819][ T6532]  ? __fget_files+0x29/0x470
[  125.220423][ T6532]  ? __fget_files+0x3f3/0x470
[  125.225116][ T6532]  v4l2_ioctl+0x18b/0x1e0
[  125.229460][ T6532]  ? __pfx_v4l2_ioctl+0x10/0x10
[  125.234325][ T6532]  __se_sys_ioctl+0xfb/0x170
[  125.238939][ T6532]  do_syscall_64+0xf3/0x230
[  125.243466][ T6532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.249373][ T6532] RIP: 0033:0x7f4c02f7df39
[  125.253801][ T6532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.273432][ T6532] RSP: 002b:00007f4c03ccd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.281879][ T6532] RAX: ffffffffffffffda RBX: 00007f4c03135f80 RCX: 00007f4c02f7df39
[  125.289883][ T6532] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[  125.297877][ T6532] RBP: 00007f4c02ff0216 R08: 0000000000000000 R09: 0000000000000000
[  125.305865][ T6532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  125.313847][ T6532] R13: 0000000000000000 R14: 00007f4c03135f80 R15: 00007fff895d7738
[  125.321847][ T6532]  </TASK>
[  125.326840][ T6532] Mem-Info:
[  125.329979][ T6532] active_anon:9625 inactive_anon:0 isolated_anon:0
[  125.329979][ T6532]  active_file:1496 inactive_file:38319 isolated_file:0
[  125.329979][ T6532]  unevictable:768 dirty:384 writeback:0
[  125.329979][ T6532]  slab_reclaimable:9067 slab_unreclaimable:99280
[  125.329979][ T6532]  mapped:25316 shmem:5332 pagetables:905
[  125.329979][ T6532]  sec_pagetables:0 bounce:0
[  125.329979][ T6532]  kernel_misc_reclaimable:0
[  125.329979][ T6532]  free:1284347 free_pcp:3092 free_cma:0
[  125.332655][ T5352] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  125.376550][ T6532] Node 0 active_anon:38500kB inactive_anon:0kB active_file:5984kB inactive_file:153204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:101264kB dirty:1536kB writeback:0kB shmem:19792kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10928kB pagetables:3620kB sec_pagetables:0kB all_unreclaimable? no
[  125.419853][ T6532] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  125.450869][ T6532] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  125.481913][ T6532] lowmem_reserve[]: 0 2465 2466 0 0
[  125.488050][ T6532] Node 0 DMA32 free:1195404kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:38340kB inactive_anon:0kB active_file:5984kB inactive_file:152344kB unevictable:1536kB writepending:1548kB present:3129332kB managed:2552480kB mlocked:0kB bounce:0kB free_pcp:8400kB local_pcp:7652kB free_cma:0kB
[  125.524552][ T6532] lowmem_reserve[]: 0 0 0 0 0
[  125.529369][ T6532] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  125.556726][ T6532] lowmem_reserve[]: 0 0 0 0 0
[  125.561522][ T6532] Node 1 Normal free:3925836kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4096kB local_pcp:4096kB free_cma:0kB
[  125.593107][ T6532] lowmem_reserve[]: 0 0 0 0 0
[  125.597911][ T6532] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  125.610787][ T6532] Node 0 DMA32: 8*4kB (UME) 5*8kB (UE) 70*16kB (UME) 87*32kB (UME) 44*64kB (UME) 24*128kB (UME) 17*256kB (UM) 10*512kB (UME) 12*1024kB (UME) 7*2048kB (UM) 282*4096kB (M) = 1201032kB
[  125.649771][ T6532] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  125.663429][ T6532] Node 1 Normal: 197*4kB (UME) 49*8kB (UME) 27*16kB (UME) 182*32kB (UME) 85*64kB (UME) 24*128kB (UME) 13*256kB (UME) 14*512kB (UME) 2*1024kB (UM) 5*2048kB (UE) 949*4096kB (M) = 3925836kB
[  125.686010][ T6532] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  125.699514][ T5352] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.702754][ T6580] netlink: 12 bytes leftover after parsing attributes in process `syz.2.415'.
[  125.710910][ T6532] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  125.749689][ T6532] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  125.762679][ T5352] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.782724][ T5352] usb 5-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  125.802260][ T5352] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.832892][ T6532] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  125.864729][ T5486] udevd[5486]: symlink '../../loop3' '/dev/disk/by-uuid/e0cb6322-611b-4325-acdf-015f79de3787.tmp-b7:3' failed: Read-only file system
[  125.866860][ T5352] usb 5-1: config 0 descriptor??
[  125.924831][ T6532] 46941 total pagecache pages
[  125.929574][ T6532] 0 pages in swap cache
[  125.934607][ T6532] Free swap  = 124984kB
[  125.942897][ T6532] Total swap = 124996kB
[  125.953713][ T6532] 2097051 pages RAM
[  125.965027][ T6532] 0 pages HighMem/MovableOnly
[  125.982517][ T6525] syz.3.396 (6525) used greatest stack depth: 18608 bytes left
[  125.997101][ T6532] 427081 pages reserved
[  126.001299][ T6532] 0 pages cma reserved
[  126.067592][ T5235] BTRFS info (device loop3): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  126.322943][ T5291] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  126.351392][ T6593] Driver unsupported XDP return value 0 on prog  (id 24) dev N/A, expect packet loss!
[  126.467228][ T5352] magicmouse 0003:05AC:0269.000F: hidraw0: USB HID v0.00 Device [HID 05ac:0269] on usb-dummy_hcd.4-1/input0
[  126.525325][ T6577] loop0: detected capacity change from 0 to 32768
[  126.548323][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.592680][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.602734][ T5291] usb 2-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00
[  126.612513][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.645833][ T5291] usb 2-1: config 0 descriptor??
[  126.704620][ T5250] udevd[5250]: symlink '../../loop0' '/dev/disk/by-uuid/b1de653c-5ffc-4d88-b33b-244aab9eb3e9.tmp-b7:0' failed: Read-only file system
[  126.747550][ T6577] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  126.886110][ T5885] ocfs2: Unmounting device (7,0) on (node local)
[  127.058005][ T5281] usb 5-1: USB disconnect, device number 4
[  127.077740][ T5291] waltop 0003:172F:0500.0010: item fetching failed at offset 5/7
[  127.087435][ T5291] waltop 0003:172F:0500.0010: probe with driver waltop failed with error -22
[  127.378348][ T5323] usb 2-1: USB disconnect, device number 4
[  127.472738][ T5352] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  127.642652][ T5352] usb 4-1: Using ep0 maxpacket: 16
[  127.678824][ T5352] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.693516][ T6612] loop2: detected capacity change from 0 to 4096
[  127.710179][ T5352] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.757070][ T6612] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  127.782675][ T5352] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  127.865671][ T5486] udevd[5486]: symlink '../../loop2' '/dev/disk/by-uuid/68CE0ED73BAA5F78.tmp-b7:2' failed: Read-only file system
[  127.885355][ T5352] usb 4-1: New USB device found, idVendor=5543, idProduct=0064, bcdDevice= 0.00
[  127.935917][ T5352] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.977724][ T5352] usb 4-1: config 0 descriptor??
[  128.038050][ T6612] ntfs3: loop2: ino=5, "/" directory corrupted
[  128.477900][ T5352] uclogic 0003:5543:0064.0011: unknown main item tag 0x0
[  128.543198][ T5352] uclogic 0003:5543:0064.0011: No inputs registered, leaving
[  128.693439][ T6628] netlink: 8 bytes leftover after parsing attributes in process `syz.1.434'.
[  128.743183][ T6628] netlink: 4 bytes leftover after parsing attributes in process `syz.1.434'.
[  128.922840][ T5352] uclogic 0003:5543:0064.0011: hidraw0: USB HID v0.00 Device [HID 5543:0064] on usb-dummy_hcd.3-1/input0
[  129.036311][ T6634] loop2: detected capacity change from 0 to 164
[  129.082190][ T6634] Unable to read rock-ridge attributes
[  129.103805][ T6636] netlink: 44 bytes leftover after parsing attributes in process `syz.1.438'.
[  129.137122][ T6634] Unable to read rock-ridge attributes
[  129.203799][ T5352] usb 4-1: USB disconnect, device number 7
[  129.501815][ T6646] dvmrp0: entered allmulticast mode
[  129.503205][ T6617] loop0: detected capacity change from 0 to 32768
[  129.548123][ T6617] JBD2: Ignoring recovery information on journal
[  129.718679][ T6617] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  129.900750][ T5885] ocfs2: Unmounting device (7,0) on (node local)
[  130.320830][ T6670] loop3: detected capacity change from 0 to 4096
[  130.348058][ T6670] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  130.411753][ T6670] ntfs3: loop3: Failed to load $Extend (-22).
[  130.436241][ T6670] ntfs3: loop3: Failed to initialize $Extend.
[  130.541744][ T6670] ntfs3: loop3: ino=21, "memory.current" mmap(write) compressed not supported
[  131.052793][ T6693] netlink: 'syz.3.465': attribute type 58 has an invalid length.
[  131.068691][ T6674] loop2: detected capacity change from 0 to 32768
[  131.119344][ T6674] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.456 (6674)
[  131.164342][ T6674] BTRFS info (device loop2): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  131.195326][ T6674] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  131.220982][ T6674] BTRFS info (device loop2): using free-space-tree
[  131.586088][ T6705] loop3: detected capacity change from 0 to 32768
[  131.718317][ T6705] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  131.740518][ T5291] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  131.755841][ T6685] loop0: detected capacity change from 0 to 32768
[  132.045353][ T6705] XFS (loop3): Ending clean mount
[  132.055030][ T6705] XFS (loop3): Quotacheck needed: Please wait.
[  132.077096][ T6705] XFS (loop3): Quotacheck: Done.
[  132.256449][ T6737] loop5: detected capacity change from 0 to 128
[  132.349156][ T5352] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  132.367472][ T5235] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  132.443784][ T1258] ieee802154 phy0 wpan0: encryption failed: -22
[  132.451179][ T1258] ieee802154 phy1 wpan1: encryption failed: -22
[  132.485298][ T6740] sp0: Synchronizing with TNC
[  132.542080][ T5352] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  132.553952][ T5352] usb 5-1: config 0 has no interface number 0
[  132.569682][ T5352] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  132.580440][ T5352] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.626922][ T5352] usb 5-1: Product: syz
[  132.638777][ T5352] usb 5-1: Manufacturer: syz
[  132.650451][ T5352] usb 5-1: SerialNumber: syz
[  132.666437][ T5227] BTRFS info (device loop2): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  132.744127][ T5352] usb 5-1: config 0 descriptor??
