last executing test programs:

5m34.334986987s ago: executing program 2 (id=536):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5m34.024797971s ago: executing program 2 (id=538):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0)

5m31.883015442s ago: executing program 2 (id=541):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0xffc0, 0x78, 0x2, 0xfff}]})
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x7, 0xf6, 0x9, 0x3, 0x7f, 0x2, 0x3, 0x9, 0x8, 0x3, 0x7, 0x7a, 0x1}, 0xe)
sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r2, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000004c0)=""/53, 0x35}], 0x1, 0x0, 0x0, 0x18}}], 0x1, 0x0, 0x0)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
r4 = socket(0x2, 0x1, 0x0)
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
sendmsg$NL80211_CMD_DEL_TX_TS(r4, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x30, 0x0, 0x10, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x804)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={0x0, 0x4000, 0x800, 0x3, 0x2}, 0x20)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000003c0)={r1, 0x9}, 0xc)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = openat(0xffffffffffffff9c, 0x0, 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
accept4$ax25(r7, &(0x7f00000001c0)={{0x3, @default}, [@rose, @remote, @remote, @bcast, @bcast, @remote, @default]}, &(0x7f0000000240)=0x48, 0x800)

5m27.240877328s ago: executing program 2 (id=543):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004"], 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b800000019000100000000f7ffffff00e0", @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000700000000000000000000000000000000000000000000000200000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000ffff"], 0xb8}}, 0x4004)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x54}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x11, &(0x7f0000000540)=0x8, 0x4)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c000280050001"], 0xa8}}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000", @ANYBLOB="08002700851600000a001800000000000000"], 0x4c}}, 0x4000804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

5m26.919743422s ago: executing program 2 (id=545):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1447ad1ad83700398d1c7d7982b", 0x14, 0xfffffffffffffffe)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYRES32=0x41424344], 0x0)
r0 = add_key$user(0x0, &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504", @ANYBLOB="ebffffffffffffff280012800b"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xffffffffffffff02, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

5m26.131281184s ago: executing program 2 (id=549):
bind$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0)
listen(r0, 0x40000000)

5m10.88655541s ago: executing program 32 (id=549):
bind$l2tp6(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0)
listen(r0, 0x40000000)

4m30.606164643s ago: executing program 4 (id=673):
set_mempolicy(0x2, &(0x7f0000000140)=0x8001, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f00000000c0)='./control\x00', 0x0)
close(r0)
r1 = inotify_init1(0x0)
fcntl$setstatus(r0, 0x4, 0x2c00)
gettid()
creat(0x0, 0x154)
fcntl$setsig(r1, 0xa, 0xe)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

4m29.081490934s ago: executing program 4 (id=678):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000020aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516", 0x5d}, {&(0x7f0000001d00)="0092e9a7e64c32c40a81fa0f64bd9906f29b6a0aa0e850e7eb26dd111c83b33cf6f3f5bfdf52e23faac8580b58c35613a51fec2e1500747c8a72eb20d3d6b9e4e75d266a5440ad6fa037d9055e6a4a6760575b9459419cfc252cb04e3a624aaaa02bf155303808bcb8ec989fd7db312bb9807d1efe0dab699418e3", 0x7b}], 0x2, 0x0, 0x0, 0x7400}, 0x40000)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

4m25.318437437s ago: executing program 4 (id=684):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f0000000040)=[{0xffc0, 0x78, 0x2, 0xfff}]})
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080)={0x7, 0xf6, 0x9, 0x3, 0x7f, 0x2, 0x3, 0x9, 0x8, 0x3, 0x7, 0x7a, 0x1}, 0xe)
sendto$inet6(r0, 0x0, 0x0, 0x80, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r2, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000004c0)=""/53, 0x35}], 0x1, 0x0, 0x0, 0x18}}], 0x1, 0x0, 0x0)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
r4 = socket(0x2, 0x1, 0x0)
ioctl$NBD_SET_SOCK(r3, 0xab00, r4)
sendmsg$NL80211_CMD_DEL_TX_TS(r4, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x30, 0x0, 0x10, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_TSID={0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x40010}, 0x804)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={0x0, 0x4000, 0x800, 0x3, 0x2}, 0x20)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000003c0)={r1, 0x9}, 0xc)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0xc4)
accept4$ax25(r7, &(0x7f00000001c0)={{0x3, @default}, [@rose, @remote, @remote, @bcast, @bcast, @remote, @default]}, 0x0, 0x800)

4m23.60739517s ago: executing program 4 (id=688):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
listen(r0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x60281, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x20240, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x20081e, &(0x7f0000000100), 0x1, 0x502, &(0x7f0000000a00)="$eJzs3c9vI1cdAPCvnV9OmjZp6QEQokspLGi1TuJto6oHKCeEUCVEjyBtQ+KNothxFDulCXvY/g9IVOIER/4Azj3xJyC4cYEDEj8iULMSSFPNeLzrzdob7yaxs/HnI41m3ryxv+/t7rzn+W7iF8DYuhYR9yJiOiI+iIiF/Hwh3+Ld9pZe99nR3fXjo7vrhUiS9/9VyOrTc9H1mtQL+XuWIuLH34/4WeHxuM2Dw+21Wq261y7OLrXqu0vNg8ObW/W1zepmdadSWV1ZXX771luVc+vra/Xp9sFE2sBv/yJt1nxe192Pc/T/JDP1IE5qMiJ+eAHBRmEi78/0qBvCMylGxCsR8Xp2/y/ERPa3CQBcZUmyEMlCdxkAuOqKWQ6sUCznuYD5KBbL5XYO79WYK9YazdaNO439nY12rmwxpop3tmrV5TxXuBhThbS8kh0/LFdOlG9FxMsR8cuZ2axcXm/UNkb5wQcAxtgLJ+b//860538A4IorjboBAMDQmf8BYPyY/wFg/Jj/AWD8mP8BYPyY/wFg/Jj/AWCs/Oi999ItOc6//3rjw4P97caHNzeqze1yfX+9vN7Y2y1vNhqb2Xf21E97v1qjsbvyZux/tPid3WZrqXlweLve2N9p3c6+1/t2dWoovQIAnuTl1z79cyEi7r0zm23RtZaDuRqutuJZXjx7fu0Ahm9i1A0ARsZqXzC+zvCMLz0AV0SPJXofUXrkcT+/OkmS5GKbBVyg61+S/4dx1ZX/91PAMGbk/2F8DZr/Py0/ADx/kqQw6Jr/MeiFAMDlJscP9Hm+fyXf/y7/z4Gfbpy84pOLbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbp31f8v5WuDzUSyWyxEvRsRiTBXubNWqyxHxUkT8aWZqJi2vjLjNAMBZFf9eyNf/ur7wxvzJ2unC/ZlsHxE///X7v/pordXa+2N6/t8Pzrc+yc9XRtF+AOA0nXk623c9yH92dHe9sw2zPf/4XkSU2vGPj6bj+EH8yZjM9qWYioi5/xTycluhK3dxFvc+jogv9up/IeazHEh75dOT8dPYLw41fvGR+MWsrr1P/yy+8NSRk4VzaD481z5Nx593e91/xbiW7Xvf/6VshDq7fPxL32r9OBsDH8bvjH8Tfca/a4PGePMPP2gfzT5e93HElycjOrGPu8afTvxCn/hvDBj/L1/56uv96pLfRFyP3vG7Yy216rtLzYPDm1v1tc3qZnWnUlldWV1++9ZblaUsR73Ufzb45zs3XupXl/Z/rk/80in9/8aA/f/t/z74ydeeEP9bX+8VvxivPiF+Oid+c8D4a3O/L/WrS+Nv9Ox/R//+3xgw/l//dvjYsuEAwOg0Dw6312q16t4wDzofJIYa1MEVOEj/1VyCZvQ8+O6wYk3HU70qSZ4pVr8R4zyybsBl0L7Xk+peRNwfdWMAAAAAAAAAAAAAAICehvEbS6PuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfX5wEAAP//90HVog==")
openat(0xffffffffffffff9c, 0x0, 0x107042, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, &(0x7f0000000040)={0x10004, 0xa, 0xc825, 0x10000000f, 0x2, 0xb, 0x28a7, 0x0, 0x6})
openat$ptmx(0xffffffffffffff9c, 0x0, 0x272500, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
syz_io_uring_setup(0x2be, 0x0, 0x0, 0x0)
ioctl$sock_bt_bnep_BNEPCONNDEL(0xffffffffffffffff, 0x400442c9, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x9, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3fe, 0x2, 0x3, 0x9, 0x8, 0x45ff, 0x7ffffffc}, 0x0, 0x0)

4m20.211220528s ago: executing program 4 (id=694):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1447ad1ad83700398", 0xf, 0xfffffffffffffffe)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xffffffffffffff02, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

4m19.777607554s ago: executing program 4 (id=696):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, 0x0, 0xcfa4)
write$cgroup_pressure(r2, &(0x7f0000000280)={'some', 0x20, 0x3ff, 0x20, 0x5}, 0x2f)

4m19.531026237s ago: executing program 33 (id=696):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r2, 0x0, 0xcfa4)
write$cgroup_pressure(r2, &(0x7f0000000280)={'some', 0x20, 0x3ff, 0x20, 0x5}, 0x2f)

15.651857202s ago: executing program 5 (id=1335):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(0xffffffffffffffff, 0x29, 0x37, 0x0, 0x0)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)

12.607030685s ago: executing program 5 (id=1341):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x1c, 0x0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000020aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516", 0x5d}, {&(0x7f0000001d00)="0092e9a7e64c32c40a81fa0f64bd9906f29b6a0aa0e850e7eb26dd111c83b33cf6f3f5bfdf52e23faac8580b58c35613a51fec2e1500747c8a72eb20d3d6b9e4e75d266a5440ad6fa037d9055e6a4a6760575b9459419cfc252cb04e3a624aaaa02bf155303808bcb8ec989fd7db312bb9807d1e", 0x74}], 0x2, 0x0, 0x0, 0x7400}, 0x40000)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

10.863511109s ago: executing program 1 (id=1343):
unshare(0x22020600)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = fsmount(0xffffffffffffffff, 0x1, 0x89)
openat$cgroup_pressure(r4, &(0x7f0000000200)='memory.pressure\x00', 0x2, 0x0)

10.323488257s ago: executing program 3 (id=1345):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r0, 0x0, 0x0)

10.184618159s ago: executing program 3 (id=1346):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x88f, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f0000000040)=0x4)
sched_setscheduler(0x0, 0x2, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10.12164409s ago: executing program 1 (id=1347):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
remap_file_pages(&(0x7f000057a000/0x1000)=nil, 0x1000, 0x0, 0x3fe, 0x1c0000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)

6.684458047s ago: executing program 1 (id=1354):
mmap(&(0x7f0000d59000/0x3000)=nil, 0x3000, 0xfffffffffffffff4, 0x20031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x0, 0xffffff7d, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
close(0x3)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r2 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x400)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))
syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0), 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x840)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(0xffffffffffffffff, 0xc01c64a3, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000300)={0x1, 0x0, 0x0, 0x7, 0x4, 0x4, 0x6ff})
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001380)=ANY=[@ANYBLOB="020a000007000000000000000000000005001a00", @ANYBLOB="0a813d5ac1740ecabefa47b0ed059b6beb94660011bd1cf4b0b51e649cf0688e78e8"], 0x38}}, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")

6.664760478s ago: executing program 5 (id=1355):
r0 = socket$kcm(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f00000000c0), 0x9)
openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=""/90, 0x5a}, 0x10100)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)

4.683429925s ago: executing program 1 (id=1357):
unshare(0x22020600)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = fsmount(0xffffffffffffffff, 0x1, 0x89)
openat$cgroup_pressure(r4, &(0x7f0000000200)='memory.pressure\x00', 0x2, 0x0)

4.483447178s ago: executing program 5 (id=1358):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
r1 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), 0x0, 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r1, r0, r0}, &(0x7f0000000180)=""/82, 0x52, &(0x7f00000000c0)={&(0x7f0000000100)={'sha384-generic\x00'}})
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback, 0x503}, 0x1c)

4.473651638s ago: executing program 6 (id=1359):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x47, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
creat(&(0x7f00000000c0)='./file1\x00', 0x4)
r0 = open(&(0x7f0000000380)='./file1\x00', 0x80142, 0x0)
ftruncate(r0, 0x2007ffb)

4.392236809s ago: executing program 3 (id=1360):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1447ad1ad83700398", 0xf, 0xfffffffffffffffe)
add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504", @ANYBLOB="ebffffffffffffff280012800b"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, &(0x7f00000000c0)=""/83, 0x53, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.322211384s ago: executing program 6 (id=1361):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d1, &(0x7f0000000440)="$eJzslj2v0lAYx//nlBQwGhNHFwdJ1MHSFjUuJLI4OZj4QhxMJFIJUsRAByEx6Cdwd3Nw9wuY6OqHMOiiC04615yXliOhCNwL3OQ+v4Sn/1POy9PnNP9TEARxbPn+7c8k/l39UQBwEiXk9f2f1qwPN/p/Lfx6+fnWzfqbh++/5CdOcdGccbz6+jkAn2oWonTsv6NL+noXPNX3wHFJ6zoYHK0fgeO+1gEYHmj91NA90d9xnrTDwHncC5tCuCJ4IvgiVObzm75maBr5MeP/wXDUaYRh0N+i+F/9pjWOqpGfuV8OVLauUT8PHJ7WFTDc0fo68kltVEmM5z+bm81vLX1+G9uuiEhljVFnTmVulQ1gszQAdlh7j1f6ld3mO5QhLEiR7OiOV9+BQO5IpLGG2GQvPt5QY5I78Vi1ZZ/TGRPG4xWXsLFR5VN/it8xXDD8SVnJW3nUlKPu8/JgOLrc7jZaQSt45vuVa+4V173ql6URqbjE/4rSn07M5l94JglsZuNFI4r6nopp21dxkeNy6X8cF8+rtnBTe27egqGZ/nF5ld7b+ZCZPUEQxP44ByY9WfpyIvRpAuNb9/YecyQIgiAIgiAIgiAI4mD8DQAA//80kEvd")
lstat(&(0x7f0000000280)='./file3\x00', &(0x7f0000000640))

3.264220735s ago: executing program 1 (id=1362):
syz_usb_connect(0x0, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="120100009880a420d00622065a3f010203010902240001000010000904a60002f4abe0000905020200020200000905820210"], 0x0)

3.263661315s ago: executing program 3 (id=1363):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x14, 0x30, 0x8, 0x71bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.005847288s ago: executing program 3 (id=1365):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xffffffffffffffff, 0x0, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x1c, 0x0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001c40)="d80000001c0081064e81f782db44b9040a1d08041100000000020aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516", 0x5d}, {&(0x7f0000001d00)="0092e9a7e64c32c40a81fa0f64bd9906f29b6a0aa0e850e7eb26dd111c83b33cf6f3f5bfdf52e23faac8580b58c35613a51fec2e1500747c8a72eb20d3d6b9e4e75d266a5440ad6fa037d9055e6a4a6760575b9459419cfc252cb04e3a624aaaa02bf155303808bcb8ec989fd7db312bb9807d1e", 0x74}], 0x2, 0x0, 0x0, 0x7400}, 0x40000)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

