last executing test programs:

5m55.043892239s ago: executing program 2 (id=3374):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, 0x0, 0x0, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/diskstats\x00', 0x0, 0x0)
pread64(r3, &(0x7f0000000180)=""/73, 0x49, 0xac8c)

5m54.108488578s ago: executing program 2 (id=3377):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b702000002000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b44"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))
socket$packet(0x11, 0x3, 0x300)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$kcm(0x2, 0x3, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket(0x28, 0x1, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
socket$rds(0x15, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r2, @ANYRESOCT=r1], 0x20)

5m53.876249729s ago: executing program 2 (id=3378):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)={0x1b, 0x0, 0x0, 0x4, 0x0, 0x1, 0x80000001, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x2}, 0x50)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0xf, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff8}, @map_idx_val={0x18, 0x4}, @printk={@x}, @exit]}, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, r1, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, &(0x7f00000006c0)={0x5, 0xc, 0x7, 0x43e64c37}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

5m52.760548716s ago: executing program 2 (id=3382):
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, &(0x7f0000000580)=0x7fff, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r0=>0x0})
bind$can_raw(0xffffffffffffffff, &(0x7f0000000040)={0x1d, r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20081e, &(0x7f00000001c0)={[{@grpquota}, {@jqfmt_vfsv1}, {@minixdf}]}, 0x1, 0x518, &(0x7f0000000ac0)="$eJzs3c9vI1cdAPCvZ+PEyaZNWnoARNulLSxotU7ibaOqBygnhFAlRI9FSkPiRFHsOIqd0oQ9pGeuSFTiBEf+AM49IXHkguDGpRyQ+BGBGiQORjOeZL1Zu4k2iR3Fn480mvfmeef7fZud99YviV8AI+tORBxExHhEvB8RM/n1Qn7E250jfd1nhw9Xjg4frhSi3X73n4WsPb0WXX8mdTu/ZykifvjdiB8Xnozb3NvfXK7Vqjt5fa5V355r7u3f36gvr1fXq1uVyuLC4vybD96oXFpfX66P56UXP/3DwTd/mqY1nV/p7sdl6nS9eBInNRYR37+KYENwK+/P+LAT4akkEfF8RLySPf8zcSv7agIAN1m7PRPtme46AHDTJdkaWCEp52sB05Ek5XJnDe+FmEpqjWbr3lpjd2u1s1Y2G8VkbaNWnc/XCmejWEjrC1n5Ub1yqv4gIp6LiJ9PTGb18kqjtjrM//gAwAi7fWr+/89EZ/4/04tLA8gOALgypWEnAAAMnPkfAEaP+R8ARo/5HwBGT2f+nxx2GgDAAHn/DwCjx/wPACPlB++8kx7to/zzr1c/2NvdbHxwf7Xa3CzXd1fKK42d7fJ6o7GefWZP/az71RqN7YXXY/fD2W9tN1tzzb39pXpjd6u1lH2u91K1mL3qYAA9AwD6ee7lT/5cSGfktyazI7r2cigONTPgqiXDTgAYmlvDTgAYGrt9wei6wHt8ywNwQ/TYovcxpV6/INRut9tXlxJwxe5+yfo/jKqu9X8/BQwjxvo/jC7r/zC62u3Ceff8j/O+EAC43qzxA32+//98fv5N/s2BH62efsXHV5kVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXG/H+/+W873ApyNJyuWIZyJiNoqFtY1adT4ino2IP00UJ9L6wpBzBgAuKvlbId//6+7Ma9OPNb10+6Q4HhE/+eW7v/hwudXa+WPEeOFfE8fXWx/n1yuDzx4AONvxPJ2du97If3b4cOX4GGQ+f/9ORJQ68Y8Ox+PoJP5YjGXnUhQjYurfhbzeUehau7iIg48i4ou9+l+I6WwNpLPz6en4aexnBho/eSx+krV1zunfxRcuIRcYNZ+k48/bvZ6/JO5k597PfykboS4uH//SW60cZWPgo/jH49+tPuPfnfPGeP133+uUJp9s+yjiy2MRx7GPusaf4/iFPvFfO2f8v3zlpVf6tbV/FXE3esfvjjXXqm/PNff272/Ul9er69WtSmVxYXH+zQdvVObWNn5fnZ/rPxv84617z/ZrS/s/1Sd+6Yz+f+2c/f/1/95/76s9ro/l8b/xaq/4SbzwOfHTOfHr54y/PPXbUr+2NP5qn/6f9fW/d874n/51/4ltwwGA4Wnu7W8u12rVnYsX3stvmV2J5BLv/LSFUgwzusLlF9J/X9cgjZ6Fbw8q1nj0bvrZq50H8FRTu/1UsfqNGJex6gZcBycPfUT8d9jJAAAAAAAAAAAAAAAAPQ3iN5aG3UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABurv8HAAD//5B9y08=")
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
write$uinput_user_dev(r1, &(0x7f0000000640)={'syz0\x00', {0x3, 0x6, 0x5}, 0x49, [0x3, 0x0, 0x4, 0x1, 0x1, 0x5, 0xf3, 0x0, 0x20000008, 0x11, 0x7, 0x3, 0xfffffffe, 0x101, 0x400, 0x3, 0x4, 0x3, 0xa, 0x4, 0x79, 0xfffffffe, 0x8, 0x100, 0x8000, 0xfff, 0x402, 0x0, 0x3, 0x404, 0x9, 0x40003, 0x10, 0xffffffff, 0x4, 0x0, 0x1, 0x7, 0x0, 0x0, 0x1192, 0x8, 0x5, 0x8, 0x7, 0x2, 0x10001, 0x3, 0x2b2, 0x4, 0xfbf, 0x1, 0x6, 0x6, 0xedbe, 0x4, 0x2, 0x8, 0xa3, 0xfffffff8, 0x6, 0x80, 0x2, 0x81], [0x1, 0x80000001, 0x563, 0x2, 0x0, 0x0, 0x4, 0x854f000, 0x2, 0x93, 0xfffffff6, 0xd2, 0x8b, 0x8ab, 0x3, 0x2a6d2895, 0x5, 0x13, 0x100, 0x1, 0x6, 0x200, 0x5, 0x7, 0x4a63, 0x1, 0x9, 0x8, 0x1000, 0x9, 0x4, 0xf, 0x7, 0x401, 0x7, 0x8, 0x8000, 0xff, 0x4, 0x7ff, 0x8001, 0xdfd3, 0xc1f40800, 0x9, 0x1, 0x2, 0x6, 0x0, 0x9, 0xfff, 0x0, 0x0, 0xfffff2a1, 0x9, 0x3cb, 0x5bda, 0x4, 0xde7e, 0x7, 0x7, 0x5, 0x4000524, 0x8001, 0x1], [0x6, 0x4, 0x7, 0xe000, 0x7, 0x3, 0x124, 0xc, 0x1, 0x2, 0x6, 0xfffffff8, 0xd, 0x300000, 0x80000001, 0x4, 0x8008, 0x4, 0xd, 0x9, 0x8001, 0x9, 0x7, 0x4, 0x7, 0x1, 0x6, 0x2, 0x410, 0x20400, 0xff, 0x166, 0x7, 0xc8f, 0x3, 0x8, 0x3, 0x1, 0x1000, 0x80, 0x9, 0x8, 0x1000, 0x9, 0x6, 0xfeb, 0x5, 0x808, 0x3ff, 0x3a, 0xa18858f, 0x9, 0x1, 0x9, 0x0, 0x7, 0x4, 0x10, 0x4, 0x3, 0x3, 0x40, 0x5ff, 0x3a], [0xaeaf, 0x6, 0x1, 0x1007ff, 0x3ff, 0x800, 0x40, 0x6, 0x1, 0x5, 0x2, 0xfffffffe, 0x8a4, 0x5, 0xdd, 0xb5, 0x800002, 0x6, 0x2, 0xcb32, 0x3, 0xf018, 0x9, 0x0, 0xda19, 0x80000001, 0x10001, 0x7ff, 0x10001, 0x1, 0x5, 0xcc1, 0x8, 0x1, 0x2, 0x8, 0x3, 0x0, 0x0, 0xb7b, 0xffffff4a, 0x4, 0x7886, 0xbf8d, 0x9, 0x46da, 0x1, 0x40, 0x9, 0x8, 0x10000, 0x1, 0x8, 0x10, 0x770, 0x0, 0x10001, 0x3ff, 0x5, 0x7, 0x8, 0x7d1, 0xffffffff, 0x9]}, 0x45c)

5m49.251162578s ago: executing program 2 (id=3389):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, 0x0)
unshare(0x6a040000)
r0 = socket(0x8, 0x3, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x6180, 0x0)
ioctl$IMGETCOUNT(r0, 0x80044943, 0x0)

5m42.256406391s ago: executing program 2 (id=3398):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf254400000008000300", @ANYBLOB="2c00238006000300e400000006000a000b"], 0x48}}, 0x810)

5m41.266024232s ago: executing program 32 (id=3398):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf254400000008000300", @ANYBLOB="2c00238006000300e400000006000a000b"], 0x48}}, 0x810)

39.662921707s ago: executing program 3 (id=4039):
syz_open_dev$sg(&(0x7f00000006c0), 0x2, 0x5)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x8, 0x11, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x4, 0xfffffffffffffffe, &(0x7f0000000000)=0x44)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000040)={0x48, 0x5, 0x0, 0x0, <r2=>0xffffffffffffffff, 0x1})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
r6 = dup(r5)
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000001000040"])
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x441, 0x14a)
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
r7 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x3000094, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0xec, 0x5a84, &(0x7f0000011bc0)="$eJzs3X+QHNV9IPDXM7Pa1a5WWgkcZDCrRUYJwbG14lf5RypWcomdAscll1MO4mTDglZEtiRU+hFAJrHIgc8qsMtOOZXg5A/iwtxhFBdVcDEKZcKPkzgbW8XFR11h6uwc9h9OEQ6VAR3l8nmvdqbf7EzP9Pbs7KyQxOdT0vb0mzffft39pqe/r3t3AgAAAG8KR27fffzDZ//ed/588rXP/P4/br81DJWr5QOxwkg6vemNaiEnUn9lZXWa7Re/9umv/2Tsut/59gODX3v98Obztvzgd8+47pFPXn7orr95/NXhh375QlHc2J8unJlPXkpCGPjWsb/87OGnz5ouS5ZO/yztD2F5suLx5UkItzWGGP95CGFzOrMyE//B1y7eMj299Y7+pvJlmXr6+5vb9H5OQgj7jt/4jvDD39542/dWfePv+w6+uH+mSjLQ0J9CWHpN4+v7QgiL0//TYm+L/TFJpxtCCIMNr3t3Qbve3mH71+bMn5NOF6XToYI48fnVmflSpl52PurLTAcLljdfee3otl6RJZn5pEdxo7x2xvLl6fSb6fTCOcYvp+tQTkIpCZV687clM30kNOy3JCTVfTlQny/V921I1z8zn2TmS5n5cl9mvarLTTtaOUmay2O9THk8HFfS8vMaj9VtfLThcWO9t8ay9I36erZOJuhQy4P6elXFdh2bpS0nQqnhGNSuvL7j050xlJYNJStaXjPVRnzu8MY715Q3PXFkJKcdyQNJGj/pKv6+7y5f8on7D+zNfq7X419TSuOXuor/oyuOvnzVga9+JTf+F2P8clfxL3p08KUrnrx9de72ORa3T6Wr+BMvPPX5VWdeezC3/XfH+ANdxV9/6Gj/8PFHH8tt/3jcPou7iv/8+z7w4/ueffjF3Pghxh/sKv6mQzu/0D96/ILc+I/F7TPUXf955eBlz42O/nQsL/4zMf5wV/Hv3d//3nuW3XF57v7dELfPSFfxP3T+I7ctOf7wuXnHzuTuXn1yArw5nZGeY30une82z5yvhnzhr8cqtXO+Jen/4V4uKHPymc0TCvQ6rQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNPWWd/y3D/7vj428VEnn+9MHz5dq01i+KIRkcQhh956JXXu27rh+7JM37N21Y2Lb2MSesckde3bdPHbJb4ztmty5beLm6WfH33lx7XUrQlKbJue2LLt/amqqNNJcFpf3784/+MM17/7Xfwth/C3fH63ktn/tXdvvObPNz4xk/dT7t+/98Pcv/bt0vUbSdo20adfU1NRUyGnX/7nyF/f8xbGfXBDC+K/M1q6nnv+tf2pqULVgJk6q1B9qDepPBtu2o97qtD1xe1W2bN02OT779p1+fTlnPf79p1/8+ZabvvSL2vYdyF2PDrfv4vVT20p/tfFD/++vbqkVFLXrjdrvRds7rkVsX9x+A+n2Xpqu19Kc9arkrNft33vs2W+dfeDV/WG88sqq1mUXrVdf2gH6krd2tNy4hMFkeVP5QFo/7vH4urV7tu9cu/vmfe/cun3i+snrJ3e8Z90l6y4bv/SyS9dW13xtj9c/Lv9XO1z/3venF/61dbnL/mT/N+PPzvpTc7sWzXl7TLereHs0tijv/Tf40c9++T13PfnhWkFRP4+168eTdDo4vZ/XhYb+1vLytutVtH9CCGPttsPLr14ezvqfW28rOg417pnGnxnJ+qmnV//s7979tyt/s1ZwQo7zjQ3q8jhfb/VMe6rbayDdH1Mn6fbtD+V0vYbatmvd00/23Xnk3/603r5Fi8JNE3v27FpX+7kkbemS5Jy27cqWxvVaVf1ZDulmCfVu2qa/TusLtfZlj5+xenarDqXPDSUr2q5XVnzu8MY715Q3PXEkb0snD9SWuDgM16bJ23Jqbsu8sFxvcLvln6zvv6L+MfrBv33oYw/9wyUt/eOi2s+i9Upy1usbz9775a996T/+Q+/W64O/dXTkZ//rj9fUCk7640q51pB6q9P2JI3HlYtCKHr/rQrt1yP3/Vdqvz5F77/scmbqt483lpkfCuWu3q8XPTr40hVP3r469/16bLb3a+PK3tL0unLB+/Vk6T/Z91dSaW7Hwr2/mjpKsn7q2587Y//jn9lwdq2g6POyXrtdv764g/wjZ73+6arnRm8Y+w//o3fHja//xoNX/2Bi/Z/VCrrf77EtvdnvA+n2HcjZvvVWx7yzcfu+67obtm2ulRdt5zfu/DedFuQ/8VCy++Z9n5rYtm1y1+7O1qvTz9O4nOxW7vbzNB7dVhSsV6llvRbuQSfbq9P3W2z/5q63V/P7bSgkXX0u7Pvu8iWfuP/A3pGWV6ULuqaUxi91Ff9HVxx9+aoDX/1KbvwvxviVruJPvPDU51edee3B3Ph3J2n8geL4S0NL/PWHjvYPH3/0sdz447H9i7tq//Pv+8CP73v24Rdz44cYf6i77f/KwcueGx39aW78Z5J0OdPnSCE8+NrFW2rzSehL32+xHX1N7QrZ+SQzX8rMlxvnS3EUIV1AOUmay2O9tPy8hra080c55fEsbGBlbfp6nA/ZB7OXn2xKDcf+duVF56kAAKe7eP0/noPG6/+T6YlS/kgDzJhvHrYyJ27Mw2bGc5qvsa5M48fXx3HA0XeF8enprWO1E/25XkeI74fsOGdczgVvb47RdnziUONCqstvGecsGn9fnZmP7aqNl1ca8tBUa15TCR2Mv7cuZ/bx98zqF1/PGvtcS7PGGsatsvuvLx0xa3e/Q6a9lekIef0jOy4W7+cYXRo2VJfXYf/I3kcT90P2Ppq4nLMzB85u76PJ6x8jrduhqV2xf8R6s/SPapOLr0e27r8wy/ad2X/to2X33xz298B0/YW+PtuDccO2h7QTN264sNfDTopxyTbxT/C45JKW+Okb7GQfN4zlcTtVOhxP/FhOea/GE+PhIrbr2CxtORGMJwKnq5j/x8+I6fx/+gT8/2bqFeUp2bPGGC/3PqFy+/YU5R2t9+kNdvU5vunQzi/0jx6/IPc857FO79Pb2TQ3WHDfT9F2XJOZL9yOOQM0RfledjlF2z17X8ZQGO5qu9+7/6733rPsjstzt/uG2gdp8Xb/ctPccMF2PwXyhfbx5QunXL5QfgPuYygaP8vPR8r1dsyWj4Ru85H0xqeFykf+MKd8rvnIYMuD+npVnbz5yMwHaVM+0ndi2wUAnDpi/l+/fpbm//8STyzS84iivPXCzHyMl5u35pyf5OWtf5BOb8rUH6r+RkX7YLOdN3/o/EduW3L84XNz85a7O81D/3PT3EhhHjq/vDk3j9jQm/vFc/OIep41vzwxt/31PHF+eXrOZdqGPH1+eXTu9qnn0c3jAF8+OpNpzBY/jgPkxq+PA/Qwz/3lTKUTd79+wXhdZmFxttPxuhOdR0+X9C1tXs/mvHiwN9f10l+fXag8+qM55XPNo4daHtTXq+rkzaOby+XRAMDpKub/8TSumv/3h/BkrLA4PpjfdfbcvKBH5+3ZvwdSj//MguSVM/F7dP23OO9b6Lx1ofP6hR6XOHmu/051lRcv9LjQSPUPeM41fqfjZG/Y/a4Lkhf/S/1Rx3lxulB5MQAAJ7OY/8c0P17/fzJTb775SUv+1lc7hZzJT069/Lyx3imcn18ZTlR+3n8q5+en+vjXSFfx35z5/4wur4u/PnUa5//VNsv/AQBOSTH/j7/2GP/+339N57N/t77DPP3u7O28rqO7jh7mlacPhxDeDHl6j8fZYvzG+wBO4XGA8qk1DlB7sHim/uk0DlDVFwwGAACcAvqqmVLr79l/PJ1mf88+7/fyr8qp36lKenp87Z5dk5NX7925eWLP5NU7btg8ufvqG3dt3bNnsn7uPL/ru7l5S5o39oVKuj3a18vmbcvSv4ewLOfvIWTrx7DnVB+0/j2E7GIXF/wdgZn911l78/ZfaZb67fpH3v7Oi/9HOfWj+v6/7o8vunrL7qu37ti6Z+vEtq37JpvrjVR/k7rz782M1ynn9H2pmR8tSnP//s64e+bXjlJLO/rS7ZH3/exJph3L05Ysz/v+g5x2f+e//8WfnD/1i/tCGH9L+W3t233H/e0bn5Gsn/ovV07+wZ4j39853f7SrO2v10zbVfR9pdn6cX0q227YvecdW27YuyP7jZLdieMZpfr8At3XkL79yx2OT2zKKZ/r7++XWx6cnDoenwAAoEm8/h/PZ+P1wy+lJ1CxvDBP31GrN9/rx7l5+nhneXr2e8mK8vRs/bi+nebpA/PM07PLL8rT29Vvl6fn5d158f8wp/5cdd5PurjPo5Juh/sP7M3tJ9d01k+y32dQ1E+y9efaT5J59pPs8ov6Sbv67fpJ3n7Pi/+RnPp5ivpDpd4f5ndfTm5/+GJn/eHXM/NF/SFbf679oTTP/pBdflF/aFe/XX/I27+t8ctNm7w347/THaPaLyavvvGGXZ9qqLfQ338RWm/J6KR9i2Zeu7Df/9Gtzrfvwt73Nf/2h7C+WpLX/nh9YNGc2t/p73/Nv/1F238O95UtDS33leW2/5n5jYR13v6F/X6XjLzqra8/UeO1abcruv+saBx3Y075XMdxF7U8ODkZx4U3Tsz/4+WemP/fkU57fRno1P+etC4+5+Ix+BT7HrNuzpPme3980XnMm+7zPHvJ3ec5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGmhv7KyOj1y++7jHz77977z55Ovfeb3/3H7rb/26a//ZOy63/n2A4Nfe/3w5vO2/OB3z7jukU9efuiuv3n81eGHfvlCYeCR6s/KhensQAjJS0kIA9869pefPfz0WdNlSQihnIzsD2F5suLx5UkmwvjPQwib6+1sfvLB1y7eMj299Y7+pvJlmSDZ9QpD5diexnaGcFPhGnEKGkj72b7jN74j/PC3N972vVXf+Pu+gy/un6mSDDT0pxCWXtP4+r4QwuL0/7TY21bGF6fTDSGEwYbXvbugXW/vsP1rc+bPSaeL0ulQQZz4/OrMfClTLzsf9WWmDeu6uGDRXclrR7f1iizJzGcPRvOV185YvjydfjOdXjjH+OX4PwmlJFTqzd+WzPSR0LDfkpBU9+VAfb5U37chXf/MfJKZL2Xmy32Z9aouN+1o5SRpLo/1MuXxcFxJy89rPFa38dGc8rem04H0jfp6nA/ZBzVDLQ/q61UV23Vslrak/lP74krxKztQajgGtSuv7/h0ZwylZUPJipbXTLURnzu88c415U1PHBnJaUfyQJLGT7qKv++7y5d84v4De1fmxb+mlMYvdRX/R1ccffmqA1/9Sm78L8b45a7iX/To4EtXPHn76tztcyxun0pX8SdeeOrzq8689mBu+++O8Qe6ir/+0NH+4eOPPpbb/vG4fRZ3Ff/5933gx/c9+/CLufFDjD/YVfxNh3Z+oX/0+AW58R+L22eou/7zysHLnhsd/elYXvxnYvzhruLfu/+u996z7I7Lc/fvhrh9RrqK/6HzH7ltyfGHz807diZ39+qTE+DN6Yz0HOtz6Xy3eeZ8NeQLfz1WqZ3zLUn/D/dyQRnTy1m6gPEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg9/fMtl3z8yvd/ZGMlCSHJqTPVRnyuvGj9+rEuljvxwlOfX3XmtQcby1Z2EQcAAAAoFvPwUr1kIKwMNyaLwzlt68cxgnPiXNJcnh1DiHGyYwTdxim1iVPqIk65R+2p9ChOX4/iLOpRnP4exRkoiDMQOouzeJY4leke0GF7BmdtT+dxhnoUZ0mP4gxnQnQbZ2mP2rOsR3FGZo3TeT9c3qM4K3oU54wexTmzR3He0qM4v9KjOGf1KE52THmu/XA4rXl2Xpzqg3JhnEpSrj/Rbjz9rHQ5585zOUMFyxku+jzucDmLO1zO2zOvK81xOQMdLudX57mcpMPl/Po8l1MqWE7stzdl2xeXE+c67P839yjOvh7F+XSP4tzSozh/2qM4f9ajOJ8JzSenc40D0KmY/8/keyOhv/KbYTA94mRHAWK+u6r6s/XzLu+AFOO9LVO+qCheNlHPxFs11/ZlBxAy8VZnyvua4lXq+cgs8QYa463JPDnb+r5vffu2Nca7MFPeP0u8phUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBPgn2+55ONXvv8jG0MSpv+1NdVGfK68aP36sS6We3jjnWvKm5440ljWX+kiEAAAAFAo5uF99ZKB0F9ZF/qTRU31BtJxgIF0vjxSm44uDRump8lYqTo/mCyf9XWV9HVr92zfuXb3zfveuXX7xPWT10/ueM+6S9ZdNn7pZZeu3bJ12+R47WcI/QXxQgjV4YfdN+/71MS2bZO7dtcKs+1fmb5uZTqfpK8bfVcYn57emrZ/RcHySi3LW7gHxXsPAAAAAAAAAAAAAAAAAAD4/+zaW4hcZx0A8O/MzM5Mt41d6W0amu2QS4laNYlbSbV0DwgWmgtZCjJbXUuwCRY3TWiTEuvYBmxrgiK0BEIkD0ZisbX40ostYi8EIjUacGOQtmge9EFptZKWPEjKyM7OmdvOZNaxZJP4+z2cb+b//b/vf75DCPzPLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG5NlUcmSqNj44NRCFGXnEoHyVw6G8fFPup+5aVtP8gNn17eHMtl+tgIAAAA6CnpwwfqkXzIZdIhHa6tflscmiZCo+8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+/0yVRyZKo2Pjl0YhRF1yKh0kc+lsHBf7qHvyvWc++8bw8N+aY4U+9gEAAAB6S/rwVD2SD4WwJAxE1053/vVo8m5gYdv6mbyGZJ9Fc8xrf3fQLW/JHPNumGPex3rkra+NOwMAAABc+JL+P1OPDIVcZsGsfjjp/3v19Une9W156dpYbE46q+xckgAAAIA5SPr/XD1SCLlMod6vz7XfX9wIVX86T9b3+t0+Wb+sLS9Z3+v3/HW10e/0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDhmCqPTJRGx8bTUQhRl5xKB8lcOhvHxT7qrnp58B9rDj+6uDmWy/SxEQAAANBT0oc3Wu98yGUGw0C4tNr3D9924LkvPffCSAhhps3PZsPOjdu337dq+hpWJXkrjx4e+P6Rd749K2/lzHXeDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHxopsojE6XRsfFLohCiLjmVDpK5dDaOi33UfevzX/zLUydefLs5VuhjHwAAAKC3pA9v9P75UAjZkA1XV7819/rTUm3ru70zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4e93/zwW9snJzcdJ8P8/Ohkg7hPLiN//FD8s/pfLmfC/9Dfr5vY37/XwIAAD5814coVP5L12yY77sGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOB1PlkYnS6Nh4Pgoh6pJT6SCZS2fjuNhH3filY7kFp19+tTlW6GMfAAAAoLekD2/0/vlQCANhIFxV/dbpnUC1/x86hzcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFemyiMTpdGx8QVRCFGXnEoHyVw6G8fFPuo+uWv/5w5d/r3bm2O5TB8bAQAAAD0lfXi2HsmHXObjIReuq32fbF0QpWtj5/cCjXXbWpYNznlduWVd+mzrokwI9XW7206WqZ1mZl0+2W9oZqzXKzbWpWrrik3rCqFevlhfV31Ye1uqLehxvtlPHgAAAM6dpP/P1SNDIZfJNfX/P62Nl9RGfS4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0NlUeWSiNDo2HkUhRF1yKh0kc+lsHBf7qPvgbz962Vd/tmdHc6zQxz4AAABAb0kf3uj986EQFoWPhEXVvj8MteYnef8snTn0xL/+ujyEFVcfH860b/uj5MOv37r1lfZLCKnW7FQIl9fqRV3q/eb3TzywtHLmqRBWXJW+bla9cPZ6rVvGledLm9ZtP3J8W4+HAwAAABeJpP8fqEeGQi5zb9f+P+m8e/T/ddUG/PIHdv3iytq11pG3rUgN1eqlutT7wtJn/rxs9d/fme7/Z9f7ZP3Tp/dvOXRlS8GZSJsoroxu2bH++E0HU8mpZ+qn2+onz+XL33r735t3Pn5mpn4+5GvxhW23MlNt9rWtfIgrk6l942s/2FdurZ/pcv5Hf/fqiV8t3PP+dP33rh+s179h+pJrrz9z8kzX+uGSuDJ4x2N7b95/eH1r/RBCsVP9d9+/PVzzx3seaT//YNvGzU+++dr+AOLK0cWnDq4+ULiltX7UVj95/j8/8eTenzz+3ReS+snfiixfMtf6qbb6r+++YtdrD29Y2Fo/1eX8r9z5xvDW4nf+0H7+u1t2zXS9i9nnf/rGZ+96c2P8UPsUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxWWqPDJRGh0bT0UhRF1yKh0kc+lsHBf7qHtyzbF379zz4x82xwp97AMAAAD0lvThjd4/HwohG7JhsNr3P1/atG77kePbwtDMbFQbM5Nb79/+ic1bd9x79zzdOQAAADBXJ9dE1f4/U48MhVxmaRio9f+jW3asP37TwVTS/6emxyiEsPmeyU0rQj3v9d1X7Hrt4Q0L6+8JQqj+WUB+Ou8zjbzbbj02dOpPX1/WMW9VI+/o4lMHVx8o3JLkhea8laH+fuLpG5+9682N8UP1+2vO+9TXtk7WXk8k+w7e8djem/cfXp9K3mPUxsHavkneZGrf+NoP9pVTQyE3PZ+u5eVr5wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZpsqj0yURsfGQzqEqEtOpVktkMyls3Fc7KPu2qW/fOSy0y8uao7lMn1sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8hx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs11+IVFUcB/BzZnbbP7Oruxq0Fa2rFYU9KAUR9VJRERoh9GRIWJoPURBEFPbQGhqJFb0EWS8SFVRbCAa5SaLFGv2TXnqooMB6CERaqB2kh4qdOXd29jq30VkLys8HhrPn3Hu/93fvPXNmLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyn9HSN1NojOx6p3nnRrZ89df/Mk7d/8NC2K55466exTTd/urf/9ZNTm5dv+faWpZsOPLBmcvcrh38bfO+PY22DH683K1O3N4R4IobQ++H0i09PfX7B7FgMIZTj0HgIw3HJ4eGYS1j9ewhhc6PO+Rv3zVyzZbbdtqtn3vjiXEj+ukKlnNVTNzS/Xv5fetM821p97Krw/U3rt3+57N13uieOj8/tEmf3Kaf5FMKijc3Hd4cQ+tJnVjbbRrKDU7suhNDfdNx1beq69DTrXxVCNdevuTi156W20iYn274i1y/l9sv3M925tr/N+RaqqI5O92tnINfPL0YL1ahzVevx4dS+n9qVZ5hfzj4xlGLoapT/YJybI6H+3GoraQyx9iyzdTCGUuPZhnT9uX7M9Uu5frk7d12186aJVo5x/ni2X248W4670vjy5rW6hbsKxi9MbW/6op7M+iH/R13llD8a11WT1TX9N7X8G0pNa1Cr8VRv4/lXUqcSl5xyzJ8tZNum1j97eXnDR0eGCuqIe2PKjx3lb/1ieOCet3c+OlKUv7GU8ksd5f+w9ugvd+989eXC/Bey/HJH+Vcf7D+x9uMdKwrvz/TcCnI6+TH1s233HvvkuWXn3zfR6lnXMvdk97+3o/pvnDzaM1g9eKiw/tXZ/enrKP+7G2778c2v9x8vzA9Zfn9H+RsmH36+Z7R6ZWH+ofp3oFKboR3Mn18nrv1mdPTnsaL8r7L7P9giP7bNf2N89/WvLd61pnB+rsvuz1DK7zuj+u+47MD2ger+S4rWzrjnbP1yApyblqb/sZ5J/XbvmftmSi3fMxeq6X3hpbGu+i/QQPoMns0T5cyeZ9E/mA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHJAAAAAACPr/uh2BAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTAQAA//9hRxeo")
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffe8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240))
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x15227}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x308, 0xff7f}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000841}, 0x4)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f00000005c0))