[  132.826490][ T6743] tipc: Started in network mode
[  132.831431][ T6743] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[  132.839099][ T6743] tipc: Enabled bearer <eth:vlan0>, priority 10
[  132.967940][ T5291] usb 2-1: Using ep0 maxpacket: 16
[  132.980302][ T5352] usb 5-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  133.000341][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.003539][ T5352] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  133.022472][ T5352] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  133.031437][ T5352] usb 5-1: media controller created
[  133.032520][ T5291] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.061110][ T5352] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  133.081295][ T5291] usb 2-1: New USB device found, idVendor=1532, idProduct=011b, bcdDevice= 0.00
[  133.111378][ T5291] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.160744][ T5291] usb 2-1: config 0 descriptor??
[  133.213832][ T6751] netlink: 'syz.5.483': attribute type 4 has an invalid length.
[  133.252684][ T6751] netlink: 'syz.5.483': attribute type 2 has an invalid length.
[  133.436202][    T8] usb 5-1: USB disconnect, device number 5
[  133.542682][ T5352] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  133.694311][ T5352] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.714417][ T5352] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.732759][ T5352] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  133.754900][ T5352] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.774650][ T5352] usb 1-1: config 0 descriptor??
[  133.816311][ T5291] razer 0003:1532:011B.0012: failed to enable macro keys: -71
[  133.833137][ T5291] razer 0003:1532:011B.0012: hidraw0: USB HID v0.00 Device [HID 1532:011b] on usb-dummy_hcd.1-1/input0
[  133.845484][ T5293] tipc: Node number set to 10005162
[  133.866825][ T5291] usb 2-1: USB disconnect, device number 5
[  134.203829][ T5352] hid-rmi 0003:06CB:81A7.0013: unknown main item tag 0x0
[  134.212706][ T5352] hid-rmi 0003:06CB:81A7.0013: unknown main item tag 0x0
[  134.220098][ T5352] hid-rmi 0003:06CB:81A7.0013: unknown main item tag 0x0
[  134.227331][ T5352] hid-rmi 0003:06CB:81A7.0013: unknown main item tag 0x0
[  134.234535][ T5352] hid-rmi 0003:06CB:81A7.0013: unknown main item tag 0x0
[  134.253786][ T5352] hid-rmi 0003:06CB:81A7.0013: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.0-1/input0
[  134.447317][ T5352] usb 1-1: USB disconnect, device number 5
[  134.472808][ T6786] loop5: detected capacity change from 0 to 2048
[  134.538454][ T6786] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  134.608047][ T6794] netlink: 8 bytes leftover after parsing attributes in process `syz.1.501'.
[  134.754164][ T6801] loop1: detected capacity change from 0 to 64
[  134.776203][ T6804] loop3: detected capacity change from 0 to 64
[  135.442771][ T5293] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  135.480419][ T6836] loop3: detected capacity change from 0 to 4096
[  135.491314][ T6836] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  135.530172][ T6836] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  135.575170][ T6839] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.645672][ T5293] usb 1-1: Using ep0 maxpacket: 16
[  135.683190][ T5293] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.702614][ T5293] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.712403][ T5293] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  135.752773][ T5293] usb 1-1: New USB device found, idVendor=1e7d, idProduct=71ce, bcdDevice= 0.00
[  135.761899][ T5293] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.794520][ T5293] usb 1-1: config 0 descriptor??
[  135.927987][ T6818] loop1: detected capacity change from 0 to 32768
[  135.957880][   T29] audit: type=1326 audit(1727369479.696:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6820 comm="syz.5.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7fc00000
[  136.257275][ T5293] hid-generic 0003:1E7D:71CE.0014: collection stack underflow
[  136.266238][ T6861] 9pnet_fd: p9_fd_create_unix (6861): problem connecting socket: éq‰Y’3aK: -111
[  136.275121][ T5293] hid-generic 0003:1E7D:71CE.0014: item 0 2 0 12 parsing failed
[  136.303393][ T5293] hid-generic 0003:1E7D:71CE.0014: probe with driver hid-generic failed with error -22
[  136.372805][ T5289] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  136.555804][ T6869] loop4: detected capacity change from 0 to 1024
[  136.562994][ T5293] usb 1-1: USB disconnect, device number 6
[  136.570995][ T6871] netlink: 'syz.1.538': attribute type 29 has an invalid length.
[  136.633621][ T6871] netlink: 'syz.1.538': attribute type 29 has an invalid length.
[  136.663562][ T5289] usb 4-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice= d.b4
[  136.673059][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.693777][ T5289] usb 4-1: config 0 descriptor??
[  136.712163][ T5289] gspca_main: gspca_pac7302-2.14.0 probing 093a:2626
[  136.714818][   T79] hfsplus: b-tree write err: -5, ino 4
[  136.761505][ T6857] loop5: detected capacity change from 0 to 32768
[  136.807965][ T6857] ERROR: (device loop5): dtReadFirst: btstack overrun
[  136.807965][ T6857] 
[  136.855089][ T6857] ERROR: (device loop5): remounting filesystem as read-only
[  136.896089][ T6857] btstack dump:
[  136.899790][ T6857] bn = 0, index = 0
[  136.905624][ T6857] bn = 0, index = 0
[  136.909986][ T6857] bn = 0, index = 0
[  136.914432][ T6857] bn = 0, index = 0
[  136.918482][ T6857] bn = 0, index = 0
[  136.922330][ T6857] bn = 0, index = 0
[  136.927667][ T6857] bn = 0, index = 0
[  136.931839][ T6857] bn = 0, index = 0
[  137.072242][ T6885] loop4: detected capacity change from 0 to 1024
[  137.084978][ T6885] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  137.218797][ T6885] hfsplus: filesystem is marked journaled, leaving read-only.
[  137.347339][ T6897] loop2: detected capacity change from 0 to 128
[  137.405818][ T5289] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  137.413114][ T5289] gspca_pac7302 4-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  137.422685][ T6897] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  137.448952][ T5289] usb 4-1: USB disconnect, device number 8
[  137.475337][ T6897] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  137.496643][ T6897] EXT4-fs warning (device loop2): ext4_dirblock_csum_verify:406: inode #11: comm syz.2.551: No space for directory leaf checksum. Please run e2fsck -D.
[  137.518917][ T6901] loop4: detected capacity change from 0 to 1024
[  137.572082][ T6897] EXT4-fs error (device loop2): __ext4_find_entry:1652: inode #11: comm syz.2.551: checksumming directory block 0
[  137.607522][ T6901] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.672719][ T5352] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  137.711350][ T6893] loop0: detected capacity change from 0 to 32768
[  137.719589][ T6893] btrfs: Deprecated parameter 'usebackuproot'
[  137.725781][ T6893] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  137.742026][ T6893] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.550 (6893)
[  137.766937][ T6893] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.786850][ T5227] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.788963][ T6893] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  137.960680][ T5679] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.183959][ T6923] loop3: detected capacity change from 0 to 1024
[  138.191242][ T6923] EXT4-fs: Ignoring removed orlov option
[  138.197549][ T6923] EXT4-fs: Ignoring removed nomblk_io_submit option
[  138.342334][ T6923] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.361521][ T5352] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  138.372840][ T5352] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  138.382810][ T5352] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  138.393524][ T5352] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  138.404209][ T5352] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  138.413525][ T5352] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.426270][ T5352] usb 2-1: config 0 descriptor??
[  138.479269][ T6893] BTRFS info (device loop0): rebuilding free space tree
[  138.617809][ T6893] BTRFS info (device loop0): disabling free space tree
[  138.636454][ T6893] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  138.642187][ T5235] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.656776][ T6893] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  138.673830][ T5352] hdpvr 2-1:0.0: firmware version 0x1e dated þÀq|RC¾@µ2£¹ö2[Ì7ÔB½�ËDŠ^jvi0ì
[  138.673830][ T5352] †Ã“‘êpY
[  138.703326][ T6949] loop4: detected capacity change from 0 to 256
[  138.710288][ T6949] exfat: Deprecated parameter 'namecase'
[  138.764191][ T6949] exfat: Deprecated parameter 'namecase'
[  138.827414][ T6949] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  138.909748][ T5885] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.967994][ T5289] IPVS: starting estimator thread 0...
[  139.072777][ T6956] IPVS: using max 16 ests per chain, 38400 per kthread
[  139.166976][ T6919] loop5: detected capacity change from 0 to 40427
[  139.213116][ T6919] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x1fffff
[  139.355057][ T6919] F2FS-fs (loop5): invalid crc value
[  139.431170][ T6919] F2FS-fs (loop5): Found nat_bits in checkpoint
[  139.476340][ T5352] hdpvr 2-1:0.0: Could not setup controls
[  139.480871][ T6975] IPVS: Error joining to the multicast group
[  139.482475][ T5352] hdpvr 2-1:0.0: registering videodev failed
[  139.509304][ T6976] loop0: detected capacity change from 0 to 2048
[  139.517277][ T5352] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -71
[  139.542035][ T6976] EXT4-fs: Ignoring removed mblk_io_submit option
[  139.584631][ T5352] usb 2-1: USB disconnect, device number 6
[  139.632365][ T6919] F2FS-fs (loop5): Start checkpoint disabled!
[  139.649730][ T6919] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  139.654099][ T6976] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.801196][ T6987] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  139.847836][ T6987] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  139.853952][ T5885] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.866563][ T6992] loop1: detected capacity change from 0 to 2048
[  139.955765][ T6995] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.983909][ T6994] netlink: 'syz.4.584': attribute type 10 has an invalid length.
[  140.045885][ T6997] program syz.2.585 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  140.096339][ T6994] 8021q: adding VLAN 0 to HW filter on device team0
[  140.141018][ T6994] bond0: (slave team0): Enslaving as an active interface with an up link
[  140.187156][ T7002] netlink: 'syz.4.584': attribute type 10 has an invalid length.