2.8743782s ago: executing program 6 (id=1367):
r0 = openat$dir(0xffffffffffffff9c, 0x0, 0x8880, 0x85)
lseek(r0, 0x101, 0x1)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f00000005c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESDEC=0x0, @ANYBLOB=',discard,\x00', @ANYRESDEC, @ANYRES16=r0, @ANYBLOB="b390fc4b51336f88fee19f4c3d2b26bd860138d1e3243b51df2539f9845a303cbbf29f76e2c26688d054b07eaad9e7cb19a36ef5a8e50b6683228a8403aca9ad8d3114fbabb04f515264006d588d7d49bae9a280e3e3f962c9aece93e790ed6f9c9bc835a7dfc76b44961f9f7f8e749f2d59cb356e21dd55810b92916da33fed4c06ac710abb73c21a8cea3204f6301c8ed1ff6c7939719bac51d7c9cee464b9a1cdf38fbb67ff89cf84208df4937fd71dd9ab6aaa934581b1837c9695c57ebde4e937f9df63d439668279664a3e3ba32c76119d07869215c9aa0f8aa277f3d2d745509fc8687d718a99e8a733efd895f52203370d000000000000f15e6c00b3000000000000bc7f55a6ee7c4b2c6f7a8b0a72e6b4b49d7b6757ce22c6201ea8c345a066c71484fc51f6f42726d6631c2ab583d10052d40a17cf3eda4e19bf4a8be1d395e5ffca76585f71ab766c58d7aa250e669374fbb4f03b6f54f1185f8acec38892", @ANYRES8=0x0, @ANYRESHEX, @ANYRES16, @ANYRES64=0x0], 0x81, 0x151a, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSEiyvku7/2fvr713//3V9/m+Pffvuhbrnue97/d+3nuueZ/nva6Zb3qOqteifu1mRCT+EPjrfylCiBghxDAhxDVCiEAIUSm+Uvyl4wUUpPyxJ2F/rgfTr3QH7Eri+edtPP+8jeeft/H88zaef97G88/beP55G8+fsbxs+5xi1/LKu+sKf/7v4Y89K/tD+P3/P0hu+clfbCx/fa9/I4Xnn7fx/PM2nn/exvPP23j+eRvP/z9frX9xjOeft/H8GcvLrvTnz/8frZhfX7Ir3cefuq7wtx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsTzinL9MCyH+a3+l+2KMMcYYY4wxxtifx+e/0h0wxhhjjDHGGGPs/zwQUiihRSDyifwiRhQQseIqESeuFgXFNSIirhXx4jpRSFwvCosioqgoJhJEcVFCGIHCChKhKClKiai4QZQWN4pEUUaUFeWEE+VFkrhJVBA3i4riFlFJ3Coqi9tEFVFVVBPVxe2ihrhD1BS1RG1xp6gj6op6or64SzQQd4uG4h7RSNwrGov7RBNxv2gqHhDNxIOiuXhItBAPi5biEdFKtBZtRFvR7n8r/wXRV7wo+on+IkUMEAPFS2KQGCyGiKFimHhZDBeviBHiVZEqRopR4jUxWrwuxog3xFgxTowXb4oJYqKYJCaLKWKqSBNviWnibTFdvCNmiJlilpgt0sUcMVe8K+aJ+WKBeE8sFO+LRWKxWCKWigzxgcgUy0SW+FAsFx+JbLFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHbxsdghdopdYrfYI/aKfeITsV98Kg6Iz0SO+PzfzD/7v+T3AgECJEjQoCEf5IMYiIFYiIU4iIOCUBAiEIF4iIdCUAgKQ2EoCkUhARKgBJQABAQCgpJQEqIQhdJQGhIhEcpCWXDgIAmSoALcDBWhIlSCSlAZKkMVqApVoTpUhxpQA2pCTagNtaEO1IF6UA/ugrvgbmgIDaERNILG0BiaQBNoCk2hGTSD5tAcWkALaAktoRW0gjbQBtpBO2gP7aEDdIBO0Ak6Q2foAl0gGZKhK3SFbtANukN36AE9oCf0hF7QG3rDC/ACvAgvQn+oIwfAQBgIg2AQDIGhMBRehuHwCrwCr0IqjIRR8Bq8Bq/DGDgDY2EcjIfxUENOhEkwGUhOhTRIg2kwDabDdJgBM2EmzIZ0mANzYS7Mg/kwH96DhfD+ufdhMSyGpZABGZAJyyALsmA5nIVsWAErYRWshjWwGtbBelgHG2ETbIQtsAW2wTb4GD6GnbATdsNu2At74RP4BD6FTyEVciAHDsJBOASH4DAchlzIhSNwBI7CUTgGx+A4HIcTcBJOwUk4DafhDJyFc3AOzsN5uADPJXzVfG+ZDalCXqKllvlkPhkjY2SsjJVxMk4WlAVlREZkvIyXhWQhWVgWlkVlUZkgE2QJWUKiREkylCVlSRmVUVlalpaJMlGWlWWlk04mySRZQVaQFWVFWUneKivL22QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUTeb9sKgfAEHhQXppMCzkSWspR0Eq2lm1kW/k6PCrbyzHQQXaUneTjchyMhS6yvUuWT8muchJ0k8/IyfCs7CGnQk/5vOwle8s+8gXZV3Zw/WR/OQMGyIFyNgySg+UQOVTOg7ry0sTqyVdlqhwpR8nX5FJ4XY6Rb8ixcpwcL9+UE+REOUlOllPkVJkm35LT5NtyunxHzpAz5Sw5W6bLOXKufFfOk/PlAvmeXCjfl4vkYrlELpUZ8gOZKZfJLPmhXC4/ktlyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8mO5Q+6Uu+RuuUfulfvkJ3K//FQekJ/JHPm5PCj/Ig/JL+Rh+aXMlV/JI/JreVR+I4/Jb+Vx+Z08IU/KU/J7eVr+IM/Is/Kc/FGelz/JC/JneVF6KRQoqZTSKlD5VH4VowqoWHWVilNXq4LqGhVR16p4dZ0qpK5XhVURVVQVUwmquCqhjEJlFalQlVSlVFTdoEqrG1WiKqPKqnLKqfIqSd2kKqibVUV1i6qkblWV1W2qiqqqqqnq6nZVQ92haqpaqra6U9VRdVU9VV/dpRqou1VDdY9qpO5VjdV9qom6XzVVD6hm6kHVXD2kWqiHVUv1iGqlWqs2qq1qpx5V7dVjqoPqqDqpx1Vn9YTqop5Uyeop1VU9rbqpZ1R39azqoZ5TPdXzqpfqrfqon9VF5VU/1V+lqAFqoHpJDVKD1RA1VA1TL6vh6hU1Qr2qUtVINUq9pkar19UY9YYaq8ap8epNNUFNVJPUZDVFTVVp6i01Tb2tpqt31Aw1U81Ss1W6mqOG/FppwX8j/+1/kD/il2ffprarj9UOtVPtUrvVHrVX7VP71H61Xx1QB1SOylEH1UF1SB1Sh9Vhlaty1RF1RB1VR9UxdUwdV8fVCXVS/ai+V6fVD+qMOqvOqh/VeXVeXfj1NRAatNRKax3ofDq/jtEFdKy+Ssfpq3VBfY2O6Gt1vL5OF9LX68K6iC6qi+kEXVyX0Eajtpp0qEvqUjqqb9Cl9Y06UZfRZXU57XR5naRv+sP5v9dfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZIepAfrIXqoHqZf1sP1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0eX1eX9AX9EV98dJlXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4PqgcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwQ1B6eDGIDEoE5QNygUuKB8kBTcFFYKbg4rBLUGl4NagcnBbUCWoGlQLqge3BzWCO4KaQa2gdnBnUCeoG9QL6gdVJ/71mvSeoFFwb9A4uC9oEtwfNA0eCJoFDwbNg4eCFsHDQcvgkaBV0DpoE7QN2v1b9e8KGgR3Bw2Df1bf+zNFHnP9TH+TYgaYgeYlM8gMNkPMUDPMvGyGm1fMCPOqSTUjzSjzmhltXjdjzBtmrBlnxps3zQQz0Uwyk80UM9WkmbfMNPO2mW7eMTPMTDPLzDbpZo6Za94188x8s8C8Zxaa980is9gsMUtNhvnAZJplJst8aJabj0y2WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu/nY7DA7zS6z2+wxe80+84nZbz41B8xnJsd8bg6av5hD5gtz2Hxpcs1X5oj52hw135hj5ltz3HxnTpiT5pT53pw2P5gz5qw5Z340581P5oL52Vw0/tLF/aW3d9SoMR/mwxiMwViMxTiMw4JYECMYwXiMx0JYCAtjYSyKRTEBE7AElsBLCAlLYkmMYhRLY2lMxEQsi2XRocMkTMIKWAErYkWshJWwMlbGKlgFq2E1vB1vxzvwDqyFtfBOvBPrYl2sj/WxATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsg22wHbbD9tgeO2AH7ISdsDN2xi7YBZMxGbtiV+yG3bA7dsce2AN7Yk/shb2wD/bBvtgX+2E/TMEUHIgDcRAOwiE4BIfhMByOw3EEjsBUTMVROApH42gcg2NwLI7D8fgmTsCJOAkn4xScimmYhtNwGk7H6TgDZ+AsnIXpmI5zcS7Ow3m4ABfgQlyIi3ARLsElmIEZmImZmIVZuByXYzZm40pciatxNa7Ftbge1+NG3IibcTNuxa24HbfjDtyBu3AX7sE9uA/34X7cjwfwAOZgDh7Eg3gID+FhPIy5mItH8AgexaN4DI/hcTyOJ/AEnsJTeBpP4xk8g+fwHJ7Hn/AC/owX0WOMlSLWXmXj7NW2oL3GxtgC9m/joraYTbDFbQlrbGFb5O9itNYm2jK2rC1nnS1vk+xNv4mr2Kq2mq1ub7c17B225m/iBvZu29DeYxvZe219e9ffxY3tfbaJfdg2tY/YZra1bW7b2hb2YdvSPmJb2da2jW1rO9snbBf7pE22T9mu9unfxJl2mV1vN9iNdpPdbz+15+yP9qj9xp63P9l+tr8dZl+2w+0rdoR91abakb+Jx9s37QQ70U6yk+0UO/U38Sw726bbOXaufdfOs/N/E2fYD+xCm2UX2cV2iV36S3yppyz7oV1uP7LZdoVdaVfZ1XaNXWvX/c9eV9ktdqvdZvfZT+wOu9PusrvtHrv3l/jSeRywn9kc+7k9Yr+2h+wX9rA9ZnPtV7/El87vmP3WHrff2RP2pD1lv7en7Q/2jD37y/lfOvfv7c/2ovVWEJAkRZoCykf5KYYKUCxdRXF0NRWkayhC11I8XUeF6HoqTEWoKBWjBCpOJcgQkiWikEpSKYrSDVSabqREKkNlqRw5Kk9JdBNVoJupIt1ClehWqky3URWqStWoOt1ONegOqkm1qDbdSXWoLtWj+nQXNaC7qSHdQ43oXmpM91ETup+a0gPUjB6k5vQQtaCHqSU9Qq2oNbWhttSOHqX29Bh1oI7UiR6nzvQEdaEnKZmeoq70NHWjZ6g7PUs96DnqSc9TL+pNfegF6ksvUj/qTyk0gAbSSzSIBtMQGkrD6GUaTq/QCHqVUmkkjaLXaDS9TmPoDRpL42g8vUkTaCJNosk0haZSGr1F0+htmk7v0AyaSbNoNqXTHJpL79I8mk8L6D1aSO/TIlpMS2gpZdAHlEnLKIs+pOX0EWXTClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttPHtIN20i7aTXtoL+2jT2g/fUoH6DPKoc/pIP2FDtEXdJi+pFz6io7Q13SUvqFj9C0dp+/oBJ2kU/Q9naYf6AydpXP0I52nn+gC/UwXyZMIIZShCnUYhPnC/GFMWCCMDa8K48Krw4LhNWEkvDaMD68LC4XXh4XDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCEuHN4aJYZmwbFgudGH5MCm8KawQ3hxWDG8JK4W3hpXD28IqYdXw4Xurh7eHNcI7wpphrbB2eGdYJ6wb1gvrh3eFDcK7w4bhPWGj8N6wYnhf2CS8P2waPhA2Cx8Mm4cPhS3Ch8OW4SNhq7B12CZsG7YLHw3bh4+FHcKOYafw8bBz+ETYJXwyTA6fCruGT//u8ZRwQDgwfCl8KfT+HrUkujSaEf0gmhldFs2KfhhdHv0omh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFuqtcnLvaFXTXuIi71sW761whd70r7Iq4oq6YS3DFXQlnHDrryIWupCvlou4GV9rd6BJdGVfWlXPOlXdJrq1r59q59u4x18F1dJ3c4+5x94R7wj3pnnRPua7uadfNPeO6u2ddD/ece84973q53q6Pe8H1dS+6fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3pct1X7oj72h1137hj7lt33H3nTriT7pT73p12P7gz7qw75350591P7oL72V103qVF3opMi7wdmR55JzIjMjMyKzI7kh6ZE5kbeTcyLzI/siDyXmRh5P3IosjiyJLI0khG5INIZmRZJCvyYWR55KNIdmRFZGVkVWR1ZE3E++I7Ql/Sl/JRf4Mv7W/0ib6ML+vLeefL+yR/k6/gb/YV/S2+kr/VV/a3+Sq+qq/mH/GtfGvfxrf17fyjvr1/zHfwHX0n/7jv7J/wXfyTPtk/5bv6p303/4zv7p/1Pfxzvqd/3vfyvX0f/4Lv61/0/Xx/n+IH+IH+JT/ID/ZD/FA/zL/sh/tX/Aj/qk/1I/0o/5of7V/3Y/wbfqwf58f7N/0EP9FP8pP9FD/Vp/m3/DT/tp/u3/Ez/Ew/y8/26X6On+vf9fP8fL/Av+cX+vf9Ir/YL/FLfYb/wGf6ZT7Lf+iX+498tl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wO/0uv9vv8Xv9Pv+J3+8/9Qf8Zz7Hf+4P+r/4Q/4Lf9h/6XP9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf5N9ZY4wxxhj7b9la+F8fH/APviZ/XZcMFEJcvbNY7t8eV0KIzb/WHSwTOkeEEE/17/ngf606dVJSUn59bLYSQanFQojI5fx84nK84pd/k0VHUeEf9jdY9j5Pv1M/eqsQsX+TEyMuxytEJ/HEL/Vv/if1H318fGbl8Fz8v6i/WIjEUpdzCojL8eX6Ff9J/SLtf6f/Al+kCdHhb3LixOX4cv0k8Zh4WiT/3SMZY4wxxhhjjLG/Giyrdf+9++dL9+cJ+nJOfnE5vnz/+Y/vzxljjDHGGGOMMXblPdu7z5OPJid37M6bP7wB+H+iDd7w5k/YXOmfTIwxxhhjjLE/2+WL/ivdCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnf93/hzYlf6HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLEr7X8EAAD//7MxObU=")
dup(0xffffffffffffffff)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth1_to_bond\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@bridge_getneigh={0x28, 0x1e, 0x3c964e403b131b43, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r5}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.687385927s ago: executing program 6 (id=1368):
r0 = socket$kcm(0xa, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f00000000c0), 0x9)
openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000ac0)=""/90, 0x5a}, 0x10100)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)

1.396594271s ago: executing program 0 (id=1369):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000600)={r2, r2, 0x0, 0x9, 0x9, 0xa, 0xee, 0x7, 0x3, 0x4, 0xd, 0xcf2})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000040)=[r5], 0x1, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xe154, 0x1000, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})

1.233965153s ago: executing program 0 (id=1370):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r0, 0x0, 0x0)

1.143476144s ago: executing program 5 (id=1371):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
fcntl$setstatus(r0, 0x4, 0xc00)

1.097319555s ago: executing program 0 (id=1372):
unshare(0x22020600)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r3, 0x541b, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
socket$nl_generic(0x10, 0x3, 0x10)
r4 = fsmount(0xffffffffffffffff, 0x1, 0x89)
openat$cgroup_pressure(r4, &(0x7f0000000200)='memory.pressure\x00', 0x2, 0x0)

1.017934616s ago: executing program 5 (id=1373):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x6f, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xd6bff5fd114a75ec)

1.013242986s ago: executing program 1 (id=1374):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x2f, 0x42, 0x40, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000240), 0x1003, r2, 0x0, 0xa00369a4}, 0x38)

625.822452ms ago: executing program 6 (id=1375):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x14, 0x30, 0x8, 0x71bd2a, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040800)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

471.760474ms ago: executing program 0 (id=1376):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
add_key(0x0, 0x0, &(0x7f0000000100)="305c0605e182d1447ad1ad837003", 0xe, 0xfffffffffffffffe)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504", @ANYBLOB="ebffffffffffffff280012800b"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xffffffffffffff02, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

357.002365ms ago: executing program 6 (id=1377):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000040)={0x0, 0x0, 0x8, 0x0, '\x00', [{0x8, 0x7, 0x0, 0x0, 0x3, 0x8}, {0x5, 0x5c, 0xa57f, 0x0, 0x1, 0x9}], ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c1)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
ptrace$getregset(0x4204, r0, 0x201, &(0x7f0000000000)={0x0, 0x300})

279.642416ms ago: executing program 3 (id=1378):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000003a000b000000000000000000040000e30300008004000980"], 0x1c}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)

139.486268ms ago: executing program 0 (id=1379):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="640000000206050000000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a300000000005000400004000000500050002000000050001000600000014000780080006400000000008001340"], 0x64}}, 0x0)

0s ago: executing program 0 (id=1380):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000640)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r0, 0xc03064b7, &(0x7f0000000600)={r2, r2, 0x0, 0x9, 0x9, 0xa, 0xee, 0x7, 0x3, 0x4, 0xd, 0xcf2})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000040)=[r5], 0x1, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x3, 0x67, 0xf4b, 0x1, 0x2, 0x5, 0x412f, 0xe154, 0x1000, 0x7f, 0x6, 0xffffffff, "fe1d00003413000000000020b42717e47f00"}})

kernel console output (not intermixed with test programs):