29.258788287s ago: executing program 3 (id=4053):
r0 = socket$kcm(0x10, 0x2, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000240)="490000800081a8fba96f00ef95da0c9f0f09d841", 0x14, 0x4840, &(0x7f0000002400)={0x2, 0x4e20, @multicast2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = memfd_secret(0x80000)
sendmsg$kcm(r0, 0x0, 0x10049094)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x4e20, @empty}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f746100000010000280"], 0x118}}, 0x0)

22.64338529s ago: executing program 3 (id=4059):
accept4(0xffffffffffffffff, &(0x7f0000000240)=@un=@abs, &(0x7f0000000340)=0x80, 0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x19, 0x16, &(0x7f0000000240)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a}, 0x94)
signalfd4(0xffffffffffffffff, &(0x7f0000000400)={[0xfffffffffffffff5]}, 0x8, 0x80000)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa)
mkdir(0x0, 0x24)
socket$unix(0x1, 0xc17a9ab45fe0440f, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, 0x0, 0x24004000)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$pppoe(0x18, 0x1, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000580)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb886400007e3fab95892f885515681fa300d133d264e3220801c00013835a90cffa1872f589bc467f0edded1130a7d2e29a0016e30645fe793b78f173f93c4257e5df81c21ceb71a3c877cfe00c0aadef7f7d53b4a7a9cdc52e8a6beae43479fff3293e94e7c731b29b253e709ef0a3a87cd00f06de314d7ce8402227b619636c1f0596df4717456195619326b2efae5c48d57873d35d38a32537e275d6b93f485c71d5482cb7dbc686781e09c4c14999f14b908f742396265473c99bdc53a5d1266aeca1082be30bf653e12189b28eb76733efa91eb39ec2bf0041fb4900e530665433"], 0x0)
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x8c000003, 0x0, {[0x3]}}, 0x0, 0x8, &(0x7f0000000440))
memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r1, 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(0xffffffffffffffff, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000500)={0x7, 0xa5e, 0x103, 0x0, 0x3})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000380)={0x4, 0x3ff, 0x105, 0x0, 0xe})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team0\x00'})
socket$netlink(0x10, 0x3, 0x15)

20.878454732s ago: executing program 0 (id=4063):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
syz_clone(0x2211000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)="d8b07da8a079e98f7663074742d5")
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0xd90, 0x0, 0x6}]})
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r2, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = dup(0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

19.68723281s ago: executing program 3 (id=4066):
setsockopt(0xffffffffffffffff, 0xff, 0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='rcu_utilization\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x400000000000004)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000001c0)=0x100000, 0x4)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040), 0x4)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

18.6883237s ago: executing program 0 (id=4068):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, 0x0, 0xa4101, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, &(0x7f00000000c0), 0x0)
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, 0x0, 0x0)
r4 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0)
write(r4, &(0x7f0000000180)="010101", 0x3)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r2, &(0x7f00000001c0), &(0x7f0000000000), 0x0)

16.96366327s ago: executing program 4 (id=4070):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc", 0xe)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvmmsg$unix(r2, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000002a00)=""/4100, 0x1004}], 0x1}}], 0x1, 0x10000, 0x0)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000004a80)=ANY=[], 0x1008}, 0x1, 0x0, 0x0, 0x844}, 0x24044804)
openat(0xffffffffffffff9c, 0x0, 0x40000, 0x0)

14.283582966s ago: executing program 4 (id=4072):
r0 = socket$kcm(0x10, 0x2, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b0001000000000904"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x10000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = memfd_secret(0x80000)
sendmsg$kcm(r0, 0x0, 0x10049094)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x4e20, @empty}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f746100000010000280"], 0x118}}, 0x0)

13.563952532s ago: executing program 1 (id=4073):
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000540), 0xfffffdd8)
ioctl$IOMMU_HWPT_INVALIDATE$TEST(0xffffffffffffffff, 0x3b8d, &(0x7f0000000100)={0x20, 0x0, &(0x7f00000000c0)=[{0x0, 0x2}, {0x0, 0x3}, {0x0, 0x3}, {}, {0x1, 0x1}, {0x1, 0x1}], 0xdeadbeef, 0x8, 0x6})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101"], 0x7c}}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
recvmsg(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000340)=[{0x0}], 0x1}, 0x2001)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0)

13.383833349s ago: executing program 3 (id=4075):
syz_open_dev$sg(&(0x7f00000006c0), 0x2, 0x5)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x8, 0x11, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x4, 0xfffffffffffffffe, &(0x7f0000000000)=0x44)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000040)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000001000040"])
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x441, 0x14a)
openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x3000094, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0xec, 0x5a84, &(0x7f0000011bc0)="$eJzs3X+QHNV9IPDXM7Pa1a5WWgkcZDCrRUYJwbG14lf5RypWcomdAscll1MO4mTDglZEtiRU+hFAJrHIgc8qsMtOOZXg5A/iwtxhFBdVcDEKZcKPkzgbW8XFR11h6uwc9h9OEQ6VAR3l8nmvdqbf7EzP9Pbs7KyQxOdT0vb0mzffft39pqe/r3t3AgAAAG8KR27fffzDZ//ed/588rXP/P4/br81DJWr5QOxwkg6vemNaiEnUn9lZXWa7Re/9umv/2Tsut/59gODX3v98Obztvzgd8+47pFPXn7orr95/NXhh375QlHc2J8unJlPXkpCGPjWsb/87OGnz5ouS5ZO/yztD2F5suLx5UkItzWGGP95CGFzOrMyE//B1y7eMj299Y7+pvJlmXr6+5vb9H5OQgj7jt/4jvDD39542/dWfePv+w6+uH+mSjLQ0J9CWHpN4+v7QgiL0//TYm+L/TFJpxtCCIMNr3t3Qbve3mH71+bMn5NOF6XToYI48fnVmflSpl52PurLTAcLljdfee3otl6RJZn5pEdxo7x2xvLl6fSb6fTCOcYvp+tQTkIpCZV687clM30kNOy3JCTVfTlQny/V921I1z8zn2TmS5n5cl9mvarLTTtaOUmay2O9THk8HFfS8vMaj9VtfLThcWO9t8ay9I36erZOJuhQy4P6elXFdh2bpS0nQqnhGNSuvL7j050xlJYNJStaXjPVRnzu8MY715Q3PXFkJKcdyQNJGj/pKv6+7y5f8on7D+zNfq7X419TSuOXuor/oyuOvnzVga9+JTf+F2P8clfxL3p08KUrnrx9de72ORa3T6Wr+BMvPPX5VWdeezC3/XfH+ANdxV9/6Gj/8PFHH8tt/3jcPou7iv/8+z7w4/ueffjF3Pghxh/sKv6mQzu/0D96/ILc+I/F7TPUXf955eBlz42O/nQsL/4zMf5wV/Hv3d//3nuW3XF57v7dELfPSFfxP3T+I7ctOf7wuXnHzuTuXn1yArw5nZGeY30une82z5yvhnzhr8cqtXO+Jen/4V4uKHPymc0TCvQ6rQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNPWWd/y3D/7vj428VEnn+9MHz5dq01i+KIRkcQhh956JXXu27rh+7JM37N21Y2Lb2MSesckde3bdPHbJb4ztmty5beLm6WfH33lx7XUrQlKbJue2LLt/amqqNNJcFpf3784/+MM17/7Xfwth/C3fH63ktn/tXdvvObPNz4xk/dT7t+/98Pcv/bt0vUbSdo20adfU1NRUyGnX/7nyF/f8xbGfXBDC+K/M1q6nnv+tf2pqULVgJk6q1B9qDepPBtu2o97qtD1xe1W2bN02OT779p1+fTlnPf79p1/8+ZabvvSL2vYdyF2PDrfv4vVT20p/tfFD/++vbqkVFLXrjdrvRds7rkVsX9x+A+n2Xpqu19Kc9arkrNft33vs2W+dfeDV/WG88sqq1mUXrVdf2gH6krd2tNy4hMFkeVP5QFo/7vH4urV7tu9cu/vmfe/cun3i+snrJ3e8Z90l6y4bv/SyS9dW13xtj9c/Lv9XO1z/3venF/61dbnL/mT/N+PPzvpTc7sWzXl7TLereHs0tijv/Tf40c9++T13PfnhWkFRP4+168eTdDo4vZ/XhYb+1vLytutVtH9CCGPttsPLr14ezvqfW28rOg417pnGnxnJ+qmnV//s7979tyt/s1ZwQo7zjQ3q8jhfb/VMe6rbayDdH1Mn6fbtD+V0vYbatmvd00/23Xnk3/603r5Fi8JNE3v27FpX+7kkbemS5Jy27cqWxvVaVf1ZDulmCfVu2qa/TusLtfZlj5+xenarDqXPDSUr2q5XVnzu8MY715Q3PXEkb0snD9SWuDgM16bJ23Jqbsu8sFxvcLvln6zvv6L+MfrBv33oYw/9wyUt/eOi2s+i9Upy1usbz9775a996T/+Q+/W64O/dXTkZ//rj9fUCk7640q51pB6q9P2JI3HlYtCKHr/rQrt1yP3/Vdqvz5F77/scmbqt483lpkfCuWu3q8XPTr40hVP3r469/16bLb3a+PK3tL0unLB+/Vk6T/Z91dSaW7Hwr2/mjpKsn7q2587Y//jn9lwdq2g6POyXrtdv764g/wjZ73+6arnRm8Y+w//o3fHja//xoNX/2Bi/Z/VCrrf77EtvdnvA+n2HcjZvvVWx7yzcfu+67obtm2ulRdt5zfu/DedFuQ/8VCy++Z9n5rYtm1y1+7O1qvTz9O4nOxW7vbzNB7dVhSsV6llvRbuQSfbq9P3W2z/5q63V/P7bSgkXX0u7Pvu8iWfuP/A3pGWV6ULuqaUxi91Ff9HVxx9+aoDX/1KbvwvxviVruJPvPDU51edee3B3Ph3J2n8geL4S0NL/PWHjvYPH3/0sdz447H9i7tq//Pv+8CP73v24Rdz44cYf6i77f/KwcueGx39aW78Z5J0OdPnSCE8+NrFW2rzSehL32+xHX1N7QrZ+SQzX8rMlxvnS3EUIV1AOUmay2O9tPy8hra080c55fEsbGBlbfp6nA/ZB7OXn2xKDcf+duVF56kAAKe7eP0/noPG6/+T6YlS/kgDzJhvHrYyJ27Mw2bGc5qvsa5M48fXx3HA0XeF8enprWO1E/25XkeI74fsOGdczgVvb47RdnziUONCqstvGecsGn9fnZmP7aqNl1ca8tBUa15TCR2Mv7cuZ/bx98zqF1/PGvtcS7PGGsatsvuvLx0xa3e/Q6a9lekIef0jOy4W7+cYXRo2VJfXYf/I3kcT90P2Ppq4nLMzB85u76PJ6x8jrduhqV2xf8R6s/SPapOLr0e27r8wy/ad2X/to2X33xz298B0/YW+PtuDccO2h7QTN264sNfDTopxyTbxT/C45JKW+Okb7GQfN4zlcTtVOhxP/FhOea/GE+PhIrbr2CxtORGMJwKnq5j/x8+I6fx/+gT8/2bqFeUp2bPGGC/3PqFy+/YU5R2t9+kNdvU5vunQzi/0jx6/IPc857FO79Pb2TQ3WHDfT9F2XJOZL9yOOQM0RfledjlF2z17X8ZQGO5qu9+7/6733rPsjstzt/uG2gdp8Xb/ctPccMF2PwXyhfbx5QunXL5QfgPuYygaP8vPR8r1dsyWj4Ru85H0xqeFykf+MKd8rvnIYMuD+npVnbz5yMwHaVM+0ndi2wUAnDpi/l+/fpbm//8STyzS84iivPXCzHyMl5u35pyf5OWtf5BOb8rUH6r+RkX7YLOdN3/o/EduW3L84XNz85a7O81D/3PT3EhhHjq/vDk3j9jQm/vFc/OIep41vzwxt/31PHF+eXrOZdqGPH1+eXTu9qnn0c3jAF8+OpNpzBY/jgPkxq+PA/Qwz/3lTKUTd79+wXhdZmFxttPxuhOdR0+X9C1tXs/mvHiwN9f10l+fXag8+qM55XPNo4daHtTXq+rkzaOby+XRAMDpKub/8TSumv/3h/BkrLA4PpjfdfbcvKBH5+3ZvwdSj//MguSVM/F7dP23OO9b6Lx1ofP6hR6XOHmu/051lRcv9LjQSPUPeM41fqfjZG/Y/a4Lkhf/S/1Rx3lxulB5MQAAJ7OY/8c0P17/fzJTb775SUv+1lc7hZzJT069/Lyx3imcn18ZTlR+3n8q5+en+vjXSFfx35z5/4wur4u/PnUa5//VNsv/AQBOSTH/j7/2GP/+339N57N/t77DPP3u7O28rqO7jh7mlacPhxDeDHl6j8fZYvzG+wBO4XGA8qk1DlB7sHim/uk0DlDVFwwGAACcAvqqmVLr79l/PJ1mf88+7/fyr8qp36lKenp87Z5dk5NX7925eWLP5NU7btg8ufvqG3dt3bNnsn7uPL/ru7l5S5o39oVKuj3a18vmbcvSv4ewLOfvIWTrx7DnVB+0/j2E7GIXF/wdgZn911l78/ZfaZb67fpH3v7Oi/9HOfWj+v6/7o8vunrL7qu37ti6Z+vEtq37JpvrjVR/k7rz782M1ynn9H2pmR8tSnP//s64e+bXjlJLO/rS7ZH3/exJph3L05Ysz/v+g5x2f+e//8WfnD/1i/tCGH9L+W3t233H/e0bn5Gsn/ovV07+wZ4j39853f7SrO2v10zbVfR9pdn6cX0q227YvecdW27YuyP7jZLdieMZpfr8At3XkL79yx2OT2zKKZ/r7++XWx6cnDoenwAAoEm8/h/PZ+P1wy+lJ1CxvDBP31GrN9/rx7l5+nhneXr2e8mK8vRs/bi+nebpA/PM07PLL8rT29Vvl6fn5d158f8wp/5cdd5PurjPo5Juh/sP7M3tJ9d01k+y32dQ1E+y9efaT5J59pPs8ov6Sbv67fpJ3n7Pi/+RnPp5ivpDpd4f5ndfTm5/+GJn/eHXM/NF/SFbf679oTTP/pBdflF/aFe/XX/I27+t8ctNm7w347/THaPaLyavvvGGXZ9qqLfQ338RWm/J6KR9i2Zeu7Df/9Gtzrfvwt73Nf/2h7C+WpLX/nh9YNGc2t/p73/Nv/1F238O95UtDS33leW2/5n5jYR13v6F/X6XjLzqra8/UeO1abcruv+saBx3Y075XMdxF7U8ODkZx4U3Tsz/4+WemP/fkU57fRno1P+etC4+5+Ix+BT7HrNuzpPme3980XnMm+7zPHvJ3ec5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGmhv7KyOj1y++7jHz77977z55Ovfeb3/3H7rb/26a//ZOy63/n2A4Nfe/3w5vO2/OB3z7jukU9efuiuv3n81eGHfvlCYeCR6s/KhensQAjJS0kIA9869pefPfz0WdNlSQihnIzsD2F5suLx5UkmwvjPQwib6+1sfvLB1y7eMj299Y7+pvJlmSDZ9QpD5diexnaGcFPhGnEKGkj72b7jN74j/PC3N972vVXf+Pu+gy/un6mSDDT0pxCWXtP4+r4QwuL0/7TY21bGF6fTDSGEwYbXvbugXW/vsP1rc+bPSaeL0ulQQZz4/OrMfClTLzsf9WWmDeu6uGDRXclrR7f1iizJzGcPRvOV185YvjydfjOdXjjH+OX4PwmlJFTqzd+WzPSR0LDfkpBU9+VAfb5U37chXf/MfJKZL2Xmy32Z9aouN+1o5SRpLo/1MuXxcFxJy89rPFa38dGc8rem04H0jfp6nA/ZBzVDLQ/q61UV23Vslrak/lP74krxKztQajgGtSuv7/h0ZwylZUPJipbXTLURnzu88c415U1PHBnJaUfyQJLGT7qKv++7y5d84v4De1fmxb+mlMYvdRX/R1ccffmqA1/9Sm78L8b45a7iX/To4EtXPHn76tztcyxun0pX8SdeeOrzq8689mBu+++O8Qe6ir/+0NH+4eOPPpbb/vG4fRZ3Ff/5933gx/c9+/CLufFDjD/YVfxNh3Z+oX/0+AW58R+L22eou/7zysHLnhsd/elYXvxnYvzhruLfu/+u996z7I7Lc/fvhrh9RrqK/6HzH7ltyfGHz807diZ39+qTE+DN6Yz0HOtz6Xy3eeZ8NeQLfz1WqZ3zLUn/D/dyQRnTy1m6gPEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg9/fMtl3z8yvd/ZGMlCSHJqTPVRnyuvGj9+rEuljvxwlOfX3XmtQcby1Z2EQcAAAAoFvPwUr1kIKwMNyaLwzlt68cxgnPiXNJcnh1DiHGyYwTdxim1iVPqIk65R+2p9ChOX4/iLOpRnP4exRkoiDMQOouzeJY4leke0GF7BmdtT+dxhnoUZ0mP4gxnQnQbZ2mP2rOsR3FGZo3TeT9c3qM4K3oU54wexTmzR3He0qM4v9KjOGf1KE52THmu/XA4rXl2Xpzqg3JhnEpSrj/Rbjz9rHQ5585zOUMFyxku+jzucDmLO1zO2zOvK81xOQMdLudX57mcpMPl/Po8l1MqWE7stzdl2xeXE+c67P839yjOvh7F+XSP4tzSozh/2qM4f9ajOJ8JzSenc40D0KmY/8/keyOhv/KbYTA94mRHAWK+u6r6s/XzLu+AFOO9LVO+qCheNlHPxFs11/ZlBxAy8VZnyvua4lXq+cgs8QYa463JPDnb+r5vffu2Nca7MFPeP0u8phUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBPgn2+55ONXvv8jG0MSpv+1NdVGfK68aP36sS6We3jjnWvKm5440ljWX+kiEAAAAFAo5uF99ZKB0F9ZF/qTRU31BtJxgIF0vjxSm44uDRump8lYqTo/mCyf9XWV9HVr92zfuXb3zfveuXX7xPWT10/ueM+6S9ZdNn7pZZeu3bJ12+R47WcI/QXxQgjV4YfdN+/71MS2bZO7dtcKs+1fmb5uZTqfpK8bfVcYn57emrZ/RcHySi3LW7gHxXsPAAAAAAAAAAAAAAAAAAD4/+zaW4hcZx0A8O/MzM5Mt41d6W0amu2QS4laNYlbSbV0DwgWmgtZCjJbXUuwCRY3TWiTEuvYBmxrgiK0BEIkD0ZisbX40ostYi8EIjUacGOQtmge9EFptZKWPEjKyM7OmdvOZNaxZJP4+z2cb+b//b/vf75DCPzPLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG5NlUcmSqNj44NRCFGXnEoHyVw6G8fFPup+5aVtP8gNn17eHMtl+tgIAAAA6CnpwwfqkXzIZdIhHa6tflscmiZCo+8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+/0yVRyZKo2Pjl0YhRF1yKh0kc+lsHBf7qHvyvWc++8bw8N+aY4U+9gEAAAB6S/rwVD2SD4WwJAxE1053/vVo8m5gYdv6mbyGZJ9Fc8xrf3fQLW/JHPNumGPex3rkra+NOwMAAABc+JL+P1OPDIVcZsGsfjjp/3v19Une9W156dpYbE46q+xckgAAAIA5SPr/XD1SCLlMod6vz7XfX9wIVX86T9b3+t0+Wb+sLS9Z3+v3/HW10e/0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDhmCqPTJRGx8bTUQhRl5xKB8lcOhvHxT7qrnp58B9rDj+6uDmWy/SxEQAAANBT0oc3Wu98yGUGw0C4tNr3D9924LkvPffCSAhhps3PZsPOjdu337dq+hpWJXkrjx4e+P6Rd749K2/lzHXeDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHxopsojE6XRsfFLohCiLjmVDpK5dDaOi33UfevzX/zLUydefLs5VuhjHwAAAKC3pA9v9P75UAjZkA1XV7819/rTUm3ru70zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4e93/zwW9snJzcdJ8P8/Ohkg7hPLiN//FD8s/pfLmfC/9Dfr5vY37/XwIAAD5814coVP5L12yY77sGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOB1PlkYnS6Nh4Pgoh6pJT6SCZS2fjuNhH3filY7kFp19+tTlW6GMfAAAAoLekD2/0/vlQCANhIFxV/dbpnUC1/x86hzcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFemyiMTpdGx8QVRCFGXnEoHyVw6G8fFPuo+uWv/5w5d/r3bm2O5TB8bAQAAAD0lfXi2HsmHXObjIReuq32fbF0QpWtj5/cCjXXbWpYNznlduWVd+mzrokwI9XW7206WqZ1mZl0+2W9oZqzXKzbWpWrrik3rCqFevlhfV31Ye1uqLehxvtlPHgAAAM6dpP/P1SNDIZfJNfX/P62Nl9RGfS4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0NlUeWSiNDo2HkUhRF1yKh0kc+lsHBf7qPvgbz962Vd/tmdHc6zQxz4AAABAb0kf3uj986EQFoWPhEXVvj8MteYnef8snTn0xL/+ujyEFVcfH860b/uj5MOv37r1lfZLCKnW7FQIl9fqRV3q/eb3TzywtHLmqRBWXJW+bla9cPZ6rVvGledLm9ZtP3J8W4+HAwAAABeJpP8fqEeGQi5zb9f+P+m8e/T/ddUG/PIHdv3iytq11pG3rUgN1eqlutT7wtJn/rxs9d/fme7/Z9f7ZP3Tp/dvOXRlS8GZSJsoroxu2bH++E0HU8mpZ+qn2+onz+XL33r735t3Pn5mpn4+5GvxhW23MlNt9rWtfIgrk6l942s/2FdurZ/pcv5Hf/fqiV8t3PP+dP33rh+s179h+pJrrz9z8kzX+uGSuDJ4x2N7b95/eH1r/RBCsVP9d9+/PVzzx3seaT//YNvGzU+++dr+AOLK0cWnDq4+ULiltX7UVj95/j8/8eTenzz+3ReS+snfiixfMtf6qbb6r+++YtdrD29Y2Fo/1eX8r9z5xvDW4nf+0H7+u1t2zXS9i9nnf/rGZ+96c2P8UPsUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxWWqPDJRGh0bT0UhRF1yKh0kc+lsHBf7qHtyzbF379zz4x82xwp97AMAAAD0lvThjd4/HwohG7JhsNr3P1/atG77kePbwtDMbFQbM5Nb79/+ic1bd9x79zzdOQAAADBXJ9dE1f4/U48MhVxmaRio9f+jW3asP37TwVTS/6emxyiEsPmeyU0rQj3v9d1X7Hrt4Q0L6+8JQqj+WUB+Ou8zjbzbbj02dOpPX1/WMW9VI+/o4lMHVx8o3JLkhea8laH+fuLpG5+9682N8UP1+2vO+9TXtk7WXk8k+w7e8djem/cfXp9K3mPUxsHavkneZGrf+NoP9pVTQyE3PZ+u5eVr5wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZpsqj0yURsfGQzqEqEtOpVktkMyls3Fc7KPu2qW/fOSy0y8uao7lMn1sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8hx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs11+IVFUcB/BzZnbbP7Oruxq0Fa2rFYU9KAUR9VJRERoh9GRIWJoPURBEFPbQGhqJFb0EWS8SFVRbCAa5SaLFGv2TXnqooMB6CERaqB2kh4qdOXd29jq30VkLys8HhrPn3Hu/93fvPXNmLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyn9HSN1NojOx6p3nnRrZ89df/Mk7d/8NC2K55466exTTd/urf/9ZNTm5dv+faWpZsOPLBmcvcrh38bfO+PY22DH683K1O3N4R4IobQ++H0i09PfX7B7FgMIZTj0HgIw3HJ4eGYS1j9ewhhc6PO+Rv3zVyzZbbdtqtn3vjiXEj+ukKlnNVTNzS/Xv5fetM821p97Krw/U3rt3+57N13uieOj8/tEmf3Kaf5FMKijc3Hd4cQ+tJnVjbbRrKDU7suhNDfdNx1beq69DTrXxVCNdevuTi156W20iYn274i1y/l9sv3M925tr/N+RaqqI5O92tnINfPL0YL1ahzVevx4dS+n9qVZ5hfzj4xlGLoapT/YJybI6H+3GoraQyx9iyzdTCGUuPZhnT9uX7M9Uu5frk7d12186aJVo5x/ni2X248W4670vjy5rW6hbsKxi9MbW/6op7M+iH/R13llD8a11WT1TX9N7X8G0pNa1Cr8VRv4/lXUqcSl5xyzJ8tZNum1j97eXnDR0eGCuqIe2PKjx3lb/1ieOCet3c+OlKUv7GU8ksd5f+w9ugvd+989eXC/Bey/HJH+Vcf7D+x9uMdKwrvz/TcCnI6+TH1s233HvvkuWXn3zfR6lnXMvdk97+3o/pvnDzaM1g9eKiw/tXZ/enrKP+7G2778c2v9x8vzA9Zfn9H+RsmH36+Z7R6ZWH+ofp3oFKboR3Mn18nrv1mdPTnsaL8r7L7P9giP7bNf2N89/WvLd61pnB+rsvuz1DK7zuj+u+47MD2ger+S4rWzrjnbP1yApyblqb/sZ5J/XbvmftmSi3fMxeq6X3hpbGu+i/QQPoMns0T5cyeZ9E/mA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHJAAAAAACPr/uh2BAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTAQAA//9hRxeo")
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffe8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x15227}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_BR_MULTI_BOOLOPT={0xc, 0x2e, {0x308, 0xff7f}}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000841}, 0x4)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'})