[  140.254059][ T7002] bond0: (slave team0): Releasing backup interface
[  140.289940][ T7002] bridge0: port 3(team0) entered blocking state
[  140.357826][ T7002] bridge0: port 3(team0) entered disabled state
[  140.384689][ T6999] loop3: detected capacity change from 0 to 4096
[  140.414939][ T7002] team0: entered allmulticast mode
[  140.420144][ T7002] team_slave_0: entered allmulticast mode
[  140.432712][    T9] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  140.450220][ T6999] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  140.510213][ T7001] loop0: detected capacity change from 0 to 32768
[  140.518496][ T7002] team_slave_1: entered allmulticast mode
[  140.524756][ T7001] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.582 (7001)
[  140.541157][ T7002] team0: entered promiscuous mode
[  140.548600][ T7002] team_slave_0: entered promiscuous mode
[  140.554461][ T7001] BTRFS info (device loop0): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  140.570280][ T7001] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  140.580477][ T7002] team_slave_1: entered promiscuous mode
[  140.602311][ T7001] BTRFS info (device loop0): using free-space-tree
[  140.734354][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  140.791848][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 96, setting to 64
[  140.832980][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  140.860783][    T9] usb 6-1: New USB device found, idVendor=28bd, idProduct=0909, bcdDevice= 0.00
[  140.881467][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.173895][ T5293] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  141.314555][ T5885] BTRFS info (device loop0): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  141.339188][ T5293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.382035][ T5293] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.437551][ T5293] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  141.476573][ T5293] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.535620][ T5293] usb 4-1: config 0 descriptor??
[  141.639271][ T7006] warn_alloc: 3 callbacks suppressed
[  141.639297][ T7006] syz.2.588: vmalloc error: size 3932160, failed to allocated page array size 7680, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null)
[  141.660260][    T9] usb 6-1: config 0 descriptor??
[  141.681204][ T7006] ,cpuset=/,mems_allowed=0-1
[  141.683201][ T7004] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  141.686769][ T7006] CPU: 0 UID: 0 PID: 7006 Comm: syz.2.588 Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  141.703993][ T7006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  141.714076][ T7006] Call Trace:
[  141.717373][ T7006]  <TASK>
[  141.720322][ T7006]  dump_stack_lvl+0x241/0x360
[  141.725042][ T7006]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.730282][ T7006]  ? __pfx__printk+0x10/0x10
[  141.734912][ T7006]  ? cpuset_print_current_mems_allowed+0x1f/0x350
[  141.741362][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.747056][ T7006]  ? cpuset_print_current_mems_allowed+0x31e/0x350
[  141.753606][ T7006]  warn_alloc+0x278/0x410
[  141.758013][ T7006]  ? __pfx_warn_alloc+0x10/0x10
[  141.762914][ T7006]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  141.769116][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.774791][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.780467][ T7006]  ? __get_vm_area_node+0x23d/0x270
[  141.785729][ T7006]  __vmalloc_node_range_noprof+0x691/0x13f0
[  141.791723][ T7006]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  141.797768][ T7006]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  141.804151][ T7006]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  141.810338][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.816002][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.821658][ T7006]  ? __get_vm_area_node+0x23d/0x270
[  141.826892][ T7006]  __vmalloc_node_range_noprof+0x59c/0x13f0
[  141.832819][ T7006]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  141.839005][ T7006]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  141.844771][ T7006]  ? rcu_is_watching+0x15/0xb0
[  141.849557][ T7006]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  141.855911][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.861566][ T7006]  ? rcu_is_watching+0x15/0xb0
[  141.866346][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.872003][ T7006]  ? __kmalloc_node_noprof+0x247/0x440
[  141.877485][ T7006]  ? __kvmalloc_node_noprof+0x72/0x190
[  141.882976][ T7006]  __kvmalloc_node_noprof+0x142/0x190
[  141.888379][ T7006]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  141.894568][ T7006]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  141.900577][ T7006]  ? tpg_update_mv_step+0x361/0x4f0
[  141.905797][ T7006]  vivid_update_format_cap+0x133c/0x2090
[  141.911469][ T7006]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  141.917475][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.923129][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.928788][ T7006]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  141.934626][ T7006]  __video_do_ioctl+0xc25/0xdd0
[  141.939515][ T7006]  ? __pfx___video_do_ioctl+0x10/0x10
[  141.944929][ T7006]  ? srso_alias_return_thunk+0x5/0xfbef5
[  141.950600][ T7006]  ? __might_fault+0xc6/0x120
[  141.955321][ T7006]  video_usercopy+0x89d/0x1180
[  141.960120][ T7006]  ? __pfx___video_do_ioctl+0x10/0x10
[  141.965513][ T7006]  ? __pfx_video_usercopy+0x10/0x10
[  141.970762][ T7006]  ? __fget_files+0x29/0x470
[  141.975388][ T7006]  ? __fget_files+0x3f3/0x470
[  141.980092][ T7006]  v4l2_ioctl+0x18b/0x1e0
[  141.984442][ T7006]  ? __pfx_v4l2_ioctl+0x10/0x10
[  141.989312][ T7006]  __se_sys_ioctl+0xfb/0x170
[  141.993938][ T7006]  do_syscall_64+0xf3/0x230
[  141.998470][ T7006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.004385][ T7006] RIP: 0033:0x7f482337df39
[  142.008812][ T7006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.028461][ T7006] RSP: 002b:00007f482410f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  142.036897][ T7006] RAX: ffffffffffffffda RBX: 00007f4823535f80 RCX: 00007f482337df39
[  142.044885][ T7006] RDX: 0000000020000040 RSI: 00000000c0845657 RDI: 0000000000000003
[  142.052871][ T7006] RBP: 00007f48233f0216 R08: 0000000000000000 R09: 0000000000000000
[  142.060856][ T7006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  142.068846][ T7006] R13: 0000000000000000 R14: 00007f4823535f80 R15: 00007fff55510ff8
[  142.076851][ T7006]  </TASK>
[  142.108476][ T7006] Mem-Info:
[  142.122986][ T7006] active_anon:7011 inactive_anon:0 isolated_anon:0
[  142.122986][ T7006]  active_file:1720 inactive_file:38261 isolated_file:0
[  142.122986][ T7006]  unevictable:768 dirty:464 writeback:0
[  142.122986][ T7006]  slab_reclaimable:9443 slab_unreclaimable:98006
[  142.122986][ T7006]  mapped:24555 shmem:4136 pagetables:802
[  142.122986][ T7006]  sec_pagetables:0 bounce:0
[  142.122986][ T7006]  kernel_misc_reclaimable:0
[  142.122986][ T7006]  free:1288016 free_pcp:2578 free_cma:0
[  142.186165][ T5293] keytouch 0003:0926:3333.0015: fixing up Keytouch IEC report descriptor
[  142.219445][ T5293] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0015/input/input11
[  142.222775][ T7006] Node 0 active_anon:32344kB inactive_anon:0kB active_file:6880kB inactive_file:152972kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98220kB dirty:1852kB writeback:0kB shmem:19108kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10356kB pagetables:3208kB sec_pagetables:0kB all_unreclaimable? no
[  142.272306][ T7006] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  142.321517][ T7006] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  142.336797][ T7035] loop1: detected capacity change from 0 to 32768
[  142.349508][ T7006] lowmem_reserve[]: 0 2465 2466 0 0
[  142.361081][ T7006] Node 0 DMA32 free:1210136kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:30744kB inactive_anon:0kB active_file:6880kB inactive_file:152060kB unevictable:1536kB writepending:1852kB present:3129332kB managed:2552480kB mlocked:0kB bounce:0kB free_pcp:4676kB local_pcp:1732kB free_cma:0kB
[  142.396560][ T7006] lowmem_reserve[]: 0 0 0 0 0
[  142.398709][ T5293] keytouch 0003:0926:3333.0015: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  142.401353][ T7006] Node 0 
[  142.416465][ T5293] usb 4-1: USB disconnect, device number 9
[  142.418969][ T7006] Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:832kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  142.451835][ T7006] lowmem_reserve[]: 0 0 0 0 0
[  142.456772][ T7006] Node 1 Normal free:3929664kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB
[  142.487234][ T7006] lowmem_reserve[]: 0 0 0 0 0
[  142.492954][ T7006] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  142.506454][ T7006] Node 0 DMA32: 82*4kB (ME) 117*8kB (UME) 118*16kB (UM) 148*32kB (UME) 66*64kB (UME) 19*128kB (UME) 14*256kB (UME) 13*512kB (ME) 100*1024kB (UME) 6*2048kB (UM) 262*4096kB (M) = 1212624kB
[  142.525834][ T7006] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  142.537724][ T7006] Node 1 Normal: 130*4kB (UME) 49*8kB (UME) 27*16kB (UME) 182*32kB (UME) 85*64kB (UME) 24*128kB (UME) 13*256kB (UME) 14*512kB (UME) 2*1024kB (UM) 5*2048kB (UE) 950*4096kB (M) = 3929664kB
[  142.551368][ T7035] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  142.561144][ T7006] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  142.578442][ T7006] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  142.588749][ T7006] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  142.599392][ T7006] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  142.608977][ T7006] 45255 total pagecache pages
[  142.613867][ T7006] 0 pages in swap cache
[  142.618079][ T7006] Free swap  = 124984kB
[  142.622285][ T7006] Total swap = 124996kB
[  142.626579][ T7006] 2097051 pages RAM
[  142.630471][ T7006] 0 pages HighMem/MovableOnly
[  142.636773][ T7006] 427081 pages reserved
[  142.640981][ T7006] 0 pages cma reserved
[  142.683493][    T9] input: HID 28bd:0909 Mouse as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:28BD:0909.0016/input/input12
[  142.716304][    T9] uclogic 0003:28BD:0909.0016: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0909] on usb-dummy_hcd.5-1/input0
[  142.750396][ T7035] XFS (loop1): Ending clean mount
[  142.766345][ T7035] XFS (loop1): Quotacheck needed: Please wait.
[  142.791730][ T2912] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x41/0xd0, xfs_cntbt block 0x10 
[  142.809634][ T2912] XFS (loop1): Unmount and run xfs_repair
[  142.821786][ T2912] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[  142.836532][ T2912] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[  142.849268][ T2912] 00000010: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 40  ...............@
[  142.865598][ T2912] 00000020: ca 7e 21 01 b8 f1 48 38 8e 2d 76 37 b9 06 20 e6  .~!...H8.-v7.. .
[  142.878171][ T2912] 00000030: 00 00 00 00 5a a8 54 aa 00 00 00 05 00 00 00 03  ....Z.T.........