88.160534][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 82 @ nid 36
[   88.451743][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 79 @ nid 36
[   88.463078][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 78 @ nid 36
[   88.487979][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   88.522212][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 76 @ nid 36
[   88.596908][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   88.636706][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 75 @ nid 36
[   88.666996][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 74 @ nid 36
[   88.683969][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 72 @ nid 36
[   88.731297][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 71 @ nid 36
[   88.753430][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 70 @ nid 36
[   88.829099][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 63 @ nid 36
[   88.868098][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 61 @ nid 36
[   89.011768][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   89.104630][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 59 @ nid 36
[   89.136232][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   89.280482][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 58 @ nid 36
[   89.768354][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 56 @ nid 36
[   89.849740][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 54 @ nid 36
[   89.885605][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 50 @ nid 36
[   89.895547][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   89.911138][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 47 @ nid 36
[   89.936381][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   89.946417][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 46 @ nid 36
[   89.962537][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 45 @ nid 36
[   89.973642][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   89.990330][ T4421] 9pnet_virtio: no channels available for device syz
[   90.016436][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 43 @ nid 36
[   90.027941][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   90.037750][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 42 @ nid 36
[   90.063321][ T4423] loop3: detected capacity change from 0 to 8
[   90.082167][ T4423] squashfs: Unknown parameter 'dctcp'
[   90.090478][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   90.126886][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 41 @ nid 36
[   90.226781][ T4425] 9pnet_virtio: no channels available for device syz
[   90.274034][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   90.327067][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 40 @ nid 36
[   90.383344][ T4408] loop1: detected capacity change from 0 to 32768
[   90.407066][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 39 @ nid 36
[   90.527152][ T4408] XFS (loop1): Mounting V5 Filesystem
[   90.534273][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 38 @ nid 36
[   90.558002][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 36 @ nid 36
[   90.566229][ T4436] loop3: detected capacity change from 0 to 128
[   90.603860][ T4384] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[   90.613774][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 31 @ nid 36
[   90.623352][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 26 @ nid 36
[   90.632599][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 24 @ nid 36
[   90.642868][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 19 @ nid 36
[   90.652225][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 13 @ nid 36
[   90.661729][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 8 @ nid 36
[   90.671946][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 6 @ nid 36
[   90.688420][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 4 @ nid 36
[   90.735447][ T4384] erofs: (device loop2): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[   90.762675][ T4436] syz.3.27: attempt to access beyond end of device
[   90.762675][ T4436] loop3: rw=2049, sector=145, nr_sectors = 95 limit=128
[   90.816963][ T4384] erofs: (device loop2): z_erofs_readahead: readahead error at page 0 @ nid 36
[   90.845540][ T4384] syz.2.16: attempt to access beyond end of device
[   90.845540][ T4384] loop2: rw=524288, sector=296, nr_sectors = 16 limit=16
[   90.861346][ T4384] syz.2.16: attempt to access beyond end of device
[   90.861346][ T4384] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[   90.879947][ T4408] XFS (loop1): Ending clean mount
[   90.894619][ T4408] XFS (loop1): Quotacheck needed: Please wait.
[   90.911542][ T4384] syz.2.16: attempt to access beyond end of device
[   90.911542][ T4384] loop2: rw=524288, sector=720, nr_sectors = 128 limit=16
[   90.984515][ T4408] XFS (loop1): Quotacheck: Done.
[   90.991336][ T4384] syz.2.16: attempt to access beyond end of device
[   90.991336][ T4384] loop2: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[   91.060049][ T4384] syz.2.16: attempt to access beyond end of device
[   91.060049][ T4384] loop2: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[   91.074828][ T4384] syz.2.16: attempt to access beyond end of device
[   91.074828][ T4384] loop2: rw=524288, sector=32, nr_sectors = 64 limit=16
[   91.088932][ T4384] syz.2.16: attempt to access beyond end of device
[   91.088932][ T4384] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[   91.092156][ T4408] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   91.126216][ T4384] syz.2.16: attempt to access beyond end of device
[   91.126216][ T4384] loop2: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[   91.226898][ T4441] netlink: 132 bytes leftover after parsing attributes in process `syz.4.28'.
[   91.592260][ T4449] Cannot find del_set index 3 as target
[   94.104991][ T4261] XFS (loop1): Unmounting Filesystem
[   95.454952][ T4465] loop3: detected capacity change from 0 to 32768
[   95.507462][ T4465] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.35 (4465)
[   95.609459][ T4465] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   95.640503][ T4465] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[   95.660432][ T4465] BTRFS info (device loop3): force clearing of disk cache
[   95.778304][ T4465] BTRFS info (device loop3): enabling auto defrag
[   95.785046][ T4465] BTRFS info (device loop3): metadata ratio 258
[   95.815645][ T4465] BTRFS info (device loop3): force zlib compression, level 3
[   95.855029][ T4465] BTRFS info (device loop3): using free space tree
[   96.991992][ T4465] BTRFS info (device loop3): enabling ssd optimizations
[   97.024687][ T4465] BTRFS info (device loop3): rebuilding free space tree
[   97.900283][ T4268] Bluetooth: hci4: command 0x0405 tx timeout
[   98.684889][ T4475] block nbd2: shutting down sockets
[   98.810271][ T4253] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   99.317455][ T4538] netlink: 132 bytes leftover after parsing attributes in process `syz.0.50'.
[   99.402165][ T4539] autofs4:pid:4539:autofs_fill_super: called with bogus options
[  100.533796][ T4547] 9pnet_virtio: no channels available for device syz
[  102.930008][ T4562] loop1: detected capacity change from 0 to 40427
[  102.958475][ T4566] x_tables: unsorted underflow at hook 1
[  102.969750][ T4566] loop3: detected capacity change from 0 to 256
[  102.994235][ T4562] F2FS-fs (loop1): invalid crc value
[  103.006161][ T4562] F2FS-fs (loop1): Found nat_bits in checkpoint
[  103.055438][ T4562] F2FS-fs (loop1): Start checkpoint disabled!
[  103.079122][ T4566] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  103.151246][ T4562] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  103.437481][ T4561] block nbd1: shutting down sockets
[  104.777813][    C0] sched: RT throttling activated
[  104.936851][ T4417] kworker/u4:11: attempt to access beyond end of device
[  104.936851][ T4417] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  105.323537][ T4584] autofs4:pid:4584:autofs_fill_super: called with bogus options
[  106.026268][ T4590] Cannot find del_set index 3 as target
[  107.503966][ T4602] netlink: 132 bytes leftover after parsing attributes in process `syz.4.69'.
[  108.014369][ T4612] x_tables: unsorted underflow at hook 1
[  108.026061][ T4612] loop1: detected capacity change from 0 to 256
[  108.065920][ T4612] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  108.648517][ T4616] loop3: detected capacity change from 0 to 8192
[  108.701271][ T4616] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  109.015460][ T4616] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  109.107751][ T4627] autofs4:pid:4627:autofs_fill_super: called with bogus options
[  109.539808][ T4616] REISERFS (device loop3): using ordered data mode
[  109.567974][ T4616] reiserfs: using flush barriers
[  109.582621][ T4616] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  109.653337][ T4616] REISERFS (device loop3): checking transaction log (loop3)
[  109.762043][ T4632] Cannot find del_set index 3 as target
[  110.113129][ T4616] REISERFS (device loop3): Using r5 hash to sort names
[  110.380706][ T4616] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  111.006134][ T4643] 9pnet_virtio: no channels available for device syz
[  111.794252][ T4654] x_tables: unsorted underflow at hook 1
[  111.813801][ T4654] loop4: detected capacity change from 0 to 256
[  111.827127][ T4654] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  114.917268][ T4676] loop1: detected capacity change from 0 to 8192
[  114.958846][ T4676] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  115.072715][ T4676] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  115.122589][ T4676] REISERFS (device loop1): using ordered data mode
[  115.169052][ T4690] Cannot find del_set index 3 as target
[  115.243622][ T4676] reiserfs: using flush barriers
[  115.350918][ T4676] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  115.562463][ T4676] REISERFS (device loop1): checking transaction log (loop1)
[  115.681643][ T4676] REISERFS (device loop1): Using r5 hash to sort names
[  115.848727][ T4676] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  116.438277][ T4696] netlink: 132 bytes leftover after parsing attributes in process `syz.0.96'.
[  117.170137][ T4707] x_tables: unsorted underflow at hook 1
[  117.203329][ T4707] loop3: detected capacity change from 0 to 256
[  117.468138][ T4707] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  120.415420][ T4738] Cannot find del_set index 3 as target
[  122.126434][ T4746] 9pnet_virtio: no channels available for device syz
[  122.740744][ T4751] loop4: detected capacity change from 0 to 8
[  122.811787][ T4751] squashfs: Unknown parameter 'dctcp'
[  126.354986][ T4784] Cannot find del_set index 3 as target
[  127.383266][ T4793] netlink: 132 bytes leftover after parsing attributes in process `syz.0.124'.
[  127.687511][ T4799] loop3: detected capacity change from 0 to 8
[  127.699776][ T4799] squashfs: Unknown parameter 'dctcp'
[  127.744634][ T4365] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  130.684888][ T4824] loop3: detected capacity change from 0 to 8192
[  130.816793][ T4824] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  130.913087][ T4824] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  131.138304][ T4824] REISERFS (device loop3): using ordered data mode
[  131.164432][ T4838] Cannot find del_set index 3 as target
[  131.176252][ T4824] reiserfs: using flush barriers
[  131.502102][ T4824] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  131.694220][ T4824] REISERFS (device loop3): checking transaction log (loop3)
[  131.706910][ T4824] REISERFS (device loop3): Using r5 hash to sort names
[  131.714431][ T4824] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  133.159588][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  133.166374][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.885699][ T4862] x_tables: unsorted underflow at hook 1
[  133.918205][ T4862] loop3: detected capacity change from 0 to 256
[  134.868833][ T4862] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  138.441267][ T4879] loop3: detected capacity change from 0 to 8192
[  138.532381][ T4879] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  138.548176][ T4891] Cannot find del_set index 3 as target
[  138.629119][ T4879] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  138.638518][ T4879] REISERFS (device loop3): using ordered data mode
[  138.645056][ T4879] reiserfs: using flush barriers
[  138.703522][ T4879] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  138.897936][ T4902] loop1: detected capacity change from 0 to 512
[  140.362477][ T4902] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  140.372876][ T4902] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.433748][   T26] audit: type=1800 audit(1749106209.949:2): pid=4902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.158" name="file1" dev="loop1" ino=15 res=0 errno=0
[  140.630025][ T4879] REISERFS warning (device loop3): journal-2004 journal_init: Journal cnode memory allocation failed (73728 bytes). Journal is too large for available memory. Usually this is due to a journal that is too large.
[  140.907747][ T4261] EXT4-fs (loop1): unmounting filesystem.
[  141.048018][ T4914] netlink: 132 bytes leftover after parsing attributes in process `syz.0.157'.
[  141.241652][ T4919] x_tables: unsorted underflow at hook 1
[  141.284266][ T4919] loop4: detected capacity change from 0 to 256
[  141.319805][ T4919] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  144.653383][ T4957] Cannot find del_set index 3 as target
[  145.459289][ T4962] netlink: 48 bytes leftover after parsing attributes in process `syz.4.174'.
[  146.145967][ T4977] x_tables: unsorted underflow at hook 1
[  146.185560][ T4977] loop2: detected capacity change from 0 to 256
[  146.217149][ T4977] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  151.796514][ T4989] loop3: detected capacity change from 0 to 40427
[  151.843347][ T4989] F2FS-fs (loop3): invalid crc value
[  151.854840][ T4989] F2FS-fs (loop3): Found nat_bits in checkpoint
[  151.890546][ T4989] F2FS-fs (loop3): Start checkpoint disabled!
[  151.908537][ T4989] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  152.137310][ T4988] block nbd3: shutting down sockets
[  152.599181][ T4305] kworker/u4:6: attempt to access beyond end of device
[  152.599181][ T4305] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  152.699114][ T5010] =======================================================
[  152.699114][ T5010] WARNING: The mand mount option has been deprecated and
[  152.699114][ T5010]          and is ignored by this kernel. Remove the mand
[  152.699114][ T5010]          option from the mount to silence this warning.
[  152.699114][ T5010] =======================================================
[  153.081909][ T5014] x_tables: unsorted underflow at hook 1
[  156.205934][ T5039] 9pnet_virtio: no channels available for device syz
[  156.647639][ T5038] loop4: detected capacity change from 0 to 512
[  156.653146][ T5040] netlink: 132 bytes leftover after parsing attributes in process `syz.3.196'.
[  156.807616][ T5038] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  156.828000][ T5038] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.872446][   T26] audit: type=1800 audit(1749106226.389:3): pid=5034 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.197" name="file1" dev="loop4" ino=15 res=0 errno=0
[  157.155369][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  157.204935][ T5049] loop1: detected capacity change from 0 to 8192
[  157.279669][ T5049]  loop1: p1 p2 p3 p4
[  157.279669][ T5049]  p3: <minix: p5 p6 p7 >
[  157.338151][ T5049] loop1: partition table partially beyond EOD, truncated
[  157.356529][ T5049] loop1: p1 start 51379968 is beyond EOD, truncated
[  157.385278][ T5049] loop1: p2 start 4293394690 is beyond EOD, truncated
[  157.561778][ T5049] loop1: p3 size 100663552 extends beyond EOD, truncated
[  157.624768][ T5051] loop0: detected capacity change from 0 to 40427
[  157.639042][ T5051] F2FS-fs (loop0): invalid crc value
[  157.741686][ T5049] loop1: p4 size 50331648 extends beyond EOD, truncated
[  157.776210][ T5051] F2FS-fs (loop0): Found nat_bits in checkpoint
[  157.809885][ T5051] F2FS-fs (loop0): Start checkpoint disabled!
[  157.828013][ T5051] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  157.890516][ T5049] loop1: p5 start 51379968 is beyond EOD, truncated
[  158.094130][ T5050] block nbd0: shutting down sockets
[  159.317859][ T5049] loop1: p6 start 4293394690 is beyond EOD, truncated
[  159.324716][ T5049] loop1: p7 size 100663552 extends beyond EOD, truncated
[  160.834999][ T5074] x_tables: unsorted underflow at hook 1
[  161.388606][ T5074] loop4: detected capacity change from 0 to 256
[  161.528228][ T5074] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  161.669552][ T5067] kworker/u4:17: attempt to access beyond end of device
[  161.669552][ T5067] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  161.861300][ T4336] udevd[4336]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  161.897855][ T5080] udevd[5080]: inotify_add_watch(7, /dev/loop1p7, 10) failed: No such file or directory
[  161.936084][ T4365] udevd[4365]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  162.043754][ T5083] 9pnet_virtio: no channels available for device syz
[  163.755159][ T5094] loop2: detected capacity change from 0 to 512
[  164.006835][ T5101] loop4: detected capacity change from 0 to 4096
[  164.030851][ T5094] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  164.075910][ T5094] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.171841][   T26] audit: type=1800 audit(1749106233.689:4): pid=5091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.214" name="file1" dev="loop2" ino=15 res=0 errno=0
[  164.400428][ T5108] Cannot find del_set index 3 as target
[  165.275086][ T5113] ntfs3: loop4: ino=22, "file1" attr_insert_range
[  165.975282][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  166.284479][ T5124] loop2: detected capacity change from 0 to 16
[  166.361164][ T5124] erofs: (device loop2): mounted with root inode @ nid 36.
[  166.381467][ T5123] 9pnet_virtio: no channels available for device syz
[  166.647728][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 87 @ nid 36
[  166.983459][ T5116] block nbd4: shutting down sockets
[  167.024216][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 86 @ nid 36
[  167.034110][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  167.043796][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 83 @ nid 36
[  167.076177][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  167.138072][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 82 @ nid 36
[  167.287227][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 79 @ nid 36
[  167.327991][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 78 @ nid 36
[  167.339601][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  167.350362][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 76 @ nid 36
[  167.359576][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  167.370626][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 75 @ nid 36
[  167.381455][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 74 @ nid 36
[  167.401384][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 72 @ nid 36
[  167.412661][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 71 @ nid 36
[  167.423565][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 70 @ nid 36
[  167.435099][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 63 @ nid 36
[  167.445995][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 61 @ nid 36
[  167.456795][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.040600][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 59 @ nid 36
