last executing test programs:

8m57.38470786s ago: executing program 32 (id=101):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

8m51.64804387s ago: executing program 33 (id=128):
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, 0x0)

8m4.959248244s ago: executing program 34 (id=575):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000003c0)={0x0, 0xfffffffffffffd90, &(0x7f0000000380)={&(0x7f0000000240)={0x14, r1, 0x701, 0x74bd2b, 0x0, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x20004074}, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000001100), r0)

5m57.166668139s ago: executing program 35 (id=2106):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000004700)={'team0\x00', <r2=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000900)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050427bd7000fedbdf250100000008000100", @ANYRES32=r2, @ANYBLOB="4800028044000100240001006d6f646500000000000000000000000022000000000000000000000000000000050003000500000011000400616374356976656261636b7570"], 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x4040084)

4m49.817514934s ago: executing program 36 (id=2697):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_GET_SPEED(r1, 0x551f)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x2008803, &(0x7f0000000080), 0x1, 0x638, &(0x7f0000000240)="$eJzs3U1vVFUfAPD/nU5faJ/naSFPVFxIE2MgUVpawBBjIuwJwZedbiotBCmU0BotIaEkuDFx54LElQvxY0jCli/gwsS4MibEKAsxRMbc27nT2+lM6dt0yvT3Sy495972nnNL/3POPXPOnQB2reGIGImI/RFxNYkYLBwrZ/+Wsm9Kv+/RHzfOpVsSlcr7vydx42ayUDxXUv06UP3hfwYXd+3rWlnu7Pz1SxPT01PXqvnRuctXR2fnrx++eHniwtSFqSvjb46fOH7s+ImxI5u6vr2F9Onbn3w2+OWZD7/75kky9v1PZ5I4mV5dJr2uarKSX0fvpkpOf2fDUVn0uLg//b2e2OS5d4q/BvO/kyVJ/Q52tDQGuiPixRiMrsL/5mB88W5bKwa0VNrYVYBdKtlQ/PdtfUWAbZb3A/J7+8J98Goa3NEDz5uHpxYHpBZjvzsi8vgvZ2N+EX3Z2ED/o2TZOE8SEZsbmVuUlvHg/pnb6RbLx+GAFlu4lY9y17f/SRabQ9GX5foflZbFf6mwpfvfW0+hPUvJ4bpD4h+2z8KtiHip2v73xHrivxyF+P94g+WLfwAAAAAAANg6905FxBuN5v+VavN/ehrM/xmIiJNbUP6z3/8r5Uv0ki0oDih4eCri7Ybzf/Owi6Guau6/2XyA7uT8xempIxHxv4g4FN29aX6s7rylQvrwV/vuNCu/OP8v3dLyH9wvTi8u/VauW4g7OTE34dUANu/hrYiXs/m/B6p7ls//Sdv/pEH7n8b31TWWse+1u2eL+UqlcjNPN47/xbnAQGtVvo042LD9X2pgk9WfzzGa9QdG817BSq88KSw0qiP+oX3S9r+/efzXet615/XMru/8PRFxdL7cLPzXEP+N+/89yQddUVhK8PnE3Ny1sYie5PTK/ePrqzN0qjwe8nhJ4//Qq6uP/9X6/4U43BMRC2ss84WnA780O6b9h/ZJ439y9f7/UFJt/yNr/2sdgTUnxu8O/ZCdqcFz4c6uqf0/lrXph6p7svE/oKq0Ys9aA7Qt1QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA51wpIv4TSWmkli6VRkYiBiLi/9Ffmp6ZnXv9/MynVybTY9nn/5fyT/odXMwn+ef/DxXy43X5oxGxNyK+7tqT5UfOzUxPtvviAQAAAAAAAAAAAAAAAAAAYIcYyNb8V3rr1/+nfu1qd+2AlitXvz4j3vu2oy7A9ipv+CcrvVtaEWDbbTz+gefd2uO/u6X1ALZf8/h//KSSyfNJUjz6Z4vrBbSe/j/sXhuMf28PQgdoEP/D7agHsN1WHdO7U0t59x86kvt/AAAAAADoKHsP3PsxiYiFt/ZkW6qnesxkf+hspXZXAGgbc3hh9yrPtLsGQLu4xweW1vX/XWl0vPns/6Q1FQIAAAAAAAAAAAAAVji43/p/2K1WX/9vbj90slXW/zcKfo8LgA7S/KM/tP3Q6dzjA89q7a3/BwAAAAAAAAAAAIAdoO/6pYnp6alrs/ObTETEz5UkYrPnaZL4qMGhd1pUVksTCxM7ohpbmnjamjN3R8TOuMCWJ7oiorAnfwRHGyvW5tclAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5t8AAAD//wB1KIo=")

3m55.454195455s ago: executing program 37 (id=3277):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x28, 0x66, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7c56c988f0195595, 0x6071, 0x0, 0xe7}}}}}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)="a0", 0x1, 0x8001, 0x0, 0x0)

3m32.352178372s ago: executing program 38 (id=3453):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000140)='./file0\x00', 0x301c802, &(0x7f0000000f80)=ANY=[], 0x11, 0x5fbc, &(0x7f0000003100)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4Alm1UkCIVq+hy7ptzjHseeru45v580rvr6dE1/5f/UdPdUVVcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPG97/74ZC8iLv463XAw4jMxiOhHrNb1kahnzuf7DyPiUGwNx3MRMViOqJff+ueZiDMR8dGBiDt3b6zXN5/aZR9nT1y/+sn3v/OP3/3p1qGfvvmTD9rjP/rs6Q9/fzPi4A9f+/CTm09m3QEAAKAUVVVVvfQ2/3B6f9/vuikAYCby83+V5NvVarVa/UTrP/bnq5/d1ysxX/2oH6tuqia72SwiYrO5TP2awe54AFgwm/Fx1y3QIfkXbRgRT3XdBDDXel03wJ64c/fGei/l22s+HxwZj+e/U27Lf7N37/yOnabTtI8xmdXP160YxLM79LM6ox7mSc6/387/4nh8lO631/nPyk75j8anPhUn5z9o59+yLf8/R8TC5t+fmH+pcv7DR8l/c7DA27/8AQAAAADY//Lf/w92vP93+fFXZVcetv/3yIx6AAAAAAAAAIAn7XGv/3eP6/8BAADA3Krfq9f+cuD+bc1j/dvzF3oRT7fuDxQmnSyz1nUfAAAAAAAAAAAAAFCS4fgY3gu9iKWIeHptraqq+qupXT+qx11+0ZW+/lCyrn/JAwDA2EcHWufy9yJWIuJC+qy/pbW1tapaWV2r1qrV5fx6drS8Uq023tfmaX3b8mgXL4iHo6r+ZiuN5ZqmvV+eNt7+fvVjjarBLhqbjQ4DB4CIGD8b3fGMtM9U1TPR9ascFoPtf/+x/bMbXf+cAgAAAHuvqqqqlz7O+3Da59/vuikAYBZW8vN/e7+AWq1Wq9Xq/Vc3VZPdbBYRsdlcpn7N4HL8ALBgNuPjrlugQ/Iv2jAiDnXdBDDXel03wJ64c/fGei/l22s+H6Tru+djQbblv9nbWi4vP2k6TfsYk1n9fN2KQTy7Qz/PzaiHeZLz77fzvzgeH6X77XX+s7JT/vV6Huygn67l/Aft/Fv2T/79ifmXKuc/fKT8B/IHAAAAAIA5lv/+f9D+37zKAAAAAAAAALBw7ty9sZ7Pe837/z8/4X695pzzP/eNnH9v1/k7/3c/yfn32/m3DsgZNOZvv3E//3/fvbH+wfV/fS5P5z7/pcGofuylXn8wTMf8VEtvxeW4Ehtx4oH7D7eNn3xgfGnb+Kkp46cfGB/V46t5/Fisxy/iSrx5b3x5yoFRK1PGqynjOf+B7b9IOf9h46vOfy2N91rT2u33+w9s983ppMc5/7f/vvjg1jV7t2Jwb92a6vU72kE/W/8nT43iV9c2rh77zaXr16+ejDTZduupSJMnLOe/lL5y/i+9MB7Pv/eb2+vt90ePnP+8uBXDHfN/oTFfr+/LM+6tCzn/UfrK+ednoMnb/yLnv/P2/0oH/QAAAAAAAAAAAAAAAMDDVFW1dYro+Yg4l87/6ercTABgpv7wgzRTJaEe172Yr37UarVarX4CdVM12evNIla2L3MuIn476ZsBAPPsfxHxz66boDPyL1j+vL96+oWumwFm6tq77/3s0pUrG1evdd0JAAAAAAAAAPBp5et/Hmlc/3nrOKDWdaO3Xf/1jTiysNf/7I8GW9c6Tyv0fDz8+t9H4+HX/x5OebylKeOjKePLU8ZXpoxPPNGjIef/fMo45384rVhJ1399qYN+upbzP5qu9Zzz/1Lrfs38q78ucv79bfkfv/7OL49fe/e9Vy+/c+ntjbc3fn7yxLkzp8+eOX327PG3Ll/ZODH+t8OO91bOP1/72nGgZcn558zlX5ac/xdTLf+y5PxfTLX8y5Lzz6/35F+WnH9+7yP/suT8X061/MuS8/9yquVflpz/K6mWf1ly/l9JtfzLkvN/NdXyL0vO/1iq5V+WnP/xVMu/LDn/vIdL/mXJ+ecjG+Rflpz/qVTLvyw5/9Opln9Zcv5nUi3/suT8z6Za/mXJ+Z9LtfzLkvP/aqrlX5ac/9dSLf+y5PxfS7X8y5Lz/3qq5V+WnP83Ui3/suT8v5lq+Zcl5/+tVMu/LDn/b6da/mXJ+b+eavmX5f7n/5uZ8cx//h4xB22YMTNppuvfTAAAAAAAAAAAAABA2ywOJ+56HQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/swMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1djFxnfT/ws69eO4H4T0IIwZC14wRDNt5dvyUmGMzrPw0tTQOhpYU6xl6/gN/qXUOCULM0aRtEpEZtL9KLUkAUIbVVIoRUKqUoUpHau+YKlBvUSpFqqUllIqhES7LVmfM8z87Mzs7s2t74zDmfTxT/vDtnZp45c2Z2vmt9ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLb5AzN/PJBlWf5/44+NWXZ1/vf12f78y/k9V3qFAAAAwKV6pfHn316TvrF/BWdq2uaf3/av31tYWFjIPvPy+Vf/bGEhnTCeZUPrsqxxWvQvv/j5QvM2wSPZ2MBg09eDPa5+qMfpwz1OH+lx+miP09f1OH2sx+lLdsAS64vfxzQubGvjrxuLXZpdl400Ttva4VyPDKwbHIy/y2kYaJxnYeRIdjw7kc1kU0vOM9D4L8ue2Zxf191ZvK7BpuvalGXZhZ9+6VBcw0DYx1uzlitraL7vXnpfNv7yT7906NtzL7650+y5G5asNMu2bcnX+WiWLf66KhvI1qV9Etc52LTOTR3WOdSyzoHG+fK/t6/zwgrXGW/3WFjnc13WuSl878Gbsyybz5bdpt0j2WC2oe1a0/4eK46I/DLyu/IN2fCqjpPNKzhO8vO8cHPrcdJ+TMb9vznsk+Fl1tB8d7z05dEl+/1ij5P8VpfhWM0v+978SsfGmn+12nKs5tt86Zblj4GO912HYyAdy03HwJZex8Dg6FDjGBhcXPOWlmNgesl5BrOBxnWdv6X7MTA5d/LM5OxDX7z9+MmDR2eOzpyantqza+fuXTt37548cvzEzFTx5+p2aR/ZkA2mY3BLeK6Jx+Db27ZtPiQXvnH5HgdjJXkc5Lf947fmC7p6MFvmGM+3eXTbpT8O0s/9psfBcNPjoONzaofHwfAKHgf5Nhe2rexn5nDT/53WsFbPhRubjoEr+fMwv85PvWP558JNYV2PvXO1Pw+HlhwD8WYNhMde/p30em/szrBflh4XN+YnXDXaeG23/cGDc3Nnp7MwXhPXNt1X7cfLhqbblC05XgZXfbzs/5tf3npjh+9vDPtq7Lbu91W+za6J7vdV49n9qtHs3OzM2bA/R7Nif7Z8d0cWxmX2Wu/PTj/N8v2ZskSX/Zlv8+jtl/5aMOWSpue/kV7Pf0Mjw8Xz31DaGyMtz39L75qhxsqy7MLtK3v+Gwn/v9bPf9eV5Pkv31ef2t79GMi3eWxytcfAcNfnv5vDHAjreUdIDGNNuf/VxunzxWHadF/2PG6Gh0fCcTMcr7H1uNm55Dz5peXXvW3q4o6bbTe33lctr1tWftz0+vVBaY6bfF/9+VT34ybf5tnpS3/uWB//2vTcMdrrGBgZGs3XO5IOguL5bmF9PAa2Z4ey09mJ7HA6T34v59c1sWNlx8Bo+P+1fu64oSTHQL6vntzR/RjIt/nhzsv72mlb+E7apum1U/vvF5bL/DcOL15e+2673Jk/X+cHf/TR9L1OGSLf5sVdq80Z3ffTbeE7V3XYT+2Pn+WO6cPZa7OfbgjrPLG7+++m8m2u27PC42l/lmXPTz/f+H1X+P3ud8/96Hstv/ft9Dvl56efv2fyvh+vZv0AAFy8Vxt/zo8WrzWb/sV6Jf/+DwAAAPSFmPsHw0zkfwAAAKiMmPuHwkzkfwAAAKiMmPuHw0xqkv+P3bn3qVceztK7AS4E8fS4G+59T7Fd7HjPh6/HFxbl33//t0ae+srDK7vuwSzLfnnPWzpuf+w9cV2FM3Gd72r9/hI33LSi63/g/sXtmt8/4cLe4vLj7VnpYRC7ys9M7mhc7vhD04357D1ZY943/9gjxeUXX8ftz+8stv/L8KYl+48MtJx/W1jP1jDHw3vK3Lt/cT/kM57vqU1v+6drP7F4ffF8A1te37iZT/5+cbnxPaKeuLbYPt7u5db/j1/9zlP59g/e0nn9Dw92Xv/5cLkvhPmLfcX2zfv8K03r/8Ow/nh98Xzbv/mDjut/+k3F9k+H4+LrYbav/31/8tZXOt1f8Xr231WcL17/1H/vapwvXl68/Pb1jz083bI/2i//2ZeLy9n3+Z8NNW8fvx+vJ3rgrtbjeyDcvy098izLvvNHWct+zt5dnO8f2tYfL+/MXZ3Xf1vbOs8M3NQ4/+Lt2dhyu7721zs63t64nv1/t7Hl9jzxobD/Xp78YX655+8Lx2M4/X+eKy6v/c1Inv5Q6/NN3P7rG4vHbby8ybb1P9G2/vmb8n3Xe/13v1ys/+n3rmtZ//4Ph+Pp7mL2Wv/Rv7qm5fzf+HZxf5z9wsSp07Pnjh9u2qvNj+N1Y+s3XHX1615/TXgubf/6wOm5YzNnx6fGp7JsvA/fMnCt1//NMP+rGPOX/xoKP/5Zcdw9/pHi59bbf158/UT4/gPh/ow/H7/2FyMtx2v7/T7/3mJe6vrfGdaxUm/66r/ftKINz3/6mXN//wcvtr8uiLfnzBvHGrfvyc3XN04beLY4vf35qpd/e2Pr4/onw1ON+f2wXxfCOzNvub64vvbLj+9N8vjHisdvfCUXz5+1vZ/IxqHW23Gp6/9JeB3zgxtan//i8fH9h9vezXljNpAvYT48P2Tzxelxq7i/H79wfcfri+/Dk82/eTXLXNbsQ7OTJ46fOvfg5NzM7Nzk7ENfPHDy9LlTcwca71164LO9zr/4+N7QeHwfntmzK2s82k8XY41d6fWfuf/Q4Tumbj08c+TguSNz95+ZOXv00OzsoZnDs7cePHJk5gu9zn/88L7pHXt33rFj4ujxw/vu3Lt3596J46dO58soFtXDnqnPTZw6e6Bxltl9u/ZO7969a2ri5OnDM/vumJqaONfr/I2fTRP5uT8/cXbmxMG54ydnJmaPf3Fm3/TePXt29Hz3x5NnjsyOT549d2ry3OzM2cnitozPNb6d/+zrdX7qYfZ0eL5rMxBenX/ytj3p/XFz3/ryshdVbNL68jR7KbwXVPz51uvrmPtHwkxqkv8BAACgDmLuD2/8v3iC/A8AAACVEXP/ujAT+R8AAAAqI+b+IvmPpY9/r0v+v1z9/y/r/zfo/+v/Z/r/if6//n+m/6//34P+fyn6/8f0//X/9f9ZK2Xr/4fcn63PMv/+DwAAABUVc/+GMBP5HwAAACoj5v6rwkzkfwAAAKiMmPuvDjOpSf73+f/6//r/3fr/cVv9/0z/vwz9/63/qf+/hP6//n+m/3/RrnR/vt/XX8L+/3r9f8qmbP3/mPtfF2ZSk/wPAAAAdRBz/+vDTOR/AAAAKLV1q9g25v5rwkzkfwAAAKiMmPs3hpnUJP9fuf7/qP6//n9Dufv/Pv+/mf7/Fe//+/z/DvT/9f+z2vT/ixcL+v/lWf/a9///tOv5ff4//aBs/f+Y+/9fmElN8j8AAADUQcz9bwgzkf8BAACgMmLuvzbMRP4HAACAyoi5/7owk5rk/3p+/v8LWZbp/2f6//r/bevU/9f/Xwv6//r/3VzZ/n/+2qef+v8+/79s6y/h5//r/1M6Zev/x9z/xjCTmuR/AAAAqIOY+68PM5H/AQAAoDJi7n9TmIn8DwAAAJURc/8NYSY1yf/17P/7/H/9/8Ia9P8HhvX/E/1//f9M/1//vwef/6//38/r1//X/6e3svX/Y+5/c5hJTfI/AAAA1EHM/TeGmcj/AAAAUBkx978lzET+BwAAgMqIuX9TmElN8r/+v/6//r/P/9f/1/9fS/3V/x9c9hT9/4L+f6vL1/+fX1yA/n/frF//X/+f3srW/4+5/61hJjXJ/wAAAFAHMfe/LcxE/gcAAIDKiLn/pjAT+R8AAAAqI+b+8TCTmuR//X/9f/1//X/9f/3/tdRf/f/l6f8X9P9b+fx//X/9f/1/uitb/z/m/s1hJjXJ/wAAAFAHMfdvCTOR/wEAAKAyYu6/OcxE/gcAAIDKiLl/a5hJTfK//r/+v/6//r/+v/7/WtL/1//vRv9f/7+f16//r/9Pb2Xr/8fcf0uYSU3yPwAAANRBzP23hpnI/wAAAFAZMfe/PcxE/gcAAIDKiLl/W5hJTfK//r/+v/5/H/f/h/T/M/3/0uux/v9t+7Gzavr/+v+Z/v9Fu9L9+X5fv/6//j+9la3/H3P/O8JMapL/AQAAoA5i7n9nmIn8DwAAAJURc/9tYSbyPwAAAFRGzP0TYSY1yf8V7/+/+B/LbKb/X9D/7/P+v8//b1m//n85+fx//f9u9P/1//t5/fr/+v/0Vrb+f8z9t4eZ1CT/AwAAQB3E3L89zET+BwAAgMqIuX8yzET+BwAAgMqIuX8qzKQm+b/i/f9l6f8X9P/1/zP9f/3/Nab/r//fjf6//n8/r1//X/+f3srW/4+5fzrMpCb5HwAAAOog5v4dYSbyPwAAAFRGzP07w0zkfwAAAKiMmPt3hZnUJP/3Sf9/eypA6f/r/+v/6//r//cV/f+K9v/zJxL9f/3/03NpB+v/6//r/zPY4Xtl6//H3L87zKQm+R8AAADqIOb+PWEm8j8AAABURsz9d4SZyP8AAABQGTH33xlmUpP83yf9f5//r/+v/99E/1//v5/o/1e0/+/z/xv0/33+v/6//j/dla3/H3P/3jCTmuR/AAAAqIOY+98VZiL/AwAAQGXE3H9XmIn8DwAAAH2l0+cQRjH3vzvMpCb5X/+/6v3/hXX6//r/+v/d16//v7b0//X/u9H/1//v5/Xr/+v/01vZ+v8x9+8LM6lJ/gcAAIA6iLn/PWEm8j8AAABURsz97w0zkf8BAACgMmLu3x9mUpP8r/9f9f6/z//X/9f/77V+/f+1pf+v/99NJfv/66rf/w8vW/T/S9T/z48h/X/KqGz9/5j73xdmUpP8DwAAAHUQc//7w0zkfwAAAKiMmPs/EGYi/wMAAEBlxNz/wTCTmuR//X/9f/1//X/9f/3/taT/v2b9/8ZTof5/oVT9f5//r//v8//1/0nK1v+Puf9DYSY1yf8AAABQBzH3fzjMRP4HAACAyoi5//+Hmcj/AAAAUBkx998dZlKT/K//r/+v/6//r/+v/7+W9P99/n83+v/6//28fv1//X96K1v/P+b+XwkzqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6PhJnI/wAAANBnRpc9Jeb+Xw0zqUn+77/+/3hf9v8H0+Xr/+v/6//r/+v/X076//r/mf7/RbvS/fl+X7/+v/4/vZWt/x9z/6+FmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+Xw8zkf8BAACgMmLuvzfMpCb5/3L3/9vP343P/9f/z/T/9f/1//X/L5H+v/5/pv9/0a50f77f16//r/9Pb2Xr/8fc/xthJjXJ/wAAAFAHMfffF2Yi/wMAAEBJHVv1OWLu/1iYifwPAAAAlRFz/8fDTGqS//vv8//1//X/9f/1//X/+4n+v/5/N/r/+v/9vH79f/1/eitb/z/m/vvDTGqS/wEAAKAOYu7/RJiJ/A8AAACVEXP/b4aZyP8AAABQGTH3/1aYSU3yv/6//r/+v/6//r/+/1rS/1/a/8+fw/T/C/r/+v/9vH79f/1/eitb/z/m/k+GmdQk/wMAAEAdxNz/22Em8j8AAABURsz9vxNmIv8DAABAZcTc/6kwk5rkf/1//X/9f/1//X/9/7Wk/+/z/7vR/9f/7+f16//r/9Nb2fr/Mfd/OsykJvkfAAAA6iDm/t8NM5H/AQAAoDJi7j8QZiL/AwAAQGXE3P9AmElN8r/+v/6//r/+v/6//v9a0v/X/+9G/1//v5/Xr/+v/09vZev/x9x/MMxkf+vVAAAAAP0r5v7PhJnU5N//AQAAoA5i7j8UZiL/AwAAQGXE3H84zKQm+V//X/9f/1//X/9f/38t6f/r/3ej/6//38/r1//X/6e3svX/Y+6fCTOpSf4HAACAOoi5/0iYifwPAAAAlRFz/9EwE/kfAAAAKiPm/mNhJjXJ//r/+v/6/7Xt/z/33bZ16v/r/68F/X/9/270//X/+3n9+v/6//RWtv5/zP3Hw0xqkv8BAACgDmLu/2yYifwPAAAAlRFz/+fCTOR/AAAAqIyY+0+EmdQk/+v/6//r/9e2/7+yz/9fv3i9+v/6/xdD/1//vxv9f/3/fl6//r/+P72Vrf8fc//JMJOa5H8AAACog5j7T4WZyP8AAABQGTH3nw4zkf8BAACgMmLuPxNmUpP8r/+/uv7/wDLdQP3/zuvX/69A/7+J/r/+/8XQ/9f/70b/X/+/n9ev/6//T29l6//H3P97YSY1yf8AAABQBzH3nw0zkf8BAACgMmLunw0zkf8BAACgMmLun/s/9u47WbOy2uP4e5vbfZu65RyYgiNwCI7BKqdgTmAEs2LOCXPCrJhzzjnnjGKOVVp0r7WgD332Pk2ft8+zn/X5/MGSAxYPgmX9Cr+145Ym+1//7/v/+n/9v/5f/79P+n/9/xL9v/5/y+/X/+v/WTda/5+7/35xS5P9DwAAAB3k7r9/3GL/AwAAwDRy9z8gbrH/AQAAYBq5+x8YtzTZ//p//b/+X/+v/9f/75P+f6P9/26n/z8C/b/+X/+v/2fZaP1/7v4HxS1N9j8AAAB0kLv/wXGL/Q8AAADTyN3/kLjF/gcAAIBp5O5/aNzSZP/r//X/+n/9v/5f/79P+v+N9v++/38k+n/9v/5f/8+y0fr/3P0Pi1ua7H8AAADoIHf/w+MW+x8AAACmkbv/EXGL/Q8AAADTyN1/bdzSZP/r//X/+v8N9v//q//X/2+H/l//v0T/r//f8vv1//p/1o3W/+fuvy5uabL/AQAAoIPc/Y+MW+x/AAAAmEbu/kfFLfY/AAAATCN3/6Pjlib7X/+v/9f/b7D/9/1//f+G6P/1/0v0//r/Lb9f/6//Z91o/X/u/sfELU32PwAAAHSQu/+xcYv9DwAAANPI3f+4uMX+BwAAgGnk7r8+bmmy//X/+n/9v/5f/6//3yf9v/5/if5f/7/l9+v/9f+s23v/f+8bzt2j9v+5+2+IW5rsfwAAAOggd//j4xb7HwAAAKaRu/8JcYv9DwAAANPI3f/EuKXJ/tf/6//v6P//8z/6f/2//v+On+v/j4f+X/+/RP+v/9/y+/X/+n/W7b3/X+n9D/567v4nxS1N9j8AAAB0kLv/yXGL/Q8AAADTyN3/lLjF/gcAAIDhnT3i75e7/6kH/11N9r/+X//v+//6f/2//n+f9P/D9v8H/6t3of31/2fu/Cv6f/3/lt+/1P/f6wjv1//TwWj9f+7+p8UtTfY/AAAAdJC7/+lxi/0PAAAA08jdf2PcYv8DAADANHL3PyNuabL/9f/6f/2//v/C/v9Uy/7/9p/p//dD/z9s/7/M9/+PRP+v//f9f/0/y0br/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAmEbu/mfHLfY/AAAATCN3/3Pilib7X/+v/9f/6/8v6/v/V83R//v+//7o//X/S/T/+v8tv1//r/9n3Wj9f+7+58YtTfY/AAAATO/Urnb/8+IW+x8AAACmkbv/+XGL/Q8AAADTyN3/grilyf7X/+v/9f/6/8vq/yf5/r/+f3/0//r/JUft/3f6//pzOdn+//QFv6b/1//r/1kzWv+fu/+FcUuT/Q8AAADzuf4uP8nd/6K4xf4HAACAaeTuf3HcYv8DAADANHL3vyRuabL/9f/6f/2//l//r//fJ/2//n+J7/9vrf+/kP5f/6//Z81o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HJw/5+6kq+6ck60/892Q/+v/9f/n6P/j7+u+n/9/yXQ/+v/dxP2/2cP+ePp/8d6v/5f/8+60fr/3P03xS3++T8AAABMI3f/K+MW+x8AAACmkbv/VXGL/Q8AAADTyN3/6rilyf4/rP+/7f/P/3bf/z8a/f/F36//1//r//X/+v/j6/8v9j9v+v/zZuv/ff9/G+/X/+v/WTda/5+7/zVxS5P9DwAAAB3k7n9t3GL/AwAAwDRy978ubrH/AQAAYBq5+18ftzTZ/8f//f9rTqL/vyOu0//r//X/+v/4+WH9/0H6//3S//v+/xL9v/5/y+/X/+v/WTda/5+7/w1xS5P9DwAAAB3k7n9j3GL/AwAAwDRy978pbrH/AQAAYBq5+98ctzTZ/8ff//v+v/7/Evv/U/r/pP+Pv66+/6//vwT6f/3/Tv9/t510P7/19+v/9f+sG63/z91/87mp12//AwAAQAc3n/vl2d1b4hb7HwAAAKaRu/+tcYv9DwAAANPI3f+2uKXJ/tf/6/9PvP/3/f+i/4+/rvp//f8l0P/r/3f6/7vtpPv5rb9f/6//Z91o/X/u/rfHLU32PwAAAHSQu/8dcYv9DwAAANOI3X/+//xu/wMAAMCU3nnul2d374pbmuz/xv3/NZfb/199p3+t/7/4+/X/x9L/33zw7z39v/5/S/T/+v8l+n/9/5bfP07/Hz+4Vv/PeEbr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAmEbu/lviFvsfAAAAppG7/71xS5P937j/n+T7//e5NV6g/5+3//f9/7j6f/3/xej/9f87/f/ddtL9/NbfP07/7/v/jGu0/j93//vilib7HwAAADrI3f/+uMX+BwAAgGnk7v9A3GL/AwAAwDRy938wbmmy//X/W+//ff9f/6//1/+PTf+v/1+i/9f/b/n9+n/9P+tG6/9z938obmmy/wEAAKCD3P0fjlvsfwAAAJhG7v6PxC32PwAAAEwjd/9H45Ym+1//r//fV/9/+x9E/9+k/79O/7/T/x9K/6//X6L/1/9v+f36f/0/60br/3P3fyxuabL/AQAAoIPc/R+PW+x/AAAAmEbu/k/ELfY/AAAATCN3/yfjhnve4+SedLxOH/Lz6M31//p/3//X//v+v/5/n/T/+v8l+n/9/5bfr//X/7NutP4/d/+n4hb//B8AAACmkbv/03GL/Q8AAADTyN3/mbjF/gcAAIBp5O7/bNzSZP/r//X/+v/N9v9X6/8vfL/+f0z6f/3/Ev2//n/L79f/6/9ZN1r/n7v/c3FLk/0PAAAAHeTu/3zcYv8DAADANHL3fyFusf8BAABgGrn7vxi3NNn/+n/9v/5/s/2/7/8feL/+f0z6f/3/Ev2//n/L79f/6/9ZN1r/n7v/S3FLk/0PAAAAHeTu/3LcYv8DAADANHL3fyVusf8BAABgGrn7vxq3NNn/+n/9v/5f/6//1//v0xXv/08d/x9jp//X/x9C/6//1//r/1k2Wv+fu/9rcUuT/Q8AAAAd5O7/etxi/wMAAMA0cvd/I26x/wEAAGAaufu/Gbc02f8z9/9Lv5v+/zz9v/5/p/8/2P+fyZ/r/4+H7//r/5fo/yfu/88cyxNP7v36f/0/x2K0/j93/7filib7HwAAADrI3f/tuMX+BwAAgGnk7v9O3GL/AwAAwDRy9383bmmy/2fu/5fo/8/T/+v/d/p/3//fM/2//n+J/n/i/t/3//X/cHL9/+ndIf1/7v7vxS1N9j8AAAB0kLv/+3GL/Q8AAADTyN3/g7jF/gcAAIBp5O7/Ydwyz/6/7y0Lv1H/f+z9/7m/ifT/+v+d/l//r/8/R/+v/1+i/9f/b/n9+n/9P+tG+/5/7v4fxS3z7H8AAABoL3f/j+MW+x8AAACmkbv/J3GL/Q8AAADTyN3/07ilyf7X//v+v/6/Vf9/1e5I/X/+J6z/1/9fPv2//n+J/l//v+X36//1/6wbrf/P3f+zuKXJ/gcAAIAOcvf/PG6x/wEAAGAauft/EbfY/wAAADCN3P2/jFua7H/9v/5f/9+q//f9f/3/Faf/1/8v0f/r/7f8/uz/8+87/b/+n7sarf/P3f+ruKXJ/gcAAIAOcvf/Om6x/wEAAGAauft/E7fY/wAAADCN3P2/jVua7H/9v/5f/6//1//r//dJ/6//X6L/1/9v+f2+/6//Z91o/X/u/lvjlib7HwAAADrI3f+7uMX+BwAAgGnk7v993GL/AwAAwDRy998WtzTZ//p//f+U/f//6f/1//r/Uej/9f9L9P/6/y2/X/+v/2fdaP1/7v4/xC1N9j8AAAB0kLv/j3GL/Q8AAADTyN3/p7jF/gcAAIBp5O7/c9zSZP/r//X/l97/n64/72H7f9//1//r/4cxb/9/Rv+v/7/s/v/Gm87/WP+/zffr//X/rBut/8/d/5e4pcn+BwAAgA5y9/81brH/AQAAYBq5+/8Wt9j/AAAAMI3c/X+PW5rsf/2//n/K7//r//X/+v9hzNv/+/6//t/3//X/+n/9P2tG6/9z9/8jbmmy/wEAAKCD3P3/jFvsfwAAAJhG7v5/xS32PwAAAEwjd/+/45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9/w0AAP//pQEwbw==")
setxattr$security_capability(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x0, 0x0, 0x1)
llistxattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)=""/174, 0xae)