[  142.890709][ T2912] 00000040: 00 00 02 a4 00 00 0d 5c 00 00 02 a0 00 00 0d 60  .......\.......`
[  142.912969][ T2912] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  142.922151][ T2912] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  142.939267][ T2912] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  142.949122][ T2912] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x36f/0x5b0" at daddr 0x10 len 8 error 74
[  142.963010][ T5281] usb 6-1: USB disconnect, device number 7
[  142.977304][ T7035] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  143.120559][ T7047] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  143.147109][ T5567] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  143.166326][ T5567] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[  143.312672][    T8] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  143.473845][    T8] usb 4-1: Using ep0 maxpacket: 16
[  143.490729][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  143.522384][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  143.542678][    T8] usb 4-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  143.551839][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.599778][    T8] usb 4-1: config 0 descriptor??
[  143.649391][ T7055] use of bytesused == 0 is deprecated and will be removed in the future,
[  143.678737][ T7055] use the actual size instead.
[  143.961669][ T7065] loop1: detected capacity change from 0 to 8
[  144.060155][    T8] aquacomputer_d5next 0003:0C70:F0B6.0017: ignoring exceeding usage max
[  144.088189][    T8] aquacomputer_d5next 0003:0C70:F0B6.0017: item fetching failed at offset 3/5
[  144.088767][    T8] aquacomputer_d5next 0003:0C70:F0B6.0017: probe with driver aquacomputer_d5next failed with error -22
[  144.364963][    T8] usb 4-1: USB disconnect, device number 10
[  144.730650][ T7084] loop1: detected capacity change from 0 to 512
[  144.815311][ T7084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.839469][ T7084] ext4 filesystem being mounted at /57/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  144.944303][   T29] audit: type=1800 audit(1727369488.686:15): pid=7084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.613" name="file2" dev="loop1" ino=16 res=0 errno=0
[  145.110502][ T5567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.475136][ T7097] loop3: detected capacity change from 0 to 2048
[  145.516368][ T7097] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  145.748467][ T7082] loop0: detected capacity change from 0 to 32768
[  145.779427][ T7082] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.612 (7082)
[  145.840137][ T7082] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  145.915776][ T7082] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  145.935296][ T7082] BTRFS info (device loop0): using free-space-tree
[  146.429086][   T29] audit: type=1326 audit(1727369490.126:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7100 comm="syz.5.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c02f7df39 code=0x7fc00000
[  147.006254][ T5885] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.081928][ T7133] vlan2: entered promiscuous mode
[  147.173665][ T7133] vlan2: entered allmulticast mode
[  148.087973][ T7110] loop1: detected capacity change from 0 to 40427
[  148.139451][ T7110] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  148.211089][ T7110] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  148.267378][ T7110] F2FS-fs (loop1): invalid crc value
[  148.289799][ T7110] F2FS-fs (loop1): Found nat_bits in checkpoint
[  148.552294][ T7110] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  148.574573][ T7110] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  150.076696][ T7161] loop0: detected capacity change from 0 to 128
[  150.176142][ T7161] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  150.288395][ T7161] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  150.454730][   T29] audit: type=1800 audit(1727369494.196:17): pid=7161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.628" name="bus" dev="loop0" ino=115 res=0 errno=0
[  152.023725][ T5249] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  152.037119][ T5249] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  152.047522][ T5249] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  152.060315][ T5249] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  152.081244][ T5249] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  152.092469][ T5249] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  152.819497][ T5237] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  152.849690][ T5237] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  152.859777][ T5237] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  152.887887][ T5237] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  152.903204][ T5237] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  152.910623][ T5237] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  153.738049][ T7180] chnl_net:caif_netlink_parms(): no params data found
[  153.832570][    C0] sched: DL replenish lagged too much
[  154.172920][ T5237] Bluetooth: hci6: command tx timeout
[  154.486645][ T7179] loop1: detected capacity change from 0 to 32768
[  154.556929][ T7179] BTRFS: device fsid 92aec1fe-fee8-4e05-92dc-790b47b871d9 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.648 (7179)
[  154.635686][ T7179] BTRFS info (device loop1): first mount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  154.685227][ T7179] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  154.742834][ T7179] BTRFS info (device loop1): using free-space-tree
[  154.963176][ T5237] Bluetooth: hci7: command tx timeout
[  155.025063][ T5567] BTRFS info (device loop1): last unmount of filesystem 92aec1fe-fee8-4e05-92dc-790b47b871d9
[  155.503428][ T7180] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.555927][ T7180] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.601416][ T7180] bridge_slave_0: entered allmulticast mode
[  155.644901][ T7180] bridge_slave_0: entered promiscuous mode
[  155.707389][ T7180] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.771063][ T7180] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.812928][ T7180] bridge_slave_1: entered allmulticast mode
[  155.839611][ T7180] bridge_slave_1: entered promiscuous mode
[  156.242986][ T5237] Bluetooth: hci6: command tx timeout
[  156.281367][ T1126] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.411367][ T7186] chnl_net:caif_netlink_parms(): no params data found
[  156.525515][ T7180] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.613038][ T7180] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.876648][ T7180] team0: Port device team_slave_0 added
[  157.043994][ T7180] team0: Port device team_slave_1 added
[  157.049826][ T5237] Bluetooth: hci7: command tx timeout
[  157.119524][ T7186] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.141268][ T7186] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.151819][ T7186] bridge_slave_0: entered allmulticast mode
[  157.166542][ T7186] bridge_slave_0: entered promiscuous mode
[  157.241784][ T7180] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.258848][ T7180] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.297707][ T7180] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  157.316684][ T7186] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.334491][ T7186] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.341807][ T7186] bridge_slave_1: entered allmulticast mode
[  157.360907][ T7186] bridge_slave_1: entered promiscuous mode
[  157.373909][ T7180] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.381828][ T7180] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.418623][ T7180] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.617378][ T7186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  157.701434][ T7180] hsr_slave_0: entered promiscuous mode
[  157.714884][ T7180] hsr_slave_1: entered promiscuous mode
[  157.731532][ T7180] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.742818][ T7180] Cannot create hsr debugfs directory
[  157.762643][ T7186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  157.930660][ T7186] team0: Port device team_slave_0 added
[  158.072501][ T1126] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  158.112673][ T7186] team0: Port device team_slave_1 added
[  158.214950][ T7186] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.224497][ T7186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.263609][ T7186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.294442][ T7186] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.301529][ T7186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.338312][ T5237] Bluetooth: hci6: command tx timeout
[  158.348037][ T7186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.695847][ T7186] hsr_slave_0: entered promiscuous mode
[  158.714246][ T7186] hsr_slave_1: entered promiscuous mode
[  158.727269][ T7186] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.745864][ T7186] Cannot create hsr debugfs directory
[  159.124007][ T5237] Bluetooth: hci7: command tx timeout
[  159.147105][ T1126] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.061121][ T1126] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.413001][ T5237] Bluetooth: hci6: command tx timeout
[  160.913174][ T1126] bridge_slave_1: left allmulticast mode
[  160.932053][ T1126] bridge_slave_1: left promiscuous mode
[  160.940322][ T1126] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.981163][ T1126] bridge_slave_0: left allmulticast mode
[  161.002039][ T1126] bridge_slave_0: left promiscuous mode
[  161.008517][ T1126] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.203012][ T5237] Bluetooth: hci7: command tx timeout
[  161.749288][ T1126] dvmrp0 (unregistering): left allmulticast mode
[  162.865402][ T1126] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  162.918065][ T1126] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  162.968914][ T1126] bond0 (unregistering): Released all slaves
[  164.221297][ T5249] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  164.232776][ T5249] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  164.240467][ T5249] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  164.248436][ T5249] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  164.256354][ T5249] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  164.263894][ T5249] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  164.513877][ T5237] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  164.525844][ T5237] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  164.536969][ T5237] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  164.546216][ T5237] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  164.554317][ T5237] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  164.561731][ T5237] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  166.323116][ T5237] Bluetooth: hci0: command tx timeout
[  166.642787][ T5237] Bluetooth: hci1: command tx timeout
[  166.708845][ T5249] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  166.722981][ T5249] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  166.731984][ T5249] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  166.740169][ T5249] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  166.747915][ T5249] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  166.757224][ T5249] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  166.828927][ T5249] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  166.838136][ T5249] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  166.846453][ T5249] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  166.856425][ T5249] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  166.868403][ T5249] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  166.875768][ T5249] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  168.405623][ T5237] Bluetooth: hci0: command tx timeout
[  168.723455][ T5237] Bluetooth: hci1: command tx timeout
[  168.803637][ T5237] Bluetooth: hci8: command tx timeout
[  168.962967][ T5237] Bluetooth: hci9: command tx timeout
[  170.482987][ T5237] Bluetooth: hci0: command tx timeout
[  170.802739][ T5237] Bluetooth: hci1: command tx timeout
[  170.882812][ T5237] Bluetooth: hci8: command tx timeout
[  171.042939][ T5237] Bluetooth: hci9: command tx timeout
[  172.562843][ T5237] Bluetooth: hci0: command tx timeout
[  172.887816][ T5237] Bluetooth: hci1: command tx timeout
[  172.962760][ T5237] Bluetooth: hci8: command tx timeout
[  173.123049][ T5237] Bluetooth: hci9: command tx timeout
[  175.042739][ T5237] Bluetooth: hci8: command tx timeout
[  175.203321][ T5237] Bluetooth: hci9: command tx timeout
[  190.752644][ T5249] Bluetooth: hci4: command 0x0406 tx timeout
[  190.758829][ T5249] Bluetooth: hci3: command 0x0406 tx timeout
[  193.782372][ T1258] ieee802154 phy0 wpan0: encryption failed: -22
[  193.790590][ T1258] ieee802154 phy1 wpan1: encryption failed: -22