[  168.050289][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.060042][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 58 @ nid 36
[  168.088009][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 56 @ nid 36
[  168.173880][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 54 @ nid 36
[  168.206458][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 50 @ nid 36
[  168.225660][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.236361][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 47 @ nid 36
[  168.248553][ T5137] netlink: 48 bytes leftover after parsing attributes in process `syz.1.226'.
[  168.251546][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.272311][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 46 @ nid 36
[  168.283219][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 45 @ nid 36
[  168.295418][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.367607][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 43 @ nid 36
[  168.384012][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.395120][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 42 @ nid 36
[  168.404575][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.414313][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 41 @ nid 36
[  168.423583][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.435799][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 40 @ nid 36
[  168.443354][ T5140] 9pnet_virtio: no channels available for device syz
[  168.445049][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 39 @ nid 36
[  168.462095][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 38 @ nid 36
[  168.473910][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 36 @ nid 36
[  168.484698][ T5124] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  168.495194][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 31 @ nid 36
[  168.506686][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 26 @ nid 36
[  168.578890][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 24 @ nid 36
[  168.671086][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 19 @ nid 36
[  168.901952][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 13 @ nid 36
[  168.918897][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 8 @ nid 36
[  168.982831][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 6 @ nid 36
[  169.018121][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 4 @ nid 36
[  169.039106][ T5124] erofs: (device loop2): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  169.063871][ T5124] erofs: (device loop2): z_erofs_readahead: readahead error at page 0 @ nid 36
[  169.118046][ T5124] syz.2.221: attempt to access beyond end of device
[  169.118046][ T5124] loop2: rw=524288, sector=296, nr_sectors = 16 limit=16
[  169.195930][ T5124] syz.2.221: attempt to access beyond end of device
[  169.195930][ T5124] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  169.245619][ T5124] syz.2.221: attempt to access beyond end of device
[  169.245619][ T5124] loop2: rw=524288, sector=720, nr_sectors = 128 limit=16
[  169.314537][ T5124] syz.2.221: attempt to access beyond end of device
[  169.314537][ T5124] loop2: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  169.375176][ T5124] syz.2.221: attempt to access beyond end of device
[  169.375176][ T5124] loop2: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  169.415739][ T5124] syz.2.221: attempt to access beyond end of device
[  169.415739][ T5124] loop2: rw=524288, sector=32, nr_sectors = 64 limit=16
[  169.464199][ T5124] syz.2.221: attempt to access beyond end of device
[  169.464199][ T5124] loop2: rw=524288, sector=8, nr_sectors = 24 limit=16
[  169.492040][ T5124] syz.2.221: attempt to access beyond end of device
[  169.492040][ T5124] loop2: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  169.680453][ T5152] loop0: detected capacity change from 0 to 512
[  169.939277][ T5160] fuse: Bad value for 'fd'
[  170.111351][ T5152] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  170.132502][ T5152] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  170.904004][   T26] audit: type=1800 audit(1749106240.419:5): pid=5148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.231" name="file1" dev="loop0" ino=15 res=0 errno=0
[  170.986145][ T5167] Cannot find del_set index 3 as target
[  173.039216][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  173.445008][ T5193] 9pnet_virtio: no channels available for device syz
[  174.044855][ T5199] fuse: Bad value for 'fd'
[  174.605819][ T5204] x_tables: unsorted underflow at hook 1
[  174.693023][ T5204] loop4: detected capacity change from 0 to 256
[  174.820787][ T5204] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  174.951465][ T5183] loop2: detected capacity change from 0 to 40427
[  175.072245][ T5183] F2FS-fs (loop2): invalid crc value
[  175.164667][ T5183] F2FS-fs (loop2): Found nat_bits in checkpoint
[  176.071743][ T5223] Cannot find del_set index 3 as target
[  177.040333][ T5183] F2FS-fs (loop2): Start checkpoint disabled!
[  178.031138][ T5183] block nbd2: shutting down sockets
[  178.264854][ T5249] netlink: 48 bytes leftover after parsing attributes in process `syz.2.259'.
[  179.808381][ T5266] 9pnet_virtio: no channels available for device syz
[  181.066948][ T5273] loop2: detected capacity change from 0 to 512
[  181.127714][ T5273] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  181.137114][ T5273] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.159127][   T26] audit: type=1800 audit(1749106250.679:6): pid=5273 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.266" name="file1" dev="loop2" ino=15 res=0 errno=0
[  182.903057][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  183.137171][ T5295] Cannot find del_set index 3 as target
[  183.269402][ T5296] netlink: 8 bytes leftover after parsing attributes in process `syz.2.273'.
[  185.498820][ T5319] 9pnet_virtio: no channels available for device syz
[  186.468903][ T5321] x_tables: unsorted underflow at hook 1
[  186.569305][ T5328] loop3: detected capacity change from 0 to 512
[  188.486293][ T5321] loop0: detected capacity change from 0 to 256
[  188.649600][ T5321] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  188.662686][ T5328] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  188.679246][ T5328] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.734941][   T26] audit: type=1800 audit(1749106258.249:7): pid=5327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.283" name="file1" dev="loop3" ino=15 res=0 errno=0
[  188.997566][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  190.499833][ T5362] 9pnet_virtio: no channels available for device syz
[  192.251786][ T5371] x_tables: unsorted underflow at hook 1
[  192.353023][ T5371] loop1: detected capacity change from 0 to 256
[  192.537627][ T5371] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  192.605022][ T5374] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.666267][ T5376] loop4: detected capacity change from 0 to 512
[  192.756838][ T5376] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  192.765871][ T5376] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.790065][   T26] audit: type=1800 audit(1749106262.309:8): pid=5376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.298" name="file1" dev="loop4" ino=15 res=0 errno=0
[  193.561363][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  194.293771][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.300240][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  194.561846][ T5400] 9pnet_virtio: no channels available for device syz
[  197.169219][ T5423] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.178147][ T5421] x_tables: unsorted underflow at hook 1
[  197.386477][ T5421] loop1: detected capacity change from 0 to 256
[  197.401429][ T5429] loop3: detected capacity change from 0 to 512
[  198.237369][ T5421] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  198.315481][ T5429] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  198.324564][ T5429] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.342728][   T26] audit: type=1800 audit(1749106267.859:9): pid=5429 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.315" name="file1" dev="loop3" ino=15 res=0 errno=0
[  198.616134][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  199.205921][ T5455] 9pnet_virtio: no channels available for device syz
[  200.506739][ T5456] syz.1.321 (5456): drop_caches: 2
[  201.488591][ T4268] Bluetooth: hci1: command 0x0406 tx timeout
[  201.495479][ T4266] Bluetooth: hci2: command 0x0406 tx timeout
[  201.502307][ T4267] Bluetooth: hci0: command 0x0406 tx timeout
[  201.508417][   T48] Bluetooth: hci3: command 0x0406 tx timeout
[  204.054725][ T5490] 9pnet_virtio: no channels available for device syz
[  204.866858][ T5499] 9pnet_virtio: no channels available for device syz
[  207.332336][ T5515] block nbd1: shutting down sockets
[  208.919665][ T5526] loop3: detected capacity change from 0 to 512
[  208.999767][ T5526] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  209.018713][ T5526] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.174038][ T5542] 9pnet_virtio: no channels available for device syz
[  209.799583][   T26] audit: type=1800 audit(1749106279.319:10): pid=5526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.346" name="file1" dev="loop3" ino=15 res=0 errno=0
[  211.220673][ T5554] 9pnet_virtio: no channels available for device syz
[  211.641936][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  211.994080][ T5566] sd 0:0:1:0: device reset
[  212.980228][ T5566] loop0: detected capacity change from 0 to 32768
[  213.610287][ T5566] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  214.061822][ T4251] ocfs2: Unmounting device (7,0) on (node local)
[  215.281068][ T5588] x_tables: unsorted underflow at hook 1
[  215.414270][ T5583] loop2: detected capacity change from 0 to 256
[  216.029128][ T5583] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  216.109334][ T5598] loop0: detected capacity change from 0 to 512
[  216.293815][ T5598] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  216.303087][ T5598] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  216.378649][   T26] audit: type=1800 audit(1749106285.899:11): pid=5598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.366" name="file1" dev="loop0" ino=15 res=0 errno=0
[  217.229999][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  218.362554][ T5589] block nbd3: shutting down sockets
[  218.783577][ T5623] Cannot find del_set index 3 as target
[  220.402225][ T5640] loop3: detected capacity change from 0 to 8192
[  220.485554][ T5640] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  220.512516][ T5640] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  220.522079][ T5640] REISERFS (device loop3): using ordered data mode
[  220.528941][ T5640] reiserfs: using flush barriers
[  220.616084][ T5640] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  220.647155][ T5653] loop1: detected capacity change from 0 to 512
[  220.703934][ T5640] REISERFS (device loop3): checking transaction log (loop3)
[  220.726419][ T5653] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  220.736064][ T5653] ext4 filesystem being mounted at /89/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.763212][   T26] audit: type=1800 audit(1749106290.279:12): pid=5653 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.381" name="file1" dev="loop1" ino=15 res=0 errno=0
[  220.813203][ T5640] REISERFS (device loop3): Using r5 hash to sort names
[  220.838782][ T5640] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  221.401331][ T5661] 9pnet_virtio: no channels available for device syz
[  221.484158][ T4261] EXT4-fs (loop1): unmounting filesystem.
[  223.984864][ T5668] block nbd3: shutting down sockets
[  224.047117][ T5676] netlink: 132 bytes leftover after parsing attributes in process `syz.1.388'.
[  229.159357][ T5689] tipc: Started in network mode
[  229.170738][ T5689] tipc: Node identity 4, cluster identity 4711
[  229.217903][ T5689] tipc: Node number set to 4
[  229.431139][ T5701] loop0: detected capacity change from 0 to 512
[  229.550631][ T5701] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  229.560333][ T5701] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.578255][   T26] audit: type=1800 audit(1749106555.101:13): pid=5701 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.395" name="file1" dev="loop0" ino=15 res=0 errno=0
[  229.650538][ T5709] 9pnet_virtio: no channels available for device syz
[  229.907980][ T5706] loop1: detected capacity change from 0 to 8192
[  229.934305][ T5706] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  229.951031][ T5706] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  229.997531][ T5706] REISERFS (device loop1): using ordered data mode
[  230.027100][ T5706] reiserfs: using flush barriers
[  230.048782][ T5706] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  230.128661][ T5706] REISERFS (device loop1): checking transaction log (loop1)
[  230.155481][ T5706] REISERFS (device loop1): Using r5 hash to sort names
[  230.182382][ T5706] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  230.733445][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  230.958678][ T5722] block nbd3: shutting down sockets
[  231.107892][ T4337] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  231.338028][ T4337] usb 5-1: Using ep0 maxpacket: 16
[  231.377976][ T4337] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  231.445325][ T4337] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  231.483189][ T4337] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.501392][ T4337] usb 5-1: Product: syz
[  231.519569][ T4337] usb 5-1: Manufacturer: syz
[  231.524287][ T4337] usb 5-1: SerialNumber: syz
[  231.569296][ T4337] usb 5-1: config 0 descriptor??
[  231.618018][ T5728] ptrace attach of "./syz-executor exec"[4252] was attempted by "./syz-executor exec"[5728]
[  231.817153][ T5743] Cannot find del_set index 3 as target
[  233.111440][ T5758] netlink: 132 bytes leftover after parsing attributes in process `syz.3.410'.
[  233.175659][ T5753] x_tables: unsorted underflow at hook 1
[  233.215558][ T5753] loop0: detected capacity change from 0 to 256
[  233.286724][ T5753] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  233.505388][ T5749] loop1: detected capacity change from 0 to 32768
[  233.586298][ T5749] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  233.698678][ T4337] usb 5-1: USB disconnect, device number 2
[  234.828462][   T26] audit: type=1800 audit(1749106816.335:14): pid=5749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.407" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  234.879080][ T5767] loop4: detected capacity change from 0 to 512
[  234.991314][ T5767] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  235.000307][ T5767] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.028701][   T26] audit: type=1800 audit(1749106816.535:15): pid=5767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.413" name="file1" dev="loop4" ino=15 res=0 errno=0
[  235.112517][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  235.154182][ T5772] loop3: detected capacity change from 0 to 8192
[  235.216917][ T5772] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  235.258151][ T5772] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  235.278050][ T5772] REISERFS (device loop3): using ordered data mode
[  235.285061][ T5772] reiserfs: using flush barriers
[  236.819944][ T5772] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  236.848317][ T5772] REISERFS (device loop3): checking transaction log (loop3)
[  236.859496][ T5772] REISERFS (device loop3): Using r5 hash to sort names
[  236.866609][ T5772] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  237.216843][ T5778] 9pnet_virtio: no channels available for device syz
[  237.296328][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  238.191079][ T5798] x_tables: unsorted underflow at hook 1
[  238.348571][ T5798] loop0: detected capacity change from 0 to 256
[  239.877973][ T5791] loop4: detected capacity change from 0 to 40427
[  239.934208][ T5791] F2FS-fs (loop4): invalid crc value
[  239.974513][ T5798] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  240.038706][ T5791] F2FS-fs (loop4): Found nat_bits in checkpoint
[  240.083336][ T5791] F2FS-fs (loop4): Start checkpoint disabled!
[  240.099480][ T5814] 9pnet_virtio: no channels available for device syz
[  240.143802][ T5791] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  240.174608][ T5789] block nbd4: shutting down sockets
[  240.185650][ T5816] netlink: 132 bytes leftover after parsing attributes in process `syz.3.426'.
[  240.212295][ T5817] loop2: detected capacity change from 0 to 512
[  240.310322][ T5817] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  240.319678][ T5817] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.337608][   T26] audit: type=1800 audit(1749107077.853:16): pid=5817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.427" name="file1" dev="loop2" ino=15 res=0 errno=0
[  240.502895][ T5823] 9pnet_virtio: no channels available for device syz
[  240.670750][ T5067] kworker/u4:17: attempt to access beyond end of device
[  240.670750][ T5067] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  241.129136][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  245.334761][ T5861] x_tables: unsorted underflow at hook 1
[  245.369984][ T5861] loop1: detected capacity change from 0 to 256
[  245.412744][ T5861] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  246.390334][ T5857] loop4: detected capacity change from 0 to 40427
[  246.478569][ T5857] F2FS-fs (loop4): invalid crc value
[  246.512953][ T5857] F2FS-fs (loop4): Found nat_bits in checkpoint
[  246.553868][ T5857] F2FS-fs (loop4): Start checkpoint disabled!
[  246.605968][ T5857] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  246.676480][ T5856] block nbd4: shutting down sockets
[  247.039806][ T5873] 9pnet_virtio: no channels available for device syz
[  247.091055][ T4376] kworker/u4:9: attempt to access beyond end of device
[  247.091055][ T4376] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  248.560666][ T5886] fuse: Bad value for 'group_id'
[  251.169206][ T5899] x_tables: unsorted underflow at hook 1
[  251.198721][ T5899] loop4: detected capacity change from 0 to 256
[  251.222020][ T5899] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  252.298866][ T5910] netlink: 132 bytes leftover after parsing attributes in process `syz.1.453'.
[  252.683748][ T5911] loop0: detected capacity change from 0 to 40427
[  252.707939][ T5911] F2FS-fs (loop0): invalid crc value
[  252.742413][ T5911] F2FS-fs (loop0): Found nat_bits in checkpoint
[  252.772215][ T5911] F2FS-fs (loop0): Start checkpoint disabled!
[  252.806837][ T5911] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  252.846052][ T5909] block nbd0: shutting down sockets
[  253.158134][ T4305] kworker/u4:6: attempt to access beyond end of device
[  253.158134][ T4305] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  255.661411][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  255.667849][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  259.198900][ T5945] Cannot find del_set index 3 as target
[  260.094831][ T5951] sd 0:0:1:0: device reset
[  261.243009][ T5951] loop2: detected capacity change from 0 to 32768
[  261.442271][ T5951] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  262.660380][ T4252] ocfs2: Unmounting device (7,2) on (node local)
[  262.944224][ T5956] block nbd0: shutting down sockets
[  265.383534][ T5976] x_tables: unsorted underflow at hook 1
[  265.400893][ T5976] loop2: detected capacity change from 0 to 256
[  265.423424][ T5976] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  265.542726][ T5985] fuse: Bad value for 'group_id'