9.632834168s ago: executing program 1 (id=4076):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
chdir(&(0x7f00000001c0)='./file0\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount$bind(0x0, &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
chdir(0x0)
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x20, 0x13, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x2000c844}, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x25, 0x148, 0x340, 0x60, 0x470, 0x2a8, 0x2a8, 0x470, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xc8, 0x110, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x11e, 0x0, 0xffffffff, 0x7}}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00', {0xfffffffffffffffe}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xb0, 0xf8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x4, 0x1, 0x82295bc78b02ba47, 0x7, 0x2, 0x1], 0x6, 0x7}}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x300)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)

9.624963872s ago: executing program 5 (id=4077):
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={'\x00', 0xfff8, 0xfec, 0x3, 0x401, 0x5456, <r0=>0x0})
prlimit64(r0, 0x6, &(0x7f0000000140)={0x7, 0xbf}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20048050}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
r3 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20088004, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0xc04c5349, &(0x7f0000000200)={0x8, 0xe10, 0x9})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x89}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
keyctl$get_security(0x11, 0x0, 0x0, 0x0)
syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I3GccBvD3Lh6BZMiSKUuTFDKULAkZc0MS7i4JFo5TF7soKCLedIJw0qOCDnqD4g3i6CLCLVYnzxucFIXORRwsgoNLiy6Ci1esb6EU+wd7LQ18PvDjy/vyvO/DO9x4gU9aMvzUarUSIYTW3ZsTE39yuqeeyX54nH9T6A4hEVohhJGvPv/lnkRM/Hrr07g+jOvlpXvNmbP3qfpB1/mzvu1q8jdtV9/9lUZPWx7Iv2o1vfNgcqqUmy2nh/dzlePp77/78tvTTKHRWa2tfUy9G4i53Tg74hwN5TAeRkJ/KIZiGAylNvUv1o9eXD7K1TeGXl9km3NbL2Mu/w/f+Xf7x57M99Yqb5+vP1x4Vd7cK5zcuc4V/+DXBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8tqeufB5FQpN1tOD+/nksfTYyGE00yh0VmtrX1MvRuIud04O+IcDeUwHkZCfyiGRBgMpbb0V44X60cvLh/l6htDry+yzbmtlzGX//3BjlsW/kX/2JP53lrl7fP1hwuvypt7hZM717ni3fb0AQAAAAAAAAAAAAAAAAAAwE0y2Q+P828K3d/E9Rc/fp28mq34f/fP4v7TOA/j/vLSvebM2ftU/aDr/FnfdvWHuD8Rv/srjZ7/9CHcys8BAAD//4Mnkx8=")
socket(0x25, 0x1, 0x0)
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x3)

9.096288989s ago: executing program 4 (id=4078):
socket$alg(0x26, 0x5, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2040, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_open_dev$vbi(0x0, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1)
pselect6(0x40, &(0x7f0000000000)={0x6, 0x2, 0x8000000000000000, 0x0, 0x2, 0x0, 0x100, 0x10001003}, 0x0, &(0x7f00000002c0)={0x3ff, 0x8, 0x1000000000, 0x689, 0x2, 0x3ffffffffd, 0x2, 0x7}, 0x0, 0x0)

8.255587569s ago: executing program 3 (id=4079):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x8, &(0x7f00000000c0), &(0x7f0000002140)=0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_buf(r1, 0x1, 0x38, &(0x7f0000001640)=""/170, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40050}, 0x4000880)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r3 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r3, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r1, &(0x7f00000030c0)=""/4117, 0x1015, 0x1, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sendmsg$802154_raw(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)}, 0x1, 0x0, 0x0, 0x8008040}, 0x30008080)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000000203010100000000d4827635000000100800b25d4c994545dbfe03400a000009"], 0x24}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="2000000001030101000002000000000000000000"], 0x20}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100000000000000000003000000300001"], 0x44}}, 0x0)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000080)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x2, 0x0}}, [@bcast, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast]}, 0x48)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002e000100000000000010000004"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

8.253435507s ago: executing program 1 (id=4080):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_clone3(&(0x7f0000000180)={0x80000000, 0x0, 0x0, 0x0, {0x1b}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x2, 0x0, {0x0, 0x0, 0x0, r5, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="640000000206010200000000000000000000000014000780080006400000000308000840000000300500010006000000050005000a0000000900020073797a300000000015000300686173683a69702c706f72742c6e6574000e0000050004"], 0x64}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)

6.139304882s ago: executing program 0 (id=4081):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount$bind(0x0, &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
chdir(&(0x7f0000001180)='./bus\x00')
sendmsg$NFT_MSG_GETOBJ(r1, 0x0, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

6.103112427s ago: executing program 4 (id=4082):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, 0x0, 0xa4101, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, 0x0)
r2 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, &(0x7f00000000c0), 0x0)
r3 = openat$binfmt(0xffffffffffffff9c, r2, 0x42, 0x1ff)
close(r3)
execveat$binfmt(0xffffffffffffff9c, r2, 0x0, 0x0, 0x0)
r4 = openat$binfmt(0xffffffffffffff9c, r2, 0x2, 0x0)
write(r4, &(0x7f0000000180)="010101", 0x3)
close(r4)
execveat$binfmt(0xffffffffffffff9c, r2, &(0x7f00000001c0), &(0x7f0000000000), 0x0)

5.398465056s ago: executing program 5 (id=4083):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
getpid()
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
getpid()
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

4.55681986s ago: executing program 0 (id=4084):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x242, 0x2e0)
r0 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000005c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x2, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'dummy0\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$pppoe(0x18, 0x1, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x2)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="d80000001e0081054e81f782060000000000000006007c095dd2466518000e800a00142603600e1208000f0000000406a80016c00800094014000000035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791433a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad909d5e1cace81ed0bffece0b42a9eca0200e6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)

2.548721288s ago: executing program 4 (id=4085):
setsockopt(0xffffffffffffffff, 0xff, 0x2, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='rcu_utilization\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x400000000000004)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000001c0)=0x100000, 0x4)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040), 0x4)
syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

2.535254832s ago: executing program 0 (id=4086):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r1, 0x0, r5, 0x0, 0xaf4, 0x0)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000500)=@gcm_256={{0x304}, "1f891d5b00", "11682d84dd05bb63ae661f051e1e79ceafeaa60a5bd1dc83db142ade2bd907fd", "dd6ed25e", "0000000400"}, 0x38)
read$FUSE(r0, &(0x7f000000c400)={0x2020}, 0x2020)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f000012b2c0))

2.244481268s ago: executing program 5 (id=4087):
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000540), 0xfffffdd8)
ioctl$IOMMU_HWPT_INVALIDATE$TEST(0xffffffffffffffff, 0x3b8d, &(0x7f0000000100)={0x20, 0x0, &(0x7f00000000c0)=[{0x0, 0x2}, {0x0, 0x3}, {0x0, 0x3}, {}, {0x1, 0x1}, {0x1, 0x1}], 0xdeadbeef, 0x8, 0x6})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101"], 0x7c}}, 0x4000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
recvmsg(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000340)=[{0x0}], 0x1}, 0x2001)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={0x0, 0x6f4}}, 0x0)

2.01222605s ago: executing program 5 (id=4088):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000800)=ANY=[@ANYBLOB="cc0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="15020000000010002c00128009000100766c616e000000001c00028006000100fe0f0000", @ANYRES32, @ANYBLOB="08001d0043eb000005001000790000000a000200aaaaaaaaaa440000140012800c0001006d6163767461700004000280050011"], 0xcc}, 0x1, 0xba01}, 0x0)

1.886559272s ago: executing program 1 (id=4089):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x10000, &(0x7f0000000300)={[], [{@fowner_eq}, {@dont_appraise}, {@measure}, {@permit_directio}]}, 0xfd, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x0, 0x1, 0x0, 0x8}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c8, &(0x7f0000000100))
connect$inet6(r4, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
sendmsg$inet(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000240)='n', 0x1}], 0x1}, 0x40)

1.784495862s ago: executing program 5 (id=4090):
creat(&(0x7f0000000180)='./file2\x00', 0x71283578ac7c5cd)

1.475900865s ago: executing program 4 (id=4091):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mount$bind(0x0, &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
chdir(&(0x7f0000001180)='./bus\x00')
sendmsg$NFT_MSG_GETOBJ(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c844}, 0x10)
socket$inet_smc(0x2b, 0x1, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

677.489075ms ago: executing program 0 (id=4092):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00'}, 0x10)
getpid()
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000480)='\xf5\xfc\xd2\xec]\x95zx8*\xa2d\x11\xb5\xb1\x01\x00\x00\x00\xe49{\x8a{\x81s\xea$\xdfg\xb1\x03DY!\x97\xadM\xd7\xff\x8a\xcd[>\x12e\xc3]d8\xba\x8ec\x00\x00\x00\x00\x00\x00\x00\xa0\xe2\xd5y\xec\x90\x00\x98Y\x91\x19\x16\x89\xd0\x1a\xad\xcd\xd6\xd0\xc6\xb9\xeb\x95\xd3\x9cl\x9cu#\xb4\xee\xe5\x9d\t\fV\xd4\xda\xfc`2?\x15P\xba\x14b\x1c\xcc\xd5\xb9jA$s\xb9g3\x15[\xc7\xec\xa9;\xee\x01\xc9\xc4\x1f\xc3\xe4\xfa\xd3fU\x0e\x86\xc8\xa7\xaf\xaf\x04P\xa3\x8bb\xbf\\\xdb\x83\x00\x96sy\x14\x1eo\xcc9&\x946\xf9\xf5v\xee\xb5m$;\x01\xb8\xeau\x00\xd1S=\x920H\xc2z\xb5\xbe\x95\xef\xeb\xd1\xc8\xa1\xba\xach\xbef\xa8\x86\xc2\x18\x9cC\x15\x9c^\xcf\xe9\xbcp\xb4Ff\x00\x9d>p\"\x19\xd8}|\x92\x13\x874\xe3\x01\xfd-?\xba\xf2\x8e\xa5y\\\xf0\fkd??-\x983\xf3\x19\xc7\xc0/\xe9\x1a\x80=\xa72)\xd2\x00'/272, &(0x7f0000000240)='/\t\x00\x00\x00\x98', 0x0)