[  212.993435][ T5243] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  213.004382][ T5243] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  213.013752][ T5243] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  213.021832][ T5243] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  213.042972][ T5243] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  213.052214][ T5243] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  213.141499][ T5237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  213.156315][ T5237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  213.168883][ T5237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  213.177668][ T5237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  213.187704][ T5237] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  213.195569][ T5237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  215.127767][ T5237] Bluetooth: hci2: command tx timeout
[  215.290651][ T5237] Bluetooth: hci3: command tx timeout
[  217.212765][ T5237] Bluetooth: hci2: command tx timeout
[  217.362965][ T5237] Bluetooth: hci3: command tx timeout
[  219.302632][ T5237] Bluetooth: hci2: command tx timeout
[  219.442806][ T5237] Bluetooth: hci3: command tx timeout
[  221.368440][ T5237] Bluetooth: hci2: command tx timeout
[  221.522829][ T5237] Bluetooth: hci3: command tx timeout
[  225.356045][ T5243] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  225.374489][ T5248] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  225.384914][ T5248] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  225.394389][ T5248] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  225.402126][ T5248] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  225.417424][ T5248] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  225.428202][ T5248] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  225.439875][ T5248] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  225.449282][ T5248] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  225.471146][ T5248] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  225.483331][ T5248] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  225.491947][ T5248] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  227.304948][ T5237] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  227.316167][ T5237] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  227.325707][ T5237] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  227.338113][ T5237] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  227.348018][ T5237] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  227.358406][ T5237] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  227.377319][ T5237] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  227.385392][ T5237] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  227.395302][ T5237] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  227.407334][ T5237] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  227.419246][ T5237] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  227.427650][ T5237] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  227.523016][ T5248] Bluetooth: hci4: command tx timeout
[  227.530159][ T5248] Bluetooth: hci5: command tx timeout
[  229.523898][ T5243] Bluetooth: hci11: command tx timeout
[  229.534190][ T5248] Bluetooth: hci10: command tx timeout
[  229.605067][ T5243] Bluetooth: hci5: command tx timeout
[  229.610546][ T5243] Bluetooth: hci4: command tx timeout
[  231.603015][ T5248] Bluetooth: hci11: command tx timeout
[  231.610597][ T5243] Bluetooth: hci10: command tx timeout
[  231.682901][ T5243] Bluetooth: hci4: command tx timeout
[  231.688485][ T5243] Bluetooth: hci5: command tx timeout
[  233.682903][ T5248] Bluetooth: hci11: command tx timeout
[  233.690185][ T5243] Bluetooth: hci10: command tx timeout
[  233.763031][ T5243] Bluetooth: hci5: command tx timeout
[  233.768492][ T5243] Bluetooth: hci4: command tx timeout
[  235.762847][ T5248] Bluetooth: hci11: command tx timeout
[  235.768470][ T5243] Bluetooth: hci10: command tx timeout
[  255.219206][ T1258] ieee802154 phy0 wpan0: encryption failed: -22
[  255.226352][ T1258] ieee802154 phy1 wpan1: encryption failed: -22
[  274.068653][ T5248] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  274.079150][ T5248] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  274.087808][ T5248] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  274.096319][ T5248] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  274.104534][ T5248] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  274.116904][ T5248] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  274.201079][ T5243] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  274.213021][ T5243] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  274.221408][ T5243] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  274.230207][ T5243] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  274.238133][ T5243] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  274.246245][ T5243] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  276.168419][ T5237] Bluetooth: hci12: command tx timeout
[  276.328214][ T5237] Bluetooth: hci13: command tx timeout
[  277.776933][ T5237] Bluetooth: hci7: command 0x0406 tx timeout
[  277.785101][ T5249] Bluetooth: hci6: command 0x0406 tx timeout
[  278.242685][ T5243] Bluetooth: hci12: command tx timeout
[  278.402886][ T5243] Bluetooth: hci13: command tx timeout
[  280.322937][ T5243] Bluetooth: hci12: command tx timeout
[  280.482867][ T5243] Bluetooth: hci13: command tx timeout
[  282.402831][ T5243] Bluetooth: hci12: command tx timeout
[  282.562741][ T5243] Bluetooth: hci13: command tx timeout
[  285.837179][ T5248] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  285.848821][ T5248] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  285.857510][ T5248] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  285.869912][ T5248] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  285.879630][ T5248] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  285.887897][ T5248] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  285.952361][ T5237] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  285.966981][ T5237] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  285.975956][ T5237] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  285.985040][ T5237] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  285.994052][ T5237] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  286.005982][ T5237] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  287.670845][ T5249] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  287.687034][ T5249] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  287.696388][ T5249] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  287.704889][ T5249] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  287.714987][ T5249] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  287.722512][ T5249] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  287.801700][ T5237] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  287.811498][ T5237] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  287.820675][ T5237] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  287.829325][ T5237] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  287.840870][ T5237] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  287.848930][ T5237] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  287.924441][ T5245] Bluetooth: hci14: command tx timeout
[  288.006228][ T5245] Bluetooth: hci0: command 0x0406 tx timeout
[  288.012327][ T5245] Bluetooth: hci1: command 0x0406 tx timeout
[  288.083439][ T5245] Bluetooth: hci15: command tx timeout
[  289.763216][ T5248] Bluetooth: hci16: command tx timeout
[  289.923416][ T5248] Bluetooth: hci17: command tx timeout
[  290.002938][ T5248] Bluetooth: hci14: command tx timeout
[  290.162851][ T5248] Bluetooth: hci15: command tx timeout
[  291.842985][ T5245] Bluetooth: hci16: command tx timeout
[  292.003000][ T5245] Bluetooth: hci17: command tx timeout
[  292.082820][ T5245] Bluetooth: hci14: command tx timeout
[  292.242792][ T5245] Bluetooth: hci15: command tx timeout
[  293.123393][ T5237] Bluetooth: hci8: command 0x0406 tx timeout
[  293.129574][ T5245] Bluetooth: hci9: command 0x0406 tx timeout
[  293.923091][ T5243] Bluetooth: hci16: command tx timeout
[  294.083136][ T5243] Bluetooth: hci17: command tx timeout
[  294.162932][ T5243] Bluetooth: hci14: command tx timeout
[  294.322910][ T5243] Bluetooth: hci15: command tx timeout
[  296.003093][ T5243] Bluetooth: hci16: command tx timeout
[  296.171228][ T5243] Bluetooth: hci17: command tx timeout
[  307.683084][   T30] INFO: task kworker/u8:6:1126 blocked for more than 143 seconds.
[  307.691080][   T30]       Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  307.732885][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  307.786988][   T30] task:kworker/u8:6    state:D stack:21552 pid:1126  tgid:1126  ppid:2      flags:0x00004000
[  307.828288][   T30] Workqueue: netns cleanup_net
[  307.897921][   T30] Call Trace:
[  307.901280][   T30]  <TASK>
[  307.972716][   T30]  __schedule+0x1895/0x4b30
[  307.977348][   T30]  ? __pfx___schedule+0x10/0x10
[  307.982246][   T30]  ? __pfx_lock_release+0x10/0x10
[  308.061781][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.109271][   T30]  ? kthread_data+0x52/0xd0
[  308.122629][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.128425][   T30]  ? wq_worker_sleeping+0x66/0x240
[  308.182878][   T30]  ? schedule+0x90/0x320
[  308.187212][   T30]  schedule+0x14b/0x320
[  308.191415][   T30]  schedule_timeout+0xb0/0x310
[  308.253161][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  308.258864][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  308.323261][   T30]  ? wait_for_completion+0x2fe/0x620
[  308.328644][   T30]  ? wait_for_completion+0x2fe/0x620
[  308.382676][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  308.388072][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.432023][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  308.448265][   T30]  ? wait_for_completion+0x2fe/0x620
[  308.461261][   T30]  wait_for_completion+0x355/0x620
[  308.469180][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.483067][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  308.488798][   T30]  ? __flush_work+0xe7/0xc50
[  308.504659][   T30]  __flush_work+0xa37/0xc50
[  308.509841][   T30]  ? __flush_work+0xe7/0xc50
[  308.524469][   T30]  ? __pfx___flush_work+0x10/0x10
[  308.529653][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  308.542809][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  308.549204][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  308.563472][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  308.568754][   T30]  unregister_netdevice_many_notify+0x87b/0x1da0
[  308.589170][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.597696][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  308.613721][   T30]  ? __pfx_lock_release+0x10/0x10
[  308.618884][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.635013][   T30]  ? up_write+0x1a9/0x590
[  308.639425][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.656141][   T30]  unregister_netdevice_queue+0x303/0x370
[  308.661951][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  308.672834][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.689670][   T30]  ? kernfs_remove_by_name_ns+0x11b/0x160
[  308.697324][   T30]  _cfg80211_unregister_wdev+0x162/0x560
[  308.712806][   T30]  ieee80211_remove_interfaces+0x4db/0x700
[  308.718896][   T30]  ? __pfx_ieee80211_remove_interfaces+0x10/0x10
[  308.735914][   T30]  ieee80211_unregister_hw+0x5d/0x2c0
[  308.741378][   T30]  mac80211_hwsim_del_radio+0x2c4/0x4c0
[  308.752585][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.758285][   T30]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[  308.773739][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.779486][   T30]  hwsim_exit_net+0x5c1/0x670
[  308.796208][   T30]  ? __pfx_hwsim_exit_net+0x10/0x10
[  308.801502][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.822682][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.828588][   T30]  ? __ip_vs_dev_cleanup_batch+0x239/0x260
[  308.842681][   T30]  cleanup_net+0x804/0xcc0
[  308.847201][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  308.852202][   T30]  ? process_scheduled_works+0x976/0x1850
[  308.867579][   T30]  process_scheduled_works+0xa65/0x1850
[  308.878756][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  308.892592][   T30]  ? assign_work+0x364/0x3d0
[  308.897255][   T30]  worker_thread+0x870/0xd30
[  308.901894][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.920227][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.930931][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  308.941898][   T30]  ? __kthread_parkme+0x169/0x1d0
[  308.952210][   T30]  ? __pfx_worker_thread+0x10/0x10
[  308.962177][   T30]  kthread+0x2f2/0x390
[  308.972579][   T30]  ? __pfx_worker_thread+0x10/0x10
[  308.977751][   T30]  ? __pfx_kthread+0x10/0x10
[  308.982386][   T30]  ret_from_fork+0x4d/0x80
[  309.000109][   T30]  ? __pfx_kthread+0x10/0x10
[  309.008688][   T30]  ret_from_fork_asm+0x1a/0x30
[  309.019595][   T30]  </TASK>
[  309.025236][   T30] INFO: task kworker/u8:7:2912 blocked for more than 144 seconds.