[  265.628171][ T5986] 9pnet_virtio: no channels available for device syz
[  265.780486][ T5990] Cannot find del_set index 3 as target
[  266.902528][ T5993] loop4: detected capacity change from 0 to 512
[  267.101939][ T5993] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  267.111059][ T5993] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.128371][   T26] audit: type=1800 audit(1749107104.643:17): pid=5993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.480" name="file1" dev="loop4" ino=15 res=0 errno=0
[  268.518655][ T6006] 9pnet_virtio: no channels available for device syz
[  268.621374][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  269.211321][ T6013] loop4: detected capacity change from 0 to 40427
[  269.226959][ T6013] F2FS-fs (loop4): invalid crc value
[  269.244978][ T6013] F2FS-fs (loop4): Found nat_bits in checkpoint
[  269.275851][ T6013] F2FS-fs (loop4): Start checkpoint disabled!
[  269.323443][ T6013] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  269.347494][ T6012] block nbd4: shutting down sockets
[  269.385715][ T6020] netlink: 132 bytes leftover after parsing attributes in process `syz.3.487'.
[  270.726562][ T4363] kworker/u4:8: attempt to access beyond end of device
[  270.726562][ T4363] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  270.884876][ T6027] x_tables: unsorted underflow at hook 1
[  270.957548][ T6027] loop2: detected capacity change from 0 to 256
[  270.984477][ T6027] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  271.877119][ T6036] Cannot find del_set index 3 as target
[  274.266677][ T6052] loop1: detected capacity change from 0 to 512
[  274.281893][ T6054] 9pnet_virtio: no channels available for device syz
[  274.325845][ T6052] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  274.334934][ T6052] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.361314][   T26] audit: type=1800 audit(1749107111.873:18): pid=6052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.495" name="file1" dev="loop1" ino=15 res=0 errno=0
[  276.449257][ T4261] EXT4-fs (loop1): unmounting filesystem.
[  276.826109][ T6065] loop3: detected capacity change from 0 to 40427
[  276.898187][ T6065] F2FS-fs (loop3): invalid crc value
[  276.909424][ T6065] F2FS-fs (loop3): Found nat_bits in checkpoint
[  276.938521][ T6065] F2FS-fs (loop3): Start checkpoint disabled!
[  276.966960][ T6065] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  277.038538][ T6064] block nbd3: shutting down sockets
[  277.321372][ T6080] 9pnet_virtio: no channels available for device syz
[  277.491639][ T4305] kworker/u4:6: attempt to access beyond end of device
[  277.491639][ T4305] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  280.900930][ T6105] Cannot find del_set index 3 as target
[  280.942458][ T6105] process 'syz.2.510' launched '/dev/fd/-1/./file2' with NULL argv: empty string added
[  283.086509][ T6122] 9pnet_virtio: no channels available for device syz
[  283.709036][ T6130] x_tables: unsorted underflow at hook 1
[  283.720040][ T6130] loop1: detected capacity change from 0 to 256
[  283.770159][ T6130] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  285.876841][ T6149] Cannot find del_set index 3 as target
[  288.074920][ T6161] 9pnet_virtio: no channels available for device syz
[  291.981710][ T6191] Cannot find del_set index 3 as target
[  292.793469][ T6193] loop2: detected capacity change from 0 to 40427
[  292.831992][ T6193] F2FS-fs (loop2): invalid crc value
[  292.901299][ T6193] F2FS-fs (loop2): Found nat_bits in checkpoint
[  292.952663][ T6193] F2FS-fs (loop2): Start checkpoint disabled!
[  292.968175][ T6193] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  293.910697][ T6190] block nbd2: shutting down sockets
[  297.035193][ T6206] 9pnet_virtio: no channels available for device syz
[  297.083430][ T6210] x_tables: unsorted underflow at hook 1
[  297.112408][ T6210] loop4: detected capacity change from 0 to 256
[  297.131631][ T6210] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  297.415354][ T6214] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'.
[  299.237089][ T6220] sctp: failed to load transform for md5: -2
[  299.657474][ T6235] Cannot find del_set index 3 as target
[  300.933374][ T6239] loop4: detected capacity change from 0 to 40427
[  300.950011][ T6239] F2FS-fs (loop4): invalid crc value
[  301.064680][ T6239] F2FS-fs (loop4): Found nat_bits in checkpoint
[  301.097040][ T6239] F2FS-fs (loop4): Start checkpoint disabled!
[  301.120275][ T6239] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  301.278850][ T6250] 9pnet_virtio: no channels available for device syz
[  301.653858][ T6238] block nbd4: shutting down sockets
[  302.380246][ T6252] x_tables: unsorted underflow at hook 1
[  302.391462][ T6252] loop1: detected capacity change from 0 to 256
[  302.403891][ T6252] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  303.294596][ T6273] netlink: 132 bytes leftover after parsing attributes in process `syz.4.564'.
[  305.539283][ T6279] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  305.558905][ T6291] 9pnet_virtio: no channels available for device syz
[  305.577848][ T6282] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  306.348544][ T6305] loop3: detected capacity change from 0 to 40427
[  306.605528][ T6305] F2FS-fs (loop3): invalid crc value
[  306.696261][ T6305] F2FS-fs (loop3): Found nat_bits in checkpoint
[  306.731140][ T6305] F2FS-fs (loop3): Start checkpoint disabled!
[  306.816548][ T6305] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  307.174221][ T6304] block nbd3: shutting down sockets
[  310.435392][ T6328] loop0: detected capacity change from 0 to 8192
[  310.475431][ T6328] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  310.659278][ T6328] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  310.703376][ T6328] REISERFS (device loop0): using ordered data mode
[  310.721231][ T6328] reiserfs: using flush barriers
[  310.746797][ T6328] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  310.846802][ T6328] REISERFS (device loop0): checking transaction log (loop0)
[  310.898451][ T6328] REISERFS (device loop0): Using r5 hash to sort names
[  310.941905][ T6328] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  312.009705][ T6353] loop1: detected capacity change from 0 to 40427
[  312.056687][ T6353] F2FS-fs (loop1): invalid crc value
[  312.119581][ T6353] F2FS-fs (loop1): Found nat_bits in checkpoint
[  312.198548][ T6353] F2FS-fs (loop1): Start checkpoint disabled!
[  312.218143][ T6353] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  312.436327][ T6352] block nbd1: shutting down sockets
[  312.906225][ T4376] kworker/u4:9: attempt to access beyond end of device
[  312.906225][ T4376] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  312.975078][ T6373] netlink: 132 bytes leftover after parsing attributes in process `syz.0.586'.
[  314.059444][ T6382] netlink: 24 bytes leftover after parsing attributes in process `syz.4.596'.
[  314.198593][ T6387] loop3: detected capacity change from 0 to 512
[  314.400041][ T6387] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  314.410886][ T6387] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.103104][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.119802][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  317.215514][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  317.430958][ T6392] loop1: detected capacity change from 0 to 8192
[  317.455580][ T6392] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  317.478643][   T48] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  317.489429][   T48] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  317.499587][   T48] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  317.507610][   T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  317.515082][ T6392] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  317.527233][   T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  317.536676][   T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  317.569106][ T6392] REISERFS (device loop1): using ordered data mode
[  317.576095][ T6392] reiserfs: using flush barriers
[  317.587015][ T6392] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  317.603985][ T6392] REISERFS (device loop1): checking transaction log (loop1)
[  317.622744][ T6392] REISERFS (device loop1): Using r5 hash to sort names
[  317.631594][ T6392] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  317.643382][ T6401] fuse: Bad value for 'fd'
[  317.781444][ T4417] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.167133][ T4417] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.445526][ T4417] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.778419][   T48] Bluetooth: hci0: command 0x0409 tx timeout
[  319.844328][ T4417] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  320.203983][ T4417] tipc: Left network mode
[  320.317109][ T6395] chnl_net:caif_netlink_parms(): no params data found
[  321.827963][   T48] Bluetooth: hci0: command 0x041b tx timeout
[  322.161494][ T6409] block nbd4: shutting down sockets
[  323.525888][ T6432] Cannot find del_set index 3 as target
[  323.897869][   T48] Bluetooth: hci0: command 0x040f tx timeout
[  324.593517][ T6395] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.601558][ T6395] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.633385][ T6395] device bridge_slave_0 entered promiscuous mode
[  324.727142][ T6395] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.757820][ T6395] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.766183][ T6395] device bridge_slave_1 entered promiscuous mode
[  324.774710][ T6449] fuse: Unknown parameter 'grou00000000000000000000'
[  324.855532][ T6453] sd 0:0:1:0: device reset
[  325.030674][ T6453] loop3: detected capacity change from 0 to 32768
[  325.110724][ T6453] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  325.219391][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  325.316528][ T6456] netlink: 132 bytes leftover after parsing attributes in process `syz.0.612'.
[  325.684083][ T6395] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.033440][   T48] Bluetooth: hci0: command 0x0419 tx timeout
[  327.202939][ T6436] loop4: detected capacity change from 0 to 32768
[  327.247878][ T6395] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.336204][ T6436] JBD2: recovery failed
[  327.393411][ T6436] (syz.4.607,6436,0):ocfs2_journal_load:1134 ERROR: Failed to load journal!
[  327.480165][ T6436] (syz.4.607,6436,1):ocfs2_check_volume:2433 ERROR: ocfs2 journal load failed! -5
[  327.510500][ T6436] (syz.4.607,6436,1):ocfs2_check_volume:2489 ERROR: status = -5
[  327.586116][ T6436] (syz.4.607,6436,1):ocfs2_mount_volume:1821 ERROR: status = -5
[  327.949804][ T6436] (syz.4.607,6436,1):ocfs2_fill_super:1176 ERROR: status = -5
[  328.022275][ T6468] block nbd3: shutting down sockets
[  328.192821][ T6395] team0: Port device team_slave_0 added
[  328.253298][ T6482] 9pnet_virtio: no channels available for device syz
[  328.305689][ T6395] team0: Port device team_slave_1 added
[  329.380837][ T6492] Cannot find del_set index 3 as target
[  329.870548][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.947865][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.005676][ T6395] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.094710][ T6395] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.112221][ T6395] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.189503][ T6502] sd 0:0:1:0: device reset
[  330.387748][ T6395] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  330.448655][ T4417] device hsr_slave_0 left promiscuous mode
[  330.465022][ T4417] device hsr_slave_1 left promiscuous mode
[  330.499446][ T4417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.506955][ T4417] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.549423][ T4417] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.556882][ T4417] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.596401][ T4417] device bridge_slave_1 left promiscuous mode
[  330.610126][ T4417] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.645872][ T4417] device bridge_slave_0 left promiscuous mode
[  330.661892][ T4417] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.973976][ T4417] device veth1_macvtap left promiscuous mode
[  331.001814][ T4417] device veth0_macvtap left promiscuous mode
[  331.050840][ T4417] device veth1_vlan left promiscuous mode
[  331.092934][ T4417] device veth0_vlan left promiscuous mode
[  331.366097][ T6513] loop3: detected capacity change from 0 to 40427
[  331.447434][ T6513] F2FS-fs (loop3): invalid crc value
[  331.459094][ T6513] F2FS-fs (loop3): Found nat_bits in checkpoint
[  331.493760][ T6513] F2FS-fs (loop3): Start checkpoint disabled!
[  331.513893][ T6513] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  331.820051][ T6512] block nbd3: shutting down sockets
[  331.853847][ T6502] loop4: detected capacity change from 0 to 32768
[  332.136522][   T75] kworker/u4:4: attempt to access beyond end of device
[  332.136522][   T75] loop3: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  333.817344][ T6502] JBD2: recovery failed
[  333.848947][ T6502] (syz.4.624,6502,0):ocfs2_journal_load:1134 ERROR: Failed to load journal!
[  333.904815][ T6502] (syz.4.624,6502,0):ocfs2_check_volume:2433 ERROR: ocfs2 journal load failed! -5
[  333.974413][ T6502] (syz.4.624,6502,0):ocfs2_check_volume:2489 ERROR: status = -5
[  334.017851][ T6502] (syz.4.624,6502,1):ocfs2_mount_volume:1821 ERROR: status = -5
[  334.055054][ T6502] (syz.4.624,6502,1):ocfs2_fill_super:1176 ERROR: status = -5
[  334.082682][ T6523] 9pnet_virtio: no channels available for device syz
[  335.154339][ T6541] loop4: detected capacity change from 0 to 512
[  336.752722][ T6541] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  336.762225][ T6541] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  337.323479][ T4417] team0 (unregistering): Port device team_slave_1 removed
[  337.377818][ T4417] team0 (unregistering): Port device team_slave_0 removed
[  337.517278][ T4417] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  337.643652][ T6555] 9pnet_virtio: no channels available for device syz
[  337.771576][ T4417] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  338.943047][ T4417] bond0 (unregistering): Released all slaves
[  339.215582][ T6533] netlink: 48 bytes leftover after parsing attributes in process `syz.0.633'.
[  339.236667][ T6563] sd 0:0:1:0: device reset
[  339.432975][ T6563] loop1: detected capacity change from 0 to 32768
[  339.462283][ T6551] netlink: 132 bytes leftover after parsing attributes in process `syz.3.637'.
[  339.502274][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  339.523417][ T6563] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  339.663159][ T6395] device hsr_slave_0 entered promiscuous mode
[  339.720345][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  339.745284][ T6395] device hsr_slave_1 entered promiscuous mode
[  340.634376][ T6580] Cannot find del_set index 3 as target
[  341.966785][ T6594] 9pnet_virtio: no channels available for device syz
[  343.367272][ T6603] netlink: 48 bytes leftover after parsing attributes in process `syz.0.652'.
[  343.419844][ T6395] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  343.452412][ T6395] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  343.531101][ T6606] loop4: detected capacity change from 0 to 512
[  343.674607][ T6606] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  343.684131][ T6606] ext4 filesystem being mounted at /130/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.807564][ T6395] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  344.067579][ T6395] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  344.529435][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  344.668224][ T6620] netlink: 132 bytes leftover after parsing attributes in process `syz.0.654'.
[  344.798374][ T6395] 8021q: adding VLAN 0 to HW filter on device bond0
[  344.855895][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  344.882115][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  344.905148][ T6627] x_tables: unsorted underflow at hook 1
[  344.921308][ T6627] loop1: detected capacity change from 0 to 256
[  344.939234][ T6627] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  345.004630][ T6395] 8021q: adding VLAN 0 to HW filter on device team0
[  345.281760][ T6623] loop4: detected capacity change from 0 to 40427
[  345.295150][ T6623] F2FS-fs (loop4): invalid crc value
[  345.313117][ T6623] F2FS-fs (loop4): Found nat_bits in checkpoint
[  345.342250][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  345.367263][ T6623] F2FS-fs (loop4): Start checkpoint disabled!
[  345.424459][ T6623] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  345.488380][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  345.945224][ T6634] syz.3.653 (6634): drop_caches: 2
[  346.181087][ T6622] block nbd4: shutting down sockets
[  346.271996][ T5067] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.279474][ T5067] bridge0: port 1(bridge_slave_0) entered forwarding state
[  346.411851][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  346.472463][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  346.498007][ T5067] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.505248][ T5067] bridge0: port 2(bridge_slave_1) entered forwarding state
[  346.555631][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  346.567595][   T33] kworker/u4:2: attempt to access beyond end of device
[  346.567595][   T33] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  346.586288][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  346.640987][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  346.672502][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  346.701872][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  346.748798][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  346.788827][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  346.827408][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  346.858551][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  346.897604][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  346.924334][ T6395] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  346.948702][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  346.968592][ T5067] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  347.010316][ T6642] sd 0:0:1:0: device reset
[  347.183682][ T6642] loop1: detected capacity change from 0 to 32768
[  347.219474][ T6642] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  347.330339][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  347.539085][ T6653] fuse: Unknown parameter 'group_id00000000000000000000'
[  348.082806][ T6657] 9pnet_virtio: no channels available for device syz
[  348.308475][ T6660] netlink: 48 bytes leftover after parsing attributes in process `syz.1.663'.
[  348.724113][ T6670] loop1: detected capacity change from 0 to 512
[  350.376130][ T6670] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  350.385888][ T6670] ext4 filesystem being mounted at /147/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.859644][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  350.867214][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  350.882159][ T6395] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.924960][ T4261] EXT4-fs (loop1): unmounting filesystem.
[  351.350449][ T6685] Cannot find del_set index 3 as target
[  352.426144][ T6689] loop1: detected capacity change from 0 to 40427
[  352.440541][ T6689] F2FS-fs (loop1): invalid crc value
[  352.469326][ T6696] sd 0:0:1:0: device reset
[  352.475562][ T6689] F2FS-fs (loop1): Found nat_bits in checkpoint
[  352.506631][ T6689] F2FS-fs (loop1): Start checkpoint disabled!
[  352.540070][ T6705] fuse: Unknown parameter 'group_id00000000000000000000'
[  352.728562][ T6696] loop0: detected capacity change from 0 to 32768