675.78913ms ago: executing program 5 (id=4093):
syz_open_dev$sg(&(0x7f00000006c0), 0x2, 0x5)
syz_emit_ethernet(0x3e, &(0x7f0000000180)={@link_local, @local, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010700", 0x8, 0x11, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[], {0x0, 0xe22, 0x8}}}}}}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x4, 0xfffffffffffffffe, &(0x7f0000000000)=0x44)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r1, 0x3ba0, &(0x7f0000000040)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
dup(r4)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x3000094, &(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0xec, 0x5a84, &(0x7f0000011bc0)="$eJzs3X+QHNV9IPDXM7Pa1a5WWgkcZDCrRUYJwbG14lf5RypWcomdAscll1MO4mTDglZEtiRU+hFAJrHIgc8qsMtOOZXg5A/iwtxhFBdVcDEKZcKPkzgbW8XFR11h6uwc9h9OEQ6VAR3l8nmvdqbf7EzP9Pbs7KyQxOdT0vb0mzffft39pqe/r3t3AgAAAG8KR27fffzDZ//ed/588rXP/P4/br81DJWr5QOxwkg6vemNaiEnUn9lZXWa7Re/9umv/2Tsut/59gODX3v98Obztvzgd8+47pFPXn7orr95/NXhh375QlHc2J8unJlPXkpCGPjWsb/87OGnz5ouS5ZO/yztD2F5suLx5UkItzWGGP95CGFzOrMyE//B1y7eMj299Y7+pvJlmXr6+5vb9H5OQgj7jt/4jvDD39542/dWfePv+w6+uH+mSjLQ0J9CWHpN4+v7QgiL0//TYm+L/TFJpxtCCIMNr3t3Qbve3mH71+bMn5NOF6XToYI48fnVmflSpl52PurLTAcLljdfee3otl6RJZn5pEdxo7x2xvLl6fSb6fTCOcYvp+tQTkIpCZV687clM30kNOy3JCTVfTlQny/V921I1z8zn2TmS5n5cl9mvarLTTtaOUmay2O9THk8HFfS8vMaj9VtfLThcWO9t8ay9I36erZOJuhQy4P6elXFdh2bpS0nQqnhGNSuvL7j050xlJYNJStaXjPVRnzu8MY715Q3PXFkJKcdyQNJGj/pKv6+7y5f8on7D+zNfq7X419TSuOXuor/oyuOvnzVga9+JTf+F2P8clfxL3p08KUrnrx9de72ORa3T6Wr+BMvPPX5VWdeezC3/XfH+ANdxV9/6Gj/8PFHH8tt/3jcPou7iv/8+z7w4/ueffjF3Pghxh/sKv6mQzu/0D96/ILc+I/F7TPUXf955eBlz42O/nQsL/4zMf5wV/Hv3d//3nuW3XF57v7dELfPSFfxP3T+I7ctOf7wuXnHzuTuXn1yArw5nZGeY30une82z5yvhnzhr8cqtXO+Jen/4V4uKHPymc0TCvQ6rQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNPWWd/y3D/7vj428VEnn+9MHz5dq01i+KIRkcQhh956JXXu27rh+7JM37N21Y2Lb2MSesckde3bdPHbJb4ztmty5beLm6WfH33lx7XUrQlKbJue2LLt/amqqNNJcFpf3784/+MM17/7Xfwth/C3fH63ktn/tXdvvObPNz4xk/dT7t+/98Pcv/bt0vUbSdo20adfU1NRUyGnX/7nyF/f8xbGfXBDC+K/M1q6nnv+tf2pqULVgJk6q1B9qDepPBtu2o97qtD1xe1W2bN02OT779p1+fTlnPf79p1/8+ZabvvSL2vYdyF2PDrfv4vVT20p/tfFD/++vbqkVFLXrjdrvRds7rkVsX9x+A+n2Xpqu19Kc9arkrNft33vs2W+dfeDV/WG88sqq1mUXrVdf2gH6krd2tNy4hMFkeVP5QFo/7vH4urV7tu9cu/vmfe/cun3i+snrJ3e8Z90l6y4bv/SyS9dW13xtj9c/Lv9XO1z/3venF/61dbnL/mT/N+PPzvpTc7sWzXl7TLereHs0tijv/Tf40c9++T13PfnhWkFRP4+168eTdDo4vZ/XhYb+1vLytutVtH9CCGPttsPLr14ezvqfW28rOg417pnGnxnJ+qmnV//s7979tyt/s1ZwQo7zjQ3q8jhfb/VMe6rbayDdH1Mn6fbtD+V0vYbatmvd00/23Xnk3/603r5Fi8JNE3v27FpX+7kkbemS5Jy27cqWxvVaVf1ZDulmCfVu2qa/TusLtfZlj5+xenarDqXPDSUr2q5XVnzu8MY715Q3PXEkb0snD9SWuDgM16bJ23Jqbsu8sFxvcLvln6zvv6L+MfrBv33oYw/9wyUt/eOi2s+i9Upy1usbz9775a996T/+Q+/W64O/dXTkZ//rj9fUCk7640q51pB6q9P2JI3HlYtCKHr/rQrt1yP3/Vdqvz5F77/scmbqt483lpkfCuWu3q8XPTr40hVP3r469/16bLb3a+PK3tL0unLB+/Vk6T/Z91dSaW7Hwr2/mjpKsn7q2587Y//jn9lwdq2g6POyXrtdv764g/wjZ73+6arnRm8Y+w//o3fHja//xoNX/2Bi/Z/VCrrf77EtvdnvA+n2HcjZvvVWx7yzcfu+67obtm2ulRdt5zfu/DedFuQ/8VCy++Z9n5rYtm1y1+7O1qvTz9O4nOxW7vbzNB7dVhSsV6llvRbuQSfbq9P3W2z/5q63V/P7bSgkXX0u7Pvu8iWfuP/A3pGWV6ULuqaUxi91Ff9HVxx9+aoDX/1KbvwvxviVruJPvPDU51edee3B3Ph3J2n8geL4S0NL/PWHjvYPH3/0sdz447H9i7tq//Pv+8CP73v24Rdz44cYf6i77f/KwcueGx39aW78Z5J0OdPnSCE8+NrFW2rzSehL32+xHX1N7QrZ+SQzX8rMlxvnS3EUIV1AOUmay2O9tPy8hra080c55fEsbGBlbfp6nA/ZB7OXn2xKDcf+duVF56kAAKe7eP0/noPG6/+T6YlS/kgDzJhvHrYyJ27Mw2bGc5qvsa5M48fXx3HA0XeF8enprWO1E/25XkeI74fsOGdczgVvb47RdnziUONCqstvGecsGn9fnZmP7aqNl1ca8tBUa15TCR2Mv7cuZ/bx98zqF1/PGvtcS7PGGsatsvuvLx0xa3e/Q6a9lekIef0jOy4W7+cYXRo2VJfXYf/I3kcT90P2Ppq4nLMzB85u76PJ6x8jrduhqV2xf8R6s/SPapOLr0e27r8wy/ad2X/to2X33xz298B0/YW+PtuDccO2h7QTN264sNfDTopxyTbxT/C45JKW+Okb7GQfN4zlcTtVOhxP/FhOea/GE+PhIrbr2CxtORGMJwKnq5j/x8+I6fx/+gT8/2bqFeUp2bPGGC/3PqFy+/YU5R2t9+kNdvU5vunQzi/0jx6/IPc857FO79Pb2TQ3WHDfT9F2XJOZL9yOOQM0RfledjlF2z17X8ZQGO5qu9+7/6733rPsjstzt/uG2gdp8Xb/ctPccMF2PwXyhfbx5QunXL5QfgPuYygaP8vPR8r1dsyWj4Ru85H0xqeFykf+MKd8rvnIYMuD+npVnbz5yMwHaVM+0ndi2wUAnDpi/l+/fpbm//8STyzS84iivPXCzHyMl5u35pyf5OWtf5BOb8rUH6r+RkX7YLOdN3/o/EduW3L84XNz85a7O81D/3PT3EhhHjq/vDk3j9jQm/vFc/OIep41vzwxt/31PHF+eXrOZdqGPH1+eXTu9qnn0c3jAF8+OpNpzBY/jgPkxq+PA/Qwz/3lTKUTd79+wXhdZmFxttPxuhOdR0+X9C1tXs/mvHiwN9f10l+fXag8+qM55XPNo4daHtTXq+rkzaOby+XRAMDpKub/8TSumv/3h/BkrLA4PpjfdfbcvKBH5+3ZvwdSj//MguSVM/F7dP23OO9b6Lx1ofP6hR6XOHmu/051lRcv9LjQSPUPeM41fqfjZG/Y/a4Lkhf/S/1Rx3lxulB5MQAAJ7OY/8c0P17/fzJTb775SUv+1lc7hZzJT069/Lyx3imcn18ZTlR+3n8q5+en+vjXSFfx35z5/4wur4u/PnUa5//VNsv/AQBOSTH/j7/2GP/+339N57N/t77DPP3u7O28rqO7jh7mlacPhxDeDHl6j8fZYvzG+wBO4XGA8qk1DlB7sHim/uk0DlDVFwwGAACcAvqqmVLr79l/PJ1mf88+7/fyr8qp36lKenp87Z5dk5NX7925eWLP5NU7btg8ufvqG3dt3bNnsn7uPL/ru7l5S5o39oVKuj3a18vmbcvSv4ewLOfvIWTrx7DnVB+0/j2E7GIXF/wdgZn911l78/ZfaZb67fpH3v7Oi/9HOfWj+v6/7o8vunrL7qu37ti6Z+vEtq37JpvrjVR/k7rz782M1ynn9H2pmR8tSnP//s64e+bXjlJLO/rS7ZH3/exJph3L05Ysz/v+g5x2f+e//8WfnD/1i/tCGH9L+W3t233H/e0bn5Gsn/ovV07+wZ4j39853f7SrO2v10zbVfR9pdn6cX0q227YvecdW27YuyP7jZLdieMZpfr8At3XkL79yx2OT2zKKZ/r7++XWx6cnDoenwAAoEm8/h/PZ+P1wy+lJ1CxvDBP31GrN9/rx7l5+nhneXr2e8mK8vRs/bi+nebpA/PM07PLL8rT29Vvl6fn5d158f8wp/5cdd5PurjPo5Juh/sP7M3tJ9d01k+y32dQ1E+y9efaT5J59pPs8ov6Sbv67fpJ3n7Pi/+RnPp5ivpDpd4f5ndfTm5/+GJn/eHXM/NF/SFbf679oTTP/pBdflF/aFe/XX/I27+t8ctNm7w347/THaPaLyavvvGGXZ9qqLfQ338RWm/J6KR9i2Zeu7Df/9Gtzrfvwt73Nf/2h7C+WpLX/nh9YNGc2t/p73/Nv/1F238O95UtDS33leW2/5n5jYR13v6F/X6XjLzqra8/UeO1abcruv+saBx3Y075XMdxF7U8ODkZx4U3Tsz/4+WemP/fkU57fRno1P+etC4+5+Ix+BT7HrNuzpPme3980XnMm+7zPHvJ3ec5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGmhv7KyOj1y++7jHz77977z55Ovfeb3/3H7rb/26a//ZOy63/n2A4Nfe/3w5vO2/OB3z7jukU9efuiuv3n81eGHfvlCYeCR6s/KhensQAjJS0kIA9869pefPfz0WdNlSQihnIzsD2F5suLx5UkmwvjPQwib6+1sfvLB1y7eMj299Y7+pvJlmSDZ9QpD5diexnaGcFPhGnEKGkj72b7jN74j/PC3N972vVXf+Pu+gy/un6mSDDT0pxCWXtP4+r4QwuL0/7TY21bGF6fTDSGEwYbXvbugXW/vsP1rc+bPSaeL0ulQQZz4/OrMfClTLzsf9WWmDeu6uGDRXclrR7f1iizJzGcPRvOV185YvjydfjOdXjjH+OX4PwmlJFTqzd+WzPSR0LDfkpBU9+VAfb5U37chXf/MfJKZL2Xmy32Z9aouN+1o5SRpLo/1MuXxcFxJy89rPFa38dGc8rem04H0jfp6nA/ZBzVDLQ/q61UV23Vslrak/lP74krxKztQajgGtSuv7/h0ZwylZUPJipbXTLURnzu88c415U1PHBnJaUfyQJLGT7qKv++7y5d84v4De1fmxb+mlMYvdRX/R1ccffmqA1/9Sm78L8b45a7iX/To4EtXPHn76tztcyxun0pX8SdeeOrzq8689mBu+++O8Qe6ir/+0NH+4eOPPpbb/vG4fRZ3Ff/5933gx/c9+/CLufFDjD/YVfxNh3Z+oX/0+AW58R+L22eou/7zysHLnhsd/elYXvxnYvzhruLfu/+u996z7I7Lc/fvhrh9RrqK/6HzH7ltyfGHz807diZ39+qTE+DN6Yz0HOtz6Xy3eeZ8NeQLfz1WqZ3zLUn/D/dyQRnTy1m6gPEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg9/fMtl3z8yvd/ZGMlCSHJqTPVRnyuvGj9+rEuljvxwlOfX3XmtQcby1Z2EQcAAAAoFvPwUr1kIKwMNyaLwzlt68cxgnPiXNJcnh1DiHGyYwTdxim1iVPqIk65R+2p9ChOX4/iLOpRnP4exRkoiDMQOouzeJY4leke0GF7BmdtT+dxhnoUZ0mP4gxnQnQbZ2mP2rOsR3FGZo3TeT9c3qM4K3oU54wexTmzR3He0qM4v9KjOGf1KE52THmu/XA4rXl2Xpzqg3JhnEpSrj/Rbjz9rHQ5585zOUMFyxku+jzucDmLO1zO2zOvK81xOQMdLudX57mcpMPl/Po8l1MqWE7stzdl2xeXE+c67P839yjOvh7F+XSP4tzSozh/2qM4f9ajOJ8JzSenc40D0KmY/8/keyOhv/KbYTA94mRHAWK+u6r6s/XzLu+AFOO9LVO+qCheNlHPxFs11/ZlBxAy8VZnyvua4lXq+cgs8QYa463JPDnb+r5vffu2Nca7MFPeP0u8phUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBPgn2+55ONXvv8jG0MSpv+1NdVGfK68aP36sS6We3jjnWvKm5440ljWX+kiEAAAAFAo5uF99ZKB0F9ZF/qTRU31BtJxgIF0vjxSm44uDRump8lYqTo/mCyf9XWV9HVr92zfuXb3zfveuXX7xPWT10/ueM+6S9ZdNn7pZZeu3bJ12+R47WcI/QXxQgjV4YfdN+/71MS2bZO7dtcKs+1fmb5uZTqfpK8bfVcYn57emrZ/RcHySi3LW7gHxXsPAAAAAAAAAAAAAAAAAAD4/+zaW4hcZx0A8O/MzM5Mt41d6W0amu2QS4laNYlbSbV0DwgWmgtZCjJbXUuwCRY3TWiTEuvYBmxrgiK0BEIkD0ZisbX40ostYi8EIjUacGOQtmge9EFptZKWPEjKyM7OmdvOZNaxZJP4+z2cb+b//b/vf75DCPzPLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG5NlUcmSqNj44NRCFGXnEoHyVw6G8fFPup+5aVtP8gNn17eHMtl+tgIAAAA6CnpwwfqkXzIZdIhHa6tflscmiZCo+8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+/0yVRyZKo2Pjl0YhRF1yKh0kc+lsHBf7qHvyvWc++8bw8N+aY4U+9gEAAAB6S/rwVD2SD4WwJAxE1053/vVo8m5gYdv6mbyGZJ9Fc8xrf3fQLW/JHPNumGPex3rkra+NOwMAAABc+JL+P1OPDIVcZsGsfjjp/3v19Une9W156dpYbE46q+xckgAAAIA5SPr/XD1SCLlMod6vz7XfX9wIVX86T9b3+t0+Wb+sLS9Z3+v3/HW10e/0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDhmCqPTJRGx8bTUQhRl5xKB8lcOhvHxT7qrnp58B9rDj+6uDmWy/SxEQAAANBT0oc3Wu98yGUGw0C4tNr3D9924LkvPffCSAhhps3PZsPOjdu337dq+hpWJXkrjx4e+P6Rd749K2/lzHXeDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHxopsojE6XRsfFLohCiLjmVDpK5dDaOi33UfevzX/zLUydefLs5VuhjHwAAAKC3pA9v9P75UAjZkA1XV7819/rTUm3ru70zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4e93/zwW9snJzcdJ8P8/Ohkg7hPLiN//FD8s/pfLmfC/9Dfr5vY37/XwIAAD5814coVP5L12yY77sGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOB1PlkYnS6Nh4Pgoh6pJT6SCZS2fjuNhH3filY7kFp19+tTlW6GMfAAAAoLekD2/0/vlQCANhIFxV/dbpnUC1/x86hzcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFemyiMTpdGx8QVRCFGXnEoHyVw6G8fFPuo+uWv/5w5d/r3bm2O5TB8bAQAAAD0lfXi2HsmHXObjIReuq32fbF0QpWtj5/cCjXXbWpYNznlduWVd+mzrokwI9XW7206WqZ1mZl0+2W9oZqzXKzbWpWrrik3rCqFevlhfV31Ye1uqLehxvtlPHgAAAM6dpP/P1SNDIZfJNfX/P62Nl9RGfS4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0NlUeWSiNDo2HkUhRF1yKh0kc+lsHBf7qPvgbz962Vd/tmdHc6zQxz4AAABAb0kf3uj986EQFoWPhEXVvj8MteYnef8snTn0xL/+ujyEFVcfH860b/uj5MOv37r1lfZLCKnW7FQIl9fqRV3q/eb3TzywtHLmqRBWXJW+bla9cPZ6rVvGledLm9ZtP3J8W4+HAwAAABeJpP8fqEeGQi5zb9f+P+m8e/T/ddUG/PIHdv3iytq11pG3rUgN1eqlutT7wtJn/rxs9d/fme7/Z9f7ZP3Tp/dvOXRlS8GZSJsoroxu2bH++E0HU8mpZ+qn2+onz+XL33r735t3Pn5mpn4+5GvxhW23MlNt9rWtfIgrk6l942s/2FdurZ/pcv5Hf/fqiV8t3PP+dP33rh+s179h+pJrrz9z8kzX+uGSuDJ4x2N7b95/eH1r/RBCsVP9d9+/PVzzx3seaT//YNvGzU+++dr+AOLK0cWnDq4+ULiltX7UVj95/j8/8eTenzz+3ReS+snfiixfMtf6qbb6r+++YtdrD29Y2Fo/1eX8r9z5xvDW4nf+0H7+u1t2zXS9i9nnf/rGZ+96c2P8UPsUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxWWqPDJRGh0bT0UhRF1yKh0kc+lsHBf7qHtyzbF379zz4x82xwp97AMAAAD0lvThjd4/HwohG7JhsNr3P1/atG77kePbwtDMbFQbM5Nb79/+ic1bd9x79zzdOQAAADBXJ9dE1f4/U48MhVxmaRio9f+jW3asP37TwVTS/6emxyiEsPmeyU0rQj3v9d1X7Hrt4Q0L6+8JQqj+WUB+Ou8zjbzbbj02dOpPX1/WMW9VI+/o4lMHVx8o3JLkhea8laH+fuLpG5+9682N8UP1+2vO+9TXtk7WXk8k+w7e8djem/cfXp9K3mPUxsHavkneZGrf+NoP9pVTQyE3PZ+u5eVr5wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZpsqj0yURsfGQzqEqEtOpVktkMyls3Fc7KPu2qW/fOSy0y8uao7lMn1sBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8hx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs11+IVFUcB/BzZnbbP7Oruxq0Fa2rFYU9KAUR9VJRERoh9GRIWJoPURBEFPbQGhqJFb0EWS8SFVRbCAa5SaLFGv2TXnqooMB6CERaqB2kh4qdOXd29jq30VkLys8HhrPn3Hu/93fvPXNmLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyn9HSN1NojOx6p3nnRrZ89df/Mk7d/8NC2K55466exTTd/urf/9ZNTm5dv+faWpZsOPLBmcvcrh38bfO+PY22DH683K1O3N4R4IobQ++H0i09PfX7B7FgMIZTj0HgIw3HJ4eGYS1j9ewhhc6PO+Rv3zVyzZbbdtqtn3vjiXEj+ukKlnNVTNzS/Xv5fetM821p97Krw/U3rt3+57N13uieOj8/tEmf3Kaf5FMKijc3Hd4cQ+tJnVjbbRrKDU7suhNDfdNx1beq69DTrXxVCNdevuTi156W20iYn274i1y/l9sv3M925tr/N+RaqqI5O92tnINfPL0YL1ahzVevx4dS+n9qVZ5hfzj4xlGLoapT/YJybI6H+3GoraQyx9iyzdTCGUuPZhnT9uX7M9Uu5frk7d12186aJVo5x/ni2X248W4670vjy5rW6hbsKxi9MbW/6op7M+iH/R13llD8a11WT1TX9N7X8G0pNa1Cr8VRv4/lXUqcSl5xyzJ8tZNum1j97eXnDR0eGCuqIe2PKjx3lb/1ieOCet3c+OlKUv7GU8ksd5f+w9ugvd+989eXC/Bey/HJH+Vcf7D+x9uMdKwrvz/TcCnI6+TH1s233HvvkuWXn3zfR6lnXMvdk97+3o/pvnDzaM1g9eKiw/tXZ/enrKP+7G2778c2v9x8vzA9Zfn9H+RsmH36+Z7R6ZWH+ofp3oFKboR3Mn18nrv1mdPTnsaL8r7L7P9giP7bNf2N89/WvLd61pnB+rsvuz1DK7zuj+u+47MD2ger+S4rWzrjnbP1yApyblqb/sZ5J/XbvmftmSi3fMxeq6X3hpbGu+i/QQPoMns0T5cyeZ9E/mA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHJAAAAAACPr/uh2BAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTAQAA//9hRxeo")
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffe8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

674.559245ms ago: executing program 1 (id=4094):
setuid(0xee01)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 1 (id=4095):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, 0x0, 0x8000)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000802800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r7, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

kernel console output (not intermixed with test programs):