3m2.774725281s ago: executing program 39 (id=3759):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000027c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x2d, 0x20040040)
recvmmsg(r1, &(0x7f0000000380)=[{{0x0, 0x0, 0x0}, 0xf}], 0x1, 0x10020, 0x0)
recvmmsg(r0, &(0x7f0000000d40), 0x40000000000038f, 0x10020, 0x0)

2m59.408760073s ago: executing program 4 (id=3796):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f00000ee000/0x2000)=nil, 0x2000, 0x8)
ioctl$UFFDIO_COPY(r0, 0xc028aa03, 0x0)

2m58.345493663s ago: executing program 4 (id=3803):
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000002e40)=ANY=[@ANYBLOB="00020201"], 0x18)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r1 = dup(r0)
sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000e80)=ANY=[@ANYBLOB="0207e1093800000025bd7000ffdbdf2505001a00e00000022002000000000000000000007f0000010000000000000000000000000c00550e283c527c5ec3f7ad5ea35fdcfc0402001000000004d2000004d20000000002001000000004d4000004d600000000010016004e22000001001400f80100000800120001000400bc6b6e"], 0x1c0}}, 0x8000)

2m57.913522024s ago: executing program 4 (id=3804):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x40})
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0xee01, 0x1000)

2m57.735630212s ago: executing program 4 (id=3805):
syz_mount_image$f2fs(&(0x7f000000e000), &(0x7f0000000080)='./file2\x00', 0x10, &(0x7f000000df00)={[{@nodiscard}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@fault_type={'fault_type', 0x3d, 0x7fff}}, {@grpjquota}, {@noflush_merge}, {@nocheckpoint_merge}, {@acl}, {@gc_merge}, {@compress_cache}, {@alloc_mode_def}, {@noinline_xattr}, {@background_gc_off}, {@checkpoint_diasble}]}, 0x4, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

2m55.898408079s ago: executing program 4 (id=3811):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0)
read$FUSE(r0, &(0x7f00000095c0)={0x2020}, 0xffffffa9)
io_submit(r2, 0x2, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xfdef}])

2m54.033119696s ago: executing program 4 (id=3820):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000440)='contention_end\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)={0x14, r2, 0x50dc85624ea6cf59, 0x70bd27}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m53.55253934s ago: executing program 40 (id=3820):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000440)='contention_end\x00', r1}, 0x18)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580)={0x14, r2, 0x50dc85624ea6cf59, 0x70bd27}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m15.56236538s ago: executing program 8 (id=4226):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f00000003c0)={0x48, 0x2, r1})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x6, r1, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x51e})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000080)={0x18, r1})

2m14.328332102s ago: executing program 8 (id=4237):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000940)={{0x0, 0x2000, 0x0, 0xffff}, 'syz0\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$input_event(r0, &(0x7f0000000700)={{}, 0x12, 0xea}, 0x18)

2m14.129456152s ago: executing program 8 (id=4240):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r0, 0x5)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000140)={0x4c, 0x14, 0x101, 0x70bd25, 0x25dfdbfd, {0x1, 0xf, 0x8, 0x7, {0x4e24, 0x4e22, [0x3, 0x6, 0xffffff01, 0xc3], [0x6, 0x0, 0x40000000, 0x7], 0x0, [0xde, 0x7fffffff]}, 0x2, 0x3}}, 0x4c}, 0x1, 0x0, 0x0, 0x24048084}, 0x40000)

2m14.006562163s ago: executing program 8 (id=4244):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xa}}, {@grpquota}, {@auto_da_alloc}, {@grpquota}]}, 0xfe, 0x572, &(0x7f0000000240)="$eJzs3U1rVFcfAPD/nSS+JD4aQeRpFyXgohbrxCR9sdCFXZZWKrR7OyTXIJk4kpmISYXqom66KVIopdLSD9B9l9Iv0E8htIIUCe2imyl35o6OyUwS42hG5/eDq+fcc6/nnrn3fzxnzgwTwMCayP4oRLwSEd8kEYfayoYjL5xoHrf24NpstiVRr3/6VxJJvq91fJL/PZZn/h8Rv30VcaKwsd7qyupCqVxOl/L8ZG3x8mR1ZfXkxcXSfDqfXpqemTn99sz0e+++s/HkvTtr6xvn/vn+kzsfnv762Np3v9w7fCuJM3EgL2tvx1O43p6ZiIn8NRmJM+sOnOpBZf0k2e0LYEeG8jgfiawPOBRDedQDL78vI6IODKhE/MOAas4AMs25/abz4PrLN8u7/0FzAtRq+6P2J833RmJfY240upY8NjPKXonxHtSf1fHrn7dvZVv07n0IgC1dvxERp4aHH+v/DkZb/7dzp7ZxzPo69H/w/NzJxj9v7u0w/ik8HP9Eh/HPWIfY3Ymt479wr/OZO1wEWicb/70fncZ/Dxetxofy3P8aY76R5MLFcpr1bVk3eTxG9mb5zdZzTq/drXcrax//ZVtWf2ssmF/HveF1TZ0r1UpP0+Z2929EvLrF+DfpcP+z1+PcNus4mt5+rVvZ1u1/tuo/R7ze8f4/muskm69PTjaeh8nWU7HR3zeP/t6t/t1uf3b/Rzdv/3jSvl5bffI6ftr3b9qtbCLJF02f8Pnfk3zWSO/J910t1WpLUxF7ko837p9upn9sy7eOz9p//Fjn+N/s+d8fEZ9vs/03j9zsemg/3P+5J7r/XRL1pGvR3Y+++KFb/dvr/95qpI7ne7bT/3W+0tG89GmeZgAAAAAAAOhfhYg4EEmh+DBdKBSLzc93HInRQrlSrZ24UFm+NBeN78qOx0ihtdI91vZ5iKn887Ct/PS6/ExEHI6Ib4f2N/LF2Up5brcbDwAAAAAAAAAAAAAAAAAAAH1irMv3/zN/DO321QHPnJ/8hsG1Zfz34peegL7k/38YXOIfBpf4h8El/mFwiX8YXOIfBpf4h8El/gEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp09m231tQfXZrP83JWV5YXKlZNzaXWhuLg8W5ytLF0uzlcq8+W0OFtZ3OrfK1cql6emY/nqZC1NapPVldXzi5XlS7XzFxdL8+n5dOS5tAoAAAAAAAAAAAAAAAAAAABeLNWV1YVSuZwuvVyJQt68bZ91MD+hHy7+xUoM98dlSPQ4sYudEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACs818AAAD//0efKxA=")
r0 = open(&(0x7f0000000000)='.\x00', 0x8000, 0x91)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20000008)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2m13.578959723s ago: executing program 8 (id=4250):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00'}, 0x18)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, &(0x7f0000000000)=@chain)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0xffffff7f, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

2m13.097361445s ago: executing program 8 (id=4255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

2m12.517321339s ago: executing program 41 (id=4255):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOWNER(r0, 0x400454cc, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

1m42.061439883s ago: executing program 1 (id=4526):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00', r0, 0x0, 0xfffffffffffffffe}, 0x18)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x100000a, 0x4082172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0))

1m41.434228724s ago: executing program 1 (id=4529):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x3, @private=0xa010101}]}, &(0x7f0000000240)=0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)

1m41.361763502s ago: executing program 1 (id=4530):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_GET(r1, 0x4b72, &(0x7f0000000100)={0x1, 0x1, 0xa, 0x20, 0x1cb, &(0x7f0000000480)})

1m41.281380414s ago: executing program 1 (id=4532):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x470, &(0x7f0000000bc0)="$eJzs281rXFUbAPDn3ny0ffuRvH37qq1Vo0UIikmTVu3CjaLgoqKgi7qMybSEThtpothSbCpSN4IUdC0uBf8CdyKIuhLc6saVFIp20+oqcu/c206mM6kxk9zY+f1gMufMPTP3eXK/zj1nJoCeNZL9SSJ2RMRPETHUqC5vMNJ4unHt/PQf185PJ7G09OpvSd7u+rXz02XT8n3bi8poGpG+nxQrWW7+7LmTU/V67UxRH1849eb4/NlzT7x9aupE7UTt9OSRI4cPTTz91OSTXckzy+v6vnfn9u998fXLL00fu/zGd19k8e4oljfn0S0jWeK/L+Valz3a7ZVVbGdTOemvMBBWpS8iss01kB//Q9EXtzbeULzwXqXBAesquzZt6bx4cQm4iyVRdQRANcoLfXb/Wz42qOuxKVx9tnEDlOV9o3g0lvRHWrQZaLm/7aaRiDi2+Oen2SPWaRwCAKDZh9OfHO1v2/9L4578+Zf8765iDmU4Iv4bEbsj4n8RsSci/h+Rt703Iu5bYzy393/SK2v8yBVl/b9nirmt5f2/svcXw31FbWee/0ByfLZeO1j8T0ZjYEtWn1hhHV89/+NHnZY19/+yR7b+si9YxHGlv2WAbmZqYSrvlHbB1YsR+/rb5Z/cnAlIImJvROxb3UfvKguzj32+v1OjO+e/gi7MMy19lqW3mOW/GC35l5Lm+cnZ2+Ynx7dGvXZwvNwrbvf9D5de6bT+NeXfBVdrjeem7d/aZDhpnq+dX/06Lv38Qcd7mn+4/6eDyWv5PPNg8do7UwsLZyYiBpOjeX3Z65O33lvWy/bZ/j96oP3xv7t4T5b//RGR7cQPRMSDEfFQEfvDEfFIRBxYIf9vn+u8rMw/0oq2/8WImbbnv5v7f8v2X32h7+Q3X3Za/9/b/ofz0mjxSn7+u4N24WSni9YA1/K/AwAAgH+LNP8OfJKO3Syn6dhY4zv8e+I/aX1ufuHx43NvnZ5pfFd+OAbScqRrqBgPrc/WaxPJYvGJjfHRyWKsuBwvPVSMG3/cty2vj03P1Wcqzh163fYOx3/m176qowPW2ba2r04ObnggQAVa59HT5dULL4eTAdyt/F4betcdjv90o+IANp7rP/Sudsf/hZa6uQC4O7n+Q+9y/EOPSr+uOgKgQq7/0JPW8rv+dSxs3RxhVFPYrBslL0SUhXRTxKOwToWqz0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8VcAAAD//9Jf6+E=")
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

1m40.610143492s ago: executing program 1 (id=4538):
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e69df786c6174653d302c73686f72746e616d653d77696e39352c00"], 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100)={'#! ', '', [], 0xa, "abe35461f9233db6d4f0e1250d779ea50c031a47757785f30595a8519010c173e0d5d9b8e1e1086d0aea8160acb59172c6f4c969cc518b9a2abcf59c872e3b"}, 0x43)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r0, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

1m40.06136836s ago: executing program 1 (id=4544):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000140)=0x10)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r1, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)

1m39.628091956s ago: executing program 42 (id=4544):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e24, @private=0xa010100}]}, &(0x7f0000000140)=0x10)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r1, @in={{0x2, 0x4e21, @multicast2}}}, 0x84)

1m6.308557192s ago: executing program 7 (id=4882):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c726573765f6c6576656c3d30303030303030303030303030303030303030302c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c646174613d77726974656261636b2c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00149e0cb4c679a55808f10855fc0d9b9d7241cc60c5c0b35a9ce6bd73d50a863d736b7f64cdbf2582b25c868128f5a0c3ca71ea7a85f79743e17bbb3291a3c43eb49fcfcab9a806f939773a5895370494ec438f24b77c23cb13a0c7c11503d4e4a25d5e8142cc163f75ca2557bc5b3dd2856dbf2f4fbffb092b1a8d3f410d0daefab8a2f41a23713a02fa9349bc76bc637fe28f733ee38a6de0e2174f54e7f4ebc705a06c4b7d76bcc94f8985dbf4791afe238c9f24f48c0f98d3898ad1f3597c15fdc241ce161617ca162b1d4a17900f12843677d372e706"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x101042, 0xb0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x28180ff, 0x0, 0xfc, 0x0, &(0x7f0000000400))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)

1m5.29306457s ago: executing program 7 (id=4889):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x8, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0)

1m4.72204864s ago: executing program 7 (id=4896):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x3, 0x0, @dev={0xfe, 0x80, '\x00', 0x26}, 0x8}, 0x1c)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x3, 0xfff00000, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x800002}, 0x1c)

1m4.554111386s ago: executing program 7 (id=4899):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0xc0, &(0x7f0000000600)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB=',nostrict,umask=00000000000000000177777,gid=forget,volume=00000000000000001023,noadinicb,novrs,lastblock=00000000000000000002,iocharset=cp932,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c000927ef269377351d90aeb50529825f700786beb0826da0bf9d36620d87d004d56ca63f2e70957efda4662ca0eab69a6221732d7cbdd8f6c022eb6c842004c94d392e87c4a0aa81d68ad1cca39fa8ddbb70aa75c886c11149d401ffcdab20fb3aed07ec97390337828e6bfa896e5875ceb3a020461d98fc2a61ac4685346c0fac3e0114e8bf33c9c8d36d9e451b5fb0b94421daa4e5142e0000000000000003ba53d105f78b91bc6e07d984c1071ac746a483083a8c2eb0ed62157c9c4b4ec5bf54162a901e9c1f3f8b4e8c813e2a061482a7ca495b2f7c5ba527fbbd320d96e977145ed6152b9ce4ccef88a3"], 0x1, 0xc32, &(0x7f0000009100)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./bus\x00', 0x10040d0, 0x0, 0x0, 0x0, 0x0)
setresuid(0x0, 0xee00, 0x0)
capset(&(0x7f0000000500)={0x20071026}, &(0x7f0000000200)={0x200003, 0x200003, 0x801, 0x4, 0x7, 0x8})
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1m3.885437078s ago: executing program 7 (id=4907):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x84, &(0x7f0000000940)={0x0, @in={{0x2, 0x4e23, @loopback}}, 0x0, 0x2}, 0x90)

1m3.549472782s ago: executing program 7 (id=4910):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000024c0)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x4044094)

1m3.197775609s ago: executing program 43 (id=4910):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'syz_tun\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000024c0)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x4}, @ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44000}, 0x4044094)

5.225149307s ago: executing program 0 (id=5591):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.893404222s ago: executing program 5 (id=5594):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)

4.845490445s ago: executing program 0 (id=5595):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="12000000090000000800000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)=r0}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000640)={r2, &(0x7f00000005c0), 0x0}, 0x20)

4.400097583s ago: executing program 0 (id=5596):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_SE_IO(r1, 0x0, 0x80)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000400)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_PAN_ID(r1, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001080)={0x1c, r0, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x1c}}, 0x4004000)

3.995296954s ago: executing program 0 (id=5598):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000000)={0x2, 0xffffffff, 0x7, 0x10, 0xa, 0x10000})

2.422328976s ago: executing program 5 (id=5612):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)

2.331276636s ago: executing program 2 (id=5614):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0x5)
r1 = socket$kcm(0xf, 0x3, 0x2)
writev(r1, &(0x7f00000004c0)=[{0x0}, {&(0x7f0000001200)="be", 0x1}], 0x2)

2.249504059s ago: executing program 5 (id=5615):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001040)=@base={0xa, 0x4, 0x4, 0xc}, 0x50)

2.165421175s ago: executing program 2 (id=5617):
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfec9}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x19, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x200}})
io_uring_enter(r0, 0xdb4, 0x0, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f0000000000)={0x6, 0xffffffffffffffff, 0x21, {0x4, 0xfffffffffffffffd}, 0x6}, 0x1)