[  352.761577][ T6689] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  352.908858][ T6696] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  353.006296][ T6688] block nbd1: shutting down sockets
[  353.266742][ T4251] ocfs2: Unmounting device (7,0) on (node local)
[  353.408808][ T4453] kworker/u4:13: attempt to access beyond end of device
[  353.408808][ T4453] loop1: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  353.544970][   T48] Bluetooth: hci0: command 0x0405 tx timeout
[  354.637160][ T6730] loop3: detected capacity change from 0 to 512
[  354.800079][ T6730] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  354.809619][ T6730] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.679435][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  355.715340][ T6740] netlink: 132 bytes leftover after parsing attributes in process `syz.4.678'.
[  355.875002][ T6743] Cannot find del_set index 3 as target
[  356.047571][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  356.146216][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  356.723165][ T6746] netlink: 48 bytes leftover after parsing attributes in process `syz.1.674'.
[  356.792994][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  356.868983][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  356.891403][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  356.923274][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  356.951528][ T6395] device veth0_vlan entered promiscuous mode
[  356.996534][ T6395] device veth1_vlan entered promiscuous mode
[  357.049401][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  357.090996][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  357.223718][ T6395] device veth0_macvtap entered promiscuous mode
[  357.242775][ T6395] device veth1_macvtap entered promiscuous mode
[  357.271100][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  357.290803][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  357.327890][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  357.373997][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  357.427472][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.482522][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.499660][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.555876][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.600473][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.647989][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.697509][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  357.756043][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  357.816900][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_0
[  358.104318][ T6771] fuse: Unknown parameter 'group_id00000000000000000000'
[  358.150961][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  358.168996][ T4456] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  358.214362][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.246361][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.394739][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.455016][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.482147][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.511100][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.541792][ T6395] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  358.566413][ T6395] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  358.605193][ T6395] batman_adv: batadv0: Interface activated: batadv_slave_1
[  358.633106][ T6779] sd 0:0:1:0: device reset
[  358.819199][ T6779] loop0: detected capacity change from 0 to 32768
[  359.287891][ T6777] loop4: detected capacity change from 0 to 40427
[  359.326394][ T6779] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  359.393765][ T6777] F2FS-fs (loop4): invalid crc value
[  359.417190][ T4251] ocfs2: Unmounting device (7,0) on (node local)
[  359.466756][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  359.487820][ T6777] F2FS-fs (loop4): Found nat_bits in checkpoint
[  359.526229][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  359.551451][ T6777] F2FS-fs (loop4): Start checkpoint disabled!
[  359.607242][ T6395] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  359.634397][ T6777] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  359.852509][ T6776] block nbd4: shutting down sockets
[  359.877854][ T6395] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  359.886639][ T6395] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  359.896105][ T6395] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  360.220601][ T4379] kworker/u4:10: attempt to access beyond end of device
[  360.220601][ T4379] loop4: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  360.350979][ T6791] netlink: 48 bytes leftover after parsing attributes in process `syz.0.689'.
[  360.796625][ T6800] Cannot find del_set index 3 as target
[  363.337854][ T6809] netlink: 132 bytes leftover after parsing attributes in process `syz.1.693'.
[  363.444708][ T4456] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.474574][ T4456] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.515944][ T4453] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  363.572973][ T5067] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  363.626475][ T5067] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  363.725803][ T4417] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  364.185437][ T6828] sd 0:0:1:0: device reset
[  364.368888][ T6828] loop3: detected capacity change from 0 to 32768
[  364.479397][ T6828] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  364.616751][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  364.926265][ T6840] netlink: 48 bytes leftover after parsing attributes in process `syz.5.700'.
[  365.106748][ T5067] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.206757][ T6846] Cannot find del_set index 3 as target
[  365.546759][ T6854] loop5: detected capacity change from 0 to 512
[  367.575179][ T6854] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  367.598525][ T6854] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  367.684274][ T5067] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.753104][ T5067] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.787217][ T6395] EXT4-fs (loop5): unmounting filesystem.
[  368.888878][   T48] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  368.902281][   T48] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  368.911221][   T48] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  368.919437][   T48] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  368.927238][   T48] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  368.935006][   T48] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  369.049838][ T5067] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.146822][ T6878] x_tables: unsorted underflow at hook 1
[  369.159716][ T6878] loop3: detected capacity change from 0 to 256
[  369.174103][ T6878] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  369.530543][ T6883] sd 0:0:1:0: device reset
[  369.720668][ T6883] loop1: detected capacity change from 0 to 32768
[  369.861621][ T6883] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  369.882088][ T6890] netlink: 48 bytes leftover after parsing attributes in process `syz.3.712'.
[  370.032752][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  370.157310][ T6901] netlink: 4 bytes leftover after parsing attributes in process `syz.5.713'.
[  370.237031][ T6906] Cannot find del_set index 3 as target
[  371.017856][   T48] Bluetooth: hci2: command 0x0409 tx timeout
[  371.474371][ T6919] loop0: detected capacity change from 0 to 512
[  373.097916][   T48] Bluetooth: hci2: command 0x041b tx timeout
[  373.224413][ T6919] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  373.234422][ T6919] ext4 filesystem being mounted at /140/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  373.889872][ T6870] chnl_net:caif_netlink_parms(): no params data found
[  373.997850][ T6928] netlink: 132 bytes leftover after parsing attributes in process `syz.3.718'.
[  374.068269][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  374.570296][ T6870] bridge0: port 1(bridge_slave_0) entered blocking state
[  374.582506][ T6870] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.639039][ T6870] device bridge_slave_0 entered promiscuous mode
[  374.731596][ T6870] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.751167][ T6870] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.785411][ T6870] device bridge_slave_1 entered promiscuous mode
[  375.034589][ T6952] sd 0:0:1:0: device reset
[  375.225231][ T6952] loop1: detected capacity change from 0 to 32768
[  375.237914][   T48] Bluetooth: hci2: command 0x040f tx timeout
[  375.365686][ T6952] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  375.405973][ T6870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.455439][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  375.572651][ T6870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  376.492202][ T6963] netlink: 48 bytes leftover after parsing attributes in process `syz.1.725'.
[  376.810313][ T6870] team0: Port device team_slave_0 added
[  377.113964][ T6870] team0: Port device team_slave_1 added
[  377.165590][ T5067] device hsr_slave_0 left promiscuous mode
[  377.193606][ T5067] device hsr_slave_1 left promiscuous mode
[  377.238958][ T5067] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  377.257878][   T48] Bluetooth: hci2: command 0x0419 tx timeout
[  377.297517][ T5067] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.331759][ T5067] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  377.383874][ T5067] batman_adv: batadv0: Removing interface: batadv_slave_1
[  377.447928][ T5067] device bridge_slave_1 left promiscuous mode
[  377.454207][ T5067] bridge0: port 2(bridge_slave_1) entered disabled state
[  377.538764][ T5067] device bridge_slave_0 left promiscuous mode
[  377.545004][ T5067] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.661875][ T5067] device veth1_macvtap left promiscuous mode
[  377.677737][ T5067] device veth0_macvtap left promiscuous mode
[  377.696190][ T5067] device veth1_vlan left promiscuous mode
[  377.702235][ T5067] device veth0_vlan left promiscuous mode
[  378.540256][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.547047][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  378.917828][ T4745] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  378.987826][ T4267] Bluetooth: hci0: link tx timeout
[  378.993353][ T4267] Bluetooth: hci0: killing stalled connection 11:aa:aa:aa:aa:aa
[  379.129768][ T4745] usb 4-1: config 0 has an invalid interface number: 23 but max is 0
[  379.152740][ T4745] usb 4-1: config 0 has no interface number 0
[  379.180702][ T4745] usb 4-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  379.196594][ T4745] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.212024][ T4745] usb 4-1: Product: syz
[  379.222278][ T4745] usb 4-1: Manufacturer: syz
[  379.234822][ T4745] usb 4-1: SerialNumber: syz
[  379.245100][ T7003] sd 0:0:1:0: device reset
[  379.418834][ T7003] loop5: detected capacity change from 0 to 32768
[  379.456756][ T4745] usb 4-1: config 0 descriptor??
[  379.505800][ T7003] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  379.603343][ T6395] ocfs2: Unmounting device (7,5) on (node local)
[  379.615668][ T4745] ftdi_sio 4-1:0.23: FTDI USB Serial Device converter detected
[  379.627469][ T4745] usb 4-1: Detected SIO
[  379.651355][ T4745] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  380.372724][ T5067] team0 (unregistering): Port device team_slave_1 removed
[  381.017953][ T4267] Bluetooth: hci0: command 0x0406 tx timeout
[  381.427135][ T5067] team0 (unregistering): Port device team_slave_0 removed
[  381.575536][ T5067] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  381.758295][ T5067] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  382.886709][ T5067] bond0 (unregistering): Released all slaves
[  383.244608][ T4378] usb 4-1: USB disconnect, device number 2
[  383.306817][ T4378] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  383.316997][ T4378] ftdi_sio 4-1:0.23: device disconnected
[  385.172125][   T48] Bluetooth: hci4: link tx timeout
[  385.183086][   T48] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  385.324163][ T7044] sd 0:0:1:0: device reset
[  385.507450][ T7044] loop1: detected capacity change from 0 to 32768
[  385.546928][ T7044] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  385.705870][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  387.260647][   T48] Bluetooth: hci4: command 0x0406 tx timeout
[  387.913918][ T6870] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.924379][ T6870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.964900][ T6870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.995363][ T7029] netlink: 48 bytes leftover after parsing attributes in process `syz.0.739'.
[  388.027912][ T7036] netlink: 132 bytes leftover after parsing attributes in process `syz.3.741'.
[  388.053423][ T6870] batman_adv: batadv0: Adding interface: batadv_slave_1
[  388.082667][ T6870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  388.108641][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.185167][ T6870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  388.508275][ T6870] device hsr_slave_0 entered promiscuous mode
[  388.558272][ T6870] device hsr_slave_1 entered promiscuous mode
[  388.587124][ T6870] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  388.615716][ T6870] Cannot create hsr debugfs directory
[  389.266404][ T7080] sd 0:0:1:0: device reset
[  389.459380][ T7080] loop5: detected capacity change from 0 to 32768
[  389.630706][ T6870] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  389.651474][ T6870] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  389.669647][ T7080] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  389.685329][ T6870] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  389.700945][ T6870] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  389.744290][ T6395] ocfs2: Unmounting device (7,5) on (node local)
[  389.878324][ T6870] 8021q: adding VLAN 0 to HW filter on device bond0
[  389.932048][ T6870] 8021q: adding VLAN 0 to HW filter on device team0
[  389.968424][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  389.979232][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  390.009916][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  390.079881][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  390.098591][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.105821][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.154148][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  390.204124][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  390.246185][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.253421][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[  390.353178][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  390.376459][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  390.623958][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  390.673184][ T7083] loop0: detected capacity change from 0 to 32768
[  390.692713][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  390.731714][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  390.750212][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  390.767520][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  390.835794][ T7083] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  390.865605][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  390.885361][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  390.894437][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  390.903235][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  390.913211][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  390.924495][ T6870] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  391.009978][   T26] audit: type=1800 audit(1749107740.525:19): pid=7083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.755" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  391.419901][ T7083] syz.0.755 (7083) used greatest stack depth: 19688 bytes left
[  391.630441][ T4251] ocfs2: Unmounting device (7,0) on (node local)
[  391.907117][ T7126] Cannot find del_set index 3 as target
[  392.936610][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  393.008477][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  393.075912][ T6870] 8021q: adding VLAN 0 to HW filter on device batadv0
[  393.382460][ T7137] netlink: 132 bytes leftover after parsing attributes in process `syz.0.762'.
[  393.627278][ T7141] netlink: 48 bytes leftover after parsing attributes in process `syz.3.763'.
[  395.055635][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  395.083763][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  395.199222][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  395.261748][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  395.299950][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  395.348495][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  395.365033][ T6870] device veth0_vlan entered promiscuous mode
[  395.441658][ T6870] device veth1_vlan entered promiscuous mode
[  395.550893][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  395.570213][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  396.067042][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  396.091267][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  396.172345][ T6870] device veth0_macvtap entered promiscuous mode
[  396.216264][ T6870] device veth1_macvtap entered promiscuous mode
[  396.352102][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  396.451229][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.471730][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  396.492659][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  396.613451][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  396.720280][ T7188] Cannot find del_set index 3 as target
[  397.178994][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.561406][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  397.587688][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.613848][ T6870] batman_adv: batadv0: Interface activated: batadv_slave_0
[  397.644974][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  397.657341][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  397.690447][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.722718][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.747733][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.764754][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.796936][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.832206][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.853347][ T6870] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  397.883836][ T6870] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  397.914091][ T6870] batman_adv: batadv0: Interface activated: batadv_slave_1
[  397.927524][ T7196] Zero length message leads to an empty skb
[  397.945252][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  398.005005][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  398.058974][ T6870] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  398.091915][ T6870] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  398.129312][ T6870] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  398.168703][ T6870] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.407111][ T4379] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.435279][ T4379] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.477221][ T4716] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  398.494396][ T4716] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.571918][ T4716] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.682266][ T4301] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  400.211786][ T7234] syzkaller0: create flow: hash 2645555911 index 0