ame="file2" dev="loop3" ino=348 res=0 errno=0
[ 1349.362971][T19172] loop2: detected capacity change from 0 to 512
[ 1349.431777][T19172] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1349.499680][T19172] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1349.534892][T19172] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1349.770760][T19183] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3384'.
[ 1349.841300][T19172] loop2: detected capacity change from 512 to 64
[ 1349.841594][T19187] syz.2.3382: attempt to access beyond end of device
[ 1349.841594][T19187] loop2: rw=12288, sector=140, nr_sectors = 4 limit=64
[ 1349.851645][T19175] syzkaller0: entered promiscuous mode
[ 1349.946989][T19175] syzkaller0: entered allmulticast mode
[ 1349.982894][T19187] EXT4-fs error (device loop2): ext4_get_inode_loc:4998: inode #18: block 35: comm syz.2.3382: unable to read itable block
[ 1350.041459][T19187] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6333: IO failure
[ 1350.082633][T19187] EXT4-fs error (device loop2): ext4_dirty_inode:6537: inode #18: comm syz.2.3382: mark_inode_dirty error
[ 1350.135047][T19187] syz.2.3382: attempt to access beyond end of device
[ 1350.135047][T19187] loop2: rw=12288, sector=76, nr_sectors = 4 limit=64
[ 1350.290517][T19187] Quota error (device loop2): qtree_write_dquot: dquota write failed
[ 1350.507523][T19187] EXT4-fs error (device loop2): ext4_write_dquot:6913: comm syz.2.3382: Failed to commit dquot type 1
[ 1351.325215][T19187] syz.2.3382: attempt to access beyond end of device
[ 1351.325215][T19187] loop2: rw=12288, sector=140, nr_sectors = 4 limit=64
[ 1351.452768][T19187] EXT4-fs error (device loop2): ext4_get_inode_loc:4998: inode #18: block 35: comm syz.2.3382: unable to read itable block
[ 1351.516138][T19187] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6333: IO failure
[ 1351.933371][T19187] EXT4-fs error (device loop2): ext4_ext_truncate:4475: inode #18: comm syz.2.3382: mark_inode_dirty error
[ 1352.031996][T19187] syz.2.3382: attempt to access beyond end of device
[ 1352.031996][T19187] loop2: rw=12288, sector=140, nr_sectors = 4 limit=64
[ 1352.052414][T19187] EXT4-fs error (device loop2): ext4_get_inode_loc:4998: inode #18: block 35: comm syz.2.3382: unable to read itable block
[ 1352.099994][T19187] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6333: IO failure
[ 1352.147023][T19187] EXT4-fs error (device loop2): ext4_truncate:4665: inode #18: comm syz.2.3382: mark_inode_dirty error
[ 1352.752931][T18349] syz-executor: attempt to access beyond end of device
[ 1352.752931][T18349] loop2: rw=12288, sector=76, nr_sectors = 4 limit=64
[ 1352.837004][T18349] Quota error (device loop2): qtree_write_dquot: dquota write failed
[ 1353.287184][T18349] syz-executor: attempt to access beyond end of device
[ 1353.287184][T18349] loop2: rw=12288, sector=76, nr_sectors = 4 limit=64
[ 1353.339000][T18349] Quota error (device loop2): qtree_write_dquot: dquota write failed
[ 1353.419323][T18349] syz-executor: attempt to access beyond end of device
[ 1353.419323][T18349] loop2: rw=12288, sector=72, nr_sectors = 4 limit=64
[ 1353.805628][T16685] Bluetooth: hci4: command 0x0406 tx timeout
[ 1354.135415][T19209] loop0: detected capacity change from 0 to 32768
[ 1354.154820][T19209] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3390 (19209)
[ 1354.258080][T19209] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1354.270144][T19209] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[ 1354.287340][T19209] BTRFS info (device loop0): using free-space-tree
[ 1355.730627][T17598] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1357.916231][T19235] dummy0 speed is unknown, defaulting to 1000
[ 1359.055034][ T8791] kworker/u8:12: attempt to access beyond end of device
[ 1359.055034][ T8791] loop2: rw=12288, sector=140, nr_sectors = 4 limit=64
[ 1359.069152][ T8791] EXT4-fs error: 6 callbacks suppressed
[ 1359.069170][ T8791] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4983: inode #18: block 35: comm kworker/u8:12: unable to read itable block
[ 1359.293095][T18349] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1360.022968][T19245] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1360.273603][T19248] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3396'.
[ 1360.282925][ T2918] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1360.668035][ T2918] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1361.665584][ T2918] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1362.348597][ T2918] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1362.562253][T19261] loop4: detected capacity change from 0 to 4096
[ 1362.632745][T19261] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[ 1363.185867][ T2918] bridge_slave_1: left allmulticast mode
[ 1363.196317][ T2918] bridge_slave_1: left promiscuous mode
[ 1363.257773][T19270] No control pipe specified
[ 1363.815162][ T2918] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1363.844316][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1363.855477][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1363.864294][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1363.973133][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1363.982656][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1364.051381][ T2918] bridge_slave_0: left allmulticast mode
[ 1364.153742][ T2918] bridge_slave_0: left promiscuous mode
[ 1364.183814][ T2918] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1366.081110][T16685] Bluetooth: hci1: command tx timeout
[ 1368.447578][T16685] Bluetooth: hci1: command tx timeout
[ 1368.807282][T19313] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3411'.
[ 1368.880654][ T2918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1368.891641][ T2918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1368.904170][ T2918] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1368.914356][ T2918] bond0 (unregistering): Released all slaves
[ 1368.955741][T19280] dummy0 speed is unknown, defaulting to 1000
[ 1368.969004][T19307] dummy0 speed is unknown, defaulting to 1000
[ 1369.542656][T19267] dummy0 speed is unknown, defaulting to 1000
[ 1369.896628][T19330] loop0: detected capacity change from 0 to 256
[ 1369.933688][T19330] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1370.033327][T19330] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1370.066148][T19334] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3416'.
[ 1370.078779][T19330] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1370.255526][T19337] netlink: 'syz.0.3415': attribute type 21 has an invalid length.
[ 1370.549566][T16685] Bluetooth: hci1: command tx timeout
[ 1370.800838][ T2918] hsr_slave_0: left promiscuous mode
[ 1370.839454][ T2918] hsr_slave_1: left promiscuous mode
[ 1370.846285][ T2918] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1370.865507][ T2918] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1370.896142][ T2918] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1370.915413][ T2918] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1370.963642][ T2918] veth1_macvtap: left promiscuous mode
[ 1370.979548][ T2918] veth0_macvtap: left promiscuous mode
[ 1370.991514][ T2918] veth1_vlan: left promiscuous mode
[ 1371.010195][ T2918] veth0_vlan: left promiscuous mode
[ 1371.131166][T19324] loop1: detected capacity change from 0 to 40427
[ 1371.146912][T19324] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[ 1371.197443][T19324] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[ 1371.213525][T19324] F2FS-fs (loop1): build fault injection rate: 17008
[ 1371.220557][T19324] F2FS-fs (loop1): build fault injection type: 0x5
[ 1371.232277][T19324] F2FS-fs (loop1): invalid crc value
[ 1371.425097][T19324] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1371.479573][T19324] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[ 1371.496262][T19324] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1372.114163][T17989] syz-executor: attempt to access beyond end of device
[ 1372.114163][T17989] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1372.144787][T17989] CPU: 0 UID: 0 PID: 17989 Comm: syz-executor Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1372.144817][T17989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1372.144829][T17989] Call Trace:
[ 1372.144837][T17989]  <TASK>
[ 1372.144846][T17989]  dump_stack_lvl+0x189/0x250
[ 1372.144877][T17989]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1372.144899][T17989]  ? __pfx_queue_work_on+0x10/0x10
[ 1372.144915][T17989]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1372.144940][T17989]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1372.144980][T17989]  f2fs_handle_critical_error+0x37c/0x540
[ 1372.145017][T17989]  f2fs_write_end_io+0x886/0xb60
[ 1372.145062][T17989]  __submit_merged_bio+0x27a/0x6a0
[ 1372.145098][T17989]  __submit_merged_write_cond+0x255/0x530
[ 1372.145134][T17989]  f2fs_write_data_pages+0x261d/0x3000
[ 1372.145200][T17989]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1372.145217][T17989]  ? is_bpf_text_address+0x26/0x2b0
[ 1372.145251][T17989]  ? arch_stack_walk+0xfc/0x150
[ 1372.145324][T17989]  ? css_rstat_updated+0x23a/0x4f0
[ 1372.145362][T17989]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[ 1372.145395][T17989]  ? __lock_acquire+0xab9/0xd20
[ 1372.145443][T17989]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1372.145464][T17989]  do_writepages+0x32b/0x550
[ 1372.145505][T17989]  ? do_raw_spin_unlock+0x122/0x240
[ 1372.145533][T17989]  filemap_fdatawrite+0x199/0x240
[ 1372.145559][T17989]  ? __pfx_filemap_fdatawrite+0x10/0x10
[ 1372.145658][T17989]  ? do_raw_spin_unlock+0x122/0x240
[ 1372.145686][T17989]  f2fs_sync_dirty_inodes+0x31f/0x830
[ 1372.145728][T17989]  f2fs_write_checkpoint+0x95a/0x1df0
[ 1372.145782][T17989]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 1372.145859][T17989]  ? f2fs_stop_gc_thread+0x7f/0xb0
[ 1372.145880][T17989]  ? kfree+0x18e/0x440
[ 1372.145905][T17989]  ? kill_f2fs_super+0x298/0x6c0
[ 1372.145933][T17989]  kill_f2fs_super+0x2c3/0x6c0
[ 1372.145963][T17989]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1372.145980][T17989]  ? radix_tree_delete_item+0x2b6/0x400
[ 1372.146016][T17989]  ? shrinker_free+0x2ce/0x3e0
[ 1372.146040][T17989]  deactivate_locked_super+0xbc/0x130
[ 1372.146067][T17989]  cleanup_mnt+0x425/0x4c0
[ 1372.146090][T17989]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1372.146120][T17989]  task_work_run+0x1d4/0x260
[ 1372.146148][T17989]  ? __pfx_task_work_run+0x10/0x10
[ 1372.146167][T17989]  ? __x64_sys_umount+0x122/0x160
[ 1372.146200][T17989]  ? exit_to_user_mode_loop+0x40/0x110
[ 1372.146230][T17989]  exit_to_user_mode_loop+0xec/0x110
[ 1372.146255][T17989]  do_syscall_64+0x2bd/0x3b0
[ 1372.146271][T17989]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1372.146296][T17989]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.146313][T17989]  ? clear_bhb_loop+0x60/0xb0
[ 1372.146337][T17989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1372.146353][T17989] RIP: 0033:0x7fd60658fcd7
[ 1372.146372][T17989] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1372.146387][T17989] RSP: 002b:00007ffefcb2b088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1372.146408][T17989] RAX: 0000000000000000 RBX: 00007fd606610a8d RCX: 00007fd60658fcd7
[ 1372.146421][T17989] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffefcb2b140
[ 1372.146433][T17989] RBP: 00007ffefcb2b140 R08: 0000000000000000 R09: 0000000000000000
[ 1372.146444][T17989] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffefcb2c1d0
[ 1372.146456][T17989] R13: 00007fd606610a8d R14: 000000000014ef42 R15: 00007ffefcb2c210
[ 1372.146493][T17989]  </TASK>
[ 1372.146503][T17989] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[ 1372.603394][T16685] Bluetooth: hci1: command tx timeout
[ 1373.203640][ T2918] team0 (unregistering): Port device team_slave_1 removed
[ 1373.294154][ T2918] team0 (unregistering): Port device team_slave_0 removed
[ 1373.338055][T19364] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3421'.
[ 1373.971995][T19337] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3415'.
[ 1374.379493][T19369] loop0: detected capacity change from 0 to 8
[ 1374.426430][T19369] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1374.442132][T19374] loop4: detected capacity change from 0 to 256
[ 1374.471229][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop0
[ 1374.482989][T19374] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1374.607723][T19374] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1374.643118][T19379] cramfs: Error -5 while decompressing!
[ 1374.648864][T19379] cramfs: ffffffff99c27608(26)->ffff88804db37000(4096)
[ 1374.656309][T19379] cramfs: Error -3 while decompressing!
[ 1374.661982][T19379] cramfs: ffffffff99c27622(26)->ffff88804db36000(4096)
[ 1374.669103][T19379] cramfs: Error -3 while decompressing!
[ 1374.674899][T19379] cramfs: ffffffff99c2763c(16)->ffff88804db35000(4096)
[ 1374.682820][T19379] cramfs: Error -5 while decompressing!
[ 1374.689730][T19379] cramfs: ffffffff99c27608(26)->ffff88804db37000(4096)
[ 1375.177341][   T30] audit: type=1800 audit(1752868663.597:9): pid=19379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3422" name="file2" dev="loop0" ino=348 res=0 errno=0
[ 1375.365681][T19374] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1375.426332][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop0
[ 1375.614895][T19385] netlink: 'syz.4.3424': attribute type 21 has an invalid length.
[ 1375.623646][T19385] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3424'.
[ 1376.120377][T19267] chnl_net:caif_netlink_parms(): no params data found
[ 1377.237757][T19410] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3432'.
[ 1377.447661][T19404] loop4: detected capacity change from 0 to 32768
[ 1377.658240][T19404] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1377.658259][T19404]   allowing incompatible features above 0.0: (unknown version)
[ 1377.658267][T19404]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1377.703936][T19404] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[ 1377.712254][T19404] bcachefs (loop4): initializing new filesystem
[ 1377.767905][T19404] bcachefs (loop4): going read-write
[ 1377.812931][T19267] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1377.820623][T19267] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1377.874372][T19413] siw: device registration error -23
[ 1377.928133][T19267] bridge_slave_0: entered allmulticast mode
[ 1377.952643][T19413] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3433'.
[ 1377.964744][T19267] bridge_slave_0: entered promiscuous mode
[ 1377.976559][T19267] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1377.983977][T19267] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1377.991792][T19267] bridge_slave_1: entered allmulticast mode
[ 1377.999887][T19267] bridge_slave_1: entered promiscuous mode
[ 1378.006021][T19404] bcachefs (loop4): initializing freespace
[ 1378.376429][ T2918] bridge_slave_1: left allmulticast mode
[ 1378.404977][ T2918] bridge_slave_1: left promiscuous mode
[ 1378.703956][ T2918] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1379.014891][ T2918] bridge_slave_0: left allmulticast mode
[ 1379.020603][ T2918] bridge_slave_0: left promiscuous mode
[ 1379.099902][ T2918] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1379.339792][T16682] bcachefs (loop4): clean shutdown complete, journal seq 9
[ 1379.757588][ T2918] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1379.776326][ T2918] geneve2 (unregistering): left promiscuous mode
[ 1380.150643][ T2918] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1380.161373][ T2918] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1380.171586][ T2918] bond0 (unregistering): Released all slaves
[ 1380.359215][ T2918] bond1 (unregistering): Released all slaves
[ 1380.525622][ T2918] bond2 (unregistering): Released all slaves
[ 1380.810813][ T2918] bond3 (unregistering): Released all slaves
[ 1380.878310][T19453] netlink: 'syz.3.3440': attribute type 1 has an invalid length.
[ 1380.886279][T19453] netlink: 208 bytes leftover after parsing attributes in process `syz.3.3440'.
[ 1381.135027][ T2918] bond4 (unregistering): Released all slaves
[ 1381.250687][T19455] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3438'.
[ 1381.372622][ T2918] bond5 (unregistering): Released all slaves
[ 1381.391668][T19267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1381.580392][T19267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1381.669761][ T2918] tipc: Disabling bearer <eth:vlan0>
[ 1381.730880][ T2918] tipc: Left network mode
[ 1381.855366][ T2918] IPVS: stopping backup sync thread 16742 ...
[ 1382.100924][T19463] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3443'.
[ 1382.186816][T19267] team0: Port device team_slave_0 added
[ 1382.222064][T19267] team0: Port device team_slave_1 added
[ 1382.322870][T19465] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3444'.
[ 1382.461088][T19472] loop1: detected capacity change from 0 to 256
[ 1382.479096][T19267] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1382.493603][T19267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1382.523939][T19267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1382.794430][T19267] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1382.855501][T19267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1383.165574][T19267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1383.690464][T16685] Bluetooth: hci0: unexpected event for opcode 0x0040
[ 1383.910392][ T2918] hsr_slave_0: left promiscuous mode
[ 1383.958902][ T2918] hsr_slave_1: left promiscuous mode
[ 1383.974679][ T2918] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1384.432680][ T2918] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1384.646959][ T2918] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1385.095098][ T2918] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1385.222792][ T2918] veth1_macvtap: left promiscuous mode
[ 1385.251724][ T2918] veth0_macvtap: left promiscuous mode
[ 1385.285368][ T2918] veth1_vlan: left promiscuous mode
[ 1385.290791][ T2918] veth0_vlan: left promiscuous mode
[ 1386.964148][T19531] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3461'.
[ 1387.037783][T19531] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3461'.
[ 1387.851849][ T2918] team0 (unregistering): Port device team_slave_1 removed
[ 1387.933350][ T2918] team0 (unregistering): Port device team_slave_0 removed
[ 1388.759023][T19267] hsr_slave_0: entered promiscuous mode
[ 1388.774190][T19267] hsr_slave_1: entered promiscuous mode
[ 1391.335154][T19267] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1391.731575][T19267] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1391.797457][T19267] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1391.854444][T19267] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1392.214078][T19588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3474'.
[ 1392.272522][T19589] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3474'.
[ 1392.381246][T19267] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1392.458010][T19267] 8021q: adding VLAN 0 to HW filter on device team0
[ 1392.520330][ T1338] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1392.527681][ T1338] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1392.599359][ T6121] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1392.606924][ T6121] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1393.160777][T19609] loop4: detected capacity change from 0 to 8
[ 1393.199289][T19609] MTD: Attempt to mount non-MTD device "/dev/loop4"
[ 1393.246361][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop4
[ 1393.411033][T19613] cramfs: Error -5 while decompressing!
[ 1393.449538][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop4
[ 1393.525998][T19613] cramfs: ffffffff99c23608(26)->ffff88806ca95000(4096)
[ 1393.554466][T19613] cramfs: Error -3 while decompressing!
[ 1393.560512][T19613] cramfs: ffffffff99c23622(26)->ffff88804ad05000(4096)
[ 1393.620233][T19613] cramfs: Error -3 while decompressing!
[ 1393.627195][T19615] kvm: pic: non byte read
[ 1393.631827][T19613] cramfs: ffffffff99c2363c(16)->ffff8880513f3000(4096)
[ 1393.698921][T19615] kvm: pic: non byte read
[ 1393.721629][T19615] kvm: pic: non byte read
[ 1393.733006][T19613] cramfs: Error -5 while decompressing!
[ 1393.749459][T19613] cramfs: ffffffff99c23608(26)->ffff88806ca95000(4096)
[ 1393.772835][T19615] kvm: pic: non byte read
[ 1393.794710][   T30] audit: type=1800 audit(1752868682.687:10): pid=19613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3480" name="file2" dev="loop4" ino=348 res=0 errno=0
[ 1393.819173][T19615] kvm: pic: non byte read
[ 1393.851872][T19615] kvm: pic: non byte read
[ 1393.867258][T19615] kvm: pic: non byte read
[ 1393.871781][T19615] kvm: pic: non byte read
[ 1393.925770][T19623] loop1: detected capacity change from 0 to 512
[ 1393.943845][T19615] kvm: pic: non byte read
[ 1393.951731][T19615] kvm: pic: non byte read
[ 1394.057538][T19267] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1394.117142][T19623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1394.204407][T19623] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1394.883331][T19641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3487'.
[ 1395.547346][T19651] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3487'.
[ 1395.694697][T17989] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1395.864261][T19655] loop4: detected capacity change from 0 to 256
[ 1397.115821][T19673] loop4: detected capacity change from 0 to 512
[ 1397.207691][T19673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1397.347724][T19673] ext4 filesystem being mounted at /130/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1397.523363][T19267] veth0_vlan: entered promiscuous mode
[ 1397.571736][T19267] veth1_vlan: entered promiscuous mode
[ 1397.659891][T19685] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3495'.
[ 1398.181756][T16682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1398.229381][T19267] veth0_macvtap: entered promiscuous mode
[ 1398.287114][T19267] veth1_macvtap: entered promiscuous mode
[ 1398.397815][T19267] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1398.470333][T19267] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1398.538173][T19693] loop0: detected capacity change from 0 to 512
[ 1398.551958][   T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1398.584934][   T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1398.599850][   T36] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1398.603787][T19696] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3500'.
[ 1398.611557][   T36] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1398.635735][T19693] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1398.675076][T19693] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1399.039302][ T6290] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1399.091623][ T6290] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1399.346163][ T2918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1399.355620][ T2918] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1399.596598][T17598] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1400.076913][T19721] loop3: detected capacity change from 0 to 512
[ 1400.325757][T19729] dummy0 speed is unknown, defaulting to 1000
[ 1401.104600][T19721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1401.119348][T19724] loop5: detected capacity change from 0 to 256
[ 1401.133868][T19724] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1401.146707][T19721] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1401.208206][T19724] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1401.417771][T19724] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1401.504960][T19741] netlink: 'syz.4.3510': attribute type 10 has an invalid length.
[ 1401.582923][T19741] 8021q: adding VLAN 0 to HW filter on device team0
[ 1401.617768][T19741] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1401.806038][T17144] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1402.209785][T19724] netlink: 'syz.5.3399': attribute type 21 has an invalid length.
[ 1402.222348][T19724] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3399'.
[ 1403.136649][T19755] loop4: detected capacity change from 0 to 256
[ 1403.179223][T19755] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1403.445377][ T5843] libceph: connect (1)[c::]:6789 error -101
[ 1403.510079][ T5843] libceph: mon0 (1)[c::]:6789 connect error
[ 1403.627816][T19755] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1403.944066][T19755] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1403.974091][T19757] ceph: No mds server is up or the cluster is laggy
[ 1404.017315][T19766] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[ 1404.023892][T19766] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1404.101818][T19766] vhci_hcd vhci_hcd.0: Device attached
[ 1404.304654][T19774] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(9)
[ 1404.311240][T19774] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1404.344379][T19766] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1404.353402][ T5933] vhci_hcd: vhci_device speed not set
[ 1404.583224][ T5933] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[ 1404.590296][T19774] vhci_hcd vhci_hcd.0: Device attached
[ 1404.647901][T19766] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(14)
[ 1404.654566][T19766] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1404.793763][T19766] vhci_hcd vhci_hcd.0: Device attached
[ 1405.353546][T19774] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11)
[ 1405.360194][T19774] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1405.404498][T19774] vhci_hcd vhci_hcd.0: Device attached
[ 1405.417521][T19790] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1405.533914][T19766] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(17)
[ 1405.540595][T19766] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1405.579626][T19795] loop3: detected capacity change from 0 to 512
[ 1405.604244][T19774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1405.612853][T19766] vhci_hcd vhci_hcd.0: Device attached
[ 1405.661500][T19774] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1405.687451][T19797] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1405.802412][T19766] vhci_hcd vhci_hcd.0: port 0 already used
[ 1405.810595][T19795] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1405.884037][T19795] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1406.016377][T19791] vhci_hcd: connection closed
[ 1406.023958][T17176] vhci_hcd: stop threads
[ 1406.062268][T19787] vhci_hcd: connection closed
[ 1406.062537][T19781] vhci_hcd: connection closed
[ 1406.067373][T19776] vhci_hcd: connection closed
[ 1406.095441][T19770] vhci_hcd: connection reset by peer
[ 1406.152625][T17176] vhci_hcd: release socket
[ 1406.157347][T17176] vhci_hcd: disconnect device
[ 1406.163567][T17176] vhci_hcd: stop threads
[ 1406.167850][T17176] vhci_hcd: release socket
[ 1406.172399][T17176] vhci_hcd: disconnect device
[ 1406.183560][T17176] vhci_hcd: stop threads
[ 1406.187943][T17176] vhci_hcd: release socket
[ 1406.209861][T17176] vhci_hcd: disconnect device
[ 1406.262271][T17176] vhci_hcd: stop threads
[ 1406.407861][T19808] dummy0 speed is unknown, defaulting to 1000
[ 1406.949185][T17144] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1406.999428][T17176] vhci_hcd: release socket
[ 1407.033399][T17176] vhci_hcd: disconnect device
[ 1407.061274][T17176] vhci_hcd: stop threads
[ 1407.122760][T17176] vhci_hcd: release socket
[ 1407.200752][T17176] vhci_hcd: disconnect device
[ 1409.449161][T19824] dummy0 speed is unknown, defaulting to 1000
[ 1410.319022][ T5933] vhci_hcd: vhci_device speed not set
[ 1411.404684][T19841] netlink: 120 bytes leftover after parsing attributes in process `syz.5.3528'.
[ 1411.800378][T13554] usb usb44-port1: attempt power cycle
[ 1412.132165][T19851] loop4: detected capacity change from 0 to 512
[ 1412.237252][T19851] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1412.314881][T19851] ext4 filesystem being mounted at /140/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1412.317058][T19858] loop0: detected capacity change from 0 to 512
[ 1412.891646][T19858] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1412.985423][T19858] ext4 filesystem being mounted at /111/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1413.024155][T13554] usb usb44-port1: unable to enumerate USB device
[ 1413.523186][T17598] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1413.699391][T19872] dummy0 speed is unknown, defaulting to 1000
[ 1414.268404][T16682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1414.542238][T19882] loop1: detected capacity change from 0 to 512
[ 1414.682923][T19882] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1414.795241][T19882] ext4 filesystem being mounted at /80/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1415.891015][T19895] dummy0 speed is unknown, defaulting to 1000
[ 1416.796329][T17989] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1416.900612][T19908] netlink: 120 bytes leftover after parsing attributes in process `syz.5.3543'.
[ 1418.616676][T19923] loop0: detected capacity change from 0 to 512
[ 1418.810155][T19927] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1419.237161][T19923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1419.281757][T19923] ext4 filesystem being mounted at /113/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1419.634493][T17598] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1419.674580][T19939] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3551'.
[ 1419.729808][T19939] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3551'.
[ 1419.895698][T19945] No control pipe specified
[ 1420.447358][T19946] netlink: 'syz.5.3554': attribute type 10 has an invalid length.