[  309.052951][   T30]       Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  309.060296][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  309.080761][   T30] task:kworker/u8:7    state:D stack:19832 pid:2912  tgid:2912  ppid:2      flags:0x00004000
[  309.093518][   T30] Workqueue: cfg80211 cfg80211_dfs_channels_update_work
[  309.100536][   T30] Call Trace:
[  309.115374][   T30]  <TASK>
[  309.118389][   T30]  __schedule+0x1895/0x4b30
[  309.132718][   T30]  ? __pfx___schedule+0x10/0x10
[  309.137681][   T30]  ? __pfx_lock_release+0x10/0x10
[  309.151133][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  309.157053][   T30]  ? kthread_data+0x52/0xd0
[  309.161619][   T30]  ? schedule+0x90/0x320
[  309.172673][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.178411][   T30]  ? wq_worker_sleeping+0x66/0x240
[  309.207474][   T30]  ? schedule+0x90/0x320
[  309.211816][   T30]  schedule+0x14b/0x320
[  309.274934][   T30]  schedule_preempt_disabled+0x13/0x30
[  309.280498][   T30]  __mutex_lock+0x6a7/0xd70
[  309.300487][   T30]  ? __mutex_lock+0x52a/0xd70
[  309.310235][   T30]  ? cfg80211_dfs_channels_update_work+0xbf/0x610
[  309.321559][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  309.332112][   T30]  cfg80211_dfs_channels_update_work+0xbf/0x610
[  309.348380][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.358597][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  309.372219][   T30]  ? __pfx_cfg80211_dfs_channels_update_work+0x10/0x10
[  309.381962][   T30]  ? process_scheduled_works+0x976/0x1850
[  309.392676][   T30]  process_scheduled_works+0xa65/0x1850
[  309.408557][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  309.417394][   T30]  ? assign_work+0x364/0x3d0
[  309.422092][   T30]  worker_thread+0x870/0xd30
[  309.435897][   T30]  ? __kthread_parkme+0x169/0x1d0
[  309.441034][   T30]  ? __pfx_worker_thread+0x10/0x10
[  309.456219][   T30]  kthread+0x2f2/0x390
[  309.460373][   T30]  ? __pfx_worker_thread+0x10/0x10
[  309.471757][   T30]  ? __pfx_kthread+0x10/0x10
[  309.480379][   T30]  ret_from_fork+0x4d/0x80
[  309.491109][   T30]  ? __pfx_kthread+0x10/0x10
[  309.498689][   T30]  ret_from_fork_asm+0x1a/0x30
[  309.512665][   T30]  </TASK>
[  309.515827][   T30] INFO: task kworker/u8:9:3000 blocked for more than 145 seconds.
[  309.533158][   T30]       Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  309.540589][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  309.563315][   T30] task:kworker/u8:9    state:D stack:19920 pid:3000  tgid:3000  ppid:2      flags:0x00004000
[  309.581926][   T30] Workqueue: events_unbound linkwatch_event
[  309.589528][   T30] Call Trace:
[  309.600884][   T30]  <TASK>
[  309.605102][   T30]  __schedule+0x1895/0x4b30
[  309.615862][   T30]  ? __pfx___schedule+0x10/0x10
[  309.620780][   T30]  ? __pfx_lock_release+0x10/0x10
[  309.636972][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  309.648235][   T30]  ? kthread_data+0x52/0xd0
[  309.656621][   T30]  ? schedule+0x90/0x320
[  309.660927][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.672724][   T30]  ? wq_worker_sleeping+0x66/0x240
[  309.677965][   T30]  ? schedule+0x90/0x320
[  309.682253][   T30]  schedule+0x14b/0x320
[  309.697318][   T30]  schedule_preempt_disabled+0x13/0x30
[  309.712767][   T30]  __mutex_lock+0x6a7/0xd70
[  309.717350][   T30]  ? __mutex_lock+0x52a/0xd70
[  309.722086][   T30]  ? linkwatch_event+0xe/0x60
[  309.736429][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  309.742142][   T30]  ? process_scheduled_works+0x976/0x1850
[  309.752699][   T30]  linkwatch_event+0xe/0x60
[  309.757253][   T30]  process_scheduled_works+0xa65/0x1850
[  309.771597][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  309.780495][   T30]  ? assign_work+0x364/0x3d0
[  309.793067][   T30]  worker_thread+0x870/0xd30
[  309.797725][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.814032][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.819737][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  309.832679][   T30]  ? __kthread_parkme+0x169/0x1d0
[  309.837770][   T30]  ? __pfx_worker_thread+0x10/0x10
[  309.852682][   T30]  kthread+0x2f2/0x390
[  309.856800][   T30]  ? __pfx_worker_thread+0x10/0x10
[  309.861955][   T30]  ? __pfx_kthread+0x10/0x10
[  309.877003][   T30]  ret_from_fork+0x4d/0x80
[  309.881495][   T30]  ? __pfx_kthread+0x10/0x10
[  309.893164][   T30]  ret_from_fork_asm+0x1a/0x30
[  309.898006][   T30]  </TASK>
[  309.912698][   T30] INFO: task syz-executor:7180 blocked for more than 145 seconds.
[  309.920622][   T30]       Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  309.938773][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  309.959943][   T30] task:syz-executor    state:D stack:21680 pid:7180  tgid:7180  ppid:1      flags:0x00004006
[  309.971672][   T30] Call Trace:
[  309.982689][   T30]  <TASK>
[  309.985661][   T30]  __schedule+0x1895/0x4b30
[  309.990227][   T30]  ? __pfx___schedule+0x10/0x10
[  310.005733][   T30]  ? __pfx_lock_release+0x10/0x10
[  310.021424][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  310.029679][   T30]  ? schedule+0x90/0x320
[  310.040973][   T30]  schedule+0x14b/0x320
[  310.047844][   T30]  schedule_preempt_disabled+0x13/0x30
[  310.060981][   T30]  __mutex_lock+0x6a7/0xd70
[  310.068219][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.081019][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  310.092029][   T30]  ? __mutex_lock+0x52a/0xd70
[  310.103156][   T30]  ? nsim_destroy+0x71/0x5c0
[  310.107828][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  310.123280][   T30]  ? __pfx_mntput_no_expire+0x10/0x10
[  310.128729][   T30]  ? _raw_spin_unlock+0x28/0x50
[  310.142726][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.148429][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.164213][   T30]  nsim_destroy+0x71/0x5c0
[  310.168689][   T30]  ? nsim_dev_reload_destroy+0x28a/0x490
[  310.182877][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.188579][   T30]  __nsim_dev_port_del+0x14b/0x1b0
[  310.202392][   T30]  nsim_dev_reload_destroy+0x28a/0x490
[  310.208936][   T30]  ? __pfx_nsim_bus_remove+0x10/0x10
[  310.222600][   T30]  nsim_drv_remove+0x58/0x160
[  310.227358][   T30]  device_release_driver_internal+0x4ab/0x7c0
[  310.241943][   T30]  bus_remove_device+0x34f/0x420
[  310.250843][   T30]  device_del+0x57a/0x9b0
[  310.262652][   T30]  ? __pfx_device_del+0x10/0x10
[  310.267587][   T30]  device_unregister+0x20/0xc0
[  310.272399][   T30]  del_device_store+0x363/0x480
[  310.286241][   T30]  ? __pfx_del_device_store+0x10/0x10
[  310.291716][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.303081][   T30]  ? sysfs_kf_write+0x182/0x2a0
[  310.308097][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.330433][   T30]  ? bus_attr_store+0x4f/0xa0
[  310.342798][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  310.348172][   T30]  kernfs_fop_write_iter+0x3a2/0x500
[  310.362651][   T30]  vfs_write+0xa6f/0xc90
[  310.366998][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  310.382133][   T30]  ? __pfx_vfs_write+0x10/0x10
[  310.387354][   T30]  ? do_sys_openat2+0x17a/0x1d0
[  310.392264][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  310.403018][   T30]  ? blkcg_maybe_throttle_current+0x1ab/0xb80
[  310.409189][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.429540][   T30]  ? fdget_pos+0x265/0x320
[  310.439333][   T30]  ksys_write+0x183/0x2b0
[  310.448577][   T30]  ? __pfx_ksys_write+0x10/0x10
[  310.457671][   T30]  ? do_syscall_64+0x100/0x230
[  310.462500][   T30]  ? do_syscall_64+0xb6/0x230
[  310.477833][   T30]  do_syscall_64+0xf3/0x230
[  310.482400][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.492755][   T30] RIP: 0033:0x7fc30e77ca1f
[  310.497220][   T30] RSP: 002b:00007ffd6c793720 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  310.516536][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fc30e77ca1f
[  310.533093][   T30] RDX: 0000000000000001 RSI: 00007ffd6c793770 RDI: 0000000000000005
[  310.541127][   T30] RBP: 00007fc30e7f12b5 R08: 0000000000000000 R09: 00007ffd6c793577
[  310.558883][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  310.570660][   T30] R13: 00007ffd6c793770 R14: 00007fc30f464620 R15: 0000000000000003
[  310.590212][   T30]  </TASK>
[  310.597404][   T30] INFO: task syz-executor:7186 blocked for more than 146 seconds.
[  310.611187][   T30]       Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  310.622394][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  310.642373][   T30] task:syz-executor    state:D stack:21728 pid:7186  tgid:7186  ppid:1      flags:0x00000004
[  310.662588][   T30] Call Trace:
[  310.666471][   T30]  <TASK>
[  310.669434][   T30]  __schedule+0x1895/0x4b30
[  310.683085][   T30]  ? __pfx___schedule+0x10/0x10
[  310.688036][   T30]  ? __pfx_lock_release+0x10/0x10
[  310.702614][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  310.708130][   T30]  ? schedule+0x90/0x320
[  310.712404][   T30]  schedule+0x14b/0x320
[  310.727783][   T30]  schedule_preempt_disabled+0x13/0x30
[  310.742144][   T30]  __mutex_lock+0x6a7/0xd70
[  310.749216][   T30]  ? __mutex_lock+0x52a/0xd70
[  310.760843][   T30]  ? del_device_store+0xfc/0x480
[  310.772265][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  310.782791][   T30]  del_device_store+0xfc/0x480
[  310.787604][   T30]  ? __pfx_del_device_store+0x10/0x10
[  310.802276][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.810290][   T30]  ? sysfs_kf_write+0x182/0x2a0
[  310.822775][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.831971][   T30]  ? bus_attr_store+0x4f/0xa0
[  310.843040][   T30]  ? __pfx_sysfs_kf_write+0x10/0x10
[  310.848293][   T30]  kernfs_fop_write_iter+0x3a2/0x500
[  310.862765][   T30]  vfs_write+0xa6f/0xc90
[  310.867077][   T30]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  310.883360][   T30]  ? __pfx_vfs_write+0x10/0x10
[  310.888177][   T30]  ? do_sys_openat2+0x17a/0x1d0
[  310.904631][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[  310.909976][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  310.924965][   T30]  ? fdget_pos+0x265/0x320
[  310.929426][   T30]  ksys_write+0x183/0x2b0
[  310.945029][   T30]  ? __pfx_ksys_write+0x10/0x10
[  310.950022][   T30]  ? do_syscall_64+0x100/0x230
[  310.961994][   T30]  ? do_syscall_64+0xb6/0x230
[  310.972824][   T30]  do_syscall_64+0xf3/0x230
[  310.977376][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.993247][   T30] RIP: 0033:0x7f7bb877ca1f
[  310.997697][   T30] RSP: 002b:00007ffda299f950 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  311.015969][   T30] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f7bb877ca1f
[  311.029776][   T30] RDX: 0000000000000001 RSI: 00007ffda299f9a0 RDI: 0000000000000005
[  311.050057][   T30] RBP: 00007f7bb87f12b5 R08: 0000000000000000 R09: 00007ffda299f7a7
[  311.062741][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  311.079546][   T30] R13: 00007ffda299f9a0 R14: 00007f7bb9464620 R15: 0000000000000003
[  311.090273][   T30]  </TASK>
[  311.100604][   T30] INFO: task syz-executor:7235 blocked for more than 146 seconds.