[  400.217287][ T7236] netlink: 132 bytes leftover after parsing attributes in process `syz.3.781'.
[  400.372257][   T14] syzkaller0: tun_net_xmit 76
[  400.383484][   T14] syzkaller0: tun_net_xmit 48
[  400.401624][ T4335] syzkaller0: tun_net_xmit 76
[  400.458908][   T14] syzkaller0: tun_net_xmit 76
[  401.022718][   T48] Bluetooth: hci2: command 0x0405 tx timeout
[  401.098332][ T7228] loop6: detected capacity change from 0 to 40427
[  401.204973][ T7228] F2FS-fs (loop6): Found nat_bits in checkpoint
[  401.375749][ T7228] F2FS-fs (loop6): Cannot turn on quotas: -2 on 2
[  401.436201][ T7228] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  401.676054][ T6870] syz-executor: attempt to access beyond end of device
[  401.676054][ T6870] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  402.964914][ T7267] ptrace attach of "./syz-executor exec"[6870] was attempted by "./syz-executor exec"[7267]
[  403.827857][    C0] syzkaller0 (unregistering): delete flow: hash 2645555911 index 0
[  405.476592][ T7285] loop0: detected capacity change from 0 to 40427
[  405.589623][ T7285] F2FS-fs (loop0): Found nat_bits in checkpoint
[  405.838737][ T7285] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  405.876039][ T7285] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  406.069251][ T4251] syz-executor: attempt to access beyond end of device
[  406.069251][ T4251] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  406.438792][ T4337] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  406.689294][ T7305] x_tables: unsorted underflow at hook 1
[  406.721532][ T4337] usb 7-1: config 1 has an invalid interface number: 128 but max is 1
[  406.738599][ T7305] loop0: detected capacity change from 0 to 256
[  406.778240][ T7305] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  407.496262][ T4337] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  407.506695][ T4337] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  407.515730][ T4337] usb 7-1: config 1 has no interface number 0
[  407.526183][ T4337] usb 7-1: config 1 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  407.537752][ T4337] usb 7-1: config 1 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.551329][ T4337] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  407.562134][ T4337] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.570280][ T4337] usb 7-1: Product: syz
[  407.577438][ T4337] usb 7-1: Manufacturer: syz
[  407.582273][ T4337] usb 7-1: SerialNumber: syz
[  407.669750][ T4337] cdc_wdm 7-1:1.128: skipping garbage
[  407.697106][ T4337] cdc_wdm 7-1:1.128: cdc-wdm0: USB WDM device
[  407.777454][ T4337] cdc_wdm 7-1:1.128: Unknown control protocol
[  407.874459][ T7312] mmap: syz.0.802 (7312) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  407.942855][ T7318] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  407.970724][ T7318] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  408.509615][ T4335] usb 7-1: USB disconnect, device number 2
[  410.313649][ T7336] loop0: detected capacity change from 0 to 40427
[  411.787687][ T7336] F2FS-fs (loop0): Found nat_bits in checkpoint
[  412.778097][ T7336] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  413.004752][ T7375] 9pnet_virtio: no channels available for device syz
[  413.167774][   T27] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  413.392687][   T27] usb 6-1: config 0 has an invalid interface number: 138 but max is 0
[  413.420200][   T27] usb 6-1: config 0 has no interface number 0
[  413.426358][   T27] usb 6-1: config 0 interface 138 altsetting 0 has an invalid endpoint with address 0x61, skipping
[  413.497510][   T27] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[  413.537025][   T27] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.604545][   T27] usb 6-1: config 0 descriptor??
[  413.685108][ T7386] x_tables: unsorted underflow at hook 1
[  413.718417][ T7386] loop1: detected capacity change from 0 to 256
[  413.746679][ T7386] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  414.704236][   T27] usb 6-1: string descriptor 0 read error: -71
[  414.719634][   T27] usbtest 6-1:0.138: Linux gadget zero
[  414.764018][   T27] usbtest 6-1:0.138: full-speed {control in/out iso-out} tests (+alt)
[  414.838090][   T27] usb 6-1: USB disconnect, device number 2
[  414.966803][ T7397] fuse: Bad value for 'fd'
[  417.142913][ T7429] x_tables: unsorted underflow at hook 1
[  417.192542][ T7429] loop1: detected capacity change from 0 to 256
[  417.225007][ T7429] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  418.349069][ T7433] 9pnet_virtio: no channels available for device syz
[  418.919149][ T7437] fuse: Invalid rootmode
[  419.263682][   T48] Bluetooth: hci4: link tx timeout
[  419.268986][   T48] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  421.243769][ T7485] x_tables: unsorted underflow at hook 1
[  421.293406][ T7485] loop0: detected capacity change from 0 to 256
[  421.328464][ T7485] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  422.190477][ T7489] fuse: Invalid rootmode
[  422.608803][ T7501] 9pnet_virtio: no channels available for device syz
[  422.632681][ T4267] Bluetooth: hci4: link tx timeout
[  422.638182][ T4267] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  424.287688][ T7515] trusted_key: encrypted_key: key user:syz not found
[  425.461983][ T7531] x_tables: unsorted underflow at hook 1
[  425.504392][ T7531] loop1: detected capacity change from 0 to 256
[  425.538359][ T7531] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  426.283054][ T7533] fuse: Invalid rootmode
[  426.571135][ T7541] sd 0:0:1:0: device reset
[  426.751985][ T7541] loop5: detected capacity change from 0 to 32768
[  426.840416][ T7541] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  426.906147][ T6395] ocfs2: Unmounting device (7,5) on (node local)
[  427.728346][ T7565] netlink: 48 bytes leftover after parsing attributes in process `syz.0.865'.
[  431.290621][ T7613] sd 0:0:1:0: device reset
[  431.483082][ T7613] loop6: detected capacity change from 0 to 32768
[  431.591756][ T7613] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  431.687288][ T6870] ocfs2: Unmounting device (7,6) on (node local)
[  431.763188][ T7624] x_tables: unsorted underflow at hook 1
[  431.811860][ T7624] loop0: detected capacity change from 0 to 256
[  431.817869][ T4267] Bluetooth: hci4: command 0x0406 tx timeout
[  431.858444][ T7624] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  435.240475][ T7671] fuse: Bad value for 'rootmode'
[  436.719590][ T7677] loop5: detected capacity change from 0 to 32768
[  436.859961][ T7684] x_tables: unsorted underflow at hook 1
[  436.901794][ T7684] loop3: detected capacity change from 0 to 256
[  437.303076][ T7684] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  438.165772][ T7677] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  438.642663][ T6395] ocfs2: Unmounting device (7,5) on (node local)
[  440.011612][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.019451][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  442.270075][   T48] Bluetooth: hci0: command 0x0406 tx timeout
[  443.664405][ T7734] x_tables: unsorted underflow at hook 1
[  443.713617][ T7734] loop6: detected capacity change from 0 to 256
[  443.756403][ T7734] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  445.450198][ T7743] loop5: detected capacity change from 0 to 32768
[  445.705425][ T7743] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  447.803009][ T7749] fuse: Bad value for 'rootmode'
[  447.984359][ T6395] ocfs2: Unmounting device (7,5) on (node local)
[  452.519389][ T7805] loop5: detected capacity change from 0 to 32768
[  452.898366][ T7805] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  453.340252][ T6395] ocfs2: Unmounting device (7,5) on (node local)
[  453.534155][ T7813] fuse: Bad value for 'rootmode'
[  457.943261][ T7843] 9pnet_virtio: no channels available for device syz
[  459.004811][ T7860] fuse: Unknown parameter 'use00000000000000000000'
[  465.031204][ T7906] fuse: Unknown parameter 'use00000000000000000000'
[  466.017895][ T7923] trusted_key: encrypted_key: key user:syz not found
[  471.569007][ T7947] loop3: detected capacity change from 0 to 32768
[  473.578758][ T7954] fuse: Unknown parameter 'use00000000000000000000'
[  473.592400][ T7947] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  474.537936][ T7967] trusted_key: encrypted_key: key user:syz not found
[  475.454636][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  478.418624][ T8009] fuse: Unknown parameter 'user_i00000000000000000000'
[  480.912685][ T8021] loop3: detected capacity change from 0 to 32768
[  481.092504][ T8021] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  481.613159][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  481.903527][ T8034] x_tables: unsorted underflow at hook 1
[  485.574987][ T8067] loop0: detected capacity change from 0 to 32768
[  485.619165][ T8065] 9pnet_virtio: no channels available for device syz
[  485.793905][ T8067] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  488.950618][ T4251] ocfs2: Unmounting device (7,0) on (node local)
[  489.787850][ T8088] x_tables: unsorted underflow at hook 1
[  489.897023][ T8086] loop0: detected capacity change from 0 to 256
[  490.006764][ T8086] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  491.882166][ T8115] 9pnet_virtio: no channels available for device syz
[  492.372602][ T8134] x_tables: unsorted underflow at hook 1
[  492.424738][ T8134] loop5: detected capacity change from 0 to 256
[  492.458104][ T8134] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  493.257933][   T48] Bluetooth: hci2: command 0x0406 tx timeout
[  497.088321][ T8185] x_tables: unsorted underflow at hook 1
[  497.132124][ T8185] loop0: detected capacity change from 0 to 256
[  497.186891][ T8185] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  502.020457][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  502.027281][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  509.875448][ T8329] fuse: Unknown parameter '0x0000000000000003'
[  509.944835][ T8330] 9pnet_virtio: no channels available for device syz
[  515.013735][ T8388] 9pnet_virtio: no channels available for device syz
[  515.113845][ T8391] fuse: Unknown parameter '0x0000000000000003'
[  517.106246][ T8431] 9pnet_virtio: no channels available for device syz
[  517.545674][ T8444] fuse: Unknown parameter '0x0000000000000003'
[  521.267613][ T8484] trusted_key: encrypted_key: key user:syz not found
[  522.566225][ T8505] fuse: Unknown parameter '0x0000000000000003'
[  526.675637][ T8569] fuse: Unknown parameter '0x0000000000000003'
[  529.288726][ T8602] sd 0:0:1:0: device reset
[  530.545336][ T8602] loop3: detected capacity change from 0 to 32768
[  530.762775][ T8602] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  531.202245][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  531.399868][ T8622] x_tables: unsorted underflow at hook 1
[  531.445359][ T8622] loop5: detected capacity change from 0 to 256
[  531.472559][ T8622] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  535.157656][   T14] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  535.368471][   T14] usb 6-1: Using ep0 maxpacket: 8
[  535.376828][   T14] usb 6-1: config 0 has no interfaces?
[  535.419319][   T14] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  535.473781][   T14] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  535.506958][   T14] usb 6-1: Product: syz
[  535.546728][   T14] usb 6-1: Manufacturer: syz
[  535.582709][   T14] usb 6-1: SerialNumber: syz
[  535.596243][   T14] usb 6-1: config 0 descriptor??
[  535.811850][   T14] usb 6-1: USB disconnect, device number 3
[  536.015079][ T8673] sd 0:0:1:0: device reset
[  537.043894][ T8673] loop1: detected capacity change from 0 to 32768
[  537.337856][ T8673] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  537.679042][ T8678] x_tables: unsorted underflow at hook 1
[  537.717679][ T8678] loop3: detected capacity change from 0 to 256
[  537.743400][ T8678] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  538.636058][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  541.144639][ T8721] sd 0:0:1:0: device reset
[  541.517637][ T4306] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  542.283699][ T8721] loop6: detected capacity change from 0 to 32768
[  542.476982][ T8721] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  542.959332][ T4306] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  543.038097][ T4306] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  543.103982][ T4306] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  543.148049][ T4306] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  543.200874][ T4306] usb 6-1: SerialNumber: syz
[  543.277087][ T6870] ocfs2: Unmounting device (7,6) on (node local)
[  543.437143][ T4306] usb 6-1: 0:2 : does not exist
[  543.686480][ T4306] usb 6-1: USB disconnect, device number 4
[  544.051627][ T8626] udevd[8626]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  546.257608][ T4299] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  546.469576][ T4299] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  546.505466][ T4299] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  546.524834][ T4299] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  546.536683][ T4299] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  546.576663][ T4299] usb 6-1: SerialNumber: syz
[  546.807187][ T4299] usb 6-1: 0:2 : does not exist
[  546.907919][ T4299] usb 6-1: USB disconnect, device number 5
[  547.048344][ T8782] binder: 8781:8782 ioctl c0306201 0 returned -14
[  547.090707][ T8782] binder: 8781:8782 ioctl c020aa00 200000000240 returned -22
[  547.177962][ T8789] sd 0:0:1:0: device reset
[  547.237512][ T8216] udevd[8216]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  548.318252][ T8789] loop3: detected capacity change from 0 to 32768
[  548.498443][ T8788] binder: 8781:8788 ioctl 7af 200000000dc0 returned -22
[  548.528612][ T8789] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  548.910669][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  551.905003][ T8881] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1173'.
[  552.060730][ T8885] netdevsim netdevsim3: Direct firmware load for  failed with error -2
[  552.096870][ T8885] netdevsim netdevsim3: Falling back to sysfs fallback for: 
[  552.307612][ T8068] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  552.511944][ T8068] usb 6-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config
[  552.542429][ T8068] usb 6-1: config 220 has 1 interface, different from the descriptor's value: 3
[  552.595138][ T8068] usb 6-1: config 220 interface 0 has no altsetting 0
[  552.641573][ T8068] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  552.692814][ T8068] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  552.745120][ T8068] usb 6-1: Product: syz
[  552.772669][ T8068] usb 6-1: Manufacturer: syz
[  552.794933][ T8068] usb 6-1: SerialNumber: syz
[  553.093398][ T8068] usb 6-1: Found UVC 0.00 device syz (8086:0b07)
[  553.130510][ T8068] usb 6-1: No valid video chain found.
[  553.186262][ T8068] usb 6-1: USB disconnect, device number 6
[  555.027602][ T6198] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  555.239188][ T6198] usb 2-1: config 0 has an invalid interface number: 138 but max is 0
[  555.268351][ T6198] usb 2-1: config 0 has no interface number 0
[  555.323981][ T6198] usb 2-1: config 0 interface 138 altsetting 0 has an invalid endpoint with address 0x61, skipping
[  555.373748][ T6198] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[  555.411162][ T6198] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  555.445073][ T6198] usb 2-1: config 0 descriptor??
[  555.663079][ T6198] usb 2-1: string descriptor 0 read error: -71
[  555.689016][ T6198] usbtest 2-1:0.138: Linux gadget zero
[  555.723250][ T6198] usbtest 2-1:0.138: full-speed {control in/out iso-out} tests (+alt)
[  555.809272][ T6198] usb 2-1: USB disconnect, device number 2
[  557.027744][ T8964] netlink: 52 bytes leftover after parsing attributes in process `syz.6.1187'.
[  557.163609][ T8964] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.172652][ T8964] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.525250][ T9001] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1197'.
[  559.557113][ T9001] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  559.576364][ T9001] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  559.606441][ T9001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  559.626184][ T9001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  559.649180][ T6198] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  559.843525][ T6198] usb 6-1: Using ep0 maxpacket: 8
[  559.932703][ T6198] usb 6-1: config 0 has no interfaces?
[  559.938314][ T6198] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  559.969187][ T6198] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.034825][ T6198] usb 6-1: config 0 descriptor??
[  562.862314][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  562.868725][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  563.175367][ T8068] usb 6-1: USB disconnect, device number 7
[  563.802098][ T9063] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20004
[  567.227737][  T126] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  567.642279][  T126] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  567.681216][  T126] usb 4-1: config 0 interface 0 has no altsetting 0
[  567.838375][  T126] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  567.853594][  T126] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  569.341274][  T126] usb 4-1: Product: syz
[  569.375148][  T126] usb 4-1: Manufacturer: syz
[  569.432427][  T126] usb 4-1: SerialNumber: syz
[  569.468552][  T126] usb 4-1: config 0 descriptor??
[  569.571539][  T126] usb 4-1: selecting invalid altsetting 0
[  570.347685][ T9161] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1238'.
[  570.433048][ T9166] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  570.440150][ T9166] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  570.502670][ T9173] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(13)
[  570.509336][ T9173] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  570.605130][ T9166] vhci_hcd vhci_hcd.0: Device attached
[  570.637383][ T9173] vhci_hcd vhci_hcd.0: Device attached
[  570.746866][ T9179] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(12)
[  570.753537][ T9179] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  570.861110][ T9166] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  570.867818][  T126] usb 43-2: new low-speed USB device number 2 using vhci_hcd
[  570.898472][ T9179] vhci_hcd vhci_hcd.0: Device attached
[  570.957281][ T9166] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(20)
[  570.963945][ T9166] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  570.972618][ T9166] vhci_hcd vhci_hcd.0: Device attached
[  571.003297][ T9166] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(22)
[  571.010043][ T9166] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  571.024644][ T9166] vhci_hcd vhci_hcd.0: Device attached
[  571.038814][ T9173] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  571.058615][ T9173] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  571.069224][ T9166] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  571.198694][ T9166] vhci_hcd vhci_hcd.0: port 0 already used
[  571.241562][ T9185] vhci_hcd: connection closed
[  571.244872][ T4716] vhci_hcd: stop threads
[  571.254705][ T9183] vhci_hcd: connection closed
[  571.255211][ T9180] vhci_hcd: connection closed
[  571.268306][ T9174] vhci_hcd: connection reset by peer