[ 1420.642387][T19946] 8021q: adding VLAN 0 to HW filter on device team0
[ 1420.683320][T19946] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1421.141579][T19950] loop1: detected capacity change from 0 to 64
[ 1421.248646][T19955] netlink: 120 bytes leftover after parsing attributes in process `syz.3.3556'.
[ 1421.276491][T19952] siw: device registration error -23
[ 1421.306657][T19958] loop4: detected capacity change from 0 to 512
[ 1421.327580][T19952] netlink: 156 bytes leftover after parsing attributes in process `syz.0.3552'.
[ 1421.382973][T19958] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1421.453834][T19958] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1421.768872][T19967] dummy0 speed is unknown, defaulting to 1000
[ 1422.749017][T19963] loop0: detected capacity change from 0 to 32768
[ 1423.092569][T19963] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1423.092600][T19963]   allowing incompatible features above 0.0: (unknown version)
[ 1423.092613][T19963]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1423.143059][T19963] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1423.151358][T19963] bcachefs (loop0): initializing new filesystem
[ 1423.222339][T19963] bcachefs (loop0): going read-write
[ 1423.406754][T19963] bcachefs (loop0): initializing freespace
[ 1423.896526][T19997] loop5: detected capacity change from 0 to 512
[ 1423.912773][T16682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1423.986576][T19997] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1424.000323][T19997] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1424.175495][T17598] bcachefs (loop0): clean shutdown complete, journal seq 8
[ 1424.214021][T19267] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1424.508245][T20011] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3567'.
[ 1424.536981][T20011] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3567'.
[ 1424.719296][T20009] loop5: detected capacity change from 0 to 32768
[ 1424.825151][T20014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3568'.
[ 1424.834314][T20014] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3568'.
[ 1425.661666][T20029] dummy0 speed is unknown, defaulting to 1000
[ 1426.572143][T20042] loop1: detected capacity change from 0 to 512
[ 1426.686940][T20040] picdev_read: 77 callbacks suppressed
[ 1426.686962][T20040] kvm: pic: non byte read
[ 1426.688578][T20042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1426.692571][T20040] kvm: pic: non byte read
[ 1426.706795][T20042] ext4 filesystem being mounted at /87/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1426.783891][T20040] kvm: pic: non byte read
[ 1426.788396][T20040] kvm: pic: non byte read
[ 1426.792973][T20040] kvm: pic: non byte read
[ 1426.797900][T20040] kvm: pic: non byte read
[ 1426.802459][T20040] kvm: pic: non byte read
[ 1426.809973][T20040] kvm: pic: non byte read
[ 1426.815911][T20040] kvm: pic: non byte read
[ 1426.820633][T20040] kvm: pic: non byte read
[ 1426.857934][T20009] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1426.857964][T20009]   allowing incompatible features above 0.0: (unknown version)
[ 1426.857978][T20009]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1426.903273][T20009] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1426.911493][T20009] bcachefs (loop5): initializing new filesystem
[ 1426.992174][T20009] bcachefs (loop5): going read-write
[ 1427.249142][T20009] bcachefs (loop5): initializing freespace
[ 1427.467115][T20049] loop3: detected capacity change from 0 to 256
[ 1427.590321][T20056] loop4: detected capacity change from 0 to 512
[ 1427.979123][T17989] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1428.016619][T20056] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1428.050230][T20056] ext4 filesystem being mounted at /148/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1428.375098][T16682] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1428.397948][T20063] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3578'.
[ 1428.411147][T19267] bcachefs (loop5): clean shutdown complete, journal seq 8
[ 1428.486811][T20063] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3578'.
[ 1428.514893][T20067] loop0: detected capacity change from 0 to 256
[ 1429.098736][T20068] loop1: detected capacity change from 0 to 32768
[ 1430.907229][ T5916] libceph: connect (1)[c::]:6789 error -101
[ 1430.914595][ T5916] libceph: mon0 (1)[c::]:6789 connect error
[ 1430.955393][T20094] ceph: No mds server is up or the cluster is laggy
[ 1431.157248][T20068] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1431.157278][T20068]   allowing incompatible features above 0.0: (unknown version)
[ 1431.157290][T20068]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1431.202536][T20068] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1431.210823][T20068] bcachefs (loop1): initializing new filesystem
[ 1431.306865][T20068] bcachefs (loop1): going read-write
[ 1432.279979][T20068] bcachefs (loop1): initializing freespace
[ 1432.885450][T20118] dummy0 speed is unknown, defaulting to 1000
[ 1433.583659][T20113] loop0: detected capacity change from 0 to 2048
[ 1433.622372][T17989] bcachefs (loop1): clean shutdown complete, journal seq 8
[ 1433.671944][ T9030] Alternate GPT is invalid, using primary GPT.
[ 1433.706763][ T9030]  loop0: p1 p2 p3
[ 1434.169619][T20128] netlink: 256 bytes leftover after parsing attributes in process `syz.5.3580'.
[ 1434.291246][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[ 1434.297659][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1434.330116][T20132] loop0: detected capacity change from 0 to 512
[ 1434.358249][T20133] loop4: detected capacity change from 0 to 256
[ 1434.382226][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[ 1434.469621][T20133] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1434.498986][T20133] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1434.519264][T20133] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1434.565969][T20132] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1434.837780][T20142] dummy0 speed is unknown, defaulting to 1000
[ 1435.449316][T20132] ext4 filesystem being mounted at /119/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1436.188188][T17598] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1437.636283][T20169] siw: device registration error -23
[ 1437.846992][T20173] loop3: detected capacity change from 0 to 32768
[ 1437.951099][T20169] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3598'.
[ 1438.314633][T20172] loop4: detected capacity change from 0 to 2048
[ 1438.539936][T20173] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1438.539955][T20173]   allowing incompatible features above 0.0: (unknown version)
[ 1438.539964][T20173]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1438.584590][T20173] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[ 1438.593388][T20173] bcachefs (loop3): initializing new filesystem
[ 1438.631239][T10355] Alternate GPT is invalid, using primary GPT.
[ 1438.643521][T10355]  loop4: p1 p2 p3
[ 1438.681366][T20173] bcachefs (loop3): going read-write
[ 1438.983574][T20195] loop5: detected capacity change from 0 to 32768
[ 1439.045554][T20195] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3602 (20195)
[ 1439.186319][T20195] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1439.197952][T20195] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[ 1439.207573][T20195] BTRFS info (device loop5): disk space caching is enabled
[ 1439.214794][T20195] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1439.329227][T20173] bcachefs (loop3): initializing freespace
[ 1439.348387][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1439.405019][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[ 1439.437309][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1439.460826][T20199] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3603'.
[ 1439.666634][T20195] BTRFS info (device loop5): rebuilding free space tree
[ 1439.756856][T20195] BTRFS info (device loop5): disabling free space tree
[ 1439.764282][T20195] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1439.774263][T20195] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1440.373858][T20222] loop0: detected capacity change from 0 to 512
[ 1440.490341][T20222] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1440.634808][T20222] ext4 filesystem being mounted at /123/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1440.752276][T19267] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1440.903189][T17144] bcachefs (loop3): clean shutdown complete, journal seq 9
[ 1440.935801][T17598] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1442.121931][T20231] loop1: detected capacity change from 0 to 32768
[ 1444.141273][T20266] netlink: 'syz.0.3614': attribute type 10 has an invalid length.
[ 1444.184408][T20266] 8021q: adding VLAN 0 to HW filter on device team0
[ 1444.213822][T20266] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1444.780543][T20270] loop0: detected capacity change from 0 to 16
[ 1444.821791][T20270] erofs (device loop0): mounted with root inode @ nid 36.
[ 1444.842233][T20268] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3616'.
[ 1445.669482][T20274] loop5: detected capacity change from 0 to 32768
[ 1446.005606][T20274] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1446.005625][T20274]   allowing incompatible features above 0.0: (unknown version)
[ 1446.005633][T20274]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1446.050691][T20274] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1446.058963][T20274] bcachefs (loop5): initializing new filesystem
[ 1446.107732][T20274] bcachefs (loop5): going read-write
[ 1446.623064][T20299] loop4: detected capacity change from 0 to 8
[ 1446.650108][T20299] MTD: Attempt to mount non-MTD device "/dev/loop4"
[ 1446.765282][T20274] bcachefs (loop5): initializing freespace
[ 1446.849986][T20300] cramfs: Error -5 while decompressing!
[ 1446.855936][T20300] cramfs: ffffffff99c27608(26)->ffff88804bf2a000(4096)
[ 1446.862867][T20300] cramfs: Error -3 while decompressing!
[ 1446.868586][T20300] cramfs: ffffffff99c27622(26)->ffff888049452000(4096)
[ 1446.875759][T20300] cramfs: Error -3 while decompressing!
[ 1446.881387][T20300] cramfs: ffffffff99c2763c(16)->ffff888049453000(4096)
[ 1446.895141][T20300] cramfs: Error -5 while decompressing!
[ 1446.900889][T20300] cramfs: ffffffff99c27608(26)->ffff88804bf2a000(4096)
[ 1446.910952][   T30] audit: type=1800 audit(1752868735.817:11): pid=20300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3620" name="file2" dev="loop4" ino=348 res=0 errno=0
[ 1447.662718][T10355] udevd[10355]: incorrect cramfs checksum on /dev/loop4
[ 1448.601726][T19267] bcachefs (loop5): clean shutdown complete, journal seq 9
[ 1449.044129][T20318] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3624'.
[ 1449.377257][T20324] loop4: detected capacity change from 0 to 32768
[ 1449.443959][T20324] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3625 (20324)
[ 1449.502808][T20324] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1449.514184][T20324] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[ 1449.523088][T20324] BTRFS info (device loop4): disk space caching is enabled
[ 1449.530358][T20324] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1449.674399][T20330] netlink: 'syz.3.3626': attribute type 10 has an invalid length.
[ 1449.790000][T20330] 8021q: adding VLAN 0 to HW filter on device team0
[ 1449.844782][T20330] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1450.197511][T20350] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3628'.
[ 1450.232002][T20324] BTRFS info (device loop4): rebuilding free space tree
[ 1450.248205][T20324] BTRFS info (device loop4): disabling free space tree
[ 1450.255268][T20324] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1450.267131][T20324] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1451.421811][T20359] loop3: detected capacity change from 0 to 2048
[ 1451.565673][T20366] netlink: 'syz.1.3631': attribute type 10 has an invalid length.
[ 1451.728591][T16682] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1452.038506][ T6015] Alternate GPT is invalid, using primary GPT.
[ 1452.048856][ T6015]  loop3: p1 p2 p3
[ 1452.266144][T20359] Alternate GPT is invalid, using primary GPT.
[ 1452.353324][T20359]  loop3: p1 p2 p3
[ 1452.632172][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[ 1452.661514][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1452.807266][T20376] loop1: detected capacity change from 0 to 32768
[ 1452.868133][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[ 1453.120207][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[ 1453.123027][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[ 1453.144131][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[ 1453.356553][T20376] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1453.356584][T20376]   allowing incompatible features above 0.0: (unknown version)
[ 1453.356598][T20376]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1453.401363][T20376] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1453.409930][T20376] bcachefs (loop1): initializing new filesystem
[ 1453.481144][T20376] bcachefs (loop1): going read-write
[ 1453.850663][T20376] bcachefs (loop1): initializing freespace
[ 1454.308750][T20368] loop0: detected capacity change from 0 to 32768
[ 1455.204712][T20368] read_mapping_page failed!
[ 1455.221449][T20368] jfs_mount: diMount(ipaimap2) failed, rc = -5
[ 1455.309432][T20368] Mount JFS Failure: -5
[ 1455.315696][T20368] jfs_mount failed w/return code = -5
[ 1455.324532][T20375] loop4: detected capacity change from 0 to 32768
[ 1456.561471][T13554] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 1457.183302][T13554] usb 4-1: Using ep0 maxpacket: 8
[ 1457.213190][T13554] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1457.270000][T13554] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1457.282765][T20422] loop0: detected capacity change from 0 to 256
[ 1457.302110][T13554] usb 4-1: can't read configurations, error -71
[ 1457.360103][T20423] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.3639'.
[ 1457.393258][T20422] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1457.453616][T20422] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1457.520602][T20422] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1457.581208][T17989] bcachefs (loop1): clean shutdown complete, journal seq 10
[ 1458.796595][T20447] loop0: detected capacity change from 0 to 256
[ 1458.817262][T20447] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1458.890114][T20447] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[ 1458.946534][T20447] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1459.304469][ T5916] libceph: connect (1)[c::]:6789 error -101
[ 1459.363456][ T5916] libceph: mon0 (1)[c::]:6789 connect error
[ 1459.827111][ T5916] libceph: connect (1)[c::]:6789 error -101
[ 1459.835450][ T5916] libceph: mon0 (1)[c::]:6789 connect error
[ 1459.884454][T20451] ceph: No mds server is up or the cluster is laggy
[ 1460.344650][ T5843] libceph: connect (1)[c::]:6789 error -101
[ 1460.404403][ T5843] libceph: mon0 (1)[c::]:6789 connect error
[ 1461.998312][T20463] loop3: detected capacity change from 0 to 32768
[ 1462.211007][T20477] loop4: detected capacity change from 0 to 8
[ 1462.274544][T20477] MTD: Attempt to mount non-MTD device "/dev/loop4"
[ 1462.356323][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop4
[ 1462.420811][T20481] cramfs: Error -5 while decompressing!
[ 1462.426571][T20481] cramfs: ffffffff99c23608(26)->ffff88804b1ea000(4096)
[ 1462.434095][T20481] cramfs: Error -3 while decompressing!
[ 1462.439756][T20481] cramfs: ffffffff99c23622(26)->ffff88804b1eb000(4096)
[ 1462.478232][T20481] cramfs: Error -3 while decompressing!
[ 1462.485351][T20481] cramfs: ffffffff99c2363c(16)->ffff88804b1ec000(4096)
[ 1462.492481][T20481] cramfs: Error -5 while decompressing!
[ 1462.498272][T20481] cramfs: ffffffff99c23608(26)->ffff88804b1ea000(4096)
[ 1462.510026][   T30] audit: type=1800 audit(1752868751.407:12): pid=20481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3651" name="file2" dev="loop4" ino=348 res=0 errno=0
[ 1462.604267][T10355] udevd[10355]: incorrect cramfs checksum on /dev/loop4
[ 1462.631291][T20483] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.3652'.
[ 1463.683670][ T5933] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1464.463465][ T5933] usb 6-1: Using ep0 maxpacket: 8
[ 1464.479833][ T5933] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1464.498798][ T5933] usb 6-1: unable to read config index 0 descriptor/start: -71
[ 1464.514242][ T5933] usb 6-1: can't read configurations, error -71
[ 1464.786577][T20501] loop0: detected capacity change from 0 to 1024
[ 1467.856150][T20523] ceph: No mds server is up or the cluster is laggy
[ 1468.049002][T20522] loop1: detected capacity change from 0 to 32768
[ 1468.095724][ T5843] libceph: connect (1)[c::]:6789 error -101
[ 1468.101860][ T5843] libceph: mon0 (1)[c::]:6789 connect error
[ 1468.451217][T20522] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1468.451237][T20522]   allowing incompatible features above 0.0: (unknown version)
[ 1468.451245][T20522]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1468.497382][T20522] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1468.505732][T20522] bcachefs (loop1): initializing new filesystem
[ 1468.540370][T20522] bcachefs (loop1): going read-write
[ 1468.627464][T20539] netlink: 'syz.5.3660': attribute type 1 has an invalid length.
[ 1468.643256][T20539] netlink: 208 bytes leftover after parsing attributes in process `syz.5.3660'.
[ 1468.730285][T20546] loop0: detected capacity change from 0 to 1024
[ 1468.744928][T20522] bcachefs (loop1): initializing freespace
[ 1471.650212][T20558] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.3663'.
[ 1473.597177][T17989] bcachefs (loop1): clean shutdown complete, journal seq 11
[ 1473.613383][T19818] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1473.796515][T19818] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1473.833081][T19818] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1473.855686][T19818] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1473.915835][T19818] usb 6-1: Product: syz
[ 1473.945039][T19818] usb 6-1: Manufacturer: syz
[ 1473.949745][T19818] usb 6-1: SerialNumber: syz
[ 1473.962565][T19818] usb 6-1: config 0 descriptor??
[ 1474.598652][T19818] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1474.672107][T20576] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3667'.
[ 1474.801284][T19818] usb 6-1: USB disconnect, device number 4
[ 1474.830972][ T9030] udevd[9030]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1475.251961][T20585] loop4: detected capacity change from 0 to 32768
[ 1475.445465][T20585] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1476.792853][T20609] loop5: detected capacity change from 0 to 16
[ 1476.845985][T20609] erofs (device loop5): mounted with root inode @ nid 36.
[ 1476.933706][T20606] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3671'.
[ 1476.967426][T20606] netlink: 'syz.4.3671': attribute type 7 has an invalid length.
[ 1476.992168][T20606] netlink: 'syz.4.3671': attribute type 8 has an invalid length.
[ 1477.053463][T20606] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3671'.
[ 1477.389505][ T5849] Bluetooth: hci1: link tx timeout
[ 1477.396530][ T5849] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1477.920367][T20609] erofs (device loop5): bogus dirent @ nid 46
[ 1477.945130][ T5916] libceph: connect (1)[c::]:6789 error -101
[ 1477.951246][ T5916] libceph: mon0 (1)[c::]:6789 connect error
[ 1477.990956][T20618] ceph: No mds server is up or the cluster is laggy
[ 1478.248830][T20626] loop3: detected capacity change from 0 to 8
[ 1478.286152][T20626] MTD: Attempt to mount non-MTD device "/dev/loop3"
[ 1478.301796][T20604] loop0: detected capacity change from 0 to 32768
[ 1478.331491][ T5916] dummy0 speed is unknown, defaulting to 1000
[ 1478.371687][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop3
[ 1478.473025][T16682] ocfs2: Unmounting device (7,4) on (node local)
[ 1478.483384][T20628] cramfs: Error -5 while decompressing!
[ 1478.500497][T20628] cramfs: ffffffff99c27608(26)->ffff88804b236000(4096)
[ 1478.526924][T20628] cramfs: Error -3 while decompressing!
[ 1478.545724][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop3
[ 1478.555924][T20628] cramfs: ffffffff99c27622(26)->ffff8880498bb000(4096)
[ 1478.571391][T20628] cramfs: Error -3 while decompressing!
[ 1478.587964][T20628] cramfs: ffffffff99c2763c(16)->ffff888051a9d000(4096)
[ 1478.588437][T20604] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 1478.704015][T20628] cramfs: Error -5 while decompressing!
[ 1478.815382][T20628] cramfs: ffffffff99c27608(26)->ffff88804b236000(4096)
[ 1478.834451][   T30] audit: type=1800 audit(1752868767.737:13): pid=20628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3679" name="file2" dev="loop3" ino=348 res=0 errno=0
[ 1478.960284][T20631] loop1: detected capacity change from 0 to 2048
[ 1479.117804][ T6210] Alternate GPT is invalid, using primary GPT.
[ 1479.150111][ T6210]  loop1: p1 p2 p3
[ 1479.276579][T20631] Alternate GPT is invalid, using primary GPT.
[ 1479.327399][T20631]  loop1: p1 p2 p3
[ 1479.486544][ T5850] Bluetooth: hci1: command 0x0406 tx timeout
[ 1479.579658][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1479.579827][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1479.600518][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1479.931344][T20637] loop5: detected capacity change from 0 to 2048
[ 1481.786363][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1481.797331][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1481.922225][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1481.958897][T10355] Alternate GPT is invalid, using primary GPT.
[ 1481.966572][T10355]  loop5: p1 p2 p3
[ 1482.497091][T17598] ocfs2: Unmounting device (7,0) on (node local)
[ 1482.748158][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[ 1482.755896][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1482.778632][ T5924] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[ 1482.797859][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[ 1482.990123][T20653] loop1: detected capacity change from 0 to 32768
[ 1483.084436][ T5924] usb 5-1: Using ep0 maxpacket: 8
[ 1483.131260][T20653] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1483.131284][T20653]   allowing incompatible features above 0.0: (unknown version)
[ 1483.131307][T20653]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1483.177336][T20653] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1483.185668][T20653] bcachefs (loop1): initializing new filesystem
[ 1483.202893][ T5924] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1483.214334][ T5924] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 1483.233442][T20653] bcachefs (loop1): going read-write
[ 1483.243755][ T5924] usb 5-1: can't read configurations, error -71
[ 1483.464067][T20653] bcachefs (loop1): initializing freespace
[ 1483.555156][T20663] loop5: detected capacity change from 0 to 256
[ 1486.081326][T20680] loop0: detected capacity change from 0 to 65536
[ 1486.146349][T20680] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[ 1486.155621][T20680] XFS (loop0): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1486.221783][T20680] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1486.266699][T20680] XFS (loop0): Starting recovery (logdev: internal)
[ 1486.287570][T20680] XFS (loop0): Ending recovery (logdev: internal)
[ 1486.299713][T20680] XFS (loop0): Quotacheck needed: Please wait.
[ 1486.396314][T17989] bcachefs (loop1): clean shutdown complete, journal seq 10
[ 1486.748042][T20680] XFS (loop0): Quotacheck: Done.
[ 1487.149376][T20692] netlink: 'syz.4.3693': attribute type 10 has an invalid length.
[ 1487.555317][T17598] XFS (loop0): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1488.943612][ T5843] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[ 1489.150377][ T5843] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1489.295362][ T5843] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1489.347114][ T5843] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1489.366944][ T5924] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1489.370058][ T5843] usb 5-1: Product: syz
[ 1489.436950][ T5843] usb 5-1: Manufacturer: syz
[ 1489.441616][ T5843] usb 5-1: SerialNumber: syz
[ 1489.464900][ T5843] usb 5-1: config 0 descriptor??
[ 1489.557598][ T5843] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1489.603385][ T5924] usb 4-1: Using ep0 maxpacket: 8
[ 1489.652154][ T5924] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1489.673083][ T9030] udevd[9030]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1489.692911][ T5924] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1489.702116][ T5924] usb 4-1: can't read configurations, error -71
[ 1489.988080][T20702] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3698'.
[ 1490.131636][T20713] loop0: detected capacity change from 0 to 32768
[ 1490.150726][ T5843] usb 5-1: USB disconnect, device number 44
[ 1490.431341][T20713] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1490.431369][T20713]   allowing incompatible features above 0.0: (unknown version)
[ 1490.431381][T20713]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1490.454013][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1490.482190][T20713] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1490.490438][T20713] bcachefs (loop0): initializing new filesystem
[ 1490.629917][T20713] bcachefs (loop0): going read-write
[ 1491.147366][T20713] bcachefs (loop0): initializing freespace
[ 1491.425388][T20731] loop3: detected capacity change from 0 to 32768
[ 1492.031100][T20735] loop4: detected capacity change from 0 to 65536
[ 1492.105504][T20735] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[ 1492.115019][T20735] XFS (loop4): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1492.319062][T20735] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1492.340891][T20735] XFS (loop4): Starting recovery (logdev: internal)
[ 1492.359914][T20735] XFS (loop4): Ending recovery (logdev: internal)
[ 1492.369422][T20735] XFS (loop4): Quotacheck needed: Please wait.
[ 1492.948686][T20731] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1492.948705][T20731]   allowing incompatible features above 0.0: (unknown version)
[ 1492.948712][T20731]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1492.971384][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1493.063206][T20731] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[ 1493.073061][T20731] bcachefs (loop3): initializing new filesystem
[ 1493.113445][T20735] XFS (loop4): Quotacheck: Done.
[ 1493.148017][T20731] bcachefs (loop3): going read-write
[ 1493.420139][T20731] bcachefs (loop3): initializing freespace
[ 1493.450280][T16682] XFS (loop4): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1494.278977][T17598] bcachefs (loop0): clean shutdown complete, journal seq 9
[ 1494.658132][T17144] bcachefs (loop3): clean shutdown complete, journal seq 9
[ 1495.643387][ T5924] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1495.883342][ T5924] usb 2-1: Using ep0 maxpacket: 8
[ 1496.232076][ T5924] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1496.278606][ T5924] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1496.298732][ T5924] usb 2-1: can't read configurations, error -71
[ 1498.342984][T20794] syzkaller0: entered promiscuous mode
[ 1498.513531][T20794] syzkaller0: entered allmulticast mode
[ 1499.072748][T20806] loop1: detected capacity change from 0 to 65536
[ 1499.097250][T20801] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[ 1499.190135][T20806] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[ 1499.199488][T20806] XFS (loop1): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1499.219264][T20801] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[ 1499.231152][T20801] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1499.306825][T20806] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1499.361240][T20806] XFS (loop1): Starting recovery (logdev: internal)
[ 1499.397685][T20806] XFS (loop1): Ending recovery (logdev: internal)
[ 1499.415160][T20806] XFS (loop1): Quotacheck needed: Please wait.
[ 1499.795127][T20819] loop5: detected capacity change from 0 to 32768
[ 1500.249327][T20806] XFS (loop1): Quotacheck: Done.
[ 1500.595403][T20819] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1500.595434][T20819]   allowing incompatible features above 0.0: (unknown version)
[ 1500.595447][T20819]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1500.640752][T20819] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1500.650266][T20819] bcachefs (loop5): initializing new filesystem
[ 1500.704177][T20819] bcachefs (loop5): going read-write
[ 1501.136838][T20819] bcachefs (loop5): initializing freespace
[ 1503.704838][T19267] bcachefs (loop5): clean shutdown complete, journal seq 9
[ 1503.813542][T17989] XFS (loop1): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1504.726094][T20848] loop3: detected capacity change from 0 to 256
[ 1505.190088][T20844] loop1: detected capacity change from 0 to 32768
[ 1505.282405][T20844] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1506.158131][T20856] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3723'.
[ 1506.198400][T20856] netlink: 'syz.1.3723': attribute type 7 has an invalid length.
[ 1506.225425][T20856] netlink: 'syz.1.3723': attribute type 8 has an invalid length.
[ 1506.233472][T20856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3723'.
[ 1508.268426][T20866] loop5: detected capacity change from 0 to 16
[ 1508.288129][T20866] erofs (device loop5): mounted with root inode @ nid 36.
[ 1509.414662][T17989] ocfs2: Unmounting device (7,1) on (node local)
[ 1511.138493][T20892] loop1: detected capacity change from 0 to 1024
[ 1512.990653][T20900] loop4: detected capacity change from 0 to 40427