[  311.112588][   T30]       Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  311.119934][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  311.148114][   T30] task:syz-executor    state:D stack:24128 pid:7235  tgid:7235  ppid:1      flags:0x00000004
[  311.169307][   T30] Call Trace:
[  311.176871][   T30]  <TASK>
[  311.179852][   T30]  __schedule+0x1895/0x4b30
[  311.190534][   T30]  ? __pfx___schedule+0x10/0x10
[  311.199142][   T30]  ? __pfx_lock_release+0x10/0x10
[  311.211864][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  311.221655][   T30]  ? schedule+0x90/0x320
[  311.231813][   T30]  schedule+0x14b/0x320
[  311.239170][   T30]  schedule_preempt_disabled+0x13/0x30
[  311.253008][   T30]  __mutex_lock+0x6a7/0xd70
[  311.257585][   T30]  ? __mutex_lock+0x52a/0xd70
[  311.262302][   T30]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  311.277523][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  311.290066][   T30]  rtnetlink_rcv_msg+0x6e6/0xcf0
[  311.301425][   T30]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  311.311241][   T30]  ? __lock_acquire+0x1384/0x2050
[  311.321126][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  311.332028][   T30]  netlink_rcv_skb+0x1e5/0x430
[  311.340882][   T30]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  311.358417][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  311.366595][   T30]  ? netlink_deliver_tap+0x2e/0x1b0
[  311.371861][   T30]  netlink_unicast+0x7f8/0x990
[  311.388292][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  311.396415][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.402106][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.412707][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.418395][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.432458][   T30]  ? __check_object_size+0x48e/0x900
[  311.438743][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  311.454339][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.459717][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.474765][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  311.479802][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.492787][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  311.498164][   T30]  __sock_sendmsg+0x223/0x270
[  311.511597][   T30]  __sys_sendto+0x39b/0x4f0
[  311.516597][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  311.521709][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  311.543450][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  311.551665][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  311.569728][   T30]  ? exc_page_fault+0x590/0x8c0
[  311.578697][   T30]  __x64_sys_sendto+0xde/0x100
[  311.589493][   T30]  do_syscall_64+0xf3/0x230
[  311.598517][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.610657][   T30] RIP: 0033:0x7fb719f7fdcc
[  311.620279][   T30] RSP: 002b:00007fffc9b14530 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  311.633031][   T30] RAX: ffffffffffffffda RBX: 00007fb71ac64620 RCX: 00007fb719f7fdcc
[  311.641198][   T30] RDX: 0000000000000028 RSI: 00007fb71ac64670 RDI: 0000000000000003
[  311.660438][   T30] RBP: 0000000000000000 R08: 00007fffc9b14584 R09: 000000000000000c
[  311.670635][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  311.690936][   T30] R13: 0000000000000000 R14: 00007fb71ac64670 R15: 0000000000000000
[  311.703834][   T30]  </TASK>
[  311.707004][   T30] 
[  311.707004][   T30] Showing all locks held in the system:
[  311.722359][   T30] 1 lock held by khungtaskd/30:
[  311.729977][   T30]  #0: ffffffff8e937ee0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  311.749040][   T30] 3 locks held by kworker/u8:4/79:
[  311.760642][   T30]  #0: ffff88802d9a1948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  311.784724][   T30]  #1: ffffc900015f7d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  311.808715][   T30]  #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  311.821121][   T30] 6 locks held by kworker/u8:6/1126:
[  311.832678][   T30]  #0: ffff88801bae5948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  311.854325][   T30]  #1: ffffc900040d7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  311.876328][   T30]  #2: ffffffff8fcc4dd0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  311.892720][   T30]  #3: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0
[  311.911231][   T30]  #4: ffff88801b3f8768 (&rdev->wiphy.mtx){+.+.}-{3:3}, at: ieee80211_remove_interfaces+0x12b/0x700
[  311.922711][   T30]  #5: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  311.942623][   T30] 3 locks held by kworker/u8:7/2912:
[  311.947973][   T30]  #0: ffff888147e92948 ((wq_completion)cfg80211){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  311.971143][   T30]  #1: ffffc90009bf7d00 ((work_completion)(&(&rdev->dfs_update_channels_wk)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  311.996014][   T30]  #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: cfg80211_dfs_channels_update_work+0xbf/0x610
[  312.018866][   T30] 3 locks held by kworker/u8:9/3000:
[  312.028641][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  312.049769][   T30]  #1: ffffc9000a0a7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  312.064445][   T30]  #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  312.081875][   T30] 2 locks held by getty/4980:
[  312.087071][   T30]  #0: ffff88803213a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  312.109642][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  312.124367][   T30] 3 locks held by kworker/1:3/5281:
[  312.129811][   T30]  #0: ffff88801ac79948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  312.152203][   T30]  #1: ffffc90003bb7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  312.172736][   T30]  #2: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  312.184592][   T30] 2 locks held by kworker/1:8/5293:
[  312.189852][   T30] 3 locks held by kworker/0:5/5326:
[  312.207489][   T30] 7 locks held by syz-executor/7180:
[  312.217710][   T30]  #0: ffff88807c89c420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90
[  312.232183][   T30]  #1: ffff888028b68088 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500
[  312.246848][   T30]  #2: ffff8880273803c8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  312.269121][   T30]  #3: ffffffff8f570968 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  312.285764][   T30]  #4: ffff88803137b0e8 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  312.302653][   T30]  #5: ffff88803137c250 (&devlink->lock_key#3){+.+.}-{3:3}, at: nsim_drv_remove+0x50/0x160
[  312.322665][   T30]  #6: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: nsim_destroy+0x71/0x5c0
[  312.331674][   T30] 4 locks held by syz-executor/7186:
[  312.349670][   T30]  #0: ffff88807c89c420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x224/0xc90
[  312.362184][   T30]  #1: ffff88801fef5c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x1ea/0x500
[  312.382441][   T30]  #2: ffff8880273803c8 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  312.399003][   T30]  #3: ffffffff8f570968 (nsim_bus_dev_list_lock){+.+.}-{3:3}, at: del_device_store+0xfc/0x480
[  312.413715][   T30] 1 lock held by syz.5.652/7192:
[  312.418724][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  312.439940][   T30] 1 lock held by syz.0.653/7196:
[  312.449265][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  312.464215][   T30] 1 lock held by syz.3.658/7224:
[  312.471054][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  312.487406][   T30] 1 lock held by syz.1.656/7228:
[  312.492370][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  312.507835][   T30] 1 lock held by syz-executor/7235:
[  312.519543][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.532577][   T30] 1 lock held by syz-executor/7237:
[  312.537798][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.555883][   T30] 1 lock held by syz-executor/7241:
[  312.561105][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.580375][   T30] 1 lock held by syz-executor/7243:
[  312.591325][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.606800][   T30] 1 lock held by syz-executor/7247:
[  312.617539][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.631785][   T30] 1 lock held by syz-executor/7249:
[  312.641859][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.656786][   T30] 1 lock held by syz-executor/7253:
[  312.662034][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.680354][   T30] 1 lock held by syz-executor/7254:
[  312.690998][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.705522][   T30] 1 lock held by syz-executor/7260:
[  312.710936][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.727438][   T30] 1 lock held by syz-executor/7261:
[  312.739651][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.755996][   T30] 1 lock held by syz-executor/7271:
[  312.761322][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.780086][   T30] 1 lock held by syz-executor/7273:
[  312.788863][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.802605][   T30] 1 lock held by syz-executor/7277:
[  312.807931][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.828696][   T30] 1 lock held by syz-executor/7279:
[  312.838892][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.852583][   T30] 1 lock held by syz-executor/7283:
[  312.857923][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.878448][   T30] 1 lock held by syz-executor/7285:
[  312.891123][   T30]  #0: ffffffff8fcd18c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  312.903270][   T30] 
[  312.905619][   T30] =============================================
[  312.905619][   T30] 
[  312.924093][   T30] NMI backtrace for cpu 1
[  312.928458][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  312.938635][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  312.948707][   T30] Call Trace:
[  312.952004][   T30]  <TASK>
[  312.954951][   T30]  dump_stack_lvl+0x241/0x360
[  312.959672][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  312.964900][   T30]  ? __pfx__printk+0x10/0x10
[  312.969535][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  312.974517][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  312.980028][   T30]  ? _printk+0xd5/0x120
[  312.984209][   T30]  ? __pfx__printk+0x10/0x10
[  312.988828][   T30]  ? __wake_up_klogd+0xcc/0x110
[  312.993711][   T30]  ? __pfx__printk+0x10/0x10
[  312.998386][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.004086][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  313.009165][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  313.015201][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  313.021241][   T30]  watchdog+0xff4/0x1040
[  313.026138][   T30]  ? watchdog+0x1ea/0x1040
[  313.030601][   T30]  ? __pfx_watchdog+0x10/0x10
[  313.035318][   T30]  kthread+0x2f2/0x390
[  313.039418][   T30]  ? __pfx_watchdog+0x10/0x10