2.091357146s ago: executing program 5 (id=5619):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delqdisc={0x24, 0x25, 0x1, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x3, 0xe}, {0xffe0, 0xfff1}, {0xb, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x44)

2.050004885s ago: executing program 9 (id=5621):
mount$cgroup(0x0, 0x0, 0x0, 0x450, &(0x7f00000000c0)={[{@cpuset_v2_mode}]})
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

1.977129213s ago: executing program 2 (id=5622):
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000000100)={&(0x7f0000000800)=[0x7f, 0x14, 0x1, 0x1, 0x7, 0xffffffff, 0x2, 0x7, 0x59, 0xfffffff1, 0x3, 0xfffffffe, 0x81, 0x0, 0x1, 0x2, 0x101, 0x0, 0x3, 0x8, 0x4, 0x6, 0x6, 0x7, 0x3, 0x7f, 0xc3a, 0x6, 0x9, 0x400, 0x8, 0x44a8ffb, 0xa2, 0x9, 0x5, 0x1, 0x1, 0xad0, 0x9, 0x7, 0x1, 0x8, 0x10, 0x1, 0x1ff, 0x1, 0x1, 0x8, 0x3ff, 0x2, 0x7, 0x2, 0x9, 0x3, 0x992d, 0xc00000, 0xfffffffa, 0x0, 0x3, 0x1, 0x9, 0x1, 0x1, 0x7, 0x4, 0x81, 0x0, 0x6, 0x9, 0x101, 0xc2e3, 0x2, 0x8, 0x0, 0xc, 0xfb8d, 0x6, 0x5, 0x12, 0x1000, 0x81, 0x7, 0x6, 0x800, 0x9, 0x0, 0x2, 0xfffffffe, 0xb, 0xe49, 0x9, 0x1, 0x3ff, 0xf36f, 0xe, 0x6, 0x1, 0x5, 0x0, 0x5, 0x1, 0x7fffffff, 0x8, 0x34c, 0xc86, 0x2, 0x7ff, 0x1ff, 0x0, 0x4d, 0x4, 0x3, 0x9, 0x34f4, 0x80000001, 0xfffffff9, 0x1000, 0x6, 0x8001, 0x2c91, 0x81, 0x3, 0x3, 0x5, 0x8, 0x47, 0x58, 0x1ff, 0xa, 0x17, 0x5, 0x0, 0xc, 0x4e6, 0x3, 0x4, 0x3, 0x7, 0x5, 0x835, 0x350a, 0x8000, 0x8001, 0x81, 0x6, 0x4, 0x5, 0x1, 0x23c, 0xfffffff8, 0x3, 0xffff, 0x10, 0xd, 0x7, 0x10001, 0x9, 0xffff2996, 0x10001, 0xd, 0x5, 0x3, 0x3, 0x6, 0x8, 0x5, 0x1000, 0x67, 0x8, 0x5, 0x389, 0x4, 0x2, 0x3ff, 0xa4, 0x8, 0x3, 0x7, 0x6, 0x5, 0x7ff, 0x5b, 0x400, 0xffff, 0x8, 0x71, 0x4, 0x9, 0x1, 0x5, 0xaf, 0x0, 0xffff, 0x5, 0x0, 0x2, 0x1, 0x8, 0x505ad8c0, 0x4, 0xfffff27e, 0x3, 0x2, 0x200, 0x7745dedb, 0x6, 0x80000000, 0xd, 0x2, 0x3a, 0x4, 0x3, 0x4, 0x3, 0x4, 0x5, 0x6, 0x9, 0x7, 0x1000, 0x6, 0x0, 0x0, 0x3, 0x7, 0x2, 0x7, 0x2, 0x1, 0x401, 0xfffffffd, 0x3, 0x4, 0x7e, 0x9, 0x5, 0x5, 0x5, 0xfffffff7, 0x6, 0x2, 0x8, 0x9, 0x1, 0x80000001, 0x80000001, 0x2520, 0x5, 0x4, 0x7, 0x6, 0x8, 0x7, 0x52, 0x0, 0x8, 0x3, 0xe8f4, 0x5, 0x3, 0x3, 0x1000, 0x6, 0x8001, 0x1, 0x1, 0x4e, 0x5, 0x8, 0x9, 0x3, 0x2, 0x5, 0x9, 0x2, 0x9, 0x9, 0x8, 0x2, 0x9, 0x3, 0x5, 0x8001, 0x7, 0x20004000, 0x80000001, 0x4, 0x2, 0x8001, 0x10000, 0x1, 0x9, 0x1, 0x4, 0xb040, 0x9c1, 0x3, 0x3, 0x5, 0x5, 0x2c, 0x8, 0x2c, 0x5, 0x2, 0x5, 0x2, 0x9000, 0x6, 0x9, 0x9b, 0x1, 0x0, 0x2, 0x514c, 0x6, 0x51, 0x7, 0x5, 0x1, 0x10000, 0x6, 0x2, 0x9, 0x7dd6, 0x7, 0x75, 0x0, 0x6, 0x8, 0x4254, 0x8000, 0x1, 0xa8fd, 0x9, 0x1, 0x0, 0x6, 0xfffffff9, 0x7ff, 0xaa51, 0x3a, 0x3ff, 0x56c, 0x1, 0x0, 0x9, 0x800, 0x0, 0x5, 0x4, 0x440, 0xfff, 0x1, 0x0, 0xed, 0x4, 0x1, 0x96e99f7, 0x2400000, 0x4, 0x7, 0x7ff, 0x8, 0x4e, 0x7, 0x7f, 0x2, 0x0, 0x6, 0x4, 0x2, 0x0, 0x7, 0xfffffff8, 0xd, 0x5, 0x2, 0x2, 0x7, 0x4, 0x5, 0x3, 0x7, 0xfffffc59, 0x1, 0x8000, 0xf716, 0x6, 0x4, 0x2, 0xaa, 0xffffffff, 0xffffff67, 0x5, 0x3, 0x7f, 0x9, 0x1, 0xdf5, 0x4, 0xfffffffc, 0x6, 0x0, 0x5, 0x3ff, 0xcb0, 0x2, 0x7a96, 0x467, 0x0, 0xdac, 0xffffffff, 0xffff, 0x7fffffff, 0x0, 0x5, 0x7ff, 0x6c, 0x800, 0xa, 0x2, 0x6, 0x8, 0x0, 0xd673, 0x10001, 0x8, 0x0, 0x80000001, 0x1, 0xd27, 0x8, 0xfff, 0x9, 0x18c2, 0x5, 0x2, 0x2, 0x9, 0x59, 0x8854, 0x0, 0x273b, 0x3, 0x400, 0x0, 0x5b, 0xa, 0x0, 0x3, 0x2, 0x0, 0x7ff, 0x5, 0xfffffffc, 0x3, 0x3, 0x8, 0x6, 0x9, 0x6a2, 0x8, 0x7, 0x13, 0xdae, 0x3, 0x1ff, 0x4, 0x1, 0x1, 0x5, 0x4, 0x0, 0x0, 0x6, 0x5, 0x1, 0x8001, 0x8, 0x0, 0x1, 0x5, 0x81, 0x0, 0x80000001, 0x84, 0x0, 0xdd7, 0xa2, 0x3, 0xe166, 0x5, 0x1, 0xfffffffa, 0x9, 0xe6, 0x7c53, 0x4, 0x450, 0x6, 0x7fff, 0x7, 0xd, 0xcbf8, 0x8, 0x8, 0x16de, 0xfffffb9a, 0x8001, 0x6, 0x7ff, 0xf, 0x6, 0x3, 0x7, 0xe40, 0x1, 0x3, 0x72, 0x10, 0xcc3, 0x86c00000, 0x3, 0xc0000000, 0x9, 0x0, 0x3, 0x2, 0xc826, 0x9, 0xfffffff1, 0x6, 0xfffffffb, 0x1, 0x8e8, 0x9, 0x4, 0x6, 0x3, 0x3, 0x59b3, 0x3, 0x2, 0x9, 0x400, 0x5, 0x28, 0x5, 0x8001, 0x2, 0xffffffff, 0x10, 0x3, 0x8, 0x0, 0x5cd4, 0xfffffffb, 0x4, 0x0, 0x100, 0x0, 0x5, 0xfffffffb, 0x2, 0x9, 0x7, 0x6, 0x2, 0x688d, 0x100, 0x7, 0x0, 0xc, 0x4, 0x3, 0x1fe3, 0x5, 0x3, 0x81, 0x4, 0x3, 0x9, 0x5, 0xf37a, 0x1, 0x6, 0x116, 0xc, 0x10001, 0x3, 0x0, 0x8000, 0x9, 0xfff, 0x4, 0x7, 0xa264, 0x7, 0x8000, 0x2, 0x6, 0xe, 0x0, 0x200, 0x101, 0x4, 0x4, 0x9, 0x6, 0x0, 0x7fff, 0x9, 0x81, 0xb, 0x9, 0x12f, 0x1, 0x0, 0x5, 0x9, 0xe7, 0x5, 0x401, 0x80000000, 0x0, 0x9, 0x7ff, 0xfffffffb, 0x7, 0x6a7, 0x9f69, 0xda, 0x10001, 0x9, 0x2, 0x8, 0x9de, 0x2, 0x10000, 0x8001, 0x5538, 0x9, 0x0, 0x9, 0x3, 0x310, 0x7, 0x5, 0x9, 0x5, 0x80000000, 0x8000, 0x5, 0xb9500000, 0x2, 0x1ff, 0x7, 0xdaf1, 0x4, 0x40, 0x3d8, 0x4, 0x9, 0x3a75, 0xb8, 0x7, 0x756, 0x6, 0xfff, 0x6, 0x8, 0x7, 0x0, 0x9, 0x1, 0xfffffffc, 0x2, 0x0, 0x4, 0x0, 0x6, 0x81, 0x8b7, 0x2, 0x2, 0xfff, 0x7f, 0x5, 0x6, 0x3b, 0x101, 0x10000000, 0x7, 0xf2c7, 0xbe, 0x26f, 0x6, 0xd1, 0x81, 0xc8f, 0x5, 0x9c2, 0xd66, 0x6, 0xc9b2, 0xf1, 0x101, 0x800, 0x4, 0x8001, 0x0, 0x4, 0x400, 0x2, 0x98d, 0xffff, 0x10001, 0x1, 0x5, 0xe, 0x741, 0x2, 0x4, 0x200, 0x6, 0x91, 0x6, 0x3, 0x7ff, 0x5, 0x81, 0xbb, 0x7, 0x3, 0x0, 0x0, 0x724, 0x3, 0x0, 0xf45, 0x2, 0x3, 0x400, 0x1, 0x7, 0x3, 0x2, 0x2, 0x7, 0xb5c, 0xfffffff8, 0xfffff000, 0x9, 0x9, 0x2, 0x200, 0x9, 0x8, 0xaf, 0x0, 0x3, 0x3, 0x0, 0x7ff, 0x7f, 0xffff0000, 0x1, 0x4, 0x0, 0xfffff019, 0xae, 0xb, 0x5, 0x3, 0xfffffffa, 0x0, 0x9, 0x7d6, 0x2, 0x5, 0x6, 0x7ff, 0xe0, 0x7fff, 0xfffffffb, 0xfffffffa, 0x8, 0x0, 0x3, 0x8, 0x4, 0x9, 0x7ff, 0x0, 0x8, 0x8, 0x10001, 0x10000, 0x8, 0x1, 0xc4, 0xffff, 0x7ff, 0x4, 0x6, 0xd, 0x1, 0x3, 0x5, 0x81, 0x85d, 0x1, 0x5, 0xffffffff, 0x2, 0x3e, 0x4e, 0x7f, 0xa, 0xfffffff3, 0x200, 0x0, 0x6, 0x8, 0xffff228c, 0x6, 0x418bf1a7, 0x3, 0x5967, 0x6, 0x4, 0x40, 0x100, 0x5, 0xb, 0xfff, 0x7, 0x9, 0x8, 0x0, 0xd, 0x7, 0x9, 0x3, 0x8, 0x8, 0x79ff, 0xfffffff9, 0xff, 0x0, 0x8, 0x0, 0x4, 0x64f, 0xb4e, 0x9, 0x10001, 0x7, 0xc9, 0xfffffffe, 0x8, 0x9, 0xc, 0x7, 0x8, 0x71d, 0xf, 0x40, 0x8, 0x1, 0x7544, 0x5, 0x0, 0x4, 0x9, 0xee9, 0xfffff40d, 0x5, 0xfffffffd, 0x7, 0x2, 0x107, 0x5, 0x7, 0x7, 0x1, 0x6, 0x8, 0x4, 0x10001, 0x1, 0x3, 0x2, 0x3, 0x6, 0x8, 0x5, 0xfffffffa, 0xe, 0xfaf, 0xfffffff8, 0x81, 0x7, 0xfff, 0xfffffbff, 0x8, 0x6, 0x3, 0x7ff, 0xffffffff, 0x9, 0x0, 0x1, 0x9, 0x0, 0x8, 0x3, 0x3, 0x5, 0x9, 0x0, 0x2, 0x8, 0x1, 0x9, 0xffff, 0x6, 0x2e1b, 0x63, 0x7c, 0x1000, 0x2, 0x3, 0x1, 0x80, 0x5c84c2f3, 0x138d, 0x10, 0x10, 0x1ad3, 0x2ac8, 0x1, 0xc, 0x8001, 0x2, 0x5, 0x6, 0x5, 0x101, 0x8, 0x5, 0x100, 0x64, 0x7, 0x7f, 0x2, 0xf, 0x6, 0xeb15, 0x3ff, 0x8, 0x200, 0x7, 0x6, 0x10, 0xffffff00, 0x5, 0x1000, 0x10, 0x8, 0x1, 0x101, 0x7, 0x1000, 0x7, 0x6, 0xfffffff1, 0x2, 0xb, 0x6, 0x4, 0x200, 0x9, 0x4, 0x1b, 0x4, 0xfffffffc, 0x401, 0x8, 0x7, 0x0, 0xb, 0x1, 0xb, 0x1, 0xffffffff, 0x7, 0x5, 0x8, 0x78, 0x0, 0x4, 0xa0, 0x2, 0x40, 0xd, 0x2, 0x6, 0xd5, 0x2, 0x4, 0x2, 0x1, 0x10, 0x44, 0x101, 0x2, 0x400, 0x1, 0x3, 0xbb, 0x4, 0xff], 0x2, 0x400, 0x4})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000005880)=@newtfilter={0x24, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xb}, {0x7}}}, 0x24}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c001680080001"], 0x30}}, 0x0)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)

1.841743844s ago: executing program 9 (id=5623):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="13010000bd460e10490d1070900c010203010902120001000000000904000000d2", @ANYRES16=r0], 0x0)

1.833682668s ago: executing program 0 (id=5635):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x4e24, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='bbr', 0x3)
sendmmsg(r0, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="03", 0x1}], 0x1}}], 0x1, 0x44810)

1.801265864s ago: executing program 6 (id=5624):
r0 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000240)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)

1.785527105s ago: executing program 5 (id=5625):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c63", 0xe}], 0x1}, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040))

1.747299809s ago: executing program 2 (id=5626):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xc)
madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xd)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1.621492266s ago: executing program 6 (id=5627):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="000086dd03000a000000140000006c07010033d43cfffe800000000000000000000000000010ff02000000000000000000000000000189"], 0x340a)

1.543722548s ago: executing program 6 (id=5628):
r0 = io_uring_setup(0x70c3, &(0x7f0000000180)={0x0, 0x2c43, 0x80, 0x1, 0x2})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
recvmmsg(r1, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x80000001}], 0x1, 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.446211166s ago: executing program 2 (id=5629):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r1, 0xff, 0x1, 0x0, &(0x7f00000002c0)=0xfffffffffffffecd)

1.380627086s ago: executing program 2 (id=5630):
syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="120100004b41460860163209ea800102030109021e0001000000000904"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
read(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, 0xffffffffffffffff, 0x0)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000080)={&(0x7f0000000140)=[{0x63, 0xa021, 0x0, 0x0}], 0x1})

1.267231085s ago: executing program 6 (id=5631):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r0, 0xa6d63000)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='iocharset=cp949,codepage=macroman,gid=', @ANYRESHEX=0x0, @ANYBLOB="0000912aeca1eab3697f9e4c90282fc3e7004086f218386f86644fbfeda911da4b9e0200901206d65490673a9bfa05a5d4b34b3d708e621105f6aca876ab4f0dcf24b71c2d61ddcc01988c183a19abfaa924bc15787a2dd9845a008dff26f2c482444cd4b41b0bf25f48a2f0c80556c968460fedb7e5a7a0f37bd8fde1385c4e3714af565f5c799426be60320c457d2cf99c0c55a68338943cec885835"], 0x1, 0x2f5, &(0x7f0000000cc0)="$eJzs3b1uE0sYxvFn1nbifChnT5KjI53moEAkaCICFIjGCLmlp0KA7UgRViKSIAFNAqJEXAA9t8BF0IC4AWigoicVg2Y8dtbJep3FchyH/0+KtR7PzL7D7Me8KywLwB/rVvXz26vf3J+RCipIuiFFkspSUdI/+rf8eGNnfafZqGd1VPAt3J9Rq6U5Uqe20Uhr6tr5FkHs3hU1myzDcFhrb34ZdRAYOX/2p4ikyXAe+s/LJxzXsOxJ/486hpOWnGCzr3090dwIwwEAnALh/h+F28SsLzKKImk53PbP1P1//+wMxbnWPFJkMxsk7v9+dWeNm9+//EcH+Z5P4dznUTtLPE4wpUPvJ9Q6sroWmKZfVuljiabW1otaqT1XPdILVYJEtUX/Wm8dum19ol1KyU0z9O6tpNvTrdH4FeVh7ZDW1puNSbeREv9Cvj0Ozrw3H81dE+uN6p31X9EaN01+puJDMxWVXPyXe/c441u5Wgppf6VSibqq/O138l/YQ9BnlOX0jCTZZ/sBwV4ngqw4/b7n1f1YoTW61T6tFtJaxZ13PVotdrUqhCNhpbbZzHyUMhztIZrX5o5Z0ne9UzWx/o9cfMtKnJlZ10fja4Yjo7apn9ZOpNcs+prxkcvtwelyrhNBMJl7bJByPi17pQe6rrntp88eFprNxpbbuJ+y8Wh2y4SS0ksptU6+ja/T+VsVlFFHewcl1tm19rg92wGGY/r9a1zq38+P4+/UXT86Je70SavszrJOSTTINIUNawac7rO4Uf2grANyfDaslXp8NLTrFE6RbdOe9FAwNeKAcNLcusu08j+/kg+rOp8iuZc4Y52enWSqq8fVTgbXvRSc96/TuTK4md4ZXGKPV3rkjD7nOn9RupAoNMrcYxzi9Gyu/PE0MlV90j2e/wMAAAAAAAAAAAAAAAAAAIyb8J/+21/ZHMo3DUY8RAAAAAAAAAAAAAAAAAAAAAAAxt5v/f7vlCS7292R//3fmN//BcbIrwAAAP//I+154g==")
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

1.121475033s ago: executing program 6 (id=5632):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x5, 0x0)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

852.066453ms ago: executing program 0 (id=5633):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file0\x00')
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f00000002c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

827.680756ms ago: executing program 6 (id=5634):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={r2, 0x7}, &(0x7f00000000c0)=0x8)

724.802357ms ago: executing program 3 (id=5636):
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22008d0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x20000400)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x3, 0x0, 0x1, 0x800, 0x0, 0x0, 0x3}, 0x0, &(0x7f0000000240)={0x1f, 0x3}, 0x0, 0x0)

489.46734ms ago: executing program 3 (id=5637):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x20800, 0x104)

376.912772ms ago: executing program 9 (id=5638):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x440100, 0x0)
r0 = fsopen(&(0x7f0000000200)='cramfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040), 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)

345.022362ms ago: executing program 3 (id=5639):
setuid(0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000b40)={r0, &(0x7f0000000380)="4b25193c", 0x0}, 0x20)

263.876356ms ago: executing program 9 (id=5640):
syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000094c0)='./file1\x00', 0x0, &(0x7f0000001940)=ANY=[], 0x1, 0xc25, &(0x7f0000002580)="$eJzs3V9oXNl9B/DfmStZY22aaLOJN2mz6UBKYpTa+F9sBZcgZxW1AccbIit0n6LRHzvDyiMjyY03bYPakhb6ErovpS9FNF1ayEPpQ7ePVZotJJRCCXlIHwqCJss+9EEPgdKWjcK9c0Ya2fJau15ZsvfzMePvnTu/OzrnntGdO6AzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAiM9+7tKp0+mgWwEAPExXJr506myKgYNuBwDw8Fz1+R8AAAAAAAAAAAAAAA67FEUcixSDr2ykqep+R/1yq33r9uTY+O6bHU2RohZFVV/e6qfPnD33qfMXRrr55tu/0z4cz01cvdR4duHGzcW5paW52cZkuzWzMDu352d40O3vNFztgMaNF27NXru21Dhz8uyOh28PvTbwxLGhixdOnB/p1k6OjY9P9NT09b/tn36Xe83wOBJFNCPFG0Ovp2ZE1OLB98V9Xjv77WjVieGqE5Nj41VH5lvN9nL5YKrlqlpEo2ej0e4+eghj8UBGI1bK5pcNHi67N3Gzudicnp9rfLG5uNxabi20U63T2rI/jajFSIpYjYj1XSb59kcRH40UL53aSNMRUXT3wyericH3b09tH/q4B2U7G/0Rq7VHYMwOsYEo4kqk+Nmrx2Om3Gf5Fh+P+EKZr0S8XOZnIlL5wjgX8VOTxR8bfVHEv0WKhbSRZqvjQfe4cvnLjc+3ry301HaPK4/8+8PDdMiPTfUoYro64m+kt3+yAwAAAAAAAAAAAAAAAMA77WgU8e1I8UfP/E41rziqeenvuzjynud/s3fO+NP3eZ6y9mRErNT2Nie3P08dTrXy3z50jD2pRxHfyPP//uCgGwMAAAAAAAAAAAAAAAAAAPCuVsTzkeIrJ46n1aiu/XskqmuKt9rXG1eb0/Odq8J2r/3bvWb65ubmZiN1cjTnVM6VnKs513Ku54xa3j7naM6pnCs5V3Ou5VzPGUXePudozqmcKzlXc67lXM8ZfXn7nKM5p3Ku5FzNuZZzPWcckmv3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8TmpRxM8jxbe+tpEiRcRoxFR0cm3goFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJTqqYiTkWLt+Xp1f7UWcTUifr65udm9RcRGmQ/qoPsKAAAAAAAAAAAAAAAAAAAAh1Yq4mOR4qn/20iNiLg99NrAE8eGLl44cX6kiCJSWdJb/9zE1UuNZxdu3FycW1qam21MtlszC7Nze/1x9cut9q3bk2Pj+9KZ+zq6z+0/Wn924eaLi63rX13e9fHB+qXppeXF5szuD8fRqEVM9a4Zrho8OTZeNXq+1WxXm6baPRpYixjda2cAAAAAAAAAAAAAAAAAAAA4NAZTEZ+LFD/5z3OpO2+8rzPn/5c694qt2pd/b/u7AObvyK7e7w/Yy3Laa0OHq4n3jcmx8fGJntV9/XeXlm1KqYinI8UnXvpQNR8+xeCuc+PLuveWdTfO5bqhXynrVnZU1Ycnx8YbVxbaJy7Nzy/MNJeb0/NzjYmbzZn8xQEre+0GAAAAAAAAAAAAAAAAAAAA7GYwFfGjSPHff/vvqXvd+Tz/v69zr2f+/29UU+gr9bQzt1Rz+99bze3vLL/v4sjgR5+51/r9mP9ftimlIr4ZKc7+6EPV9fS78/+n7qgt6/4kUrz+zEdyXe1IWdfsdqfzjNda83Onytq/jBS/+ka3Nqra67n2qe3a02Xt0Ujx5xs7a7+aaz+wXXumrD0eKb73X7vXfnC79mxZ+5NI8Y9/0+jWDpa1v5trj23XnpxZmJ+9324tx/87keKvr/xW6vb5nuPf8/0PK3fklrvG/M2X36nxH+pZt5LH9Y/z+DfvM/7nI8V36h/JdZ19P50ff7L6f3v8PxEp/uNfd9Zey7Xv3649vdduHbRy/L8dKb77Fz/e6nMe//74+/+N7RHfOf6/3Lczt14lBzT+T/asG8rtmnnru+NdZ+nFr7/QnJ+fW7RgwYKFrYWDPjLxMJTv/38aKf7/WJG65zH5/f89nXvb53//843t9/+Ld+SWA3r/f3/Puov5rKW/L6K+fONm/9MR9aUXv36idaN5fe76XPvM6VOf/vT506dOn+8/0j25217a8757HJTj/4NI8cO/++HW55it87/K7uf/g3fklgMa/6d6+7TjvGbPu+JdqRz/v4oUT372x1ufN3eO/87z/+7n/+Mf25lbv38HNP4f6Fk3lNvVeov7AgAAAAAAAAAA4FEymIr4s0jx23/466k7h2gvf/83e0duOaC//zrWs272Ic1r2PNOBgA4RMrzvw9Gin/a/P7WXO6d53/xa93a3vO/ezkM1/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXYoifj9SDL6ykdYGyvsd9cut9q3bk2Pju292NEWKWhRVfXmrnz5z9tynzl8Y6eabb/9O+3A8N3H1UuPZhRs3F+eWluZmG5Pt1szC7Nyen+FBt7/TcLUDGjdeuDV77dpS48zJszsevj302sATx4YuXjhxfqRTO9CYHBsfn+ip6et/2z/9Luke649EEd+PFG8MvZ6+OxBRiwffF/d57ey3o1UnhqtOTI6NVx2ZbzXby+WDqZarahGNno1Gu/soj9t+jsUDGY1YKZtfNni47N7EzeZic3p+rvHF5uJya7m10E61TmvL/jSiFiMpYjUi1gfufrr+KOKbkeKlUxvpnwciiu5++OSViS+dOnv/9tT2oY97ULaz0R+xWnsExuwQG4gi/iFS/OzV4/G9gYi+6Nzi4xFfKPOViJfL/ExEKl8Y5yJ+usvriEdTXxRxLlIspI306kB5POgeVy5/ufH59rWFntruceWRf394mA75sakeRfygOuJvpH/xew0AAAAAAAAAAAAAAABwiBSxGim+cuJ4quYHb80pbrWvN642p+c70/q6c/+6c6Y3Nzc3G6mTozmncq7kXM25lnM9Z9Ty9jlHc07lXMm5mnMt53rOKPL2OUdzTuVcybmacy3nes7oy9vnHM05lXMl52rOtZzrOeOQzN0DAAAAAAAAAAAAAAAAAAAeL7Uoqqu4f+trG2lzoHN96ano5JrrgT72fhEAAP//gMd2Mw==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0xc0086c43, &(0x7f00000002c0)=0x700)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x0, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000000)='./bus/file0\x00')