[ 1514.185996][T20900] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1514.203312][T20900] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1514.923445][T20910] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3739'.
[ 1515.500944][T20917] dummy0 speed is unknown, defaulting to 1000
[ 1516.338175][T20920] loop0: detected capacity change from 0 to 2048
[ 1516.635697][T20920] Alternate GPT is invalid, using primary GPT.
[ 1516.642774][T20920]  loop0: p1 p2 p3
[ 1518.703490][T20936] netlink: 'syz.1.3745': attribute type 10 has an invalid length.
[ 1519.237401][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[ 1519.248671][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[ 1519.265768][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[ 1521.931834][T20950] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3750'.
[ 1522.116822][T20950] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3750'.
[ 1522.627163][T20954] loop0: detected capacity change from 0 to 40427
[ 1522.692389][T20954] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1522.716458][T20954] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[ 1523.690616][T20965] loop3: detected capacity change from 0 to 4096
[ 1523.716009][T20965] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[ 1524.618282][T20982] dummy0 speed is unknown, defaulting to 1000
[ 1525.332973][T20986] tipc: Started in network mode
[ 1525.358791][T20986] tipc: Node identity 12bf19555d06, cluster identity 4711
[ 1525.366267][T20986] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1526.485523][ T5998] tipc: Node number set to 1337530709
[ 1528.916491][T20996] loop0: detected capacity change from 0 to 16
[ 1528.966763][T20996] erofs (device loop0): mounted with root inode @ nid 36.
[ 1528.978581][T20986] syzkaller0: entered promiscuous mode
[ 1528.991447][T20986] syzkaller0: entered allmulticast mode
[ 1529.076327][T20991] tipc: Resetting bearer <eth:syzkaller0>
[ 1529.179212][T20994] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3763'.
[ 1529.197333][T20998] loop1: detected capacity change from 0 to 16
[ 1529.210967][T20985] tipc: Resetting bearer <eth:syzkaller0>
[ 1529.618158][T20998] erofs (device loop1): mounted with root inode @ nid 36.
[ 1529.629138][T20985] tipc: Disabling bearer <eth:syzkaller0>
[ 1529.704868][T20994] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3763'.
[ 1530.392713][T21004] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3766'.
[ 1530.925616][T21007] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3766'.
[ 1532.743461][T21019] loop3: detected capacity change from 0 to 8
[ 1532.792724][T21022] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.3772'.
[ 1532.834308][T21019] MTD: Attempt to mount non-MTD device "/dev/loop3"
[ 1532.921109][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop3
[ 1533.198008][T21026] loop0: detected capacity change from 0 to 32768
[ 1533.239750][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop3
[ 1533.402328][T21030] loop1: detected capacity change from 0 to 32768
[ 1533.435503][T21030] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3775 (21030)
[ 1533.462890][T21030] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1533.473819][T21030] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[ 1533.482650][T21030] BTRFS info (device loop1): disk space caching is enabled
[ 1533.490058][T21030] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1533.527376][T21029] cramfs: Error -5 while decompressing!
[ 1533.705034][T21027] loop5: detected capacity change from 0 to 32768
[ 1533.729950][T21029] cramfs: ffffffff99c23608(26)->ffff88806c15e000(4096)
[ 1533.768183][T21029] cramfs: Error -3 while decompressing!
[ 1533.790568][T21029] cramfs: ffffffff99c23622(26)->ffff88806b1ba000(4096)
[ 1533.797823][T21029] cramfs: Error -3 while decompressing!
[ 1533.804391][T21029] cramfs: ffffffff99c2363c(16)->ffff88804cd8f000(4096)
[ 1533.815007][T21029] cramfs: Error -5 while decompressing!
[ 1533.822735][T21029] cramfs: ffffffff99c23608(26)->ffff88806c15e000(4096)
[ 1533.836660][   T30] audit: type=1800 audit(1752868822.737:14): pid=21029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3770" name="file2" dev="loop3" ino=348 res=0 errno=0
[ 1533.838650][T21043] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3776'.
[ 1533.929072][T21043] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3776'.
[ 1533.930815][T21026] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1533.961035][T21026]   allowing incompatible features above 0.0: (unknown version)
[ 1533.968875][T21026]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1533.983322][T21026] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1533.991543][T21026] bcachefs (loop0): initializing new filesystem
[ 1534.023326][T21026] bcachefs (loop0): going read-write
[ 1534.142762][T21027] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1534.142782][T21027]   allowing incompatible features above 0.0: (unknown version)
[ 1534.142790][T21027]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1534.188413][T21027] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1534.196724][T21027] bcachefs (loop5): initializing new filesystem
[ 1534.223783][T21027] bcachefs (loop5): going read-write
[ 1534.396052][T21062] netlink: 'syz.4.3777': attribute type 10 has an invalid length.
[ 1534.425191][T21030] BTRFS info (device loop1): rebuilding free space tree
[ 1534.454197][T21030] BTRFS info (device loop1): disabling free space tree
[ 1534.461324][T21030] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1534.471209][T21030] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1534.604979][T21026] bcachefs (loop0): initializing freespace
[ 1535.799073][T21027] bcachefs (loop5): initializing freespace
[ 1535.932107][T21074] dummy0 speed is unknown, defaulting to 1000
[ 1536.027928][T17989] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1536.098388][T21026] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1536.292768][T19267] bcachefs (loop5): clean shutdown complete, journal seq 8
[ 1536.786217][T17598] bcachefs (loop0): clean shutdown complete, journal seq 9
[ 1537.674122][T21089] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.3785'.
[ 1541.055627][T21109] dummy0 speed is unknown, defaulting to 1000
[ 1543.647585][T21121] dummy0 speed is unknown, defaulting to 1000
[ 1546.291535][T21138] loop4: detected capacity change from 0 to 2048
[ 1547.836876][ T9030] Alternate GPT is invalid, using primary GPT.
[ 1547.856497][ T9030]  loop4: p1 p2 p3
[ 1548.115661][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1548.161090][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1548.175705][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[ 1548.227962][T21153] loop4: detected capacity change from 0 to 8
[ 1548.298139][T21154] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3800'.
[ 1548.343930][T21153] MTD: Attempt to mount non-MTD device "/dev/loop4"
[ 1548.360736][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop4
[ 1548.512489][T21155] cramfs: Error -5 while decompressing!
[ 1548.518412][T21155] cramfs: ffffffff99c27608(26)->ffff88806caa7000(4096)
[ 1548.525627][T21155] cramfs: Error -3 while decompressing!
[ 1548.531265][T21155] cramfs: ffffffff99c27622(26)->ffff88806caa6000(4096)
[ 1548.538371][T21155] cramfs: Error -3 while decompressing!
[ 1548.544185][T21155] cramfs: ffffffff99c2763c(16)->ffff88806caa5000(4096)
[ 1548.551382][T21155] cramfs: Error -5 while decompressing!
[ 1548.557136][T21155] cramfs: ffffffff99c27608(26)->ffff88806caa7000(4096)
[ 1548.982485][   T30] audit: type=1800 audit(1752868837.467:15): pid=21155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3799" name="file2" dev="loop4" ino=348 res=0 errno=0
[ 1549.154118][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop4
[ 1549.199723][T21157] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3781'.
[ 1549.254880][T21157] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3781'.
[ 1550.646829][T21167] loop3: detected capacity change from 0 to 65536
[ 1550.719441][T21167] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[ 1550.744945][T21167] XFS (loop3): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1550.814829][T21167] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1551.299159][T21167] XFS (loop3): Starting recovery (logdev: internal)
[ 1551.321459][T21167] XFS (loop3): Ending recovery (logdev: internal)
[ 1551.334693][T21167] XFS (loop3): Quotacheck needed: Please wait.
[ 1551.396175][T21181] netlink: 'syz.0.3805': attribute type 10 has an invalid length.
[ 1551.442828][T21167] XFS (loop3): Quotacheck: Done.
[ 1551.746388][T17144] XFS (loop3): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1552.508654][T21185] dummy0 speed is unknown, defaulting to 1000
[ 1554.074213][T21199] loop1: detected capacity change from 0 to 256
[ 1554.097600][T21199] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1554.130155][T21199] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[ 1554.163010][T21199] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1554.203604][T21206] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3811'.
[ 1555.154855][T21209] loop5: detected capacity change from 0 to 2048
[ 1555.440355][T21209] Alternate GPT is invalid, using primary GPT.
[ 1555.446714][T21209]  loop5: p1 p2 p3
[ 1555.715733][T21219] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3815'.
[ 1555.722493][T21221] No control pipe specified
[ 1555.768726][T21222] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3815'.
[ 1560.308501][T21249] loop5: detected capacity change from 0 to 65536
[ 1560.345379][T21249] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[ 1560.354016][T21249] XFS (loop5): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1560.400829][T21249] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1560.419220][T21249] XFS (loop5): Starting recovery (logdev: internal)
[ 1560.481694][T21249] XFS (loop5): Ending recovery (logdev: internal)
[ 1560.495209][T21249] XFS (loop5): Quotacheck needed: Please wait.
[ 1560.563881][T21258] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3824'.
[ 1560.607918][T21249] XFS (loop5): Quotacheck: Done.
[ 1560.965895][T19267] XFS (loop5): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1561.614794][T21269] loop0: detected capacity change from 0 to 32768
[ 1562.010649][T21269] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1562.010678][T21269]   allowing incompatible features above 0.0: (unknown version)
[ 1562.010691][T21269]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1562.057309][T21269] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1562.065768][T21269] bcachefs (loop0): initializing new filesystem
[ 1562.161321][T21269] bcachefs (loop0): going read-write
[ 1562.474823][T21269] bcachefs (loop0): initializing freespace
[ 1562.855794][T21286] loop4: detected capacity change from 0 to 256
[ 1562.865278][T21286] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1562.964552][T21286] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[ 1562.987682][T21289] loop5: detected capacity change from 0 to 8
[ 1563.029636][T21289] MTD: Attempt to mount non-MTD device "/dev/loop5"
[ 1563.234648][T21286] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1563.249689][ T6015] udevd[6015]: incorrect cramfs checksum on /dev/loop5
[ 1564.097450][T21292] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[ 1564.238658][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop5
[ 1564.256471][T21289] cramfs: Error -5 while decompressing!
[ 1564.262022][T21289] cramfs: ffffffff99c23608(26)->ffff88804bf16000(4096)
[ 1564.268934][T21289] cramfs: Error -3 while decompressing!
[ 1564.274537][T21289] cramfs: ffffffff99c23622(26)->ffff88804bf17000(4096)
[ 1564.281384][T21289] cramfs: Error -3 while decompressing!
[ 1564.286988][T21289] cramfs: ffffffff99c2363c(16)->ffff88804bf18000(4096)
[ 1564.293989][T21289] cramfs: Error -5 while decompressing!
[ 1564.299547][T21289] cramfs: ffffffff99c23608(26)->ffff88804bf16000(4096)
[ 1564.321782][   T30] audit: type=1800 audit(1752868853.207:16): pid=21289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3827" name="file2" dev="loop5" ino=348 res=0 errno=0
[ 1564.713763][T21305] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3837'.
[ 1564.742692][T21305] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3837'.
[ 1568.558942][T21326] No control pipe specified
[ 1568.646794][T21329] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3842'.
[ 1569.201987][T17598] bcachefs (loop0): clean shutdown complete, journal seq 14
[ 1569.757986][T21341] autofs: Unknown parameter 'fd0x0000000000000000'
[ 1569.799806][T21341] loop1: detected capacity change from 0 to 256
[ 1570.133394][T21345] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3849'.
[ 1570.179405][T21345] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3849'.
[ 1570.430555][T21347] dummy0 speed is unknown, defaulting to 1000
[ 1571.320703][T21355] loop3: detected capacity change from 0 to 8
[ 1571.357265][T21355] MTD: Attempt to mount non-MTD device "/dev/loop3"
[ 1571.383991][T21336] loop5: detected capacity change from 0 to 32768
[ 1572.338254][T21355] cramfs: Error -5 while decompressing!
[ 1572.343938][T21355] cramfs: ffffffff99c27608(26)->ffff88804d67e000(4096)
[ 1572.350861][T21355] cramfs: Error -3 while decompressing!
[ 1572.356527][T21355] cramfs: ffffffff99c27622(26)->ffff88804d67d000(4096)
[ 1572.363605][T21355] cramfs: Error -3 while decompressing!
[ 1572.369215][T21355] cramfs: ffffffff99c2763c(16)->ffff88804d67c000(4096)
[ 1572.376233][T21355] cramfs: Error -5 while decompressing!
[ 1572.381818][T21355] cramfs: ffffffff99c27608(26)->ffff88804d67e000(4096)
[ 1572.501259][   T30] audit: type=1800 audit(1752868861.297:17): pid=21355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3850" name="file2" dev="loop3" ino=348 res=0 errno=0
[ 1572.534663][T21336] workqueue: Failed to create a rescuer kthread for wq "bcachefs_btree_read_complete": -EINTR
[ 1572.700252][T10355] udevd[10355]: incorrect cramfs checksum on /dev/loop3
[ 1573.557270][T21336] bcachefs: bch2_fs_get_tree() error: ENOMEM_fs_other_alloc
[ 1574.416413][T21372] loop5: detected capacity change from 0 to 16
[ 1574.452282][T21372] erofs (device loop5): mounted with root inode @ nid 36.
[ 1575.368282][T21388] dummy0 speed is unknown, defaulting to 1000
[ 1577.064208][T21394] loop1: detected capacity change from 0 to 32768
[ 1577.414431][T21394] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1577.414474][T21394]   allowing incompatible features above 0.0: (unknown version)
[ 1577.414481][T21394]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1577.460310][T21394] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1577.468569][T21394] bcachefs (loop1): initializing new filesystem
[ 1577.621166][T21394] bcachefs (loop1): going read-write
[ 1577.829768][T21394] bcachefs (loop1): initializing freespace
[ 1578.100830][T21411] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3866'.
[ 1578.139137][T21411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3866'.
[ 1578.674866][T21413] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3866'.
[ 1579.003367][T17989] bcachefs (loop1): clean shutdown complete, journal seq 9
[ 1579.252583][T21422] loop5: detected capacity change from 0 to 256
[ 1579.293341][T21422] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1579.330208][T21422] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[ 1579.583661][T21422] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1581.263635][T21438] dummy0 speed is unknown, defaulting to 1000
[ 1582.132739][T21444] netlink: 'syz.0.3877': attribute type 23 has an invalid length.
[ 1582.205555][T21444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3877'.
[ 1582.387563][T21449] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3878'.
[ 1582.508253][T21449] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3878'.
[ 1582.730441][T21454] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3878'.
[ 1584.205426][T21462] loop4: detected capacity change from 0 to 16
[ 1584.257823][T21467] netlink: 'syz.0.3882': attribute type 1 has an invalid length.
[ 1584.264043][T21462] erofs (device loop4): mounted with root inode @ nid 36.
[ 1584.322666][T21467] netlink: 208 bytes leftover after parsing attributes in process `syz.0.3882'.
[ 1584.938754][T21470] netlink: 'syz.3.3886': attribute type 1 has an invalid length.
[ 1584.963366][T21470] netlink: 208 bytes leftover after parsing attributes in process `syz.3.3886'.
[ 1585.166721][T21478] loop0: detected capacity change from 0 to 16
[ 1585.191751][T21478] erofs (device loop0): mounted with root inode @ nid 36.
[ 1586.678260][T21487] dummy0 speed is unknown, defaulting to 1000
[ 1588.083499][T21486] loop4: detected capacity change from 0 to 2048
[ 1588.177967][T21486] Alternate GPT is invalid, using primary GPT.
[ 1588.184923][T21486]  loop4: p1 p2 p3
[ 1588.978169][T21509] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3896'.
[ 1589.010397][T21509] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3896'.
[ 1589.258664][T21516] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3896'.
[ 1589.740005][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1589.791382][T21521] loop3: detected capacity change from 0 to 16
[ 1589.806941][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[ 1589.809990][T21521] erofs (device loop3): mounted with root inode @ nid 36.
[ 1589.829445][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1591.455247][T21530] loop4: detected capacity change from 0 to 16
[ 1591.507076][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[ 1591.526849][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[ 1591.540357][T21530] erofs (device loop4): mounted with root inode @ nid 36.
[ 1591.548461][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[ 1591.560708][T21534] loop1: detected capacity change from 0 to 16
[ 1591.812320][T21534] erofs (device loop1): mounted with root inode @ nid 36.
[ 1592.422887][T21537] loop0: detected capacity change from 0 to 2048
[ 1592.494484][T21537] ext4: Unknown parameter 'audit'
[ 1596.393113][T21556] loop5: detected capacity change from 0 to 512
[ 1596.515095][T21556] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1596.528595][T21556] ext4 filesystem being mounted at /85/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1598.305936][T19267] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1600.404872][T21576] loop1: detected capacity change from 0 to 16
[ 1600.443443][T21576] erofs (device loop1): mounted with root inode @ nid 36.
[ 1601.336196][T21589] netlink: 'syz.1.3920': attribute type 23 has an invalid length.
[ 1601.368952][T21589] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3920'.
[ 1605.078962][T21601] loop1: detected capacity change from 0 to 512
[ 1605.166152][T21601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1605.199588][T21601] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1606.171014][T17989] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1606.395049][T21620] loop1: detected capacity change from 0 to 16
[ 1606.441488][T21620] erofs (device loop1): mounted with root inode @ nid 36.
[ 1607.051438][T21629] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3929'.
[ 1607.120126][T21631] loop3: detected capacity change from 0 to 16
[ 1607.152535][T21631] erofs (device loop3): mounted with root inode @ nid 36.
[ 1607.459625][T21633] netlink: 'syz.1.3932': attribute type 23 has an invalid length.
[ 1607.576895][T21633] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3932'.
[ 1608.192380][T21645] loop1: detected capacity change from 0 to 512
[ 1608.335212][T21645] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1608.348336][T21645] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1609.541678][T21660] No control pipe specified
[ 1612.447585][T21654] loop5: detected capacity change from 0 to 2048
[ 1612.516409][T10355] Alternate GPT is invalid, using primary GPT.
[ 1612.537735][T10355]  loop5: p1 p2 p3
[ 1612.541444][T21668] netlink: 'syz.4.3941': attribute type 1 has an invalid length.
[ 1612.549648][T21668] netlink: 208 bytes leftover after parsing attributes in process `syz.4.3941'.
[ 1612.598940][T21670] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3942'.
[ 1612.730985][T21654] Alternate GPT is invalid, using primary GPT.
[ 1612.745637][T21654]  loop5: p1 p2 p3
[ 1613.022790][T21674] loop0: detected capacity change from 0 to 32768
[ 1613.047709][T21674] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3944 (21674)
[ 1613.068214][T21674] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1613.079844][T21674] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[ 1613.088522][T21674] BTRFS info (device loop0): disk space caching is enabled
[ 1613.095850][T21674] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1613.195100][T21674] BTRFS info (device loop0): rebuilding free space tree
[ 1613.237242][T21674] BTRFS info (device loop0): disabling free space tree
[ 1613.241156][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[ 1613.246863][T21674] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1613.265038][T21674] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1613.282464][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[ 1613.308366][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1613.395506][T21692] loop5: detected capacity change from 0 to 16
[ 1613.434081][T21692] erofs (device loop5): mounted with root inode @ nid 36.
[ 1613.481971][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[ 1613.495231][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[ 1613.497364][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1614.981836][T17598] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1615.173230][T21359] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 1616.671482][T21359] usb 4-1: Using ep0 maxpacket: 8
[ 1616.792146][T21707] loop4: detected capacity change from 0 to 65536
[ 1616.931183][T21707] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[ 1616.965087][T21359] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[ 1616.977382][T21359] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1616.992865][T21359] usb 4-1: Product: syz
[ 1616.998345][T21359] usb 4-1: Manufacturer: syz
[ 1617.004574][T21359] usb 4-1: SerialNumber: syz
[ 1617.042637][T21707] XFS (loop4): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1617.056240][T21359] usb 4-1: config 0 descriptor??
[ 1617.099693][T17989] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1617.293329][T21707] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1617.362022][T21359] gspca_main: sunplus-2.14.0 probing 04a5:3003
[ 1617.404975][T21707] XFS (loop4): Starting recovery (logdev: internal)
[ 1617.458766][T21720] loop1: detected capacity change from 0 to 8
[ 1617.487846][T21707] XFS (loop4): Ending recovery (logdev: internal)
[ 1617.524932][T21707] XFS (loop4): Quotacheck needed: Please wait.
[ 1617.528053][T21720] MTD: Attempt to mount non-MTD device "/dev/loop1"
[ 1617.568751][ T6015] udevd[6015]: incorrect cramfs checksum on /dev/loop1
[ 1617.881880][T21725] cramfs: Error -5 while decompressing!
[ 1617.882459][T21724] netlink: 'syz.5.3953': attribute type 1 has an invalid length.
[ 1617.898266][T21725] cramfs: ffffffff99c23608(26)->ffff88804d7bf000(4096)
[ 1617.906964][T21725] cramfs: Error -3 while decompressing!
[ 1617.912919][T21725] cramfs: ffffffff99c23622(26)->ffff88804c9f2000(4096)
[ 1617.920422][T21725] cramfs: Error -3 while decompressing!
[ 1617.926672][T21725] cramfs: ffffffff99c2363c(16)->ffff88804c9f3000(4096)
[ 1617.932593][ T6015] udevd[6015]: incorrect cramfs checksum on /dev/loop1
[ 1617.941538][T21725] cramfs: Error -5 while decompressing!
[ 1617.947676][T21725] cramfs: ffffffff99c23608(26)->ffff88804d7bf000(4096)
[ 1618.230663][T21359] gspca_sunplus: reg_w_riv err -71
[ 1618.240269][   T30] audit: type=1800 audit(1752868906.857:18): pid=21725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3952" name="file2" dev="loop1" ino=348 res=0 errno=0
[ 1618.260829][T21359] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[ 1618.269236][T21724] netlink: 208 bytes leftover after parsing attributes in process `syz.5.3953'.
[ 1618.284435][T21707] XFS (loop4): Quotacheck: Done.
[ 1618.361342][T21359] usb 4-1: USB disconnect, device number 55
[ 1618.431959][T16682] XFS (loop4): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1618.902374][T21731] loop1: detected capacity change from 0 to 32768
[ 1619.035607][T21731] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1619.035626][T21731]   allowing incompatible features above 0.0: (unknown version)
[ 1619.035634][T21731]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1619.080354][T21731] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[ 1619.088591][T21731] bcachefs (loop1): initializing new filesystem
[ 1619.116911][T21731] bcachefs (loop1): going read-write
[ 1619.141207][T21735] dummy0 speed is unknown, defaulting to 1000
[ 1619.419978][T21731] bcachefs (loop1): initializing freespace
[ 1620.298370][T21755] loop5: detected capacity change from 0 to 16
[ 1620.319918][T21755] erofs (device loop5): mounted with root inode @ nid 36.
[ 1620.363380][T21753] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1620.561374][T21757] loop3: detected capacity change from 0 to 32768
[ 1620.595187][T21757] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3962 (21757)
[ 1620.614077][T21757] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1620.624329][T21757] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[ 1620.632868][T21757] BTRFS info (device loop3): disk space caching is enabled
[ 1620.640161][T21757] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1620.869744][T21757] BTRFS info (device loop3): rebuilding free space tree
[ 1620.897701][T21757] BTRFS info (device loop3): disabling free space tree
[ 1620.904738][T21757] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1620.914667][T21757] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1621.020001][T17989] bcachefs (loop1): clean shutdown complete, journal seq 9
[ 1621.981770][T17144] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1623.502108][T21791] loop0: detected capacity change from 0 to 8
[ 1624.231043][T21790] No control pipe specified
[ 1624.237202][T21791] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1624.299005][T10355] udevd[10355]: incorrect cramfs checksum on /dev/loop0
[ 1624.896182][T21794] netlink: 'syz.3.3968': attribute type 1 has an invalid length.
[ 1624.904318][T21794] netlink: 208 bytes leftover after parsing attributes in process `syz.3.3968'.
[ 1624.942420][T10355] udevd[10355]: incorrect cramfs checksum on /dev/loop0
[ 1625.436264][T21798] loop0: detected capacity change from 0 to 32768
[ 1625.588605][T21802] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1626.385207][T21798] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1626.385227][T21798]   allowing incompatible features above 0.0: (unknown version)
[ 1626.385235][T21798]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1626.431214][T21798] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1626.439498][T21798] bcachefs (loop0): initializing new filesystem
[ 1626.468153][T21798] bcachefs (loop0): going read-write
[ 1626.604824][T21798] bcachefs (loop0): initializing freespace
[ 1627.171411][T17598] bcachefs (loop0): clean shutdown complete, journal seq 8
[ 1628.082550][T21830] loop1: detected capacity change from 0 to 8
[ 1628.119417][T21830] MTD: Attempt to mount non-MTD device "/dev/loop1"
[ 1630.337895][ T9030] udevd[9030]: incorrect cramfs checksum on /dev/loop1
[ 1630.473990][T21837] netlink: 172 bytes leftover after parsing attributes in process `syz.4.3980'.
[ 1630.518052][T10355] udevd[10355]: incorrect cramfs checksum on /dev/loop1
[ 1630.817523][T21844] loop3: detected capacity change from 0 to 16
[ 1630.891691][T21844] erofs (device loop3): mounted with root inode @ nid 36.
[ 1631.167497][T21847] dummy0 speed is unknown, defaulting to 1000
[ 1632.686262][T21860] netlink: 156 bytes leftover after parsing attributes in process `syz.4.3986'.
[ 1632.961782][T21862] netlink: 1624 bytes leftover after parsing attributes in process `syz.5.3988'.
[ 1633.072998][T21868] netlink: 'syz.3.3990': attribute type 23 has an invalid length.
[ 1633.096976][T21868] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3990'.
[ 1633.192663][T21868] netlink: 'syz.3.3990': attribute type 23 has an invalid length.
[ 1633.252508][T21868] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3990'.
[ 1633.320957][T21871] netlink: 'syz.1.3991': attribute type 10 has an invalid length.
[ 1633.822750][T21875] loop5: detected capacity change from 0 to 256
[ 1637.041436][T21890] loop5: detected capacity change from 0 to 16
[ 1637.102113][T21890] erofs (device loop5): mounted with root inode @ nid 36.
[ 1637.509207][T21900] dummy0 speed is unknown, defaulting to 1000
[ 1641.917122][T21917] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4003'.
[ 1642.217178][T21922] dummy0 speed is unknown, defaulting to 1000
[ 1642.497966][T21926] netlink: 'syz.1.4005': attribute type 23 has an invalid length.
[ 1642.538142][T21926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4005'.
[ 1642.926984][T21926] netlink: 'syz.1.4005': attribute type 23 has an invalid length.
[ 1643.015617][T21931] loop0: detected capacity change from 0 to 32768
[ 1643.049469][T21935] dummy0 speed is unknown, defaulting to 1000
[ 1643.367369][T21926] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4005'.
[ 1644.056776][T21931] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1644.056808][T21931]   allowing incompatible features above 0.0: (unknown version)
[ 1644.056822][T21931]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1644.102246][T21931] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1644.113471][T21931] bcachefs (loop0): initializing new filesystem
[ 1644.157464][T21931] bcachefs (loop0): going read-write
[ 1644.547764][T21931] bcachefs (loop0): initializing freespace
[ 1645.776354][T21965] vhci_hcd vhci_hcd.0: failed to lookup sock