[  571.283519][ T9170] vhci_hcd: connection closed
[  571.289047][ T4716] vhci_hcd: release socket
[  571.326994][ T4716] vhci_hcd: disconnect device
[  571.332985][ T4716] vhci_hcd: stop threads
[  571.337253][ T4716] vhci_hcd: release socket
[  571.394640][ T8068] usb 4-1: USB disconnect, device number 3
[  571.406652][ T4716] vhci_hcd: disconnect device
[  571.457827][ T4716] vhci_hcd: stop threads
[  571.462132][ T4716] vhci_hcd: release socket
[  571.492601][ T4716] vhci_hcd: disconnect device
[  571.502758][ T4716] vhci_hcd: stop threads
[  571.507156][ T4716] vhci_hcd: release socket
[  571.522888][ T4716] vhci_hcd: disconnect device
[  571.530158][ T4716] vhci_hcd: stop threads
[  571.534559][ T4716] vhci_hcd: release socket
[  571.540801][ T4716] vhci_hcd: disconnect device
[  574.321944][ T9213] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  574.339653][ T8068] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  574.537744][ T8068] usb 2-1: Using ep0 maxpacket: 8
[  574.545707][ T8068] usb 2-1: config 0 has no interfaces?
[  574.591931][ T8068] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  574.638887][ T8068] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  574.695178][ T8068] usb 2-1: Product: syz
[  574.730848][ T8068] usb 2-1: Manufacturer: syz
[  574.757645][ T8068] usb 2-1: SerialNumber: syz
[  574.794093][ T8068] usb 2-1: config 0 descriptor??
[  575.036171][ T6198] usb 2-1: USB disconnect, device number 3
[  576.057808][  T126] vhci_hcd: vhci_device speed not set
[  576.077811][ T6198] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  576.267744][ T6198] usb 2-1: Using ep0 maxpacket: 8
[  576.274677][ T6198] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  578.220823][ T6198] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  578.334320][ T6198] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  578.405199][ T6198] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  578.435611][ T6198] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  578.483332][ T6198] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  578.534259][ T6198] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.840917][ T6198] usb 2-1: usb_control_msg returned -71
[  578.846598][ T6198] usbtmc 2-1:16.0: can't read capabilities
[  578.981464][ T6198] usb 2-1: USB disconnect, device number 4
[  579.198448][ T4354] usb usb44-port1: attempt power cycle
[  579.838665][ T4354] usb usb44-port1: unable to enumerate USB device
[  581.988036][   T14] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  582.199498][   T14] usb 1-1: config 0 has an invalid interface number: 23 but max is 0
[  582.237574][   T14] usb 1-1: config 0 has no interface number 0
[  582.339200][   T14] usb 1-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice= 1.7b
[  582.367655][   T14] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.404913][   T14] usb 1-1: Product: syz
[  582.433540][   T14] usb 1-1: Manufacturer: syz
[  582.463633][   T14] usb 1-1: SerialNumber: syz
[  582.503678][   T14] usb 1-1: config 0 descriptor??
[  582.535524][   T14] ftdi_sio 1-1:0.23: FTDI USB Serial Device converter detected
[  582.575489][   T14] usb 1-1: Detected SIO
[  582.591841][   T14] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  582.772043][   T14] usb 1-1: USB disconnect, device number 2
[  582.823035][   T14] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  582.912631][   T14] ftdi_sio 1-1:0.23: device disconnected
[  582.938819][ T9326] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1268'.
[  583.063685][ T9329] x_tables: unsorted underflow at hook 1
[  583.098080][ T9329] loop3: detected capacity change from 0 to 256
[  583.124297][ T9329] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  586.217684][ T8068] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  586.437862][ T8068] usb 4-1: Using ep0 maxpacket: 8
[  586.446935][ T8068] usb 4-1: config 0 has no interfaces?
[  586.475924][ T8068] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  586.555984][ T8068] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  586.618615][ T8068] usb 4-1: Product: syz
[  586.622845][ T8068] usb 4-1: Manufacturer: syz
[  586.677710][ T8068] usb 4-1: SerialNumber: syz
[  586.709124][ T8068] usb 4-1: config 0 descriptor??
[  586.924741][ T4354] usb 4-1: USB disconnect, device number 4
[  587.261523][ T9407] x_tables: unsorted underflow at hook 1
[  587.292989][ T9407] loop1: detected capacity change from 0 to 256
[  587.443826][ T9407] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  588.837665][  T129] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  589.029321][  T129] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  589.056911][  T129] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  589.156653][  T129] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  589.247371][  T129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  589.257430][  T129] usb 2-1: SerialNumber: syz
[  589.496970][  T129] usb 2-1: 0:2 : does not exist
[  589.587944][  T129] usb 2-1: USB disconnect, device number 5
[  589.885135][ T8216] udevd[8216]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  589.937816][ T6198] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  590.234178][ T6198] usb 4-1: config 0 has no interfaces?
[  590.415185][ T6198] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  590.512181][ T6198] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.620156][ T6198] usb 4-1: Product: syz
[  590.653451][ T6198] usb 4-1: Manufacturer: syz
[  590.707114][ T6198] usb 4-1: SerialNumber: syz
[  590.759138][ T6198] usb 4-1: config 0 descriptor??
[  591.389877][ T9455] x_tables: unsorted underflow at hook 1
[  591.426849][ T9455] loop1: detected capacity change from 0 to 256
[  592.766477][ T9455] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  593.535630][ T9461] sd 0:0:1:0: device reset
[  594.577280][ T9461] loop6: detected capacity change from 0 to 32768
[  594.872286][ T9461] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  595.345610][ T6870] ocfs2: Unmounting device (7,6) on (node local)
[  596.398936][ T4356] usb 4-1: USB disconnect, device number 5
[  596.810371][ T9496] loop6: detected capacity change from 0 to 128
[  596.849901][ T9496] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  596.882065][ T9496] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  597.466323][ T9505] sd 0:0:1:0: device reset
[  598.530272][ T9505] loop6: detected capacity change from 0 to 32768
[  598.810830][ T9505] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  599.263992][ T6870] ocfs2: Unmounting device (7,6) on (node local)
[  601.732851][ T9546] loop0: detected capacity change from 0 to 1024
[  601.797154][ T9546] EXT4-fs: Ignoring removed nobh option
[  601.838805][ T9546] EXT4-fs: Ignoring removed bh option
[  601.876237][ T9546] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  602.013691][ T9546] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.1317: bad orphan inode 32767
[  602.044911][ T9546] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  602.377844][   T48] Bluetooth: hci2: command 0x0405 tx timeout
[  602.630751][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  602.967094][ T9560] sd 0:0:1:0: device reset
[  603.497826][ T9568] trusted_key: encrypted_key: key user:syz not found
[  606.236450][   T14] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  606.251657][  T126] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  606.450583][  T126] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  606.465162][   T14] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  606.509392][  T126] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  606.520553][   T14] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.564839][   T14] usb 6-1: Product: syz
[  606.576238][  T126] usb 1-1: config 0 descriptor??
[  606.586381][   T14] usb 6-1: Manufacturer: syz
[  606.604850][   T14] usb 6-1: SerialNumber: syz
[  606.611413][  T126] cp210x 1-1:0.0: cp210x converter detected
[  606.669369][   T14] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  606.801091][   T14] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  607.027997][  T126] usb 1-1: cp210x converter now attached to ttyUSB0
[  607.231971][ T4354] usb 1-1: USB disconnect, device number 3
[  607.265711][ T4354] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  607.372206][ T4354] cp210x 1-1:0.0: device disconnected
[  607.399686][  T126] usb 6-1: USB disconnect, device number 8
[  607.601337][ T9604] loop1: detected capacity change from 0 to 1024
[  607.783036][ T9604] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  607.897763][   T14] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  607.905782][   T14] ath9k_htc: Failed to initialize the device
[  608.013095][  T126] usb 6-1: ath9k_htc: USB layer deinitialized
[  608.274187][ T4261] EXT4-fs (loop1): unmounting filesystem.
[  608.371241][ T9617] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1335'.
[  611.043705][ T9631] sd 0:0:1:0: device reset
[  612.003485][ T9631] loop3: detected capacity change from 0 to 32768
[  612.544846][ T9631] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  612.925614][ T4253] ocfs2: Unmounting device (7,3) on (node local)
[  615.790622][ T9671] loop0: detected capacity change from 0 to 512
[  615.856352][ T9671] EXT4-fs: Ignoring removed mblk_io_submit option
[  615.940637][ T9671] EXT4-fs error (device loop0): ext4_get_branch:178: inode #13: block 2: comm syz.0.1351: invalid block
[  615.964887][ T9671] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1351: invalid indirect mapped block 10 (level 1)
[  615.987648][ T9671] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1351: invalid indirect mapped block 8 (level 1)
[  616.057920][ T9671] EXT4-fs (loop0): 1 truncate cleaned up
[  616.063673][ T9671] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  616.676511][ T4251] EXT4-fs (loop0): unmounting filesystem.
[  617.207416][ T9689] sd 0:0:1:0: device reset
[  618.151529][ T9689] loop1: detected capacity change from 0 to 32768
[  618.700601][ T9689] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  619.094848][ T4261] ocfs2: Unmounting device (7,1) on (node local)
[  619.531641][ T9715] loop6: detected capacity change from 0 to 2048
[  619.658800][ T9715] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  620.594700][ T9726] loop6: detected capacity change from 0 to 16
[  620.635589][ T9726] erofs: (device loop6): mounted with root inode @ nid 36.
[  620.808731][ T4354] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  620.968848][ T9737] loop6: detected capacity change from 0 to 256
[  621.007515][ T4354] usb 2-1: Using ep0 maxpacket: 32
[  621.015426][ T4354] usb 2-1: config 0 has an invalid interface number: 166 but max is 0
[  621.047965][ T4354] usb 2-1: config 0 has no interface number 0
[  621.054315][ T4354] usb 2-1: config 0 interface 166 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[  621.074034][ T4354] usb 2-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=3f.5a
[  621.115602][ T9737] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  621.141769][ T4354] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.183900][ T4354] usb 2-1: Product: syz
[  621.197715][ T4354] usb 2-1: Manufacturer: syz
[  621.202705][ T4354] usb 2-1: SerialNumber: syz
[  621.216563][ T4354] usb 2-1: config 0 descriptor??
[  621.225028][ T9724] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  622.073142][ T4354] net1080: probe of 2-1:0.166 failed with error -71
[  622.134274][ T4354] usb 2-1: USB disconnect, device number 6
[  623.704728][ T9770] 
[  623.707188][ T9770] ======================================================
[  623.714212][ T9770] WARNING: possible circular locking dependency detected
[  623.721251][ T9770] 6.1.141-syzkaller #0 Not tainted
[  623.726381][ T9770] ------------------------------------------------------
[  623.733422][ T9770] syz.3.1378/9770 is trying to acquire lock:
[  623.739419][ T9770] ffff88807c01f1d8 (&mm->mmap_lock){++++}-{3:3}, at: mmap_read_lock_killable+0x1d/0x60
[  623.749122][ T9770] 
[  623.749122][ T9770] but task is already holding lock:
[  623.756494][ T9770] ffff88805412b510 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0
[  623.767414][ T9770] 
[  623.767414][ T9770] which lock already depends on the new lock.
[  623.767414][ T9770] 
[  623.777817][ T9770] 
[  623.777817][ T9770] the existing dependency chain (in reverse order) is:
[  623.786827][ T9770] 
[  623.786827][ T9770] -> #1 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}:
[  623.795533][ T9770]        down_write+0x36/0x60
[  623.800229][ T9770]        process_measurement+0x33c/0x1a10
[  623.805961][ T9770]        ima_file_mmap+0x104/0x150
[  623.811074][ T9770]        __se_sys_remap_file_pages+0x53e/0x770
[  623.817352][ T9770]        do_syscall_64+0x4c/0xa0
[  623.822339][ T9770]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  623.828771][ T9770] 
[  623.828771][ T9770] -> #0 (&mm->mmap_lock){++++}-{3:3}:
[  623.836353][ T9770]        __lock_acquire+0x2cf8/0x7c50
[  623.841736][ T9770]        lock_acquire+0x1b4/0x490
[  623.846770][ T9770]        down_read_killable+0x4c/0x340
[  623.852237][ T9770]        mmap_read_lock_killable+0x1d/0x60
[  623.858065][ T9770]        lock_mm_and_find_vma+0x2b1/0x2f0
[  623.863793][ T9770]        do_user_addr_fault+0x2db/0xb10
[  623.869346][ T9770]        exc_page_fault+0x60/0x100
[  623.874460][ T9770]        asm_exc_page_fault+0x22/0x30
[  623.879841][ T9770]        fault_in_readable+0x13e/0x1f0
[  623.885315][ T9770]        fault_in_iov_iter_readable+0xbb/0x2e0
[  623.891483][ T9770]        generic_perform_write+0x1d2/0x560
[  623.897304][ T9770]        __generic_file_write_iter+0x172/0x430
[  623.903498][ T9770]        generic_file_write_iter+0xab/0x2e0
[  623.909406][ T9770]        vfs_write+0x44c/0x960
[  623.914175][ T9770]        ksys_write+0x143/0x240
[  623.919044][ T9770]        do_syscall_64+0x4c/0xa0
[  623.924005][ T9770]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  623.930449][ T9770] 
[  623.930449][ T9770] other info that might help us debug this:
[  623.930449][ T9770] 
[  623.940680][ T9770]  Possible unsafe locking scenario:
[  623.940680][ T9770] 
[  623.948133][ T9770]        CPU0                    CPU1
[  623.953515][ T9770]        ----                    ----
[  623.958896][ T9770]   lock(&sb->s_type->i_mutex_key#12);
[  623.964375][ T9770]                                lock(&mm->mmap_lock);
[  623.971230][ T9770]                                lock(&sb->s_type->i_mutex_key#12);
[  623.979234][ T9770]   lock(&mm->mmap_lock);
[  623.983575][ T9770] 
[  623.983575][ T9770]  *** DEADLOCK ***
[  623.983575][ T9770] 
[  623.991716][ T9770] 3 locks held by syz.3.1378/9770:
[  623.996910][ T9770]  #0: ffff88807cc4e5e8 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0x2ae/0x360
[  624.006158][ T9770]  #1: ffff888075390460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x256/0x960
[  624.015055][ T9770]  #2: ffff88805412b510 (&sb->s_type->i_mutex_key#12){+.+.}-{3:3}, at: generic_file_write_iter+0x7f/0x2e0
[  624.026417][ T9770] 
[  624.026417][ T9770] stack backtrace:
[  624.032320][ T9770] CPU: 1 PID: 9770 Comm: syz.3.1378 Not tainted 6.1.141-syzkaller #0
[  624.040387][ T9770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  624.050458][ T9770] Call Trace:
[  624.053750][ T9770]  <TASK>
[  624.056685][ T9770]  dump_stack_lvl+0x168/0x22e
[  624.061382][ T9770]  ? load_image+0x3b0/0x3b0
[  624.065890][ T9770]  ? show_regs_print_info+0x12/0x12
[  624.071101][ T9770]  ? print_circular_bug+0x12b/0x1a0
[  624.076314][ T9770]  check_noncircular+0x274/0x310
[  624.081270][ T9770]  ? add_chain_block+0x940/0x940
[  624.086220][ T9770]  ? lockdep_lock+0xdc/0x1e0
[  624.090831][ T9770]  ? _find_first_zero_bit+0xcf/0x100
[  624.096121][ T9770]  __lock_acquire+0x2cf8/0x7c50
[  624.100994][ T9770]  ? verify_lock_unused+0x140/0x140
[  624.106218][ T9770]  ? verify_lock_unused+0x140/0x140
[  624.111442][ T9770]  ? preempt_schedule+0xa7/0xb0
[  624.116296][ T9770]  ? verify_lock_unused+0x140/0x140
[  624.121501][ T9770]  ? preempt_schedule_common+0xa5/0xd0
[  624.126970][ T9770]  lock_acquire+0x1b4/0x490
[  624.131483][ T9770]  ? mmap_read_lock_killable+0x1d/0x60
[  624.136954][ T9770]  ? read_lock_is_recursive+0x10/0x10
[  624.142335][ T9770]  ? cmp_ex_search+0x1a/0x70
[  624.146937][ T9770]  ? bsearch+0x8a/0xb0
[  624.151013][ T9770]  ? fault_in_readable+0x13e/0x1f0
[  624.156139][ T9770]  ? search_extable+0x8c/0xd0
[  624.160826][ T9770]  ? trim_init_extable+0x3b0/0x3b0
[  624.165952][ T9770]  ? mmap_read_lock_killable+0x1d/0x60
[  624.171421][ T9770]  down_read_killable+0x4c/0x340
[  624.176375][ T9770]  ? mmap_read_lock_killable+0x1d/0x60
[  624.181845][ T9770]  mmap_read_lock_killable+0x1d/0x60
[  624.187140][ T9770]  lock_mm_and_find_vma+0x2b1/0x2f0
[  624.192486][ T9770]  do_user_addr_fault+0x2db/0xb10
[  624.197528][ T9770]  ? _raw_spin_unlock_irq+0x1f/0x40
[  624.202749][ T9770]  exc_page_fault+0x60/0x100
[  624.207477][ T9770]  asm_exc_page_fault+0x22/0x30
[  624.212335][ T9770] RIP: 0010:fault_in_readable+0x13e/0x1f0
[  624.218069][ T9770] Code: 78 8e c3 ff 4d 89 f4 49 81 cc ff 0f 00 00 4d 89 f7 49 01 dc 49 81 e4 00 f0 ff ff 4d 39 e6 77 44 e8 57 8e c3 ff 4d 39 e7 74 47 <41> 8a 07 88 44 24 07 49 81 c7 00 10 00 00 4d 39 e7 74 07 e8 3a 8e
[  624.237694][ T9770] RSP: 0018:ffffc90013bcfa90 EFLAGS: 00050287
[  624.243768][ T9770] RAX: ffffffff81bd4819 RBX: 0000000000001000 RCX: 0000000000080000
[  624.251747][ T9770] RDX: ffffc9000c9e9000 RSI: 0000000000032182 RDI: 0000000000032183
[  624.259723][ T9770] RBP: 0000000000000000 R08: ffff88802cb23b80 R09: 0000000000000002
[  624.267712][ T9770] R10: 0000000000000006 R11: 0000000000000002 R12: 00002000001c3000
[  624.275698][ T9770] R13: dffffc0000000000 R14: 00002000001c1100 R15: 00002000001c2000
[  624.283699][ T9770]  ? fault_in_readable+0x139/0x1f0
[  624.288842][ T9770]  fault_in_iov_iter_readable+0xbb/0x2e0
[  624.294496][ T9770]  generic_perform_write+0x1d2/0x560
[  624.299807][ T9770]  ? generic_file_direct_write+0x660/0x660
[  624.305657][ T9770]  ? __file_remove_privs+0x5b0/0x5b0
[  624.311061][ T9770]  ? preempt_count_add+0x8d/0x190
[  624.316112][ T9770]  ? rwsem_write_trylock+0x12f/0x1b0
[  624.321419][ T9770]  ? clear_nonspinnable+0x60/0x60
[  624.326456][ T9770]  ? generic_write_checks_count+0x3d9/0x4c0
[  624.332374][ T9770]  __generic_file_write_iter+0x172/0x430
[  624.338029][ T9770]  generic_file_write_iter+0xab/0x2e0
[  624.343415][ T9770]  vfs_write+0x44c/0x960
[  624.347666][ T9770]  ? file_end_write+0x250/0x250
[  624.352548][ T9770]  ? __fget_files+0x44a/0x4d0
[  624.357262][ T9770]  ? __fdget_pos+0x2ae/0x360
[  624.361878][ T9770]  ? ksys_write+0x71/0x240
[  624.366299][ T9770]  ksys_write+0x143/0x240
[  624.370642][ T9770]  ? __ia32_sys_read+0x80/0x80
[  624.375412][ T9770]  ? lockdep_hardirqs_on+0x94/0x140
[  624.380619][ T9770]  do_syscall_64+0x4c/0xa0
[  624.385067][ T9770]  ? clear_bhb_loop+0x60/0xb0
[  624.389748][ T9770]  ? clear_bhb_loop+0x60/0xb0
[  624.394433][ T9770]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  624.400342][ T9770] RIP: 0033:0x7f1481d8e929
[  624.404773][ T9770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  624.424395][ T9770] RSP: 002b:00007f1482b41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  624.432816][ T9770] RAX: ffffffffffffffda RBX: 00007f1481fb5fa0 RCX: 00007f1481d8e929
[  624.440795][ T9770] RDX: 000000000208e24b RSI: 0000200000000100 RDI: 0000000000000005
[  624.448778][ T9770] RBP: 00007f1481e10b39 R08: 0000000000000000 R09: 0000000000000000
[  624.456752][ T9770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  624.464725][ T9770] R13: 0000000000000000 R14: 00007f1481fb5fa0 R15: 00007ffda9912678
[  624.472710][ T9770]  </TASK>
[  624.476990][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  624.483357][ T1278] ieee802154 phy1 wpan1: encryption failed: -22