263.154153ms ago: executing program 3 (id=5641):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000000)=0x7, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000040)=0xf2b, 0x4)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000001500)=""/17, &(0x7f0000000080)=0x11)

97.244222ms ago: executing program 9 (id=5642):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0xac, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x70, 0xe, {{{0x0, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0xff}, @device_b, @device_b, @from_mac, {0x4, 0x3}}, 0x2, @random=0x1, 0x8086, @val, @val, @val={0x3, 0x1, 0x4}, @val={0x4, 0x6, {0x0, 0x2, 0xc, 0xff56}}, @val={0x6, 0x2, 0x6}, @void, @val={0x25, 0x3, {0x0, 0x0, 0x3}}, @val={0x2a, 0x1, {0x1}}, @void, @val={0x2d, 0x1a, {0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x2, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x800, 0xff, 0x4}}, @val={0x72, 0x6}, @val={0x71, 0x7, {0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, 0x4}}, @void}}, @NL80211_ATTR_FTM_RESPONDER={0x8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0xac}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)

95.677794ms ago: executing program 5 (id=5654):
r0 = timerfd_create(0x0, 0x80000)
clock_gettime(0x0, &(0x7f0000000280))
ppoll(&(0x7f0000000240)=[{r0, 0x8}], 0x1, 0x0, 0x0, 0x0)
timerfd_settime(r0, 0x3, &(0x7f0000000340), 0x0)
ioctl$TFD_IOC_SET_TICKS(r0, 0x40085400, &(0x7f0000000040)=0x8004)

85.167074ms ago: executing program 3 (id=5643):
timer_create(0x3, 0x0, &(0x7f00000000c0)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000180), &(0x7f00000001c0)=0x4)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{}, {0x0, 0x9}}, 0x0)

3.192594ms ago: executing program 3 (id=5644):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="090000000600000004000000fc07"], 0x48)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e3793dba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007df3a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff18e0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5c9da255f8d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6a783ab647a4c257a4fcd6ba38ef32bc48a00643416d7e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a203c991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0x2000, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000b80)={0x0, @in6={{0xa, 0x4e24, 0x7, @local, 0x80000001}}, 0x9, 0x10a7}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000380), 0xce4, r0}, 0x38)
bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000600), 0x0, 0x401, r0, 0x0, 0x100000000000000}, 0x38)

0s ago: executing program 9 (id=5645):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0a00000007000000060000008c"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d80)={{r0}, &(0x7f0000000900), &(0x7f0000000d40)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