[ 1646.069312][T21968] loop1: detected capacity change from 0 to 2048
[ 1646.157839][T10355] Alternate GPT is invalid, using primary GPT.
[ 1646.176520][T10355]  loop1: p1 p2 p3
[ 1647.770846][T21931] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1647.972820][T21973] loop4: detected capacity change from 0 to 2048
[ 1648.094252][T21968] Alternate GPT is invalid, using primary GPT.
[ 1648.102748][T21968]  loop1: p1 p2 p3
[ 1648.240006][ T5214] Alternate GPT is invalid, using primary GPT.
[ 1648.263676][ T5214]  loop1: p1 p2 p3
[ 1648.268318][T17598] bcachefs (loop0): clean shutdown complete, journal seq 11
[ 1648.688112][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1648.707589][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1648.711527][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1649.617555][T21980] loop3: detected capacity change from 0 to 256
[ 1649.931226][T21979] loop5: detected capacity change from 0 to 65536
[ 1649.981509][T21979] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[ 1649.994225][T21979] XFS (loop5): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1650.082565][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1650.095439][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1650.117124][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1650.157853][T21979] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x40.
[ 1650.188696][T21979] XFS (loop5): Starting recovery (logdev: internal)
[ 1650.273652][T21979] XFS (loop5): Ending recovery (logdev: internal)
[ 1650.290554][T21979] XFS (loop5): Quotacheck needed: Please wait.
[ 1650.291880][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[ 1650.316531][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1650.319565][T10355] udevd[10355]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[ 1650.421840][T21979] XFS (loop5): Quotacheck: Done.
[ 1650.730591][T19267] XFS (loop5): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[ 1650.751910][T21997] netlink: 'syz.3.4020': attribute type 23 has an invalid length.
[ 1650.802291][T21997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4020'.
[ 1650.929303][T21997] netlink: 'syz.3.4020': attribute type 23 has an invalid length.
[ 1650.953148][T21997] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4020'.
[ 1651.399310][T22001] dummy0 speed is unknown, defaulting to 1000
[ 1654.745550][T22010] loop4: detected capacity change from 0 to 32768
[ 1654.894918][T22012] loop3: detected capacity change from 0 to 256
[ 1654.916567][T22016] loop5: detected capacity change from 0 to 512
[ 1654.945028][T22016] ext4: Unknown parameter 'fowner'
[ 1655.892362][T22010] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1655.892394][T22010]   allowing incompatible features above 0.0: (unknown version)
[ 1655.892408][T22010]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1655.937542][T22010] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[ 1655.945797][T22010] bcachefs (loop4): initializing new filesystem
[ 1656.018117][T22010] bcachefs (loop4): going read-write
[ 1656.353378][T22032] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[ 1656.359968][T22032] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1656.408881][T22010] bcachefs (loop4): initializing freespace
[ 1656.428082][T22032] vhci_hcd vhci_hcd.0: Device attached
[ 1656.486296][T22035] loop5: detected capacity change from 0 to 512
[ 1656.683208][ T5843] usb 35-1: new high-speed USB device number 8 using vhci_hcd
[ 1657.104076][T22035] ext4: Unknown parameter 'fowner'
[ 1657.128783][T22033] vhci_hcd: connection reset by peer
[ 1657.333146][ T8791] vhci_hcd: stop threads
[ 1657.792414][ T8791] vhci_hcd: release socket
[ 1657.822615][ T8791] vhci_hcd: disconnect device
[ 1657.907430][T22042] loop5: detected capacity change from 0 to 256
[ 1658.014586][T16682] bcachefs (loop4): clean shutdown complete, journal seq 9
[ 1658.029481][T22044] loop0: detected capacity change from 0 to 16
[ 1658.060780][T22044] erofs (device loop0): mounted with root inode @ nid 36.
[ 1659.232028][T22051] loop0: detected capacity change from 0 to 512
[ 1659.252576][T22051] ext4: Unknown parameter 'fowner'
[ 1660.773108][T22059] dummy0 speed is unknown, defaulting to 1000
[ 1662.109592][T22064] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1662.147760][T22067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4037'.
[ 1662.168620][T22067] netlink: 'syz.0.4037': attribute type 23 has an invalid length.
[ 1662.199694][T22067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4037'.
[ 1662.203341][ T5843] vhci_hcd: vhci_device speed not set
[ 1662.315676][T22067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4037'.
[ 1662.351811][T22070] loop1: detected capacity change from 0 to 16
[ 1662.388890][T22067] netlink: 'syz.0.4037': attribute type 23 has an invalid length.
[ 1662.397220][T22067] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4037'.
[ 1662.622507][T22071] loop3: detected capacity change from 0 to 32768
[ 1662.631601][T22070] erofs (device loop1): mounted with root inode @ nid 36.
[ 1663.668059][T22079] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[ 1663.674613][T22079] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1664.155644][T22079] vhci_hcd vhci_hcd.0: Device attached
[ 1665.262942][T21359] usb 43-1: new high-speed USB device number 3 using vhci_hcd
[ 1665.264815][T22071] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1665.293376][T22071]   allowing incompatible features above 0.0: (unknown version)
[ 1665.318002][T22071]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1665.350008][T22071] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[ 1665.383197][T22071] bcachefs (loop3): initializing new filesystem
[ 1666.722601][T22071] syz.3.4039: vmalloc error: size 8388608, failed to allocated page array size 16384, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1666.756959][T22071] CPU: 1 UID: 0 PID: 22071 Comm: syz.3.4039 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1666.756994][T22071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1666.757009][T22071] Call Trace:
[ 1666.757018][T22071]  <TASK>
[ 1666.757027][T22071]  dump_stack_lvl+0x189/0x250
[ 1666.757073][T22071]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1666.757099][T22071]  ? __pfx__printk+0x10/0x10
[ 1666.757128][T22071]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1666.757154][T22071]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1666.757181][T22071]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1666.757209][T22071]  warn_alloc+0x214/0x310
[ 1666.757238][T22071]  ? __pfx_warn_alloc+0x10/0x10
[ 1666.757269][T22071]  ? __get_vm_area_node+0x28f/0x300
[ 1666.757301][T22071]  ? bch2_fs_journal_start+0x2af/0x12d0
[ 1666.757329][T22071]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1666.757389][T22071]  ? alloc_pages_mpol+0x3cd/0x4a0
[ 1666.757430][T22071]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1666.757468][T22071]  ? rcu_is_watching+0x15/0xb0
[ 1666.757491][T22071]  ? bch2_fs_journal_start+0x2af/0x12d0
[ 1666.757512][T22071]  ? bch2_fs_journal_start+0x2af/0x12d0
[ 1666.757533][T22071]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1666.757564][T22071]  ? bch2_fs_journal_start+0x2af/0x12d0
[ 1666.757595][T22071]  bch2_fs_journal_start+0x2af/0x12d0
[ 1666.757644][T22071]  ? __pfx_bch2_fs_journal_start+0x10/0x10
[ 1666.757668][T22071]  ? bch2_fs_journal_alloc+0x69/0x4e0
[ 1666.757695][T22071]  ? bch2_fs_journal_alloc+0x4ac/0x4e0
[ 1666.757716][T22071]  ? bch2_fs_journal_alloc+0x69/0x4e0
[ 1666.757743][T22071]  bch2_fs_initialize+0x64d/0xe60
[ 1666.757770][T22071]  ? queued_spin_lock_slowpath+0x43/0x50
[ 1666.757806][T22071]  ? __pfx_bch2_fs_initialize+0x10/0x10
[ 1666.757856][T22071]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1666.757910][T22071]  ? rcu_preempt_deferred_qs_irqrestore+0x89c/0xce0
[ 1666.757952][T22071]  ? __pfx___schedule+0x10/0x10
[ 1666.758042][T22071]  ? bch2_fs_start+0x98c/0xcc0
[ 1666.758086][T22071]  ? up_write+0x1c4/0x420
[ 1666.758116][T22071]  bch2_fs_start+0xa00/0xcc0
[ 1666.758149][T22071]  ? bch2_fs_start+0x614/0xcc0
[ 1666.758182][T22071]  ? __pfx_bch2_fs_start+0x10/0x10
[ 1666.758238][T22071]  ? sget+0x267/0x620
[ 1666.758274][T22071]  bch2_fs_get_tree+0xb39/0x1540
[ 1666.758335][T22071]  ? __pfx_bch2_fs_get_tree+0x10/0x10
[ 1666.758386][T22071]  ? aa_get_newest_label+0xf7/0x5d0
[ 1666.758414][T22071]  ? __pfx_vfs_parse_comma_sep+0x10/0x10
[ 1666.758442][T22071]  ? rcu_is_watching+0x15/0xb0
[ 1666.758478][T22071]  vfs_get_tree+0x92/0x2b0
[ 1666.758502][T22071]  do_new_mount+0x2a2/0x9e0
[ 1666.758536][T22071]  ? ns_capable+0x8a/0xf0
[ 1666.758555][T22071]  ? __pfx_do_new_mount+0x10/0x10
[ 1666.758576][T22071]  ? path_mount+0x61c/0xfe0
[ 1666.758595][T22071]  ? user_path_at+0x44/0x60
[ 1666.758633][T22071]  __se_sys_mount+0x317/0x410
[ 1666.758663][T22071]  ? __pfx___se_sys_mount+0x10/0x10
[ 1666.758692][T22071]  ? do_syscall_64+0xbe/0x3b0
[ 1666.758712][T22071]  ? __x64_sys_mount+0x20/0xc0
[ 1666.758736][T22071]  do_syscall_64+0xfa/0x3b0
[ 1666.758756][T22071]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1666.758786][T22071]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1666.758806][T22071]  ? clear_bhb_loop+0x60/0xb0
[ 1666.758832][T22071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1666.758853][T22071] RIP: 0033:0x7f4ee999014a
[ 1666.758873][T22071] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1666.758891][T22071] RSP: 002b:00007f4eea7f4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1666.758915][T22071] RAX: ffffffffffffffda RBX: 00007f4eea7f4ef0 RCX: 00007f4ee999014a
[ 1666.758938][T22071] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 00007f4eea7f4eb0
[ 1666.758953][T22071] RBP: 0000200000000140 R08: 00007f4eea7f4ef0 R09: 0000000003000094
[ 1666.758966][T22071] R10: 0000000003000094 R11: 0000000000000246 R12: 0000200000000100
[ 1666.758980][T22071] R13: 00007f4eea7f4eb0 R14: 0000000000005a84 R15: 0000200000000200
[ 1666.759014][T22071]  </TASK>
[ 1667.173725][T22071] Mem-Info:
[ 1667.186816][T22071] active_anon:18374 inactive_anon:0 isolated_anon:0
[ 1667.186816][T22071]  active_file:12635 inactive_file:41172 isolated_file:0
[ 1667.186816][T22071]  unevictable:768 dirty:209 writeback:0
[ 1667.186816][T22071]  slab_reclaimable:11477 slab_unreclaimable:100646
[ 1667.186816][T22071]  mapped:31178 shmem:9621 pagetables:1397
[ 1667.186816][T22071]  sec_pagetables:0 bounce:0
[ 1667.186816][T22071]  kernel_misc_reclaimable:0
[ 1667.186816][T22071]  free:1290773 free_pcp:10985 free_cma:0
[ 1667.232717][T22071] Node 0 active_anon:73496kB inactive_anon:0kB active_file:50540kB inactive_file:164488kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:124712kB dirty:836kB writeback:0kB shmem:36948kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12820kB pagetables:5476kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1667.265495][T22071] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:112kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1667.295473][T22071] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1667.324584][T22071] lowmem_reserve[]: 0 2498 2499 2499 2499
[ 1667.330400][T22071] Node 0 DMA32 free:1252460kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:73452kB inactive_anon:0kB active_file:50540kB inactive_file:162920kB unevictable:1536kB writepending:836kB present:3129332kB managed:2557972kB mlocked:0kB bounce:0kB free_pcp:30308kB local_pcp:8808kB free_cma:0kB
[ 1667.363739][T22071] lowmem_reserve[]: 0 0 1 1 1
[ 1667.368522][T22071] Node 0 Normal free:24kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1568kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 1667.398033][T22071] lowmem_reserve[]: 0 0 0 0 0
[ 1667.402853][T22071] Node 1 Normal free:3894520kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:13720kB local_pcp:5856kB free_cma:0kB
[ 1667.434220][T22071] lowmem_reserve[]: 0 0 0 0 0
[ 1667.438950][T22071] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1667.451573][T22071] Node 0 DMA32: 1583*4kB (UM) 936*8kB (UM) 591*16kB (UM) 758*32kB (UME) 423*64kB (UME) 254*128kB (UME) 185*256kB (UME) 137*512kB (UM) 113*1024kB (UM) 7*2048kB (UM) 219*4096kB (M) = 1251692kB
[ 1667.471329][T22071] Node 0 Normal: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24kB
[ 1667.483632][T22071] Node 1 Normal: 186*4kB (UE) 74*8kB (UME) 40*16kB (UME) 120*32kB (UME) 31*64kB (UME) 11*128kB (UME) 3*256kB (UM) 3*512kB (ME) 4*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3894520kB
[ 1667.501814][T22071] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1667.511391][T22071] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1667.520683][T22071] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1667.530255][T22071] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1667.539747][T22071] 63378 total pagecache pages
[ 1667.544447][T22071] 0 pages in swap cache
[ 1667.548599][T22071] Free swap  = 124996kB
[ 1667.552740][T22071] Total swap = 124996kB
[ 1667.557750][T22071] 2097051 pages RAM
[ 1667.561564][T22071] 0 pages HighMem/MovableOnly
[ 1667.566289][T22071] 425516 pages reserved
[ 1667.570471][T22071] 0 pages cma reserved
[ 1667.580005][T22071] bcachefs (loop3): error reallocating journal fifo (32768 open entries)
[ 1667.588717][T22071] bcachefs (loop3): bch2_fs_initialize(): error ENOMEM_journal_pin_fifo
[ 1667.597339][T22071] bcachefs (loop3): bch2_fs_start(): error starting filesystem ENOMEM_journal_pin_fifo
[ 1667.664025][T22083] vhci_hcd: connection reset by peer
[ 1667.744748][T21551] vhci_hcd: stop threads
[ 1667.774561][T21551] vhci_hcd: release socket
[ 1667.789687][T21551] vhci_hcd: disconnect device
[ 1667.989636][T22100] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4043'.
[ 1670.462039][T22109] loop1: detected capacity change from 0 to 16
[ 1670.478034][T22110] loop0: detected capacity change from 0 to 512
[ 1670.500252][T22109] erofs (device loop1): mounted with root inode @ nid 36.
[ 1670.526218][T22110] ext4: Unknown parameter 'fowner'
[ 1672.034173][T21359] vhci_hcd: vhci_device speed not set
[ 1672.310275][T22123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'.
[ 1672.326691][T22123] netlink: 'syz.4.4050': attribute type 23 has an invalid length.
[ 1672.417165][T22123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'.
[ 1672.499793][T22123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'.
[ 1672.537523][T22123] netlink: 'syz.4.4050': attribute type 23 has an invalid length.
[ 1672.538891][T22128] netlink: 80 bytes leftover after parsing attributes in process `syz.0.4051'.
[ 1672.553285][T22123] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'.
[ 1672.598569][T22071] bcachefs: bch2_fs_get_tree() error: ENOMEM_journal_pin_fifo
[ 1677.507212][T22142] loop0: detected capacity change from 0 to 65536
[ 1677.515040][T22142] xfs: Unknown parameter 'cpu.stat'
[ 1678.318141][T22149] loop1: detected capacity change from 0 to 512
[ 1678.411951][T22149] ext4: Unknown parameter 'fowner'
[ 1678.683521][T22153] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4053'.
[ 1684.090416][T22186] No control pipe specified
[ 1687.939440][T22204] netlink: 156 bytes leftover after parsing attributes in process `syz.1.4071'.
[ 1688.623522][T19818] usb 5-1: new high-speed USB device number 45 using dummy_hcd
[ 1689.450616][T19818] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1689.720882][T19818] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1689.832664][T19818] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1689.930966][T19818] usb 5-1: Product: syz
[ 1689.997669][T19818] usb 5-1: Manufacturer: syz
[ 1690.062555][T19818] usb 5-1: SerialNumber: syz
[ 1690.237360][T19818] usb 5-1: config 0 descriptor??
[ 1690.547434][T22217] loop3: detected capacity change from 0 to 32768
[ 1691.082142][T22219] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4072'.
[ 1692.304595][T22217] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1692.304615][T22217]   allowing incompatible features above 0.0: (unknown version)
[ 1692.304622][T22217]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1692.351645][T22217] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[ 1692.359935][T22217] bcachefs (loop3): initializing new filesystem
[ 1692.398194][T22217] bcachefs (loop3): going read-write
[ 1692.529959][T19818] snd-usb-audio 5-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1692.753758][T22233] loop1: detected capacity change from 0 to 16
[ 1692.795791][T22233] erofs (device loop1): mounted with root inode @ nid 36.
[ 1692.893254][T19818] usb 5-1: USB disconnect, device number 45
[ 1692.934905][ T9030] udevd[9030]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1693.507291][T22217] bcachefs (loop3): initializing freespace
[ 1693.751394][T17144] bcachefs (loop3): clean shutdown complete, journal seq 9
[ 1694.323984][T22239] loop5: detected capacity change from 0 to 2048
[ 1695.800881][T22239] Alternate GPT is invalid, using primary GPT.
[ 1695.809158][T22239]  loop5: p1 p2 p3
[ 1695.859699][T22245] loop0: detected capacity change from 0 to 16
[ 1695.966492][T22245] erofs (device loop0): mounted with root inode @ nid 36.
[ 1696.640929][ T9030] udevd[9030]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[ 1696.831884][ T6015] udevd[6015]: inotify_add_watch(7, /dev/loop5p2, 10) failed: No such file or directory
[ 1698.499662][ T6210] udevd[6210]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[ 1698.755872][T22259] siw: device registration error -23
[ 1698.866543][T22260] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4084'.
[ 1700.024842][T22273] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4088'.
[ 1700.058140][T22273] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4088'.
[ 1700.250651][T22276] loop1: detected capacity change from 0 to 512
[ 1700.259173][T22276] ext4: Unknown parameter 'fowner'
[ 1701.298818][T22283] loop4: detected capacity change from 0 to 16
[ 1701.318525][T22283] erofs (device loop4): mounted with root inode @ nid 36.
[ 1702.981856][T22289] loop5: detected capacity change from 0 to 32768
[ 1704.205117][T22289] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1704.205136][T22289]   allowing incompatible features above 0.0: (unknown version)
[ 1704.205144][T22289]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1704.250991][T22289] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1704.259219][T22289] bcachefs (loop5): initializing new filesystem
[ 1704.328652][T22289] bcachefs (loop5): going read-write
[ 1704.500677][T22289] bcachefs (loop5): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR
[ 1704.556310][T22289] bcachefs (loop5): unclean shutdown complete, journal seq 1
[ 1704.564127][T22289] bcachefs (loop5): bch2_fs_initialize(): error EINTR
[ 1704.570897][T22289] bcachefs (loop5): bch2_fs_start(): error starting filesystem EINTR
[ 1704.594582][T19427] ==================================================================
[ 1704.602876][T19427] BUG: KASAN: slab-use-after-free in bch2_get_next_dev+0x38f/0x4e0
[ 1704.610771][T19427] Write of size 8 at addr ffff8880336b2040 by task kworker/u9:1/19427
[ 1704.618953][T19427] 
[ 1704.621290][T19427] CPU: 1 UID: 0 PID: 19427 Comm: kworker/u9:1 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1704.621311][T19427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1704.621320][T19427] Workqueue: bcachefs_journal journal_write_done
[ 1704.621340][T19427] Call Trace:
[ 1704.621348][T19427]  <TASK>
[ 1704.621356][T19427]  dump_stack_lvl+0x189/0x250
[ 1704.621371][T19427]  ? __kasan_check_byte+0x12/0x40
[ 1704.621390][T19427]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1704.621410][T19427]  ? lock_release+0x4b/0x3e0
[ 1704.621429][T19427]  ? __virt_addr_valid+0x4a5/0x5c0
[ 1704.621443][T19427]  print_report+0xca/0x240
[ 1704.621455][T19427]  ? bch2_get_next_dev+0x38f/0x4e0
[ 1704.621465][T19427]  kasan_report+0x118/0x150
[ 1704.621483][T19427]  ? bch2_get_next_dev+0x38f/0x4e0
[ 1704.621496][T19427]  kasan_check_range+0x2b0/0x2c0
[ 1704.621513][T19427]  bch2_get_next_dev+0x38f/0x4e0
[ 1704.621523][T19427]  ? bch2_get_next_dev+0x27/0x4e0
[ 1704.621534][T19427]  bch2_do_discards+0x20/0x160
[ 1704.621546][T19427]  journal_write_done+0x11b9/0x13f0
[ 1704.621564][T19427]  ? register_lock_class+0x51/0x320
[ 1704.621581][T19427]  ? __pfx_journal_write_done+0x10/0x10
[ 1704.621594][T19427]  ? __lock_acquire+0xab9/0xd20
[ 1704.621614][T19427]  ? process_scheduled_works+0x9ef/0x17b0
[ 1704.621642][T19427]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1704.621668][T19427]  ? process_scheduled_works+0x9ef/0x17b0
[ 1704.621691][T19427]  ? process_scheduled_works+0x9ef/0x17b0
[ 1704.621709][T19427]  process_scheduled_works+0xade/0x17b0
[ 1704.621734][T19427]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1704.621756][T19427]  worker_thread+0x8a0/0xda0
[ 1704.621768][T19427]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1704.621786][T19427]  ? __kthread_parkme+0x7b/0x200
[ 1704.621800][T19427]  kthread+0x70e/0x8a0
[ 1704.621815][T19427]  ? __pfx_worker_thread+0x10/0x10
[ 1704.621825][T19427]  ? __pfx_kthread+0x10/0x10
[ 1704.621839][T19427]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1704.621854][T19427]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1704.621870][T19427]  ? __pfx_kthread+0x10/0x10
[ 1704.621883][T19427]  ret_from_fork+0x3f9/0x770
[ 1704.621895][T19427]  ? __pfx_ret_from_fork+0x10/0x10
[ 1704.621907][T19427]  ? __switch_to_asm+0x39/0x70
[ 1704.621921][T19427]  ? __switch_to_asm+0x33/0x70
[ 1704.621935][T19427]  ? __pfx_kthread+0x10/0x10
[ 1704.621948][T19427]  ret_from_fork_asm+0x1a/0x30
[ 1704.621967][T19427]  </TASK>
[ 1704.621971][T19427] 
[ 1704.853505][T19427] Allocated by task 22289:
[ 1704.857911][T19427]  kasan_save_track+0x3e/0x80
[ 1704.862590][T19427]  __kasan_kmalloc+0x93/0xb0
[ 1704.867791][T19427]  __kmalloc_cache_noprof+0x230/0x3d0
[ 1704.873157][T19427]  __bch2_dev_alloc+0xa7/0xc30
[ 1704.878003][T19427]  bch2_dev_alloc+0xcd/0x180
[ 1704.883104][T19427]  bch2_fs_open+0x256f/0x2760
[ 1704.887772][T19427]  bch2_fs_get_tree+0x44f/0x1540
[ 1704.892705][T19427]  vfs_get_tree+0x92/0x2b0
[ 1704.897127][T19427]  do_new_mount+0x2a2/0x9e0
[ 1704.901709][T19427]  __se_sys_mount+0x317/0x410
[ 1704.906392][T19427]  do_syscall_64+0xfa/0x3b0
[ 1704.910884][T19427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1704.916778][T19427] 
[ 1704.919092][T19427] Freed by task 22289:
[ 1704.923159][T19427]  kasan_save_track+0x3e/0x80
[ 1704.927844][T19427]  kasan_save_free_info+0x46/0x50
[ 1704.932859][T19427]  __kasan_slab_free+0x62/0x70
[ 1704.937788][T19427]  kfree+0x18e/0x440
[ 1704.941679][T19427]  kobject_put+0x22b/0x480
[ 1704.946092][T19427]  bch2_fs_free+0x4b3/0x5c0
[ 1704.950686][T19427]  bch2_fs_get_tree+0xb76/0x1540
[ 1704.955615][T19427]  vfs_get_tree+0x92/0x2b0
[ 1704.960047][T19427]  do_new_mount+0x2a2/0x9e0
[ 1704.964538][T19427]  __se_sys_mount+0x317/0x410
[ 1704.969262][T19427]  do_syscall_64+0xfa/0x3b0
[ 1704.973847][T19427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1704.979725][T19427] 
[ 1704.982139][T19427] The buggy address belongs to the object at ffff8880336b2000
[ 1704.982139][T19427]  which belongs to the cache kmalloc-4k of size 4096
[ 1704.996352][T19427] The buggy address is located 64 bytes inside of
[ 1704.996352][T19427]  freed 4096-byte region [ffff8880336b2000, ffff8880336b3000)
[ 1705.010137][T19427] 
[ 1705.012450][T19427] The buggy address belongs to the physical page:
[ 1705.018853][T19427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x336b0
[ 1705.027600][T19427] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1705.036108][T19427] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1705.043832][T19427] page_type: f5(slab)
[ 1705.047805][T19427] raw: 00fff00000000040 ffff88801a442140 dead000000000122 0000000000000000
[ 1705.056377][T19427] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1705.064949][T19427] head: 00fff00000000040 ffff88801a442140 dead000000000122 0000000000000000
[ 1705.073610][T19427] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000
[ 1705.082471][T19427] head: 00fff00000000003 ffffea0000cdac01 00000000ffffffff 00000000ffffffff
[ 1705.091138][T19427] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[ 1705.099966][T19427] page dumped because: kasan: bad access detected
[ 1705.106416][T19427] page_owner tracks the page as allocated
[ 1705.112292][T19427] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 49, tgid 49 (kworker/u8:3), ts 1704191677528, free_ts 1703852324420
[ 1705.133551][T19427]  post_alloc_hook+0x240/0x2a0
[ 1705.138313][T19427]  get_page_from_freelist+0x21e4/0x22c0
[ 1705.143850][T19427]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1705.149721][T19427]  alloc_pages_mpol+0x232/0x4a0
[ 1705.154576][T19427]  allocate_slab+0x8a/0x370
[ 1705.159131][T19427]  ___slab_alloc+0xbeb/0x1410
[ 1705.163827][T19427]  __kmalloc_node_track_caller_noprof+0x2f8/0x4e0
[ 1705.170325][T19427]  kmalloc_reserve+0x136/0x290
[ 1705.175078][T19427]  __alloc_skb+0x142/0x2d0
[ 1705.179484][T19427]  nsim_dev_trap_report_work+0x29a/0xb80
[ 1705.185191][T19427]  process_scheduled_works+0xade/0x17b0
[ 1705.190817][T19427]  worker_thread+0x8a0/0xda0
[ 1705.195393][T19427]  kthread+0x70e/0x8a0
[ 1705.199539][T19427]  ret_from_fork+0x3f9/0x770
[ 1705.204116][T19427]  ret_from_fork_asm+0x1a/0x30
[ 1705.208869][T19427] page last free pid 22296 tgid 22296 stack trace:
[ 1705.215362][T19427]  __free_frozen_pages+0xbc4/0xd30
[ 1705.220465][T19427]  __put_partials+0x156/0x1a0
[ 1705.225144][T19427]  put_cpu_partial+0x17c/0x250
[ 1705.229893][T19427]  __slab_free+0x2d5/0x3c0
[ 1705.234295][T19427]  qlist_free_all+0x97/0x140
[ 1705.238884][T19427]  kasan_quarantine_reduce+0x148/0x160
[ 1705.244374][T19427]  __kasan_slab_alloc+0x22/0x80
[ 1705.249222][T19427]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 1705.254671][T19427]  jbd2__journal_start+0x146/0x5b0
[ 1705.259869][T19427]  __ext4_journal_start_sb+0x227/0x5c0
[ 1705.265336][T19427]  ext4_dirty_inode+0x93/0x110
[ 1705.270090][T19427]  __mark_inode_dirty+0x2d1/0xdf0
[ 1705.275364][T19427]  touch_atime+0x59b/0x6d0
[ 1705.279774][T19427]  ext4_file_mmap_prepare+0x24d/0x440
[ 1705.285154][T19427]  mmap_region+0xb41/0x20c0
[ 1705.289659][T19427]  do_mmap+0xc45/0x10d0
[ 1705.293819][T19427] 
[ 1705.296136][T19427] Memory state around the buggy address:
[ 1705.301752][T19427]  ffff8880336b1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1705.309975][T19427]  ffff8880336b1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1705.318113][T19427] >ffff8880336b2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1705.326159][T19427]                                            ^
[ 1705.332300][T19427]  ffff8880336b2080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1705.340388][T19427]  ffff8880336b2100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1705.348470][T19427] ==================================================================
[ 1705.392915][T19427] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1705.400173][T19427] CPU: 1 UID: 0 PID: 19427 Comm: kworker/u9:1 Not tainted 6.16.0-rc6-next-20250718-syzkaller #0 PREEMPT(full) 
[ 1705.411914][T19427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1705.421990][T19427] Workqueue: bcachefs_journal journal_write_done
[ 1705.428348][T19427] Call Trace:
[ 1705.431662][T19427]  <TASK>
[ 1705.434611][T19427]  dump_stack_lvl+0x99/0x250
[ 1705.439231][T19427]  ? __asan_memcpy+0x40/0x70
[ 1705.443950][T19427]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1705.449259][T19427]  ? __pfx__printk+0x10/0x10
[ 1705.453879][T19427]  vpanic+0x281/0x750
[ 1705.457881][T19427]  ? preempt_schedule+0xae/0xc0
[ 1705.462763][T19427]  ? __pfx_vpanic+0x10/0x10
[ 1705.467282][T19427]  ? preempt_schedule_common+0x83/0xd0
[ 1705.472766][T19427]  ? preempt_schedule+0xae/0xc0
[ 1705.477643][T19427]  ? __pfx_preempt_schedule+0x10/0x10
[ 1705.483072][T19427]  panic+0xb9/0xc0
[ 1705.486903][T19427]  ? __pfx_panic+0x10/0x10
[ 1705.491339][T19427]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[ 1705.497309][T19427]  ? bch2_get_next_dev+0x38f/0x4e0
[ 1705.502468][T19427]  check_panic_on_warn+0x89/0xb0
[ 1705.507445][T19427]  ? bch2_get_next_dev+0x38f/0x4e0
[ 1705.512579][T19427]  end_report+0x78/0x160
[ 1705.516864][T19427]  kasan_report+0x129/0x150
[ 1705.521408][T19427]  ? bch2_get_next_dev+0x38f/0x4e0
[ 1705.526541][T19427]  kasan_check_range+0x2b0/0x2c0
[ 1705.531583][T19427]  bch2_get_next_dev+0x38f/0x4e0
[ 1705.536548][T19427]  ? bch2_get_next_dev+0x27/0x4e0
[ 1705.541613][T19427]  bch2_do_discards+0x20/0x160
[ 1705.546412][T19427]  journal_write_done+0x11b9/0x13f0
[ 1705.551737][T19427]  ? register_lock_class+0x51/0x320
[ 1705.556976][T19427]  ? __pfx_journal_write_done+0x10/0x10
[ 1705.562550][T19427]  ? __lock_acquire+0xab9/0xd20
[ 1705.567435][T19427]  ? process_scheduled_works+0x9ef/0x17b0
[ 1705.573191][T19427]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1705.578502][T19427]  ? process_scheduled_works+0x9ef/0x17b0
[ 1705.584306][T19427]  ? process_scheduled_works+0x9ef/0x17b0
[ 1705.590061][T19427]  process_scheduled_works+0xade/0x17b0
[ 1705.595654][T19427]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1705.601671][T19427]  worker_thread+0x8a0/0xda0
[ 1705.606282][T19427]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1705.612640][T19427]  ? __kthread_parkme+0x7b/0x200
[ 1705.617587][T19427]  kthread+0x70e/0x8a0
[ 1705.621683][T19427]  ? __pfx_worker_thread+0x10/0x10
[ 1705.626828][T19427]  ? __pfx_kthread+0x10/0x10
[ 1705.631456][T19427]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1705.636670][T19427]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1705.641887][T19427]  ? __pfx_kthread+0x10/0x10
[ 1705.646482][T19427]  ret_from_fork+0x3f9/0x770
[ 1705.651087][T19427]  ? __pfx_ret_from_fork+0x10/0x10
[ 1705.656288][T19427]  ? __switch_to_asm+0x39/0x70
[ 1705.661054][T19427]  ? __switch_to_asm+0x33/0x70
[ 1705.665815][T19427]  ? __pfx_kthread+0x10/0x10
[ 1705.670494][T19427]  ret_from_fork_asm+0x1a/0x30
[ 1705.675266][T19427]  </TASK>
[ 1705.678470][T19427] Kernel Offset: disabled
[ 1705.682795][T19427] Rebooting in 86400 seconds..