[  313.044139][   T30]  ? __pfx_kthread+0x10/0x10
[  313.048762][   T30]  ret_from_fork+0x4d/0x80
[  313.053219][   T30]  ? __pfx_kthread+0x10/0x10
[  313.057841][   T30]  ret_from_fork_asm+0x1a/0x30
[  313.062665][   T30]  </TASK>
[  313.066928][   T30] Sending NMI from CPU 1 to CPUs 0:
[  313.072257][    C0] NMI backtrace for cpu 0
[  313.072272][    C0] CPU: 0 UID: 0 PID: 5326 Comm: kworker/0:5 Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  313.072298][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  313.072314][    C0] Workqueue: events_power_efficient neigh_periodic_work
[  313.072356][    C0] RIP: 0010:memset+0xf/0x20
[  313.072388][    C0] Code: 44 88 1f e9 6e d3 2b 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 49 89 f9 40 88 f0 48 89 d1 <f3> aa 4c 89 c8 e9 42 d3 2b 00 0f 1f 80 00 00 00 00 90 90 90 90 90
[  313.072407][    C0] RSP: 0018:ffffc90000006b48 EFLAGS: 00000202
[  313.072426][    C0] RAX: ffffc90000007700 RBX: ffffc90000006c58 RCX: 0000000000000005
[  313.072444][    C0] RDX: 0000000000000010 RSI: 0000000000000000 RDI: ffffc90000006c7b
[  313.072459][    C0] RBP: dffffc0000000000 R08: ffffc90000006c7f R09: ffffc90000006c70
[  313.072477][    C0] R10: dffffc0000000000 R11: fffff52000000d90 R12: ffffc90000008000
[  313.072494][    C0] R13: ffffc90000006c20 R14: ffffffff89d91975 R15: ffffc90000006c70
[  313.072515][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  313.072539][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  313.072556][    C0] CR2: 0000001b3291bff8 CR3: 000000000e734000 CR4: 0000000000350ef0
[  313.072576][    C0] Call Trace:
[  313.072585][    C0]  <NMI>
[  313.072595][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  313.072631][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  313.072670][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  313.072704][    C0]  ? nmi_handle+0x2a/0x5a0
[  313.072741][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  313.072775][    C0]  ? nmi_handle+0x151/0x5a0
[  313.072806][    C0]  ? nmi_handle+0x2a/0x5a0
[  313.072832][    C0]  ? memset+0xf/0x20
[  313.072863][    C0]  ? default_do_nmi+0x63/0x160
[  313.072901][    C0]  ? exc_nmi+0x123/0x1f0
[  313.072937][    C0]  ? end_repeat_nmi+0xf/0x53
[  313.072968][    C0]  ? nf_hook_slow+0xc5/0x220
[  313.073001][    C0]  ? memset+0xf/0x20
[  313.073032][    C0]  ? memset+0xf/0x20
[  313.073064][    C0]  ? memset+0xf/0x20
[  313.073095][    C0]  </NMI>
[  313.073103][    C0]  <IRQ>
[  313.073112][    C0]  unwind_next_frame+0xcfb/0x22d0
[  313.073155][    C0]  ? nft_do_chain_inet+0x418/0x6b0
[  313.073185][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  313.073215][    C0]  arch_stack_walk+0x11c/0x150
[  313.073242][    C0]  ? nf_hook_slow+0xc5/0x220
[  313.073267][    C0]  stack_trace_save+0x118/0x1d0
[  313.073295][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  313.073322][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.073352][    C0]  ? __lock_acquire+0x1384/0x2050
[  313.073389][    C0]  ? __pfx_dst_destroy_rcu+0x10/0x10
[  313.073419][    C0]  kasan_save_stack+0x3f/0x60
[  313.073442][    C0]  ? kasan_save_stack+0x3f/0x60
[  313.073461][    C0]  ? __kasan_record_aux_stack+0xac/0xc0
[  313.073491][    C0]  ? call_rcu+0x167/0xa70
[  313.073515][    C0]  ? skb_release_head_state+0x73/0x250
[  313.073545][    C0]  ? consume_skb+0x60/0xf0
[  313.073572][    C0]  ? nft_synproxy_eval_v4+0x3d2/0x610
[  313.073598][    C0]  ? nft_synproxy_do_eval+0x362/0xa60
[  313.073622][    C0]  ? nft_do_chain+0x4af/0x1da0
[  313.073649][    C0]  ? nft_do_chain_inet+0x418/0x6b0
[  313.073703][    C0]  ? __phys_addr+0xba/0x170
[  313.073726][    C0]  __kasan_record_aux_stack+0xac/0xc0
[  313.073759][    C0]  call_rcu+0x167/0xa70
[  313.073806][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.073841][    C0]  ? __pfx_call_rcu+0x10/0x10
[  313.073864][    C0]  ? rcuref_put+0x1e3/0x240
[  313.073891][    C0]  ? __pfx_rcuref_put+0x10/0x10
[  313.073927][    C0]  skb_release_head_state+0x73/0x250
[  313.073960][    C0]  consume_skb+0x60/0xf0
[  313.073988][    C0]  nft_synproxy_eval_v4+0x3d2/0x610
[  313.074019][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  313.074044][    C0]  ? NF_HOOK+0x29e/0x450
[  313.074078][    C0]  ? nf_ip_checksum+0x13a/0x500
[  313.074109][    C0]  nft_synproxy_do_eval+0x362/0xa60
[  313.074139][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  313.074168][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.074197][    C0]  ? __lock_acquire+0x1384/0x2050
[  313.074232][    C0]  ? __pfx_validate_chain+0x10/0x10
[  313.074258][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.074293][    C0]  nft_do_chain+0x4af/0x1da0
[  313.074318][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.074359][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  313.074384][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  313.074420][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.074470][    C0]  nft_do_chain_inet+0x418/0x6b0
[  313.074499][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  313.074524][    C0]  ? ipt_do_table+0x312/0x1860
[  313.074562][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  313.074588][    C0]  nf_hook_slow+0xc5/0x220
[  313.074610][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  313.074643][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  313.074676][    C0]  NF_HOOK+0x29e/0x450
[  313.074705][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.074739][    C0]  ? NF_HOOK+0x9a/0x450
[  313.074769][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  313.074807][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  313.074844][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.074873][    C0]  ? ip_rcv_finish+0x406/0x560
[  313.074907][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  313.074940][    C0]  NF_HOOK+0x3a6/0x450
[  313.074973][    C0]  ? NF_HOOK+0x9a/0x450
[  313.075003][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  313.075034][    C0]  ? ip_rcv_core+0x801/0xd10
[  313.075067][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  313.075105][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  313.075137][    C0]  __netif_receive_skb+0x2bf/0x650
[  313.075174][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  313.075208][    C0]  ? __pfx___netif_receive_skb+0x10/0x10
[  313.075241][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  313.075275][    C0]  ? __pfx_lock_release+0x10/0x10
[  313.075310][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  313.075344][    C0]  process_backlog+0x662/0x15b0
[  313.075370][    C0]  ? process_backlog+0x33b/0x15b0
[  313.075399][    C0]  ? __pfx_process_backlog+0x10/0x10
[  313.075421][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  313.075457][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  313.075494][    C0]  __napi_poll+0xcd/0x490
[  313.075531][    C0]  net_rx_action+0x89b/0x1240
[  313.075568][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  313.075592][    C0]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  313.075649][    C0]  handle_softirqs+0x2c7/0x980
[  313.075682][    C0]  ? do_softirq+0x11b/0x1e0
[  313.075713][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  313.075746][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.075779][    C0]  do_softirq+0x11b/0x1e0
[  313.075811][    C0]  </IRQ>
[  313.075819][    C0]  <TASK>
[  313.075827][    C0]  ? __pfx_do_softirq+0x10/0x10
[  313.075857][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  313.075893][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.075922][    C0]  ? rcu_is_watching+0x15/0xb0
[  313.075948][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  313.075979][    C0]  ? neigh_periodic_work+0xb35/0xd50
[  313.076014][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  313.076045][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.076075][    C0]  ? neigh_destroy+0x423/0x580
[  313.076107][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.076142][    C0]  neigh_periodic_work+0xb35/0xd50
[  313.076183][    C0]  ? process_scheduled_works+0x976/0x1850
[  313.076216][    C0]  process_scheduled_works+0xa65/0x1850
[  313.076265][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  313.076303][    C0]  ? assign_work+0x364/0x3d0
[  313.076336][    C0]  worker_thread+0x870/0xd30
[  313.076370][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.076403][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.076432][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  313.076460][    C0]  ? __kthread_parkme+0x169/0x1d0
[  313.076497][    C0]  ? __pfx_worker_thread+0x10/0x10
[  313.076529][    C0]  kthread+0x2f2/0x390
[  313.076549][    C0]  ? __pfx_worker_thread+0x10/0x10
[  313.076580][    C0]  ? __pfx_kthread+0x10/0x10
[  313.076602][    C0]  ret_from_fork+0x4d/0x80
[  313.076634][    C0]  ? __pfx_kthread+0x10/0x10
[  313.076655][    C0]  ret_from_fork_asm+0x1a/0x30
[  313.076700][    C0]  </TASK>
[  313.915289][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  313.922187][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-syzkaller-10669-g11a299a7933e #0
[  313.932396][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  313.942471][   T30] Call Trace:
[  313.945768][   T30]  <TASK>
[  313.948716][   T30]  dump_stack_lvl+0x241/0x360
[  313.953521][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.958838][   T30]  ? __pfx__printk+0x10/0x10
[  313.963457][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  313.969572][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.975344][   T30]  ? vscnprintf+0x5d/0x90
[  313.979738][   T30]  panic+0x349/0x880
[  313.983690][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  313.989373][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  313.995582][   T30]  ? __pfx_panic+0x10/0x10
[  314.000042][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  314.005457][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.011245][   T30]  ? __irq_work_queue_local+0x137/0x410
[  314.016845][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.022523][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  314.027938][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  314.034154][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  314.040366][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  314.046046][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  314.052254][   T30]  watchdog+0x1033/0x1040
[  314.056629][   T30]  ? watchdog+0x1ea/0x1040
[  314.061096][   T30]  ? __pfx_watchdog+0x10/0x10
[  314.065833][   T30]  kthread+0x2f2/0x390
[  314.069942][   T30]  ? __pfx_watchdog+0x10/0x10
[  314.074659][   T30]  ? __pfx_kthread+0x10/0x10
[  314.079283][   T30]  ret_from_fork+0x4d/0x80
[  314.083745][   T30]  ? __pfx_kthread+0x10/0x10
[  314.088382][   T30]  ret_from_fork_asm+0x1a/0x30
[  314.093220][   T30]  </TASK>
[  314.096502][   T30] Kernel Offset: disabled
[  314.100888][   T30] Rebooting in 86400 seconds..