79147][   T65]  ? __pfx_queue_work_on+0x10/0x10
[  538.579176][   T65]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  538.579213][   T65]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  538.579267][   T65]  f2fs_handle_critical_error+0x37c/0x540
[  538.579319][   T65]  f2fs_write_end_io+0x886/0xb60
[  538.579375][   T65]  __submit_merged_bio+0x27a/0x6a0
[  538.579424][   T65]  __submit_merged_write_cond+0x255/0x530
[  538.579474][   T65]  f2fs_write_data_pages+0x261d/0x3000
[  538.579553][   T65]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  538.579602][   T65]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  538.579703][   T65]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  538.579764][   T65]  ? trace_f2fs_writepages+0x7f/0x200
[  538.579812][   T65]  ? f2fs_write_node_pages+0x478/0x6e0
[  538.579859][   T65]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  538.579924][   T65]  ? __lock_acquire+0xab9/0xd20
[  538.579963][   T65]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  538.579991][   T65]  do_writepages+0x32e/0x550
[  538.580033][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580071][   T65]  ? reacquire_held_locks+0x127/0x1d0
[  538.580101][   T65]  ? writeback_sb_inodes+0x384/0x1010
[  538.580152][   T65]  __writeback_single_inode+0x145/0xff0
[  538.580189][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580219][   T65]  ? do_raw_spin_unlock+0x122/0x240
[  538.580267][   T65]  writeback_sb_inodes+0x6c7/0x1010
[  538.580345][   T65]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  538.580446][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580476][   T65]  ? rcu_is_watching+0x15/0xb0
[  538.580508][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580551][   T65]  wb_writeback+0x43b/0xaf0
[  538.580600][   T65]  ? queue_io+0x311/0x590
[  538.580643][   T65]  ? __pfx_wb_writeback+0x10/0x10
[  538.580699][   T65]  ? _raw_spin_unlock_irq+0x23/0x50
[  538.580743][   T65]  wb_workfn+0x409/0xef0
[  538.580805][   T65]  ? __pfx_wb_workfn+0x10/0x10
[  538.580844][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580873][   T65]  ? __lock_acquire+0xab9/0xd20
[  538.580916][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580950][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.580985][   T65]  ? _raw_spin_unlock_irq+0x23/0x50
[  538.581018][   T65]  ? process_scheduled_works+0x9ef/0x17b0
[  538.581045][   T65]  ? process_scheduled_works+0x9ef/0x17b0
[  538.581077][   T65]  process_scheduled_works+0xae1/0x17b0
[  538.581152][   T65]  ? __pfx_process_scheduled_works+0x10/0x10
[  538.581193][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.581236][   T65]  worker_thread+0x8a0/0xda0
[  538.581308][   T65]  kthread+0x711/0x8a0
[  538.581349][   T65]  ? __pfx_worker_thread+0x10/0x10
[  538.581379][   T65]  ? __pfx_kthread+0x10/0x10
[  538.581410][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.581445][   T65]  ? _raw_spin_unlock_irq+0x23/0x50
[  538.581479][   T65]  ? srso_alias_return_thunk+0x5/0xfbef5
[  538.581507][   T65]  ? lockdep_hardirqs_on+0x9c/0x150
[  538.581542][   T65]  ? __pfx_kthread+0x10/0x10
[  538.581580][   T65]  ret_from_fork+0x4bc/0x870
[  538.581612][   T65]  ? __pfx_ret_from_fork+0x10/0x10
[  538.581652][   T65]  ? __switch_to_asm+0x39/0x70
[  538.581674][   T65]  ? __switch_to_asm+0x33/0x70
[  538.581693][   T65]  ? __pfx_kthread+0x10/0x10
[  538.581731][   T65]  ret_from_fork_asm+0x1a/0x30
[  538.581782][   T65]  </TASK>
[  538.938138][   T65] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  539.252896][T17942] loop2: detected capacity change from 0 to 4096
[  539.261951][T17944] netlink: 7 bytes leftover after parsing attributes in process `syz.9.4518'.
[  539.286855][T17946] loop3: detected capacity change from 0 to 128
[  539.304572][T17947] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  539.319847][T17944] netlink: 7 bytes leftover after parsing attributes in process `syz.9.4518'.
[  539.342979][T17946] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  539.358843][T17949] loop1: detected capacity change from 0 to 512
[  539.435260][T17949] EXT4-fs (loop1): orphan cleanup on readonly fs
[  539.503958][T17949] EXT4-fs warning (device loop1): ext4_xattr_inode_get:546: inode #11: comm syz.1.4532: ea_inode file size=4 entry size=6
[  539.545786][T17949] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  539.579488][T17949] EXT4-fs error (device loop1): ext4_do_update_inode:5632: inode #15: comm syz.1.4532: corrupted inode contents
[  539.621029][T17949] EXT4-fs (loop1): Remounting filesystem read-only
[  539.648507][T17949] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -30)
[  539.669031][T17949] EXT4-fs (loop1): 1 orphan inode deleted
[  539.696824][T17949] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  540.290917][T17268] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.451841][T17969] loop7: detected capacity change from 0 to 4096
[  540.492870][T17969] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  540.574258][   T65] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.749926][   T65] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.859651][   T65] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.131082][   T65] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  541.279781][T17991] loop9: detected capacity change from 0 to 64
[  541.327186][T17991] hfs: Unknown parameter 'Ü	pe'
[  541.767807][   T65] bridge_slave_1: left allmulticast mode
[  541.777432][   T65] bridge_slave_1: left promiscuous mode
[  541.792723][   T65] bridge0: port 2(bridge_slave_1) entered disabled state
[  541.828344][ T5835] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  541.843258][   T65] bridge_slave_0: left allmulticast mode
[  541.848925][   T65] bridge_slave_0: left promiscuous mode
[  541.858371][ T5835] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  541.871942][ T5835] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  541.883077][ T5835] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  541.900260][ T5835] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  541.935587][   T65] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.032721][ T5963] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  542.227461][ T5963] usb 10-1: Using ep0 maxpacket: 16
[  542.253474][ T5963] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  542.274920][ T5963] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  542.306565][ T5963] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  542.352244][ T5963] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  542.361407][ T5963] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.405158][ T5963] usb 10-1: config 0 descriptor??
[  542.473932][T18002] loop2: detected capacity change from 0 to 32768
[  542.583613][T18002] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  542.619353][T18002] XFS (loop2): Ending clean mount
[  542.663165][T18002] XFS (loop2): Quotacheck needed: Please wait.
[  542.810512][T18002] XFS (loop2): Quotacheck: Done.
[  542.833033][ T5963] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.002D/input/input49
[  542.865419][   T30] audit: type=1800 audit(1767712973.202:828): pid=18002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4556" name="file1" dev="loop2" ino=6150 res=0 errno=0
[  542.950792][ T5963] appleir 0003:05AC:8241.002D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0
[  543.026839][ T5963] usb 10-1: USB disconnect, device number 7
[  543.109015][   T65] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  543.139982][ T5839] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  543.152781][   T65] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  543.180138][   T65] bond0 (unregistering): Released all slaves
[  543.273053][T18027] loop7: detected capacity change from 0 to 32768
[  543.326106][T18027] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  543.468929][T18027] XFS (loop7): Ending clean mount
[  543.484768][T18027] XFS (loop7): Quotacheck needed: Please wait.
[  543.542336][T18027] XFS (loop7): Quotacheck: Done.
[  543.785112][T18054] loop9: detected capacity change from 0 to 4096
[  543.871074][T17225] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  543.890414][   T65] hsr_slave_0: left promiscuous mode
[  543.914088][   T65] hsr_slave_1: left promiscuous mode
[  543.929308][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  543.951012][   T65] batman_adv: batadv0: Removing interface: batadv_slave_0
[  543.972999][ T5840] Bluetooth: hci4: command tx timeout
[  543.984311][   T65] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  544.005596][   T65] batman_adv: batadv0: Removing interface: batadv_slave_1
[  544.106182][   T65] veth1_macvtap: left promiscuous mode
[  544.115035][   T65] veth0_macvtap: left promiscuous mode
[  544.120721][   T65] veth1_vlan: left promiscuous mode
[  544.126390][   T65] veth0_vlan: left promiscuous mode
[  544.426642][T18073] loop7: detected capacity change from 0 to 512
[  544.495838][T18073] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -13
[  544.510623][T18073] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #13: comm syz.7.4571: iget: bad i_size value: 12154757448730
[  544.541459][T18073] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.4571: couldn't read orphan inode 13 (err -117)
[  544.595365][T18073] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  544.612417][ T5963] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  544.683715][T18073] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4571'.
[  544.764339][ T5963] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  544.783587][ T5963] usb 10-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  544.800977][ T5963] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.825304][T17225] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.846387][ T5963] usb 10-1: config 0 descriptor??
[  544.874298][T18069] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  545.283689][T18083] loop2: detected capacity change from 0 to 512
[  545.320301][T18083] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  545.336419][ T5963] elan 0003:04F3:0755.002E: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.9-1/input0
[  545.371583][T18083] ext4 filesystem being mounted at /795/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  545.462383][ T5839] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  545.537039][ T5963] usb 10-1: USB disconnect, device number 8
[  545.766207][   T65] team0 (unregistering): Port device team_slave_1 removed
[  545.844417][   T65] team0 (unregistering): Port device team_slave_0 removed
[  546.053664][ T5840] Bluetooth: hci4: command tx timeout
[  546.624140][T18007] chnl_net:caif_netlink_parms(): no params data found
[  546.786483][T18007] bridge0: port 1(bridge_slave_0) entered blocking state
[  546.794510][T18007] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.802645][T18007] bridge_slave_0: entered allmulticast mode
[  546.820932][T18007] bridge_slave_0: entered promiscuous mode
[  546.830493][T18007] bridge0: port 2(bridge_slave_1) entered blocking state
[  546.844325][T18007] bridge0: port 2(bridge_slave_1) entered disabled state
[  546.851682][T18007] bridge_slave_1: entered allmulticast mode
[  546.861018][T18007] bridge_slave_1: entered promiscuous mode
[  546.909673][T18007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  546.924199][T18007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  547.007588][T18007] team0: Port device team_slave_0 added
[  547.022401][T18007] team0: Port device team_slave_1 added
[  547.116222][T18007] batman_adv: batadv0: Adding interface: batadv_slave_0
[  547.125191][T18007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  547.153659][T18007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  547.168806][T18007] batman_adv: batadv0: Adding interface: batadv_slave_1
[  547.177558][T18007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  547.204392][T18007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  547.294900][T18007] hsr_slave_0: entered promiscuous mode
[  547.302195][T18007] hsr_slave_1: entered promiscuous mode
[  547.308646][T18007] debugfs: 'hsr0' already exists in 'hsr'
[  547.314904][T18007] Cannot create hsr debugfs directory
[  547.385364][ T5963] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  547.395064][ T5992] kernel read not supported for file /input/event2 (pid: 5992 comm: kworker/0:7)
[  547.552369][ T5963] usb 3-1: Using ep0 maxpacket: 32
[  547.559895][ T5963] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[  547.579512][ T5963] usb 3-1: config 0 has no interface number 0
[  547.598617][ T5963] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  547.625297][ T5963] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  547.635753][ T5963] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.646083][ T5963] usb 3-1: Product: syz
[  547.650682][ T5963] usb 3-1: Manufacturer: syz
[  547.655655][ T5963] usb 3-1: SerialNumber: syz
[  547.665459][ T5963] usb 3-1: config 0 descriptor??
[  547.675637][T18112] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  547.894991][T18112] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  548.102036][T18007] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  548.129125][T18007] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  548.132256][ T5840] Bluetooth: hci4: command tx timeout
[  548.156986][T18007] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  548.214891][T18007] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  548.269670][T18148] loop7: detected capacity change from 0 to 512
[  548.279957][T18148] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  548.413350][T18007] 8021q: adding VLAN 0 to HW filter on device bond0
[  548.474673][T18007] 8021q: adding VLAN 0 to HW filter on device team0
[  548.481909][T18151] netlink: 'syz.7.4603': attribute type 29 has an invalid length.
[  548.509234][ T8118] bridge0: port 1(bridge_slave_0) entered blocking state
[  548.516923][ T8118] bridge0: port 1(bridge_slave_0) entered forwarding state
[  548.555369][T18151] netlink: 'syz.7.4603': attribute type 29 has an invalid length.
[  548.580273][T18155] netlink: 508 bytes leftover after parsing attributes in process `syz.7.4603'.
[  548.590560][ T8118] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.597809][ T8118] bridge0: port 2(bridge_slave_1) entered forwarding state
[  548.648322][T18158] loop3: detected capacity change from 0 to 512
[  548.733477][ T5963] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  548.758166][ T5963] asix 3-1:0.188 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  548.794634][ T5963] asix 3-1:0.188: probe with driver asix failed with error -71
[  548.811985][ T5963] usb 3-1: USB disconnect, device number 27
[  548.868666][T18163] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  549.377498][T18007] 8021q: adding VLAN 0 to HW filter on device batadv0
[  549.401619][T18181] Bluetooth: MGMT ver 1.23
[  549.460516][T18179] loop7: detected capacity change from 0 to 2048
[  549.534040][T18179] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  549.607895][T18179] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  549.827301][T18198] loop3: detected capacity change from 0 to 1024
[  549.861635][T18197] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  549.879943][T18193] loop9: detected capacity change from 0 to 40427
[  549.888197][T18193] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  549.891472][T18198] EXT4-fs: Ignoring removed nobh option
[  549.896594][T18193] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  549.920026][T18193] F2FS-fs (loop9): invalid crc value
[  549.944335][T18197] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  549.948946][T18198] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  549.963017][T17225] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.066892][T18198] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #11: comm syz.3.4620: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  550.085456][    C1] vkms_vblank_simulate: vblank timer overrun
[  550.099521][T18193] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  550.142047][T18193] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  550.149169][T18193] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  550.200291][T18198] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.4620: couldn't read orphan inode 11 (err -117)
[  550.223082][ T5840] Bluetooth: hci4: command tx timeout
[  550.257580][T18198] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  550.272729][   T30] audit: type=1800 audit(1767712980.582:829): pid=18193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4618" name="file1" dev="loop9" ino=10 res=0 errno=0
[  550.272792][T18193] F2FS-fs (loop9): Can't enable fs-verity on inode 10: the verity feature is not enabled on this filesystem
[  550.469216][T18198] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.4620: Invalid block bitmap block 0 in block_group 0
[  550.571607][T18198] Quota error (device loop3): write_blk: dquota write failed
[  550.585830][T18198] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  550.652318][T18198] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.4620: Failed to acquire dquot type 0
[  550.836095][T18007] veth0_vlan: entered promiscuous mode
[  550.844807][T18217] syzkaller1: entered promiscuous mode
[  550.853458][T15115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.865523][T18217] syzkaller1: entered allmulticast mode
[  551.018673][T18007] veth1_vlan: entered promiscuous mode
[  551.063596][T18230] netlink: 56 bytes leftover after parsing attributes in process `syz.7.4629'.
[  551.102561][T18230] netlink: 'syz.7.4629': attribute type 1 has an invalid length.
[  551.161081][T18007] veth0_macvtap: entered promiscuous mode
[  551.223941][T18007] veth1_macvtap: entered promiscuous mode
[  551.289022][T18007] batman_adv: batadv0: Interface activated: batadv_slave_0
[  551.311250][T18007] batman_adv: batadv0: Interface activated: batadv_slave_1
[  551.382262][ T8114] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  551.400760][ T8114] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  551.427631][ T8114] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  551.449080][ T8114] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  551.726781][ T8114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  551.761269][ T8114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  551.790998][T18251] loop3: detected capacity change from 0 to 4096
[  551.841207][ T8824] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  551.867215][ T8824] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  552.097820][T18241] loop7: detected capacity change from 0 to 32768
[  552.138012][T18241] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  552.193330][T18241] XFS (loop7): Ending clean mount
[  552.201128][T18246] loop9: detected capacity change from 0 to 32768
[  552.223157][T18241] XFS (loop7): Quotacheck needed: Please wait.
[  552.228001][T18246] XFS (loop9): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  552.260724][T18276] loop5: detected capacity change from 0 to 64
[  552.304000][T18246] XFS (loop9): Ending clean mount
[  552.317529][T18246] XFS (loop9): Quotacheck needed: Please wait.
[  552.330735][T18241] XFS (loop7): Quotacheck: Done.
[  552.429592][T18246] XFS (loop9): Quotacheck: Done.
[  552.446394][T18241] XFS (loop7): User initiated shutdown received.
[  552.456729][   T30] audit: type=1800 audit(1767712982.792:830): pid=18246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4623" name="file1" dev="loop9" ino=6150 res=0 errno=0
[  552.473622][T18241] XFS (loop7): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x105/0x150 (fs/xfs/xfs_fsops.c:466).  Shutting down filesystem.
[  552.513005][T18241] XFS (loop7): Please unmount the filesystem and rectify the problem(s)
[  552.677111][T17225] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  552.835846][T16088] XFS (loop9): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  553.528274][T18285] loop5: detected capacity change from 0 to 40427
[  553.545165][T18285] F2FS-fs (loop5): Image doesn't support compression
[  553.569929][T18285] F2FS-fs (loop5): build fault injection rate: 690
[  553.600093][T18285] F2FS-fs (loop5): build fault injection type: 0x35f7
[  553.651391][T18285] F2FS-fs (loop5): invalid crc value
[  553.891239][T18285] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  553.918230][T18285] F2FS-fs (loop5): Start checkpoint disabled!
[  553.952170][T18285] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  553.967199][T18285] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  554.009303][ T5840] Bluetooth: hci2: unexpected event for opcode 0x201c
[  554.105225][ T8824] kworker/u8:65: attempt to access beyond end of device
[  554.105225][ T8824] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  554.147144][ T8824] CPU: 1 UID: 0 PID: 8824 Comm: kworker/u8:65 Not tainted syzkaller #0 PREEMPT(full) 
[  554.147179][ T8824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  554.147197][ T8824] Workqueue: writeback wb_workfn (flush-7:5)
[  554.147239][ T8824] Call Trace:
[  554.147249][ T8824]  <TASK>
[  554.147261][ T8824]  dump_stack_lvl+0x189/0x250
[  554.147302][ T8824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  554.147336][ T8824]  ? __pfx_queue_work_on+0x10/0x10
[  554.147364][ T8824]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  554.147400][ T8824]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  554.147452][ T8824]  f2fs_handle_critical_error+0x37c/0x540
[  554.147501][ T8824]  f2fs_write_end_io+0x886/0xb60
[  554.147553][ T8824]  __submit_merged_bio+0x27a/0x6a0
[  554.147599][ T8824]  __submit_merged_write_cond+0x255/0x530
[  554.147647][ T8824]  f2fs_write_data_pages+0x261d/0x3000
[  554.147724][ T8824]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  554.147771][ T8824]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  554.147850][ T8824]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  554.147894][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.147923][ T8824]  ? look_up_lock_class+0x74/0x170
[  554.147974][ T8824]  ? trace_f2fs_writepages+0x7f/0x200
[  554.148013][ T8824]  ? f2fs_write_node_pages+0x478/0x6e0
[  554.148057][ T8824]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  554.148099][ T8824]  ? __lock_acquire+0xab9/0xd20
[  554.148134][ T8824]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  554.148161][ T8824]  do_writepages+0x32e/0x550
[  554.148201][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.148228][ T8824]  ? reacquire_held_locks+0x127/0x1d0
[  554.148256][ T8824]  ? writeback_sb_inodes+0x384/0x1010
[  554.148304][ T8824]  __writeback_single_inode+0x145/0xff0
[  554.148340][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.148366][ T8824]  ? do_raw_spin_unlock+0x122/0x240
[  554.148407][ T8824]  writeback_sb_inodes+0x6c7/0x1010
[  554.148480][ T8824]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  554.148574][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.148602][ T8824]  ? rcu_is_watching+0x15/0xb0
[  554.148630][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.148671][ T8824]  wb_writeback+0x43b/0xaf0
[  554.148718][ T8824]  ? queue_io+0x311/0x590
[  554.148759][ T8824]  ? __pfx_wb_writeback+0x10/0x10
[  554.148809][ T8824]  ? _raw_spin_unlock_irq+0x23/0x50
[  554.148851][ T8824]  wb_workfn+0x409/0xef0
[  554.148908][ T8824]  ? __pfx_wb_workfn+0x10/0x10
[  554.148948][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.148974][ T8824]  ? __lock_acquire+0xab9/0xd20
[  554.149015][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.149047][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.149080][ T8824]  ? _raw_spin_unlock_irq+0x23/0x50
[  554.149111][ T8824]  ? process_scheduled_works+0x9ef/0x17b0
[  554.149137][ T8824]  ? process_scheduled_works+0x9ef/0x17b0
[  554.149167][ T8824]  process_scheduled_works+0xae1/0x17b0
[  554.149239][ T8824]  ? __pfx_process_scheduled_works+0x10/0x10
[  554.149279][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.149321][ T8824]  worker_thread+0x8a0/0xda0
[  554.149354][ T8824]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  554.149401][ T8824]  ? __kthread_parkme+0x7b/0x200
[  554.149447][ T8824]  kthread+0x711/0x8a0
[  554.149487][ T8824]  ? __pfx_worker_thread+0x10/0x10
[  554.149514][ T8824]  ? __pfx_kthread+0x10/0x10
[  554.149544][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.149578][ T8824]  ? _raw_spin_unlock_irq+0x23/0x50
[  554.149610][ T8824]  ? srso_alias_return_thunk+0x5/0xfbef5
[  554.149638][ T8824]  ? lockdep_hardirqs_on+0x9c/0x150
[  554.149673][ T8824]  ? __pfx_kthread+0x10/0x10
[  554.149710][ T8824]  ret_from_fork+0x4bc/0x870
[  554.149742][ T8824]  ? __pfx_ret_from_fork+0x10/0x10
[  554.149782][ T8824]  ? __switch_to_asm+0x39/0x70
[  554.149803][ T8824]  ? __switch_to_asm+0x33/0x70
[  554.149823][ T8824]  ? __pfx_kthread+0x10/0x10
[  554.149862][ T8824]  ret_from_fork_asm+0x1a/0x30
[  554.149919][ T8824]  </TASK>
[  554.150298][ T8824] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  554.422200][ T5963] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  554.737383][ T5963] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  554.748190][ T5963] usb 4-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  554.775110][ T5963] usb 4-1: Product: syz
[  554.779287][ T5963] usb 4-1: Manufacturer: syz
[  554.783943][ T5963] usb 4-1: SerialNumber: syz
[  554.795120][ T5963] usb 4-1: config 0 descriptor??
[  554.812899][ T5963] ch341 4-1:0.0: ch341-uart converter detected
[  554.942010][ T5920] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  555.102453][ T5920] usb 3-1: Using ep0 maxpacket: 8
[  555.112610][ T5920] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  555.135024][ T5920] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  555.151768][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.170149][ T5920] usb 3-1: Product: syz
[  555.192315][ T5920] usb 3-1: Manufacturer: syz
[  555.196963][ T5920] usb 3-1: SerialNumber: syz
[  555.213509][ T5920] usb 3-1: config 0 descriptor??
[  555.225604][ T5920] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  555.233693][ T5920] usb 3-1: setting power ON
[  555.238317][ T5920] dvb-usb: bulk message failed: -22 (2/0)
[  555.249172][ T5920] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  555.271937][ T5920] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  555.291675][ T5920] usb 3-1: media controller created
[  555.347465][ T5920] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  555.386559][ T5920] usb 3-1: selecting invalid altsetting 6
[  555.404536][ T5920] usb 3-1: digital interface selection failed (-22)
[  555.433058][T18322] dvb-usb: bulk message failed: -22 (3/0)
[  555.439208][T18322] dvb-usb: bulk message failed: -22 (3/0)
[  555.445852][ T5920] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  555.455531][ T5920] usb 3-1: setting power OFF
[  555.464597][ T5920] dvb-usb: bulk message failed: -22 (2/0)
[  555.470609][ T5920] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  555.479980][ T5920] (NULL device *): no alternate interface
[  555.588391][ T5920] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  555.637589][ T5920] usb 3-1: USB disconnect, device number 28
[  555.837564][ T5963] usb 4-1: failed to send control message: -71
[  555.845320][ T5963] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  555.866822][ T5963] usb 4-1: USB disconnect, device number 15
[  555.884246][ T5963] ch341 4-1:0.0: device disconnected
[  556.098278][T18359] binder: 18358:18359 ioctl c0306201 200000000480 returned -14
[  556.333984][T18370] loop5: detected capacity change from 0 to 2048
[  556.346120][T18370] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  557.030864][T18391] loop5: detected capacity change from 0 to 8192
[  557.040864][T18391] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  557.412660][T18407] batadv_slave_0: entered promiscuous mode
[  557.422012][T18406] batadv_slave_0: left promiscuous mode
[  558.039133][T18435] syzkaller1: entered promiscuous mode
[  558.056513][T18435] syzkaller1: entered allmulticast mode
[  558.520946][T18463] netlink: 'syz.3.4722': attribute type 1 has an invalid length.
[  559.462292][ T5992] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  559.636463][ T5992] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  559.659136][ T5992] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.699427][ T5992] usb 4-1: Product: syz
[  559.717196][ T5992] usb 4-1: Manufacturer: syz
[  559.754278][ T5992] usb 4-1: SerialNumber: syz
[  559.823252][ T5992] usb 4-1: config 0 descriptor??
[  559.861973][ T5992] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -22
[  560.038838][ T5992] usb 4-1: USB disconnect, device number 16
[  561.727667][T18533] vxcan1: entered allmulticast mode
[  561.753364][T18533] vxcan1: left allmulticast mode
[  562.128935][T18544] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4757'.
[  562.171255][T18544] bond1: Invalid ad_actor_system MAC address.
[  562.179471][T18544] bond1: option ad_actor_system: invalid value (7)
[  562.196759][T18544] bond1 (unregistering): Released all slaves
[  562.221592][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  562.384109][T18553] input: syz1 as /devices/virtual/input/input50
[  562.710398][T18565] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 4032
[  563.107986][T18580] syzkaller1: entered promiscuous mode
[  563.113850][T18580] syzkaller1: entered allmulticast mode
[  563.312447][   T43] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  563.362943][T18582] vxcan0: entered allmulticast mode
[  563.373418][T18582] vxcan0: left allmulticast mode
[  563.482219][   T43] usb 6-1: Using ep0 maxpacket: 8
[  563.489665][   T43] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  563.503691][   T43] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  563.513878][   T43] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  563.531089][   T43] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  563.547798][   T43] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  563.557195][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.568260][T18598] dlm: non-version read from control device 4
[  563.780191][   T43] usb 6-1: GET_CAPABILITIES returned 0
[  563.789545][   T43] usbtmc 6-1:16.0: can't read capabilities
[  563.998588][   T43] usb 6-1: USB disconnect, device number 5
[  564.328140][T18612] loop9: detected capacity change from 0 to 256
[  564.356656][T18612] vfat: Unknown parameter '18446744073709551615'
[  565.133944][T18635] netlink: 400 bytes leftover after parsing attributes in process `syz.9.4797'.
[  565.182378][   T43] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  565.350753][   T43] usb 4-1: Using ep0 maxpacket: 32
[  565.366265][   T43] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  565.399240][   T43] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  565.425038][   T43] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  565.444894][   T43] usb 4-1: Product: syz
[  565.449156][   T43] usb 4-1: Manufacturer: syz
[  565.462175][   T43] usb 4-1: SerialNumber: syz
[  565.469920][   T43] usb 4-1: config 0 descriptor??
[  565.483038][T18615] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  565.698258][   T43] usb 4-1: USB disconnect, device number 17
[  566.173139][T18654] overlayfs: failed to clone upperpath
[  566.481357][T18664] loop7: detected capacity change from 0 to 512
[  566.500282][T18664] EXT4-fs: Ignoring removed i_version option
[  566.518902][T18664] EXT4-fs: Ignoring removed bh option
[  566.616906][T18664] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.643264][T18664] ext4 filesystem being mounted at /49/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  566.874000][T17225] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.314791][T18698] netlink: 104 bytes leftover after parsing attributes in process `syz.5.4824'.
[  567.952250][ T5963] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  568.102411][ T5963] usb 6-1: Using ep0 maxpacket: 8
[  568.110211][ T5963] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  568.120330][ T5963] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  568.131443][ T5963] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  568.142351][ T5963] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  568.157209][ T5963] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  568.166507][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.408773][ T5963] usb 6-1: GET_CAPABILITIES returned 0
[  568.414910][ T5963] usbtmc 6-1:16.0: can't read capabilities
[  568.620945][   T43] usb 6-1: USB disconnect, device number 6
[  568.934960][T18696] netlink: 'syz.3.4823': attribute type 12 has an invalid length.
[  568.943008][T18696] netlink: 'syz.3.4823': attribute type 29 has an invalid length.
[  568.950847][T18696] netlink: 148 bytes leftover after parsing attributes in process `syz.3.4823'.
[  568.960389][T18696] netlink: 'syz.3.4823': attribute type 1 has an invalid length.
[  568.968535][T18696] netlink: 'syz.3.4823': attribute type 1 has an invalid length.
[  569.600616][ T5963] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  569.741410][T18734] netlink: 'syz.2.4838': attribute type 21 has an invalid length.
[  569.750890][T18734] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4838'.
[  569.805662][ T5963] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  569.822301][ T5963] usb 6-1: config 0 has no interface number 0
[  569.833530][ T5963] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  569.858945][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.878198][ T5963] usb 6-1: config 0 descriptor??
[  569.887278][ T5963] usb 6-1: selecting invalid altsetting 1
[  569.906025][ T5963] dvb_ttusb_budget: ttusb_init_controller: error
[  569.923403][ T5963] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  570.071952][ T5963] DVB: Unable to find symbol cx22700_attach()
[  570.263872][ T5963] DVB: Unable to find symbol tda10046_attach()
[  570.270057][ T5963] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  570.311751][T18724] loop5: detected capacity change from 0 to 4096
[  570.417429][T18724] ntfs3(loop5): ino=18, mi_enum_attr
[  570.432344][T18724] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  570.472024][T18721] loop3: detected capacity change from 0 to 32768
[  570.472681][T18724] ntfs3(loop5): ino=1a, mi_enum_attr
[  570.551856][   T43] usb 6-1: USB disconnect, device number 7
[  570.558962][T18721] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  570.637527][T18761] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  570.734281][ T5932] hid-generic 0000:0000:0000.002F: unknown main item tag 0x0
[  570.811004][ T5932] hid-generic 0000:0000:0000.002F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  570.864000][T18721] XFS (loop3): Ending clean mount
[  570.881800][T18721] XFS (loop3): Quotacheck needed: Please wait.
[  570.953889][T18721] XFS (loop3): Quotacheck: Done.
[  571.017226][   T30] audit: type=1804 audit(1767713001.352:831): pid=18721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.4834" name="/newroot/225/file0/file1" dev="loop3" ino=9286 res=1 errno=0
[  571.297496][T15115] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  571.672723][T18782] loop5: detected capacity change from 0 to 1024
[  571.719124][T18782] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  571.784692][T18782] ext4 filesystem being mounted at /40/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  571.935288][T18782] EXT4-fs error (device loop5): ext4_map_blocks:814: inode #15: block 3: comm syz.5.4852: lblock 3 mapped to illegal pblock 3 (length 1)
[  571.971654][T18782] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  572.012240][T18782] EXT4-fs (loop5): This should not happen!! Data will be lost
[  572.012240][T18782] 
[  572.036428][T18791] EXT4-fs error (device loop5): ext4_free_blocks:6706: comm syz.5.4852: Freeing blocks not in datazone - block = 3, count = 1
[  572.260589][T18007] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  572.604171][   T43] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  572.653792][T18808] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4864'.
[  572.779604][   T43] usb 4-1: Using ep0 maxpacket: 8
[  572.804382][   T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  572.805635][T18810] syz_tun: entered allmulticast mode
[  572.823994][   T43] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  572.859023][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.887789][T18810] dvmrp6: entered allmulticast mode
[  572.888899][   T43] usb 4-1: config 0 descriptor??
[  572.906124][   T43] gspca_main: vc032x-2.14.0 probing 046d:0892
[  572.910499][T18809] syz_tun: left allmulticast mode
[  573.118827][T18798] loop9: detected capacity change from 0 to 32768
[  573.149337][T18798] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4860 (18798)
[  573.202728][T18798] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  573.223917][T18798] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  573.347204][T18798] BTRFS info (device loop9): enabling ssd optimizations
[  573.362609][T18798] BTRFS info (device loop9): turning on async discard
[  573.397778][T18798] BTRFS info (device loop9): enabling free space tree
[  573.524113][T16088] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  573.544650][T18848] loop5: detected capacity change from 0 to 128
[  573.561527][T18848] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  573.598019][T18848] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  573.914418][   T43] gspca_vc032x: reg_r err -71
[  573.917869][T18855] loop5: detected capacity change from 0 to 1024
[  573.919868][   T43] vc032x 4-1:0.0: probe with driver vc032x failed with error -71
[  573.991521][   T43] usb 4-1: USB disconnect, device number 18
[  574.042442][T18855] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  574.049559][T18855] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  574.164713][T18859] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  574.204362][T18859] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  574.892768][ T5904] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  574.945198][T18865] loop7: detected capacity change from 0 to 32768
[  575.044611][T18865] ocfs2: Mounting device (7,7) on (node local, slot 0) with writeback data mode.
[  575.061400][ T8824] hfsplus: b-tree write err: -5, ino 4
[  575.072373][ T5904] usb 10-1: config 4 has an invalid interface number: 28 but max is 0
[  575.089486][ T8824] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  575.143916][ T5904] usb 10-1: config 4 has no interface number 0
[  575.157990][T18865] syz.7.4882 (18865) used greatest stack depth: 17928 bytes left
[  575.197361][ T5904] usb 10-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a
[  575.228308][ T5904] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.247729][T17225] ocfs2: Unmounting device (7,7) on (node local)
[  575.256626][ T5904] usb 10-1: Product: syz
[  575.271180][ T5904] usb 10-1: Manufacturer: syz
[  575.291398][ T5904] usb 10-1: SerialNumber: syz
[  575.328802][ T5904] input: bcm5974 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:4.28/input/input51
[  575.475747][T18874] loop3: detected capacity change from 0 to 40427
[  575.506149][T18874] F2FS-fs (loop3): invalid crc value
[  575.556435][ T5177] bcm5974 10-1:4.28: could not read from device
[  575.579567][ T5177] bcm5974 10-1:4.28: could not read from device
[  575.589880][ T5904] usb 10-1: USB disconnect, device number 9
[  575.600969][ T5177] bcm5974 10-1:4.28: could not read from device
[  575.700837][T18874] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  575.760413][T18874] F2FS-fs (loop3): Start checkpoint disabled!
[  575.788413][T18874] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  575.794876][T18898] syzkaller1: entered promiscuous mode
[  575.823177][T18874] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  575.836662][T18898] syzkaller1: entered allmulticast mode
[  575.911540][T18874] syz.3.4887: attempt to access beyond end of device
[  575.911540][T18874] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  576.020209][ T8137] kworker/u8:57: attempt to access beyond end of device
[  576.020209][ T8137] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  576.045934][T18909] loop7: detected capacity change from 0 to 2048
[  576.062342][T18910] sctp: [Deprecated]: syz.6.4898 (pid 18910) Use of struct sctp_assoc_value in delayed_ack socket option.
[  576.062342][T18910] Use struct sctp_sack_info instead
[  576.062374][ T8137] CPU: 0 UID: 0 PID: 8137 Comm: kworker/u8:57 Not tainted syzkaller #0 PREEMPT(full) 
[  576.062401][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  576.062418][ T8137] Workqueue: writeback wb_workfn (flush-7:3)
[  576.062457][ T8137] Call Trace:
[  576.062468][ T8137]  <TASK>
[  576.062479][ T8137]  dump_stack_lvl+0x189/0x250
[  576.062521][ T8137]  ? __pfx_dump_stack_lvl+0x10/0x10
[  576.062556][ T8137]  ? __pfx_queue_work_on+0x10/0x10
[  576.062590][ T8137]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  576.062626][ T8137]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  576.062679][ T8137]  f2fs_handle_critical_error+0x37c/0x540
[  576.062727][ T8137]  f2fs_write_end_io+0x886/0xb60
[  576.062781][ T8137]  __submit_merged_bio+0x27a/0x6a0
[  576.062828][ T8137]  __submit_merged_write_cond+0x255/0x530
[  576.062876][ T8137]  f2fs_write_data_pages+0x261d/0x3000
[  576.062952][ T8137]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  576.062998][ T8137]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  576.063079][ T8137]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  576.063136][ T8137]  ? trace_f2fs_writepages+0x7f/0x200
[  576.063175][ T8137]  ? f2fs_write_node_pages+0x478/0x6e0
[  576.063219][ T8137]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  576.063263][ T8137]  ? __lock_acquire+0xab9/0xd20
[  576.063300][ T8137]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  576.063328][ T8137]  do_writepages+0x32e/0x550
[  576.063368][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.063396][ T8137]  ? reacquire_held_locks+0x127/0x1d0
[  576.063425][ T8137]  ? writeback_sb_inodes+0x384/0x1010
[  576.063474][ T8137]  __writeback_single_inode+0x145/0xff0
[  576.063510][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.063537][ T8137]  ? do_raw_spin_unlock+0x122/0x240
[  576.063584][ T8137]  writeback_sb_inodes+0x6c7/0x1010
[  576.063660][ T8137]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  576.063756][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.063783][ T8137]  ? rcu_is_watching+0x15/0xb0
[  576.063813][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.063854][ T8137]  wb_writeback+0x43b/0xaf0
[  576.063902][ T8137]  ? queue_io+0x311/0x590
[  576.063942][ T8137]  ? __pfx_wb_writeback+0x10/0x10
[  576.063991][ T8137]  ? _raw_spin_unlock_irq+0x23/0x50
[  576.064033][ T8137]  wb_workfn+0x409/0xef0
[  576.064086][ T8137]  ? __pfx_wb_workfn+0x10/0x10
[  576.064123][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.064150][ T8137]  ? __lock_acquire+0xab9/0xd20
[  576.064193][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.064226][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.064259][ T8137]  ? _raw_spin_unlock_irq+0x23/0x50
[  576.064291][ T8137]  ? process_scheduled_works+0x9ef/0x17b0
[  576.064318][ T8137]  ? process_scheduled_works+0x9ef/0x17b0
[  576.064349][ T8137]  process_scheduled_works+0xae1/0x17b0
[  576.064422][ T8137]  ? __pfx_process_scheduled_works+0x10/0x10
[  576.064461][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.064503][ T8137]  worker_thread+0x8a0/0xda0
[  576.064572][ T8137]  kthread+0x711/0x8a0
[  576.064626][ T8137]  ? __pfx_worker_thread+0x10/0x10
[  576.064653][ T8137]  ? __pfx_kthread+0x10/0x10
[  576.064684][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.064718][ T8137]  ? _raw_spin_unlock_irq+0x23/0x50
[  576.064749][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  576.064776][ T8137]  ? lockdep_hardirqs_on+0x9c/0x150
[  576.064810][ T8137]  ? __pfx_kthread+0x10/0x10
[  576.064847][ T8137]  ret_from_fork+0x4bc/0x870
[  576.064879][ T8137]  ? __pfx_ret_from_fork+0x10/0x10
[  576.064917][ T8137]  ? __switch_to_asm+0x39/0x70
[  576.064938][ T8137]  ? __switch_to_asm+0x33/0x70
[  576.064957][ T8137]  ? __pfx_kthread+0x10/0x10
[  576.064994][ T8137]  ret_from_fork_asm+0x1a/0x30
[  576.065043][ T8137]  </TASK>
[  576.065055][ T8137] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  576.083819][T18909] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  576.486140][T18909] overlayfs: failed to create directory ./bus/work (errno: 1); mounting read-only
[  576.497761][T18909] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  576.508434][T18909] overlayfs: failed to get uuid (/file0, err=-95); falling back to uuid=null.
[  576.575756][T17225] UDF-fs: error (device loop7): udf_read_inode: (ino 1317) failed !bh
[  576.588188][T17225] UDF-fs: error (device loop7): udf_read_inode: (ino 1317) failed !bh
[  576.613321][T18923] loop5: detected capacity change from 0 to 128
[  576.665295][T18923] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  576.670496][   T10] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  576.692308][T18923] ext4 filesystem being mounted at /54/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  576.782450][T18007] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  576.854725][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  576.870124][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.892387][   T10] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  576.902264][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.924735][   T10] usb 3-1: config 0 descriptor??
[  577.078637][ T8824] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.227312][ T8824] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.375334][ T8824] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.392585][   T10] savu 0003:1E7D:2D5A.0030: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  577.652040][T18944] loop5: detected capacity change from 0 to 1024
[  577.700661][T15407] usb 3-1: USB disconnect, device number 29
[  577.738587][ T8824] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.186289][ T8824] bridge_slave_1: left allmulticast mode
[  578.222783][ T8824] bridge_slave_1: left promiscuous mode
[  578.228598][ T8824] bridge0: port 2(bridge_slave_1) entered disabled state
[  578.334119][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  578.347619][ T8824] bridge_slave_0: left allmulticast mode
[  578.357275][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  578.366700][ T8824] bridge_slave_0: left promiscuous mode
[  578.373159][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  578.381062][ T8824] bridge0: port 1(bridge_slave_0) entered disabled state
[  578.389107][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  578.397960][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  579.055126][T18965] loop5: detected capacity change from 0 to 32768
[  579.176428][T18965] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  579.451160][T18965] XFS (loop5): Ending clean mount
[  579.477038][T18965] XFS (loop5): Quotacheck needed: Please wait.
[  579.558699][T18965] XFS (loop5): Quotacheck: Done.
[  579.684524][T19003] input: syz1 as /devices/virtual/input/input52
[  579.788811][T18007] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  580.066585][    C1] vkms_vblank_simulate: vblank timer overrun
[  580.109345][T19007] loop3: detected capacity change from 0 to 4096
[  580.266378][    C1] vkms_vblank_simulate: vblank timer overrun
[  580.301520][ T8824] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  580.332686][ T8824] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  580.355630][ T8824] bond0 (unregistering): Released all slaves
[  580.452308][ T5835] Bluetooth: hci0: command tx timeout
[  580.845911][T19025] overlayfs: invalid origin (000000790065726c6179000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  581.560586][T19032] loop3: detected capacity change from 0 to 32768
[  581.600593][T19039] loop5: detected capacity change from 0 to 2048
[  581.632956][T19032] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  581.644634][T19039] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  581.660557][ T8824] hsr_slave_0: left promiscuous mode
[  581.670635][ T8824] hsr_slave_1: left promiscuous mode
[  581.688819][ T8824] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  581.697693][ T8824] batman_adv: batadv0: Removing interface: batadv_slave_0
[  581.710705][   T30] audit: type=1800 audit(1767713012.042:832): pid=19039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4952" name="file1" dev="loop5" ino=1415 res=0 errno=0
[  581.736776][ T8824] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  581.747873][ T8824] batman_adv: batadv0: Removing interface: batadv_slave_1
[  581.754824][T15115] ocfs2: Unmounting device (7,3) on (node local)
[  581.755090][   T30] audit: type=1800 audit(1767713012.042:833): pid=19039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4952" name="file1" dev="loop5" ino=1415 res=0 errno=0
[  581.832691][ T8824] veth1_macvtap: left promiscuous mode
[  581.838450][ T8824] veth0_macvtap: left promiscuous mode
[  581.845337][ T8824] veth1_vlan: left promiscuous mode
[  581.850833][ T8824] veth0_vlan: left promiscuous mode
[  582.187396][   T10] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  582.342329][   T10] usb 10-1: Using ep0 maxpacket: 8
[  582.388576][   T10] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  582.404946][   T10] usb 10-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  582.425632][   T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.485600][   T10] usb 10-1: config 0 descriptor??
[  582.496483][T19059] loop3: detected capacity change from 0 to 4096
[  582.522623][   T10] gspca_main: vc032x-2.14.0 probing 046d:0892
[  582.532219][ T5835] Bluetooth: hci0: command tx timeout
[  582.641554][T19059] ntfs3(loop3): ino=5, "/" mi_enum_attr
[  583.035866][ T8824] team0 (unregistering): Port device team_slave_1 removed
[  583.066133][    C1] vkms_vblank_simulate: vblank timer overrun
[  583.130055][ T8824] team0 (unregistering): Port device team_slave_0 removed
[  583.548087][   T10] gspca_vc032x: reg_r err -71
[  583.553214][   T10] vc032x 10-1:0.0: probe with driver vc032x failed with error -71
[  583.566739][   T10] usb 10-1: USB disconnect, device number 10
[  583.918933][T19074] team_slave_0: entered promiscuous mode
[  583.925042][T19074] team_slave_1: entered promiscuous mode
[  583.932542][T19074] macsec1: entered promiscuous mode
[  583.937763][T19074] team0: entered promiscuous mode
[  583.943483][T19074] macsec1: entered allmulticast mode
[  583.948770][T19074] team0: entered allmulticast mode
[  583.953941][T19074] team_slave_0: entered allmulticast mode
[  583.959656][T19074] team_slave_1: entered allmulticast mode
[  583.967106][T19074] team0: Device macsec1 is already an upper device of the team interface
[  583.977496][T19074] team0: left allmulticast mode
[  583.982391][T19074] team_slave_0: left allmulticast mode
[  583.987842][T19074] team_slave_1: left allmulticast mode
[  583.993384][T19074] team0: left promiscuous mode
[  583.998933][T19074] team_slave_0: left promiscuous mode
[  584.004394][T19074] team_slave_1: left promiscuous mode
[  584.120644][T18966] chnl_net:caif_netlink_parms(): no params data found
[  584.286506][T19082] loop3: detected capacity change from 0 to 256
[  584.303149][T19082] exfat: Deprecated parameter 'namecase'
[  584.379098][T19082] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  584.575902][T18966] bridge0: port 1(bridge_slave_0) entered blocking state
[  584.598735][T18966] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.612852][ T5835] Bluetooth: hci0: command tx timeout
[  584.616720][T18966] bridge_slave_0: entered allmulticast mode
[  584.641809][T18966] bridge_slave_0: entered promiscuous mode
[  584.660455][T18966] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.680988][T18966] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.694292][T19083] loop9: detected capacity change from 0 to 32768
[  584.706853][T18966] bridge_slave_1: entered allmulticast mode
[  584.720696][T18966] bridge_slave_1: entered promiscuous mode
[  584.727398][T19083] ocfs2: Mounting device (7,9) on (node local, slot 0) with writeback data mode.
[  584.794338][T18966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  584.817884][T18966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  584.839058][T16088] ocfs2: Unmounting device (7,9) on (node local)
[  584.903052][T19098] loop3: detected capacity change from 0 to 2048
[  584.947093][T18966] team0: Port device team_slave_0 added
[  584.967480][T19098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  584.995788][T18966] team0: Port device team_slave_1 added
[  585.008399][T19098] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  585.051390][T19105] loop5: detected capacity change from 0 to 256
[  585.103168][T19105] exfat: Deprecated parameter 'utf8'
[  585.121027][T19105] exfat: Deprecated parameter 'namecase'
[  585.138116][T15115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  585.147394][T19109] syzkaller1: entered promiscuous mode
[  585.154653][T19109] syzkaller1: entered allmulticast mode
[  585.176863][T19105] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  585.249264][T18966] batman_adv: batadv0: Adding interface: batadv_slave_0
[  585.271207][T18966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  585.352405][T18966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  585.384371][T18966] batman_adv: batadv0: Adding interface: batadv_slave_1
[  585.391328][T18966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  585.460785][T18966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  585.816479][T18966] hsr_slave_0: entered promiscuous mode
[  585.853473][T18966] hsr_slave_1: entered promiscuous mode
[  585.859902][T18966] debugfs: 'hsr0' already exists in 'hsr'
[  585.893091][T18966] Cannot create hsr debugfs directory
[  586.075361][T19111] loop3: detected capacity change from 0 to 32768
[  586.130373][T19111] JBD2: Ignoring recovery information on journal
[  586.193491][T19111] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  586.370416][T15115] ocfs2: Unmounting device (7,3) on (node local)
[  586.571118][ T8089] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  586.600955][ T8089] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  586.675074][ T8089] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  586.694358][ T5835] Bluetooth: hci0: command tx timeout
[  586.695056][ T8089] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  586.765782][T19139] loop5: detected capacity change from 0 to 256
[  587.382268][ T5992] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[  587.568482][ T5992] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  587.588883][ T5992] usb 3-1: config 0 has no interface number 0
[  587.591665][T18966] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  587.618458][ T5992] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  587.637479][T18966] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  587.637864][ T5992] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  587.669050][T18966] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  587.684691][ T5992] usb 3-1: config 0 descriptor??
[  587.695534][T18966] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  587.706002][ T5992] usb 3-1: selecting invalid altsetting 1
[  587.722416][ T5992] dvb_ttusb_budget: ttusb_init_controller: error
[  587.735476][ T5992] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  587.856048][ T5992] DVB: Unable to find symbol cx22700_attach()
[  587.913410][ T5992] DVB: Unable to find symbol tda10046_attach()
[  587.946179][ T5992] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  588.023490][T18966] 8021q: adding VLAN 0 to HW filter on device bond0
[  588.080211][T18966] 8021q: adding VLAN 0 to HW filter on device team0
[  588.151763][ T8114] bridge0: port 1(bridge_slave_0) entered blocking state
[  588.159090][ T8114] bridge0: port 1(bridge_slave_0) entered forwarding state
[  588.184443][ T8114] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.191631][ T8114] bridge0: port 2(bridge_slave_1) entered forwarding state
[  588.256970][ T5963] usb 3-1: USB disconnect, device number 30
[  588.592195][ T5992] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  588.764778][ T5992] usb 6-1: Using ep0 maxpacket: 16
[  588.790457][ T5992] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  588.809658][ T5992] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  588.854079][ T5992] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  588.887650][ T5992] usb 6-1: config 1 interface 0 has no altsetting 0
[  588.916011][ T5992] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  588.936650][ T5992] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.953476][ T5992] usb 6-1: Product: syz
[  588.957874][ T5992] usb 6-1: Manufacturer: syz
[  588.973497][ T5992] usb 6-1: SerialNumber: syz
[  589.198819][ T5992] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  589.219342][T18966] 8021q: adding VLAN 0 to HW filter on device batadv0
[  589.404869][ T5932] usb 6-1: USB disconnect, device number 8
[  589.425211][T18966] veth0_vlan: entered promiscuous mode
[  589.436854][ T5932] usblp0: removed
[  589.479985][T18966] veth1_vlan: entered promiscuous mode
[  589.495914][T19176] loop9: detected capacity change from 0 to 32768
[  589.596792][T19176] JBD2: Ignoring recovery information on journal
[  589.726354][T18966] veth0_macvtap: entered promiscuous mode
[  589.771094][T19176] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  589.785593][T18966] veth1_macvtap: entered promiscuous mode
[  589.820970][T18966] batman_adv: batadv0: Interface activated: batadv_slave_0
[  589.842767][T18966] batman_adv: batadv0: Interface activated: batadv_slave_1
[  589.884829][ T8114] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  589.892733][ T5835] Bluetooth: hci3: command 0x0406 tx timeout
[  589.917661][ T8114] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  589.950869][ T8114] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  589.977822][ T8114] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  589.998982][T16088] ocfs2: Unmounting device (7,9) on (node local)
[  590.256680][ T8114] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.287206][ T8114] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  590.312573][T19208] loop3: detected capacity change from 0 to 256
[  590.387367][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  590.408654][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  590.971877][T19204] loop5: detected capacity change from 0 to 32768
[  590.983140][T19204] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.5008 (19204)
[  591.008060][T19204] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  591.032754][T19204] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  591.157013][T19204] BTRFS info (device loop5): enabling ssd optimizations
[  591.174040][T19204] BTRFS info (device loop5): turning on async discard
[  591.187145][T19204] BTRFS info (device loop5): enabling free space tree
[  591.399903][T18007] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  592.285130][T19256] loop3: detected capacity change from 0 to 40427
[  592.298493][T19268] loop5: detected capacity change from 0 to 512
[  592.326483][T19256] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  592.362848][T19256] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  592.411325][T19256] F2FS-fs (loop3): invalid crc value
[  592.434441][T19268] EXT4-fs error (device loop5): ext4_iget_extra_inode:5075: inode #15: comm syz.5.5028: corrupted in-inode xattr: invalid ea_ino
[  592.525826][T19268] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.5028: couldn't read orphan inode 15 (err -117)
[  592.626455][T19268] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  592.684528][T19275] loop9: detected capacity change from 0 to 16
[  592.723927][T19275] erofs (device loop9): mounted with root inode @ nid 36.
[  592.752024][T18007] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.807447][T19256] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  592.829447][T19275] erofs (device loop9): readahead error at folio 6 @ nid 36
[  592.860372][T19256] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  592.881766][T19275] erofs (device loop9): readahead error at folio 4 @ nid 36
[  592.885207][T19256] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  592.911992][T19275] erofs (device loop9): bogus lookback distance 1 @ lcn 0 of nid 36
[  592.972321][T19275] erofs (device loop9): readahead error at folio 0 @ nid 36
[  592.981460][T19275] syz.9.5031: attempt to access beyond end of device
[  592.981460][T19275] loop9: rw=524288, sector=296, nr_sectors = 16 limit=16
[  593.038827][T19275] syz.9.5031: attempt to access beyond end of device
[  593.038827][T19275] loop9: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  593.093138][T19275] syz.9.5031: attempt to access beyond end of device
[  593.093138][T19275] loop9: rw=524288, sector=8, nr_sectors = 16 limit=16
[  593.127382][T19275] syz.9.5031: attempt to access beyond end of device
[  593.127382][T19275] loop9: rw=524288, sector=720, nr_sectors = 16 limit=16
[  593.206770][T19281] erofs (device loop9): bogus lookback distance 1 @ lcn 0 of nid 36
[  593.242406][T19281] syz.9.5031: attempt to access beyond end of device
[  593.242406][T19281] loop9: rw=0, sector=296, nr_sectors = 8 limit=16
[  593.290289][T19281] erofs (device loop9): read error -5 @ 0 of nid 36
[  593.290382][T19275] erofs (device loop9): bogus lookback distance 1 @ lcn 0 of nid 36
[  593.332351][T19275] syz.9.5031: attempt to access beyond end of device
[  593.332351][T19275] loop9: rw=0, sector=296, nr_sectors = 8 limit=16
[  593.382480][T19281] erofs (device loop9): failed to readdir of logical block 0 of nid 36
[  593.430643][T19275] erofs (device loop9): read error -5 @ 0 of nid 36
[  593.435314][T19293] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5040'.
[  593.445441][T19275] erofs (device loop9): failed to readdir of logical block 0 of nid 36
[  593.447262][T19293] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5040'.
[  593.536041][T19293] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5040'.
[  593.582611][T19293] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5040'.
[  595.351656][T19352] loop5: detected capacity change from 0 to 4096
[  595.464243][T19352] ntfs3(loop5): ino=18, mi_enum_attr
[  595.469573][T19352] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  595.512715][T19352] ntfs3(loop5): ino=1a, mi_enum_attr
[  595.587912][ T5932] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  595.762331][ T5932] usb 3-1: Using ep0 maxpacket: 16
[  595.783437][ T5932] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  595.795278][ T5932] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  595.832497][ T5932] usb 3-1: config 0 interface 0 has no altsetting 0
[  595.849453][ T5932] usb 3-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  595.902463][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.932890][ T5932] usb 3-1: config 0 descriptor??
[  596.008086][T19345] loop9: detected capacity change from 0 to 32768
[  596.050247][T19345] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  596.339883][T19345] XFS (loop9): Ending clean mount
[  596.359062][ T5932] hid (null): invalid report_size 21303
[  596.365470][ T5932] hid (null): unknown global tag 0xc
[  596.379417][ T5932] cougar 0003:060B:500A.0031: usage count exceeds max: fixing up report descriptor
[  596.425463][ T5932] cougar 0003:060B:500A.0031: unexpected long global item
[  596.428795][T19345] XFS (loop9): Quotacheck needed: Please wait.
[  596.455959][ T5932] cougar 0003:060B:500A.0031: parse failed
[  596.461882][ T5932] cougar 0003:060B:500A.0031: probe with driver cougar failed with error -22
[  596.523933][T19381] syzkaller1: entered promiscuous mode
[  596.531962][T19345] XFS (loop9): Quotacheck: Done.
[  596.563686][ T5932] usb 3-1: USB disconnect, device number 31
[  596.582994][T19381] syzkaller1: entered allmulticast mode
[  596.831002][T19387] batadv_slave_0: entered promiscuous mode
[  596.881731][T19386] batadv_slave_0: left promiscuous mode
[  597.046801][T16088] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  597.283604][T19396] sctp: [Deprecated]: syz.3.5076 (pid 19396) Use of struct sctp_assoc_value in delayed_ack socket option.
[  597.283604][T19396] Use struct sctp_sack_info instead
[  597.982659][T14573] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  598.194937][T14573] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  598.222249][T14573] usb 1-1: config 0 has no interface number 0
[  598.228403][T14573] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  598.254338][T14573] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.295075][T14573] usb 1-1: config 0 descriptor??
[  598.306643][T14573] usb 1-1: selecting invalid altsetting 1
[  598.332330][T14573] dvb_ttusb_budget: ttusb_init_controller: error
[  598.352182][T14573] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  598.530064][T14573] DVB: Unable to find symbol cx22700_attach()
[  598.667990][T14573] DVB: Unable to find symbol tda10046_attach()
[  598.706019][T14573] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  598.857797][ T5932] usb 1-1: USB disconnect, device number 23
[  598.908681][T19428] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  599.164576][T19433] loop3: detected capacity change from 0 to 16
[  599.185215][T19433] erofs (device loop3): mounted with root inode @ nid 36.
[  599.231640][T19433] erofs (device loop3): readahead error at folio 6 @ nid 36
[  599.246891][T19433] erofs (device loop3): readahead error at folio 4 @ nid 36
[  599.282436][T19433] erofs (device loop3): bogus lookback distance 1 @ lcn 0 of nid 36
[  599.293426][T19433] erofs (device loop3): readahead error at folio 0 @ nid 36
[  599.314382][T19433] syz.3.5090: attempt to access beyond end of device
[  599.314382][T19433] loop3: rw=524288, sector=296, nr_sectors = 16 limit=16
[  599.329244][T19433] syz.3.5090: attempt to access beyond end of device
[  599.329244][T19433] loop3: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  599.374378][T19433] syz.3.5090: attempt to access beyond end of device
[  599.374378][T19433] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16
[  599.403545][T19433] syz.3.5090: attempt to access beyond end of device
[  599.403545][T19433] loop3: rw=524288, sector=720, nr_sectors = 16 limit=16
[  599.473992][T19434] erofs (device loop3): bogus lookback distance 1 @ lcn 0 of nid 36
[  599.482602][T19434] syz.3.5090: attempt to access beyond end of device
[  599.482602][T19434] loop3: rw=0, sector=296, nr_sectors = 8 limit=16
[  599.551975][T19434] erofs (device loop3): read error -5 @ 0 of nid 36
[  599.580345][T19434] erofs (device loop3): failed to readdir of logical block 0 of nid 36
[  599.625851][T19433] erofs (device loop3): bogus lookback distance 1 @ lcn 0 of nid 36
[  599.685284][T19433] syz.3.5090: attempt to access beyond end of device
[  599.685284][T19433] loop3: rw=0, sector=296, nr_sectors = 8 limit=16
[  599.731255][T19433] erofs (device loop3): read error -5 @ 0 of nid 36
[  599.757935][T19433] erofs (device loop3): failed to readdir of logical block 0 of nid 36
[  600.212508][T14573] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  600.376607][T14573] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  600.414669][T14573] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  600.442349][T14573] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  600.459745][T14573] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  600.474778][T14573] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  600.489570][T14573] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  600.502153][T14573] usb 4-1: Manufacturer: syz
[  600.520064][T14573] usb 4-1: config 0 descriptor??
[  600.949172][T14573] appleir 0003:05AC:8243.0032: unknown main item tag 0x0
[  600.962610][ T5932] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  600.979263][T14573] appleir 0003:05AC:8243.0032: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  601.003694][T19480] dlm: non-version read from control device 4
[  601.062432][   T10] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  601.117043][ T5932] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  601.130187][ T5932] usb 6-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  601.138937][ T5932] usb 6-1: Product: syz
[  601.143578][ T5932] usb 6-1: Manufacturer: syz
[  601.148490][ T5932] usb 6-1: SerialNumber: syz
[  601.156546][ T5932] usb 6-1: config 0 descriptor??
[  601.173246][ T5932] ch341 6-1:0.0: ch341-uart converter detected
[  601.216933][T14573] usb 4-1: USB disconnect, device number 19
[  601.231647][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.258609][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  601.270935][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  601.306294][   T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  601.329155][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.347892][T19487] loop9: detected capacity change from 0 to 4096
[  601.359575][   T10] usb 3-1: config 0 descriptor??
[  601.787201][   T10] plantronics 0003:047F:FFFF.0033: reserved main item tag 0xe
[  601.832495][   T10] plantronics 0003:047F:FFFF.0033: unknown main item tag 0x0
[  601.863065][   T10] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  601.978829][T19511] loop3: detected capacity change from 0 to 1024
[  602.038203][T19511] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  602.064810][   T43] usb 3-1: USB disconnect, device number 32
[  602.187224][ T5932] usb 6-1: failed to send control message: -71
[  602.215699][ T5932] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  602.296812][ T5932] usb 6-1: USB disconnect, device number 9
[  602.353863][ T5932] ch341 6-1:0.0: device disconnected
[  602.416526][T15115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.713431][T19549] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.5126'.
[  603.331096][ T5840] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  603.343254][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: kworker/u9:7 Not tainted syzkaller #0 PREEMPT(full) 
[  603.343288][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  603.343306][ T5840] Workqueue: hci4 hci_rx_work
[  603.343341][ T5840] Call Trace:
[  603.343352][ T5840]  <TASK>
[  603.343363][ T5840]  dump_stack_lvl+0x189/0x250
[  603.343405][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  603.343441][ T5840]  ? __pfx__printk+0x10/0x10
[  603.343475][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.343504][ T5840]  ? kernfs_path_from_node+0x250/0x290
[  603.343537][ T5840]  ? kernfs_path_from_node+0x2f/0x290
[  603.343574][ T5840]  sysfs_create_dir_ns+0x259/0x280
[  603.343610][ T5840]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  603.343645][ T5840]  ? do_raw_spin_unlock+0x122/0x240
[  603.343687][ T5840]  kobject_add_internal+0x59f/0xb40
[  603.343724][ T5840]  kobject_add+0x155/0x220
[  603.343747][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.343782][ T5840]  ? __pfx_kobject_add+0x10/0x10
[  603.343807][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.343834][ T5840]  ? _raw_spin_unlock+0x28/0x50
[  603.343868][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.343900][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.343927][ T5840]  ? get_device_parent+0x366/0x3a0
[  603.343964][ T5840]  device_add+0x408/0xb50
[  603.343998][ T5840]  hci_conn_add_sysfs+0xd5/0x1e0
[  603.344031][ T5840]  le_conn_complete_evt+0xf39/0x1500
[  603.344086][ T5840]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  603.344124][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.344152][ T5840]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  603.344189][ T5840]  ? __asan_memcpy+0x40/0x70
[  603.344229][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.344261][ T5840]  ? skb_pull_data+0xfb/0x200
[  603.344300][ T5840]  hci_le_conn_complete_evt+0x187/0x450
[  603.344346][ T5840]  hci_event_packet+0x78f/0x1200
[  603.344381][ T5840]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  603.344421][ T5840]  ? __pfx_hci_event_packet+0x10/0x10
[  603.344454][ T5840]  ? kcov_remote_start+0x4d3/0x7f0
[  603.344476][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.344503][ T5840]  ? local_clock_noinstr+0xe0/0xe0
[  603.344540][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.344566][ T5840]  ? hci_send_to_monitor+0xe2/0x570
[  603.344608][ T5840]  hci_rx_work+0x46a/0xe80
[  603.344648][ T5840]  ? process_scheduled_works+0x9ef/0x17b0
[  603.344678][ T5840]  process_scheduled_works+0xae1/0x17b0
[  603.344740][ T5840]  ? __pfx_process_scheduled_works+0x10/0x10
[  603.344777][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.344815][ T5840]  worker_thread+0x8a0/0xda0
[  603.344880][ T5840]  kthread+0x711/0x8a0
[  603.344919][ T5840]  ? __pfx_worker_thread+0x10/0x10
[  603.344947][ T5840]  ? __pfx_kthread+0x10/0x10
[  603.344978][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.345011][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  603.345045][ T5840]  ? srso_alias_return_thunk+0x5/0xfbef5
[  603.345073][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  603.345108][ T5840]  ? __pfx_kthread+0x10/0x10
[  603.345144][ T5840]  ret_from_fork+0x4bc/0x870
[  603.345175][ T5840]  ? __pfx_ret_from_fork+0x10/0x10
[  603.345211][ T5840]  ? __switch_to_asm+0x39/0x70
[  603.345232][ T5840]  ? __switch_to_asm+0x33/0x70
[  603.345252][ T5840]  ? __pfx_kthread+0x10/0x10
[  603.345288][ T5840]  ret_from_fork_asm+0x1a/0x30
[  603.345332][ T5840]  </TASK>
[  603.345861][ T5840] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  603.699027][ T5840] Bluetooth: hci4: failed to register connection device
[  603.712407][ T5840] Bluetooth: hci4: link tx timeout
[  603.718726][ T5840] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  603.732885][ T5840] Bluetooth: hci4: link tx timeout
[  603.741232][ T5840] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  603.874325][T19584] netlink: 'syz.9.5138': attribute type 33 has an invalid length.
[  603.882896][T19584] netlink: 51 bytes leftover after parsing attributes in process `syz.9.5138'.
[  604.977296][T19628] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5170'.
[  605.310441][T19627] loop3: detected capacity change from 0 to 32768
[  605.347423][T19627] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  605.360749][T19627] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  605.439975][T19627] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 5ms
[  605.444607][T19628] batman_adv: batadv0: Removing interface: batadv_slave_1
[  605.461488][ T5904] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  605.468663][ T5904] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  605.740612][ T5904] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 271ms
[  605.763972][ T5904] gfs2: fsid=syz:syz.0: jid=0: Done
[  605.769264][T19627] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  605.795051][T19627] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  605.805214][T19627] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 12 2341, function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 590
[  605.819983][T19627] gfs2: fsid=syz:syz.0: G:  s:SH n:2/925 f:aqo t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1
[  605.829091][T19627] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:19627 [syz.3.5158] __gfs2_lookup+0x8f/0x270
[  605.841971][T19627] gfs2: fsid=syz:syz.0:  I: n:12/2341 t:4 f:0x00 d:0x00000001 s:3864 p:0
[  605.850453][T19627] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  605.857800][T19627] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  605.866855][T19627] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  605.873788][T19627] gfs2: fsid=syz:syz.0: File system withdrawn
[  605.879879][T19627] CPU: 1 UID: 0 PID: 19627 Comm: syz.3.5158 Not tainted syzkaller #0 PREEMPT(full) 
[  605.879915][T19627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  605.879931][T19627] Call Trace:
[  605.879942][T19627]  <TASK>
[  605.879953][T19627]  dump_stack_lvl+0x189/0x250
[  605.879993][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.880025][T19627]  ? __pfx_dump_stack_lvl+0x10/0x10
[  605.880057][T19627]  ? __pfx__printk+0x10/0x10
[  605.880084][T19627]  ? kobject_uevent_env+0x36b/0x8c0
[  605.880124][T19627]  gfs2_withdraw+0xb30/0x1430
[  605.880178][T19627]  ? __pfx_gfs2_withdraw+0x10/0x10
[  605.880215][T19627]  ? __pfx__printk+0x10/0x10
[  605.880246][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.880275][T19627]  ? gfs2_consist_inode_i+0xf5/0x110
[  605.880314][T19627]  gfs2_dirent_scan+0x545/0x690
[  605.880351][T19627]  ? __pfx_gfs2_dirent_find+0x10/0x10
[  605.880390][T19627]  gfs2_dirent_search+0x2cb/0x710
[  605.880425][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.880453][T19627]  ? __pfx_gfs2_dirent_find+0x10/0x10
[  605.880488][T19627]  ? __pfx___might_resched+0x10/0x10
[  605.880517][T19627]  ? __pfx_gfs2_dirent_search+0x10/0x10
[  605.880552][T19627]  ? __pfx_gfs2_permission+0x10/0x10
[  605.880588][T19627]  ? gfs2_glock_nq+0x10c7/0x1830
[  605.880645][T19627]  gfs2_dir_search+0x4c/0x220
[  605.880685][T19627]  gfs2_lookupi+0x3d9/0x5a0
[  605.880730][T19627]  ? __pfx_gfs2_lookupi+0x10/0x10
[  605.880765][T19627]  ? d_alloc_parallel+0x14ac/0x1610
[  605.880801][T19627]  ? __gfs2_lookup+0x8f/0x270
[  605.880830][T19627]  ? d_alloc_parallel+0x366/0x1610
[  605.880858][T19627]  ? lockref_put_or_lock+0x71/0xc0
[  605.880892][T19627]  __gfs2_lookup+0x8f/0x270
[  605.880914][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.880942][T19627]  ? __lock_acquire+0xab9/0xd20
[  605.880969][T19627]  ? __pfx___gfs2_lookup+0x10/0x10
[  605.880990][T19627]  ? look_up_lock_class+0x74/0x170
[  605.881032][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881059][T19627]  ? __raw_spin_lock_init+0x45/0x100
[  605.881095][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881128][T19627]  ? __init_waitqueue_head+0xa9/0x150
[  605.881169][T19627]  __lookup_slow+0x297/0x3d0
[  605.881203][T19627]  ? __pfx___lookup_slow+0x10/0x10
[  605.881242][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881270][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881306][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881334][T19627]  ? down_read+0x1ad/0x2e0
[  605.881362][T19627]  lookup_slow+0x53/0x70
[  605.881394][T19627]  walk_component+0x2d2/0x400
[  605.881420][T19627]  ? path_lookupat+0x156/0x430
[  605.881450][T19627]  path_lookupat+0x163/0x430
[  605.881487][T19627]  filename_lookup+0x212/0x570
[  605.881513][T19627]  ? path_setxattrat+0x2ac/0x3a0
[  605.881542][T19627]  ? __x64_sys_lsetxattr+0xbf/0xe0
[  605.881573][T19627]  ? __pfx_filename_lookup+0x10/0x10
[  605.881644][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881685][T19627]  filename_setxattr+0xb6/0x600
[  605.881722][T19627]  ? __pfx_filename_setxattr+0x10/0x10
[  605.881750][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881777][T19627]  ? getname_flags+0x1e5/0x540
[  605.881809][T19627]  path_setxattrat+0x364/0x3a0
[  605.881850][T19627]  ? __pfx_path_setxattrat+0x10/0x10
[  605.881878][T19627]  ? do_futex+0x333/0x420
[  605.881948][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.881986][T19627]  __x64_sys_lsetxattr+0xbf/0xe0
[  605.882016][T19627]  do_syscall_64+0xfa/0xfa0
[  605.882052][T19627]  ? lockdep_hardirqs_on+0x9c/0x150
[  605.882086][T19627]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.882110][T19627]  ? srso_alias_return_thunk+0x5/0xfbef5
[  605.882137][T19627]  ? exc_page_fault+0xab/0x100
[  605.882176][T19627]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  605.882199][T19627] RIP: 0033:0x7ffa8858f6c9
[  605.882221][T19627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  605.882241][T19627] RSP: 002b:00007ffa894f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[  605.882267][T19627] RAX: ffffffffffffffda RBX: 00007ffa887e5fa0 RCX: 00007ffa8858f6c9
[  605.882285][T19627] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000200000000140
[  605.882303][T19627] RBP: 00007ffa88611f91 R08: 0000000000000000 R09: 0000000000000000
[  605.882318][T19627] R10: 000000000000fe37 R11: 0000000000000246 R12: 0000000000000000
[  605.882332][T19627] R13: 00007ffa887e6038 R14: 00007ffa887e5fa0 R15: 00007ffcff803e38
[  605.882373][T19627]  </TASK>
[  606.313023][    C1] vkms_vblank_simulate: vblank timer overrun
[  606.319329][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  606.457613][T19646] loop5: detected capacity change from 0 to 4096
[  606.876019][ T8110] ntfs3(loop5): ino=5, mi_enum_attr
[  607.042518][   T10] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  607.206204][   T10] usb 4-1: Using ep0 maxpacket: 32
[  607.226875][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.251800][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.312033][   T10] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  607.346834][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.386813][   T10] usb 4-1: config 0 descriptor??
[  607.910306][   T10] savu 0003:1E7D:2D5A.0034: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  608.129099][   T10] usb 4-1: USB disconnect, device number 20
[  608.367403][T19715] (syz.0.5197,19715,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  608.379007][ T5835] Bluetooth: hci4: command 0x0406 tx timeout
[  608.391842][T19717] loop5: detected capacity change from 0 to 64
[  608.428269][   T30] audit: type=1800 audit(1767713038.752:834): pid=19717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5198" name="file1" dev="loop5" ino=22 res=0 errno=0
[  608.448836][    C1] vkms_vblank_simulate: vblank timer overrun
[  608.449633][T19717] syz.5.5198: attempt to access beyond end of device
[  608.449633][T19717] loop5: rw=34817, sector=57, nr_sectors = 8 limit=64
[  608.767808][T19732] syz_tun: entered allmulticast mode
[  608.805905][T19732] dvmrp6: entered allmulticast mode
[  608.831500][T19731] syz_tun: left allmulticast mode
[  609.043078][T19745] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5209'.
[  609.442318][ T5992] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  609.612182][ T5992] usb 6-1: Using ep0 maxpacket: 8
[  609.620078][ T5992] usb 6-1: config index 0 descriptor too short (expected 30, got 18)
[  609.648156][ T5992] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  609.669553][T19763] syzkaller1: entered promiscuous mode
[  609.675396][ T5992] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.683922][T19763] syzkaller1: entered allmulticast mode
[  609.690142][ T5992] usb 6-1: Product: syz
[  609.697687][ T5992] usb 6-1: Manufacturer: syz
[  609.707299][ T5992] usb 6-1: SerialNumber: syz
[  609.731302][ T5992] usb 6-1: config 0 descriptor??
[  609.750774][ T5992] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  609.775137][ T5992] usb 6-1: setting power ON
[  609.785507][ T5992] dvb-usb: bulk message failed: -22 (2/0)
[  609.810493][ T5992] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  609.844554][ T5992] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  609.885366][ T5992] usb 6-1: media controller created
[  609.950381][T19753] dvb-usb: bulk message failed: -22 (3/0)
[  609.982632][T19753] dvb-usb: bulk message failed: -22 (4/0)
[  609.988397][T19753] cxusb: i2c read failed
[  609.993895][T19753] dvb-usb: bulk message failed: -22 (3/0)
[  609.999659][T19753] dvb-usb: bulk message failed: -22 (4/0)
[  610.005854][T19753] cxusb: i2c read failed
[  610.070154][ T5992] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  610.194442][ T5992] usb 6-1: selecting invalid altsetting 6
[  610.211677][ T5992] usb 6-1: digital interface selection failed (-22)
[  610.233858][ T5992] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  610.253201][ T5992] usb 6-1: setting power OFF
[  610.260984][ T5992] dvb-usb: bulk message failed: -22 (2/0)
[  610.276080][ T5992] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  610.291699][ T5992] (NULL device *): no alternate interface
[  610.357450][ T5992] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  610.397834][ T5992] usb 6-1: USB disconnect, device number 10
[  610.454314][ T5840] Bluetooth: hci4: command 0x0406 tx timeout
[  610.601546][T19772] can0: slcan on ptm0.
[  610.833727][T19769] can0 (unregistered): slcan off ptm0.
[  610.888084][T19782] netlink: 'syz.3.5226': attribute type 21 has an invalid length.
[  610.914993][T19782] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5226'.
[  610.959390][T19785] fuse: Bad value for 'fd'
[  611.236655][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.244663][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.252677][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.260538][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.268475][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.276379][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.284311][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.292404][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.300318][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.308245][T19792] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  611.826172][T19823] loop3: detected capacity change from 0 to 128
[  611.904878][T19823] syz.3.5245: attempt to access beyond end of device
[  611.904878][T19823] loop3: rw=2049, sector=129, nr_sectors = 8 limit=128
[  611.936380][T19823] syz.3.5245: attempt to access beyond end of device
[  611.936380][T19823] loop3: rw=2049, sector=145, nr_sectors = 13 limit=128
[  612.040933][T19833] sch_fq: defrate 19 ignored.
[  612.268157][T19841] sctp: [Deprecated]: syz.5.5253 (pid 19841) Use of int in max_burst socket option.
[  612.268157][T19841] Use struct sctp_assoc_value instead
[  612.283635][   T10] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  612.445618][   T10] usb 1-1: Using ep0 maxpacket: 16
[  612.462696][   T10] usb 1-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  612.499508][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  612.525621][   T10] usb 1-1: Product: syz
[  612.544428][   T10] usb 1-1: Manufacturer: syz
[  612.560190][   T10] usb 1-1: SerialNumber: syz
[  612.583957][   T10] usb 1-1: config 0 descriptor??
[  612.624714][   T10] ums-onetouch 1-1:0.0: USB Mass Storage device detected
[  612.783709][ T5932] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  612.890691][T14573] usb 1-1: USB disconnect, device number 24
[  612.955597][ T5932] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  612.972802][ T5932] usb 6-1: New USB device found, idVendor=050d, idProduct=3201, bcdDevice= 0.00
[  612.991169][ T5932] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.016105][ T5932] usb 6-1: config 0 descriptor??
[  613.032572][T19847] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  613.409232][T14573] IPVS: starting estimator thread 0...
[  613.470651][ T5932] belkin 0003:050D:3201.0035: unknown main item tag 0x0
[  613.485985][ T5932] belkin 0003:050D:3201.0035: unknown main item tag 0x0
[  613.499960][ T5932] belkin 0003:050D:3201.0035: item fetching failed at offset 2/3
[  613.515822][ T5932] belkin 0003:050D:3201.0035: parse failed
[  613.528158][ T5932] belkin 0003:050D:3201.0035: probe with driver belkin failed with error -22
[  613.538566][T19881] IPVS: using max 24 ests per chain, 57600 per kthread
[  613.700953][ T5992] usb 6-1: USB disconnect, device number 11
[  613.964309][T19895] netlink: 'syz.0.5276': attribute type 39 has an invalid length.
[  614.377331][T19887] loop9: detected capacity change from 0 to 32768
[  614.462325][T19887] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.5272 (19887)
[  614.538490][T19887] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  614.570705][T19887] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  614.739108][T19887] BTRFS info (device loop9): enabling ssd optimizations
[  614.778455][T19887] BTRFS info (device loop9): turning on async discard
[  614.823406][T19887] BTRFS info (device loop9): enabling free space tree
[  615.057126][T16088] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  615.860605][T19934] loop3: detected capacity change from 0 to 32768
[  615.908987][T19934] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  616.365829][T19988] loop9: detected capacity change from 0 to 512
[  616.387193][T19988] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  616.408230][T19988] EXT4-fs (loop9): invalid journal inode
[  616.433774][T19988] EXT4-fs (loop9): can't get journal size
[  616.451684][T19988] EXT4-fs (loop9): 1 truncate cleaned up
[  616.484052][T19988] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  616.507091][T19988] EXT4-fs warning (device loop9): verify_group_input:137: Cannot add at group 3 (only 1 groups)
[  616.547037][T15115] ocfs2: Unmounting device (7,3) on (node local)
[  616.704419][T16088] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.840544][T20004] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5317'.
[  617.326307][T20020] netlink: 104 bytes leftover after parsing attributes in process `syz.5.5326'.
[  617.579127][T20026] netlink: 'syz.6.5328': attribute type 11 has an invalid length.
[  617.732515][ T5992] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  617.916101][T20036] loop3: detected capacity change from 0 to 8192
[  617.926306][ T5992] usb 10-1: Using ep0 maxpacket: 16
[  617.955433][ T5992] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  617.985408][ T5992] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  618.012889][ T5992] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.032313][ T5992] usb 10-1: config 0 descriptor??
[  618.392877][T20057] loop3: detected capacity change from 0 to 8192
[  618.430115][T20064] netlink: 'syz.6.5344': attribute type 21 has an invalid length.
[  618.439942][T20064] netlink: 'syz.6.5344': attribute type 6 has an invalid length.
[  618.448749][T20064] netlink: 64 bytes leftover after parsing attributes in process `syz.6.5344'.
[  618.469182][ T5992] mcp2221 0003:04D8:00DD.0036: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.9-1/input0
[  618.488930][T20066] netlink: 'syz.6.5344': attribute type 21 has an invalid length.
[  618.499673][T20066] netlink: 'syz.6.5344': attribute type 6 has an invalid length.
[  618.508228][T20066] netlink: 64 bytes leftover after parsing attributes in process `syz.6.5344'.
[  618.670229][T15407] usb 10-1: USB disconnect, device number 11
[  618.695264][T20072] loop3: detected capacity change from 0 to 2048
[  618.710748][T20072] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  618.733846][   T30] audit: type=1800 audit(1767713051.078:835): pid=20072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.5348" name="file1" dev="loop3" ino=15 res=0 errno=0
[  618.780264][T15115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.911147][T20077] vivid-002: disconnect
[  618.918077][T20076] vivid-002: reconnect
[  619.075910][T20083] loop3: detected capacity change from 0 to 512
[  619.100697][T20083] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  619.124990][T20083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  619.138564][T20083] ext4 filesystem being mounted at /315/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  619.196618][T20083] Quota error (device loop3): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  619.210088][T20083] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  619.245124][T20083] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.5353: Failed to acquire dquot type 0
[  619.291431][T15115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  619.767494][T20117] Bluetooth: MGMT ver 1.23
[  619.833426][T20125] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  619.837237][T20125] 
@0Ù: renamed from bond_slave_1 (while UP)
[  620.377051][T15407] kernel write not supported for file /vcsa (pid: 15407 comm: kworker/1:0)
[  620.533012][T20151] program syz.5.5382 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  620.624572][T20157] netlink: 6032 bytes leftover after parsing attributes in process `syz.6.5384'.
[  620.726334][T20159] loop5: detected capacity change from 0 to 1024
[  620.757916][T20131] loop9: detected capacity change from 0 to 32768
[  620.829252][T20131] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  620.847531][T20159] hfsplus: xattr searching failed
[  620.874148][T20159] hfsplus: xattr searching failed
[  620.902812][T20159] hfsplus: xattr searching failed
[  620.930753][T20131] XFS (loop9): Ending clean mount
[  620.961589][T20131] XFS (loop9): Quotacheck needed: Please wait.
[  621.081305][T20131] XFS (loop9): Quotacheck: Done.
[  621.108118][T20182] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5391'.
[  621.205130][T16088] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  621.437991][T20192] loop5: detected capacity change from 0 to 4096
[  621.468480][T20193] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  621.514884][T20195] netlink: 'syz.0.5398': attribute type 1 has an invalid length.
[  621.594945][T20195] bond1: entered promiscuous mode
[  621.612501][T20195] 8021q: adding VLAN 0 to HW filter on device bond1
[  621.672890][T20199] 8021q: adding VLAN 0 to HW filter on device bond1
[  621.680312][T20199] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  621.762422][T20199] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  621.787234][T20199] bond1: (slave gre1): making interface the new active one
[  621.823053][T20199] gre1: entered promiscuous mode
[  621.830955][T20199] bond1: (slave gre1): Enslaving as an active interface with an up link
[  622.034367][T20218] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.5404'.
[  622.434461][   T30] audit: type=1326 audit(1767713054.778:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20240 comm="syz.3.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa8858f6c9 code=0x7ffc0000
[  622.488977][   T30] audit: type=1326 audit(1767713054.778:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20240 comm="syz.3.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa8858f6c9 code=0x7ffc0000
[  622.542169][   T30] audit: type=1326 audit(1767713054.778:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20240 comm="syz.3.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7ffa8858f6c9 code=0x7ffc0000
[  622.564851][   T30] audit: type=1326 audit(1767713054.778:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20240 comm="syz.3.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa8858f6c9 code=0x7ffc0000
[  622.588347][   T30] audit: type=1326 audit(1767713054.778:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20240 comm="syz.3.5414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa8858f6c9 code=0x7ffc0000
[  623.047859][T20271] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5428'.
[  623.082236][T14573] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  623.193154][ T5992] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  623.250361][T14573] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  623.271932][T14573] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  623.296106][T14573] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  623.318930][T14573] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  623.335913][T14573] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.351346][T14573] usb 3-1: config 0 descriptor??
[  623.370120][ T5992] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  623.384072][ T5992] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  623.397912][ T5992] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  623.423349][ T5992] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  623.474280][ T5992] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  623.494289][ T5992] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  623.523257][ T5992] usb 4-1: config 0 descriptor??
[  623.662337][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  623.769578][T20274] loop5: detected capacity change from 0 to 32768
[  623.790691][T14573] plantronics 0003:047F:FFFF.0037: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  623.872447][T20274] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  623.947205][ T5992] plantronics 0003:047F:FFFF.0038: ignoring exceeding usage max
[  623.965786][ T5992] plantronics 0003:047F:FFFF.0038: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  623.993375][T20304] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  624.045475][ T5992] usb 3-1: USB disconnect, device number 33
[  624.148395][   T10] usb 4-1: USB disconnect, device number 21
[  624.188428][T20274] XFS (loop5): Ending clean mount
[  624.241404][   T30] audit: type=1800 audit(1767713056.578:841): pid=20274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5429" name="file1" dev="loop5" ino=9286 res=0 errno=0
[  624.295889][   T30] audit: type=1800 audit(1767713056.628:842): pid=20274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.5429" name="file1" dev="loop5" ino=9286 res=0 errno=0
[  624.440771][T18007] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  624.645797][T15407] kernel read not supported for file /620/attr/prev (pid: 15407 comm: kworker/1:0)
[  625.159691][T20346] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.5459'.
[  625.592277][   T10] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  625.768009][   T10] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  625.794122][   T10] usb 3-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  625.813903][   T10] usb 3-1: Product: syz
[  625.818098][   T10] usb 3-1: Manufacturer: syz
[  625.854590][   T10] usb 3-1: SerialNumber: syz
[  625.892197][ T5904] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  625.895538][   T10] usb 3-1: config 0 descriptor??
[  625.946594][   T10] ch341 3-1:0.0: ch341-uart converter detected
[  626.072492][ T5904] usb 10-1: Using ep0 maxpacket: 16
[  626.085491][ T5904] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  626.097503][T15407] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  626.122172][ T5904] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  626.145080][ T5904] usb 10-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  626.154416][ T5904] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.172165][ T5904] usb 10-1: Product: syz
[  626.176674][ T5904] usb 10-1: Manufacturer: syz
[  626.181355][ T5904] usb 10-1: SerialNumber: syz
[  626.193054][ T5904] usb 10-1: config 0 descriptor??
[  626.206778][ T5904] em28xx 10-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  626.228403][ T5904] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class)
[  626.255072][   T30] audit: type=1326 audit(1767713058.598:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc63298f6c9 code=0x0
[  626.283329][ T5932] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  626.292474][T15407] usb 4-1: Using ep0 maxpacket: 16
[  626.300271][T15407] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  626.314229][T15407] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  626.325019][   T30] audit: type=1326 audit(1767713058.658:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63298f6c9 code=0x7ffc0000
[  626.347989][T15407] usb 4-1: config 0 interface 0 has no altsetting 0
[  626.355259][T15407] usb 4-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  626.365373][   T30] audit: type=1326 audit(1767713058.658:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63298f6c9 code=0x7ffc0000
[  626.388865][T15407] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  626.400920][   T30] audit: type=1326 audit(1767713058.658:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc6329c1f85 code=0x7ffc0000
[  626.440075][T15407] usb 4-1: config 0 descriptor??
[  626.452429][ T5932] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  626.463495][ T5932] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  626.473526][   T30] audit: type=1326 audit(1767713058.668:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc6329c1f85 code=0x7ffc0000
[  626.497706][ T5932] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  626.507589][ T5932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  626.516085][   T30] audit: type=1326 audit(1767713058.688:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc6329c1f85 code=0x7ffc0000
[  626.546189][   T30] audit: type=1326 audit(1767713058.698:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc6329c1f85 code=0x7ffc0000
[  626.551281][ T5932] usb 1-1: SerialNumber: syz
[  626.570861][   T30] audit: type=1326 audit(1767713058.708:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20379 comm="syz.6.5474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fc6329c1f85 code=0x7ffc0000
[  626.716683][T20385] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  626.827076][ T5932] usb 1-1: 0:2 : does not exist
[  626.850985][ T5904] em28xx 10-1:0.0: unknown em28xx chip ID (0)
[  626.872571][T15407] hid (null): invalid report_size 21303
[  626.878287][T15407] hid (null): unknown global tag 0xc
[  626.884810][ T5904] em28xx 10-1:0.0: Config register raw data: 0x13
[  626.904363][ T5932] usb 1-1: USB disconnect, device number 25
[  626.921065][T15407] cougar 0003:060B:500A.0039: usage count exceeds max: fixing up report descriptor
[  626.947324][T15407] cougar 0003:060B:500A.0039: unexpected long global item
[  626.956432][T15407] cougar 0003:060B:500A.0039: parse failed
[  626.965714][T15407] cougar 0003:060B:500A.0039: probe with driver cougar failed with error -22
[  626.976611][   T10] usb 3-1: failed to send control message: -71
[  626.983883][   T10] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  626.995179][   T10] usb 3-1: USB disconnect, device number 34
[  627.004689][   T10] ch341 3-1:0.0: device disconnected
[  627.074077][ T5904] em28xx 10-1:0.0: AC97 chip type couldn't be determined
[  627.082473][ T5904] em28xx 10-1:0.0: No AC97 audio processor
[  627.115086][ T5904] usb 10-1: USB disconnect, device number 12
[  627.139707][ T5904] em28xx 10-1:0.0: Disconnecting em28xx
[  627.150371][ T5932] usb 4-1: USB disconnect, device number 22
[  627.187230][ T5904] em28xx 10-1:0.0: Freeing device
[  629.757741][T20467] loop9: detected capacity change from 0 to 40427
[  629.812149][T20467] F2FS-fs (loop9): Invalid log_blocksize (268), supports only 12
[  629.819907][T20467] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  629.865495][T20467] F2FS-fs (loop9): invalid crc value
[  629.995092][ T5904] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  630.071604][T20520] sch_tbf: burst 19360 is lower than device lo mtu (65550) !
[  630.125992][T20467] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  630.178644][T20467] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  630.193645][ T5904] usb 6-1: Using ep0 maxpacket: 32
[  630.198748][T20467] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  630.214173][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  630.260800][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  630.276095][ T5904] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  630.293375][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.303691][   T30] kauditd_printk_skb: 258 callbacks suppressed
[  630.303710][   T30] audit: type=1800 audit(1767713062.648:1109): pid=20467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.5499" name="file1" dev="loop9" ino=10 res=0 errno=0
[  630.316750][T20528] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5528'.
[  630.334714][ T5904] usb 6-1: config 0 descriptor??
[  630.351127][T20531] loop3: detected capacity change from 0 to 1024
[  630.434236][T20531] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  630.508263][T20531] ext4 filesystem being mounted at /341/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  630.648217][T20531] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: block 3: comm syz.3.5527: lblock 3 mapped to illegal pblock 3 (length 1)
[  630.714490][T20531] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  630.745929][T20531] EXT4-fs (loop3): This should not happen!! Data will be lost
[  630.745929][T20531] 
[  630.773905][T20543] EXT4-fs error (device loop3): ext4_free_blocks:6706: comm syz.3.5527: Freeing blocks not in datazone - block = 3, count = 1
[  630.812376][ T5904] savu 0003:1E7D:2D5A.003A: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.5-1/input0
[  630.890418][T15115] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  631.065140][ T5992] usb 6-1: USB disconnect, device number 12
[  631.444469][T20567] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  631.486357][T20567] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  631.863917][T20570] loop9: detected capacity change from 0 to 32768
[  631.876673][T20579] loop5: detected capacity change from 0 to 512
[  631.876711][T20570] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  631.891451][T20570] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  631.910157][T20579] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  631.949112][T20570] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  631.963732][T15407] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  631.970513][T15407] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  631.984286][T20579] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  632.012641][T20579] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  632.149332][T15407] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 178ms
[  632.173099][T15407] gfs2: fsid=syz:syz.0: jid=0: Done
[  632.178357][T20570] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  632.290929][T18007] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.302812][ T5904] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  632.513542][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  632.542997][ T5904] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  632.562166][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  632.603226][ T5904] usb 4-1: config 0 descriptor??
[  632.778923][T20610] can0: slcan on ttyS3.
[  632.897674][T20619] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5564'.
[  632.916878][T20610] can0 (unregistered): slcan off ttyS3.
[  633.064556][ T5904] lenovo 0003:17EF:6047.003B: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[  633.133729][T20633] __vm_enough_memory: pid: 20633, comm: syz.2.5569, bytes: 58640763363328 not enough memory for the allocation
[  634.123294][T20653] syzkaller1: entered promiscuous mode
[  634.169318][T20653] syzkaller1: entered allmulticast mode
[  634.265242][ T5904] lenovo 0003:17EF:6047.003B: Fn-lock setting failed: -71
[  634.289778][ T5904] lenovo 0003:17EF:6047.003B: Sensitivity setting failed: -71
[  634.300642][ T5904] usb 4-1: USB disconnect, device number 23
[  634.485838][T20640] loop9: detected capacity change from 0 to 131072
[  634.502992][T20640] F2FS-fs (loop9): invalid crc value
[  634.625307][T20640] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  634.652728][T20640] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e4
[  634.842426][ T5904] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  635.023956][ T5904] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  635.065969][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  635.097664][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  635.118114][ T5904] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  635.146273][ T5904] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  635.167295][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.203083][ T5904] usb 4-1: config 0 descriptor??
[  635.322730][T20684] loop5: detected capacity change from 0 to 1024
[  635.416034][T20684] hfsplus: request for non-existent node 3 in B*Tree
[  635.442158][T20684] hfsplus: request for non-existent node 3 in B*Tree
[  635.715931][ T5904] plantronics 0003:047F:FFFF.003C: ignoring exceeding usage max
[  635.814032][ T5904] plantronics 0003:047F:FFFF.003C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  636.912157][ T5904] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  637.112331][ T5904] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  637.154273][ T5904] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  637.204081][ T5904] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  637.234643][ T5904] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  637.263976][ T5904] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  637.278593][ T5904] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  637.300505][ T5904] usb 1-1: Manufacturer: syz
[  637.317428][ T5904] usb 1-1: config 0 descriptor??
[  637.719207][T20719] loop9: detected capacity change from 0 to 2048
[  637.741408][ T5904] appleir 0003:05AC:8243.003D: unknown main item tag 0x0
[  637.749041][T20719] UDF-fs: error (device loop9): udf_process_sequence: Primary Volume Descriptor not found!
[  637.786006][ T5904] appleir 0003:05AC:8243.003D: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  637.797708][T20719] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  637.917813][T15407] usb 4-1: USB disconnect, device number 24
[  637.928618][T20727] netlink: 'syz.3.5607': attribute type 39 has an invalid length.
[  637.979368][   T43] usb 1-1: USB disconnect, device number 26
[  638.090785][T20733] netlink: 400 bytes leftover after parsing attributes in process `syz.2.5609'.
[  638.546339][T20756] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.5621'.
[  638.982172][   T43] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  639.022345][T14573] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  639.132178][   T43] usb 10-1: Using ep0 maxpacket: 16
[  639.148197][   T43] usb 10-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  639.166405][   T43] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.182196][T14573] usb 6-1: Using ep0 maxpacket: 8
[  639.184265][   T43] usb 10-1: Product: syz
[  639.191820][   T43] usb 10-1: Manufacturer: syz
[  639.192919][T14573] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  639.196600][   T43] usb 10-1: SerialNumber: syz
[  639.212987][T14573] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  639.235339][   T43] usb 10-1: config 0 descriptor??
[  639.246818][T14573] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  639.256425][   T43] ums-onetouch 10-1:0.0: USB Mass Storage device detected
[  639.267051][T14573] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  639.297646][T14573] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  639.335207][T14573] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  639.422717][T15407] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  639.568167][   T43] usb 10-1: USB disconnect, device number 13
[  639.581902][T14573] usb 6-1: GET_CAPABILITIES returned 0
[  639.592334][T15407] usb 3-1: Using ep0 maxpacket: 8
[  639.599829][T15407] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  639.608469][T14573] usbtmc 6-1:16.0: can't read capabilities
[  639.622529][T15407] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  639.658434][T15407] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  639.667378][T15407] usb 3-1: Product: syz
[  639.682554][T15407] usb 3-1: Manufacturer: syz
[  639.687180][T15407] usb 3-1: SerialNumber: syz
[  639.704854][T15407] usb 3-1: config 0 descriptor??
[  639.735022][T15407] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  639.747840][T15407] usb 3-1: setting power ON
[  639.769718][T15407] dvb-usb: bulk message failed: -22 (2/0)
[  639.778974][T15407] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  639.790397][T15407] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  639.799144][T15407] usb 3-1: media controller created
[  639.808504][   T10] usb 6-1: USB disconnect, device number 13
[  639.851439][T15407] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  639.912731][T15407] usb 3-1: selecting invalid altsetting 6
[  639.931325][T15407] usb 3-1: digital interface selection failed (-22)
[  639.938741][T15407] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  639.955111][T20785] dvb-usb: bulk message failed: -22 (3/0)
[  639.961707][T20785] dvb-usb: bulk message failed: -22 (4/0)
[  639.968140][T20785] cxusb: i2c read failed
[  639.975074][T15407] usb 3-1: setting power OFF
[  639.979701][T15407] dvb-usb: bulk message failed: -22 (2/0)
[  639.985620][T15407] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  639.998922][T20785] dvb-usb: bulk message failed: -22 (3/0)
[  640.005001][T15407] (NULL device *): no alternate interface
[  640.006651][T20785] dvb-usb: bulk message failed: -22 (4/0)
[  640.032313][T20785] cxusb: i2c read failed
[  640.056837][T15407] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  640.070055][T15407] usb 3-1: USB disconnect, device number 35
[  640.283598][T20808] loop9: detected capacity change from 0 to 2048
[  640.302412][T20808] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  640.441697][T20815] sctp: [Deprecated]: syz.3.5643 (pid 20815) Use of int in max_burst socket option.
[  640.441697][T20815] Use struct sctp_assoc_value instead
[  640.495691][    C1] ------------[ cut here ]------------
[  640.501178][    C1] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[  640.512384][    C1] WARNING: CPU: 1 PID: 15115 at net/mac80211/rate.c:406 __rate_control_send_low+0x5e2/0x820
[  640.522514][    C1] Modules linked in:
[  640.526430][    C1] CPU: 1 UID: 0 PID: 15115 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  640.536024][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  640.546137][    C1] RIP: 0010:__rate_control_send_low+0x5e2/0x820
[  640.552435][    C1] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 c0 89 89 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 2f a0 c5 f6 90 <0f> 0b 90 90 e9 70 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[  640.572088][    C1] RSP: 0018:ffffc90000a08538 EFLAGS: 00010246
[  640.578180][    C1] RAX: 09f79826aeae1600 RBX: 000000000000000c RCX: ffff88807df7dac0
[  640.586210][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  640.594224][    C1] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  640.602236][    C1] R10: dffffc0000000000 R11: fffffbfff1bba684 R12: ffff88802872f168
[  640.610224][    C1] R13: 0000000000000000 R14: ffff888052628e80 R15: ffff88805262b138
[  640.618242][    C1] FS:  000055556994e500(0000) GS:ffff88812623b000(0000) knlGS:0000000000000000
[  640.627219][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  640.633845][    C1] CR2: 00007ffa887b12f8 CR3: 0000000066d6d000 CR4: 0000000000350ef0
[  640.641826][    C1] Call Trace:
[  640.645143][    C1]  <IRQ>
[  640.648008][    C1]  rate_control_send_low+0x1a7/0x7b0
[  640.653353][    C1]  rate_control_get_rate+0x20b/0x5d0
[  640.658673][    C1]  ieee80211_beacon_get_finish+0x39a/0x6c0
[  640.664532][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.670202][    C1]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[  640.676598][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  640.682002][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  640.687782][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.693471][    C1]  ieee80211_beacon_get_ap+0x1868/0x1f30
[  640.699158][    C1]  ? __pfx_ieee80211_beacon_get_ap+0x10/0x10
[  640.705214][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.710887][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.716585][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.722270][    C1]  ? __ieee80211_beacon_get+0x36/0x1880
[  640.727839][    C1]  __ieee80211_beacon_get+0x118e/0x1880
[  640.733452][    C1]  ? __ieee80211_beacon_get+0x36/0x1880
[  640.739042][    C1]  ieee80211_beacon_get_tim+0xb4/0x2b0
[  640.744579][    C1]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  640.750697][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.756406][    C1]  mac80211_hwsim_beacon_tx+0x3ce/0x860
[  640.761991][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.767691][    C1]  __iterate_interfaces+0x2ab/0x590
[  640.772952][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  640.779133][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  640.786395][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  640.792538][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  640.799589][    C1]  mac80211_hwsim_beacon+0xbb/0x180
[  640.804845][    C1]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  640.810678][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  640.815926][    C1]  ? ktime_get_update_offsets_now+0x67/0x3d0
[  640.821941][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.827741][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  640.833499][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.839135][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  640.844974][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  640.850096][    C1]  handle_softirqs+0x286/0x870
[  640.854906][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  640.859674][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  640.864995][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.870626][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  640.875861][    C1]  __irq_exit_rcu+0xca/0x1f0
[  640.880456][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  640.885694][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.891332][    C1]  irq_exit_rcu+0x9/0x30
[  640.895598][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  640.901235][    C1]  </IRQ>
[  640.904179][    C1]  <TASK>
[  640.907110][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  640.913126][    C1] RIP: 0010:rcu_is_watching+0x3a/0xb0
[  640.918511][    C1] Code: e8 db 4b a0 09 89 c3 83 f8 08 73 65 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd d0 dd 92 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 2c 76 7f 00 48 c7 c3 d8 7f 6f 92 49 03 1e 48 89
[  640.938152][    C1] RSP: 0018:ffffc9000fab7878 EFLAGS: 00000246
[  640.944288][    C1] RAX: 1ffffffff1b25bbb RBX: 0000000000000001 RCX: 09f79826aeae1600
[  640.952295][    C1] RDX: ffffffff9001e900 RSI: ffffffff8bbf08c0 RDI: ffffffff8bbf0880
[  640.960265][    C1] RBP: dffffc0000000000 R08: 0000000000000022 R09: ffffffff81738c45
[  640.968269][    C1] R10: dffffc0000000000 R11: ffffffff81ac2e10 R12: 00007ffcff8041a0
[  640.976302][    C1] R13: ffffc9000fab0000 R14: ffffffff8d92ddd8 R15: dffffc0000000000
[  640.984342][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  640.990504][    C1]  ? unwind_next_frame+0xa5/0x2390
[  640.995653][    C1]  ? rcu_is_watching+0x15/0xb0
[  641.000507][    C1]  ? unwind_next_frame+0xa5/0x2390
[  641.005661][    C1]  unwind_next_frame+0x1965/0x2390
[  641.010803][    C1]  ? unwind_next_frame+0xa5/0x2390
[  641.015952][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.022032][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  641.028233][    C1]  arch_stack_walk+0x11c/0x150
[  641.033030][    C1]  stack_trace_save+0x9c/0xe0
[  641.037707][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  641.043107][    C1]  ? kasan_save_track+0x4f/0x80
[  641.047961][    C1]  ? kasan_save_track+0x3e/0x80
[  641.052850][    C1]  ? __kasan_save_free_info+0x46/0x50
[  641.058226][    C1]  kasan_save_track+0x3e/0x80
[  641.062930][    C1]  ? kasan_save_track+0x3e/0x80
[  641.067793][    C1]  ? __kasan_save_free_info+0x46/0x50
[  641.073189][    C1]  ? __kasan_slab_free+0x5c/0x80
[  641.078145][    C1]  ? kmem_cache_free+0x19b/0x690
[  641.083105][    C1]  ? __fput+0x6c2/0xa70
[  641.087257][    C1]  ? fput_close_sync+0x119/0x200
[  641.092220][    C1]  ? __x64_sys_close+0x7f/0x110
[  641.097089][    C1]  ? do_syscall_64+0xfa/0xfa0
[  641.101769][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.107901][    C1]  ? __fput+0x6c2/0xa70
[  641.112085][    C1]  __kasan_save_free_info+0x46/0x50
[  641.117294][    C1]  __kasan_slab_free+0x5c/0x80
[  641.122090][    C1]  kmem_cache_free+0x19b/0x690
[  641.126871][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.132524][    C1]  ? apparmor_file_free_security+0xc4/0xf0
[  641.138375][    C1]  __fput+0x6c2/0xa70
[  641.142396][    C1]  fput_close_sync+0x119/0x200
[  641.147329][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.152980][    C1]  ? dnotify_flush+0x1db/0x5e0
[  641.157741][    C1]  ? __pfx_fput_close_sync+0x10/0x10
[  641.163044][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.168670][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  641.173899][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.179537][    C1]  __x64_sys_close+0x7f/0x110
[  641.184239][    C1]  do_syscall_64+0xfa/0xfa0
[  641.188744][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  641.193984][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.200044][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.205694][    C1]  ? exc_page_fault+0xab/0x100
[  641.210467][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.216415][    C1] RIP: 0033:0x7ffa8858e32a
[  641.220820][    C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24
[  641.240446][    C1] RSP: 002b:00007ffcff8041a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  641.248909][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ffa8858e32a
[  641.256910][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  641.264901][    C1] RBP: 00007ffcff8041fc R08: 00007ffcff803b1c R09: 00007ffcff803f07
[  641.272914][    C1] R10: 00007ffcff803b70 R11: 0000000000000293 R12: 0000000000000166
[  641.280900][    C1] R13: 00000000000927c0 R14: 000000000009c5b6 R15: 00007ffcff804250
[  641.288936][    C1]  </TASK>
[  641.291962][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  641.299240][    C1] CPU: 1 UID: 0 PID: 15115 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  641.308781][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  641.318832][    C1] Call Trace:
[  641.322113][    C1]  <IRQ>
[  641.324953][    C1]  dump_stack_lvl+0x99/0x250
[  641.329547][    C1]  ? __asan_memcpy+0x40/0x70
[  641.334144][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  641.339349][    C1]  ? __pfx__printk+0x10/0x10
[  641.343940][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.349575][    C1]  vpanic+0x237/0x6d0
[  641.353569][    C1]  ? __pfx_vpanic+0x10/0x10
[  641.358085][    C1]  panic+0xb9/0xc0
[  641.361809][    C1]  ? __pfx_panic+0x10/0x10
[  641.366253][    C1]  __warn+0x31b/0x4b0
[  641.370237][    C1]  ? __rate_control_send_low+0x5e2/0x820
[  641.375873][    C1]  ? __rate_control_send_low+0x5e2/0x820
[  641.381503][    C1]  report_bug+0x2be/0x4f0
[  641.385838][    C1]  ? __rate_control_send_low+0x5e2/0x820
[  641.391468][    C1]  ? __rate_control_send_low+0x5e2/0x820
[  641.397098][    C1]  ? __rate_control_send_low+0x5e4/0x820
[  641.402732][    C1]  handle_bug+0x84/0x160
[  641.406971][    C1]  exc_invalid_op+0x1a/0x50
[  641.411471][    C1]  asm_exc_invalid_op+0x1a/0x20
[  641.416313][    C1] RIP: 0010:__rate_control_send_low+0x5e2/0x820
[  641.422644][    C1] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 c0 89 89 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 2f a0 c5 f6 90 <0f> 0b 90 90 e9 70 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[  641.442252][    C1] RSP: 0018:ffffc90000a08538 EFLAGS: 00010246
[  641.448321][    C1] RAX: 09f79826aeae1600 RBX: 000000000000000c RCX: ffff88807df7dac0
[  641.456286][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000002
[  641.464246][    C1] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  641.472212][    C1] R10: dffffc0000000000 R11: fffffbfff1bba684 R12: ffff88802872f168
[  641.480186][    C1] R13: 0000000000000000 R14: ffff888052628e80 R15: ffff88805262b138
[  641.488180][    C1]  ? __rate_control_send_low+0x5e1/0x820
[  641.493834][    C1]  rate_control_send_low+0x1a7/0x7b0
[  641.499123][    C1]  rate_control_get_rate+0x20b/0x5d0
[  641.504413][    C1]  ieee80211_beacon_get_finish+0x39a/0x6c0
[  641.510228][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.515869][    C1]  ? __pfx_ieee80211_beacon_get_finish+0x10/0x10
[  641.522202][    C1]  ? __local_bh_enable_ip+0x12d/0x1c0
[  641.527583][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  641.533315][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.538967][    C1]  ieee80211_beacon_get_ap+0x1868/0x1f30
[  641.544638][    C1]  ? __pfx_ieee80211_beacon_get_ap+0x10/0x10
[  641.550640][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.556271][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.561910][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.567548][    C1]  ? __ieee80211_beacon_get+0x36/0x1880
[  641.573096][    C1]  __ieee80211_beacon_get+0x118e/0x1880
[  641.578648][    C1]  ? __ieee80211_beacon_get+0x36/0x1880
[  641.584206][    C1]  ieee80211_beacon_get_tim+0xb4/0x2b0
[  641.589670][    C1]  ? __pfx_ieee80211_beacon_get_tim+0x10/0x10
[  641.595739][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.601546][    C1]  mac80211_hwsim_beacon_tx+0x3ce/0x860
[  641.607098][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.612740][    C1]  __iterate_interfaces+0x2ab/0x590
[  641.617935][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  641.624018][    C1]  ? ieee80211_iterate_active_interfaces_atomic+0x2a/0x180
[  641.631215][    C1]  ? __pfx_mac80211_hwsim_beacon_tx+0x10/0x10
[  641.637285][    C1]  ieee80211_iterate_active_interfaces_atomic+0xdb/0x180
[  641.644316][    C1]  mac80211_hwsim_beacon+0xbb/0x180
[  641.649514][    C1]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  641.655313][    C1]  __hrtimer_run_queues+0x52c/0xc60
[  641.660508][    C1]  ? ktime_get_update_offsets_now+0x67/0x3d0
[  641.666493][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.672146][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  641.677869][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.683517][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  641.689329][    C1]  hrtimer_run_softirq+0x187/0x2b0
[  641.694530][    C1]  handle_softirqs+0x286/0x870
[  641.699296][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  641.704198][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  641.709485][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.715114][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  641.720317][    C1]  __irq_exit_rcu+0xca/0x1f0
[  641.724901][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  641.730111][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.735740][    C1]  irq_exit_rcu+0x9/0x30
[  641.740066][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  641.745797][    C1]  </IRQ>
[  641.748712][    C1]  <TASK>
[  641.751644][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  641.757619][    C1] RIP: 0010:rcu_is_watching+0x3a/0xb0
[  641.763096][    C1] Code: e8 db 4b a0 09 89 c3 83 f8 08 73 65 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd d0 dd 92 8d 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 2c 76 7f 00 48 c7 c3 d8 7f 6f 92 49 03 1e 48 89
[  641.782741][    C1] RSP: 0018:ffffc9000fab7878 EFLAGS: 00000246
[  641.788905][    C1] RAX: 1ffffffff1b25bbb RBX: 0000000000000001 RCX: 09f79826aeae1600
[  641.796873][    C1] RDX: ffffffff9001e900 RSI: ffffffff8bbf08c0 RDI: ffffffff8bbf0880
[  641.804841][    C1] RBP: dffffc0000000000 R08: 0000000000000022 R09: ffffffff81738c45
[  641.812821][    C1] R10: dffffc0000000000 R11: ffffffff81ac2e10 R12: 00007ffcff8041a0
[  641.820785][    C1] R13: ffffc9000fab0000 R14: ffffffff8d92ddd8 R15: dffffc0000000000
[  641.828754][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  641.834912][    C1]  ? unwind_next_frame+0xa5/0x2390
[  641.840121][    C1]  ? rcu_is_watching+0x15/0xb0
[  641.844879][    C1]  ? unwind_next_frame+0xa5/0x2390
[  641.849985][    C1]  unwind_next_frame+0x1965/0x2390
[  641.855110][    C1]  ? unwind_next_frame+0xa5/0x2390
[  641.860222][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.866281][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  641.872433][    C1]  arch_stack_walk+0x11c/0x150
[  641.877204][    C1]  stack_trace_save+0x9c/0xe0
[  641.881884][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  641.887349][    C1]  ? kasan_save_track+0x4f/0x80
[  641.892203][    C1]  ? kasan_save_track+0x3e/0x80
[  641.897061][    C1]  ? __kasan_save_free_info+0x46/0x50
[  641.902442][    C1]  kasan_save_track+0x3e/0x80
[  641.907118][    C1]  ? kasan_save_track+0x3e/0x80
[  641.911965][    C1]  ? __kasan_save_free_info+0x46/0x50
[  641.917329][    C1]  ? __kasan_slab_free+0x5c/0x80
[  641.922266][    C1]  ? kmem_cache_free+0x19b/0x690
[  641.927205][    C1]  ? __fput+0x6c2/0xa70
[  641.931364][    C1]  ? fput_close_sync+0x119/0x200
[  641.936307][    C1]  ? __x64_sys_close+0x7f/0x110
[  641.941152][    C1]  ? do_syscall_64+0xfa/0xfa0
[  641.945920][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.952025][    C1]  ? __fput+0x6c2/0xa70
[  641.956176][    C1]  __kasan_save_free_info+0x46/0x50
[  641.961370][    C1]  __kasan_slab_free+0x5c/0x80
[  641.966136][    C1]  kmem_cache_free+0x19b/0x690
[  641.970899][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.976611][    C1]  ? apparmor_file_free_security+0xc4/0xf0
[  641.982428][    C1]  __fput+0x6c2/0xa70
[  641.986416][    C1]  fput_close_sync+0x119/0x200
[  641.991176][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  641.996801][    C1]  ? dnotify_flush+0x1db/0x5e0
[  642.001650][    C1]  ? __pfx_fput_close_sync+0x10/0x10
[  642.006927][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  642.012639][    C1]  ? do_raw_spin_unlock+0x122/0x240
[  642.017845][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  642.023475][    C1]  __x64_sys_close+0x7f/0x110
[  642.028152][    C1]  do_syscall_64+0xfa/0xfa0
[  642.032733][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  642.037929][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.043982][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  642.049606][    C1]  ? exc_page_fault+0xab/0x100
[  642.054373][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.060276][    C1] RIP: 0033:0x7ffa8858e32a
[  642.064791][    C1] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24
[  642.084488][    C1] RSP: 002b:00007ffcff8041a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  642.092912][    C1] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007ffa8858e32a
[  642.100879][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  642.108844][    C1] RBP: 00007ffcff8041fc R08: 00007ffcff803b1c R09: 00007ffcff803f07
[  642.116810][    C1] R10: 00007ffcff803b70 R11: 0000000000000293 R12: 0000000000000166
[  642.124861][    C1] R13: 00000000000927c0 R14: 000000000009c5b6 R15: 00007ffcff804250
[  642.132848][    C1]  </TASK>
[  642.136080][    C1] Kernel Offset: disabled
[  642.140401][    C1] Rebooting in 86400 seconds..