last executing test programs:

4m27.993084572s ago: executing program 32 (id=183):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
r2 = syz_io_uring_setup(0x231, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x70}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x140})
io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0)

4m17.209970996s ago: executing program 33 (id=239):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r1 = syz_io_uring_setup(0x12d, &(0x7f0000000140)={0x0, 0xbcb3, 0x0, 0x5, 0x41000}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x2, r0, 0x0})
io_uring_enter(r1, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

4m10.657705125s ago: executing program 34 (id=272):
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000500), 0x28002)
write$sndseq(r0, 0x0, 0x0)
r1 = dup(r0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

3m29.337535638s ago: executing program 7 (id=494):
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)

3m12.424977276s ago: executing program 35 (id=592):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x65, 0x0, 0xf, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x2, 0xffff, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0xfffffff8, 0x52}]}}}}}}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x4, 0x0, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x5, 0x20000009}]}}}}}}}, 0x0)

3m3.072116912s ago: executing program 36 (id=641):
r0 = epoll_create1(0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
close(r1)
socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040)=0x80, 0x4)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x20000004})

2m48.186755162s ago: executing program 7 (id=494):
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)

2m39.559106755s ago: executing program 5 (id=767):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
unlink(&(0x7f0000000100)='./file1\x00')
socket$inet(0x2, 0x1, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

2m38.468949225s ago: executing program 5 (id=769):
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x121c02, 0x0)
epoll_create1(0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x5, 0x2})
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

2m38.064412344s ago: executing program 5 (id=771):
socket$inet_smc(0x2b, 0x1, 0x0)
socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000000c0)="6880a642beaf34317f0dd3122a90ad0d2b", 0x11}], 0x1}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x4)
recvmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2020)
sendmsg$inet(r0, &(0x7f0000000540)={0x0, 0xc027, &(0x7f0000000340)=[{&(0x7f00000000c0)="97eb000014006bcd9e", 0xeb97}], 0x1, 0x0, 0x0, 0x1f000000}, 0x600)

2m37.766432428s ago: executing program 5 (id=774):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000500)='./file0\x00', 0x18008, &(0x7f0000000200)=ANY=[], 0xde, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
chroot(&(0x7f0000000180)='./file0\x00')
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

2m37.294736709s ago: executing program 5 (id=777):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x8a, &(0x7f00000005c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x7c, 0xfffe, 0x0, 0xfd, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x1a, 0x4, 0x2, 0x0, 0x0, {[@window={0x3, 0x0, 0x3}, @timestamp={0x8, 0xa, 0x200, 0xd}, @exp_smc={0xfe, 0xfffffffffffffcb4}, @sack={0x5, 0x12, [0x5, 0x5, 0x1, 0x0]}, @md5sig={0x13, 0x12, "4d561d7ef6737b6a2efa8f86467f69a2"}, @sack={0x5, 0x1a, [0x140000, 0x9, 0x7f, 0x7723, 0x5, 0x1]}]}}}}}}}, 0x0)

2m36.547326659s ago: executing program 5 (id=780):
r0 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs/binder0\x00', 0x800, 0x0)

2m36.117146192s ago: executing program 37 (id=780):
r0 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000440)='./binderfs/binder0\x00', 0x800, 0x0)

2m31.609929701s ago: executing program 9 (id=808):
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x808880, &(0x7f0000000000), 0x2c, 0x528, &(0x7f0000000380)="$eJzs3c9vI1cdAPCvnV/ebLZJoYeCgC6lsKDV2om3japeWi5IqKqKVDghtI0SbxTFjqPYKU2IRHrmikQlTvAncEDigNQTd25w41IOSAVWoAYJIaMZj7exE2etTRzvxp+PNPJ7byb+vmdp3ss8e+YFMLZuRsRhRExHxLsRMZ+V57It3mhvyXGfPjhYPXpwsJqLVuudf0xmRx6sdo7vuJ69ZyHi7SQ/c0rcxt7+5kq1WtnJ8qVmbbvU2Nu/s1FbWa+sV7bK5eWl5cVX775SvrC2vlD7zSff2XjzB7//3Zc//uPht36S1Pn1bF/StgsLdEz7c5mKuWNlySf3ZsS1YcS7bBNZe6ZHXREeSz4iPhcRL2bphwqjqxMAMFyt1ny05o/n+8sNcAwA8ORLrvnnIpcvZtf/c5HPF4vpHF7huZjNV+uN5u379d2ttUjnsBZiKn9/o1pZzOYKF2Iql+SX0vRn+XJP/m5EPBsRP5+5luaLq/Xq2qj+6QGAMXe9Z/z/90x7/B+AbwgA4GlmJAeA8XNy/J8aST0AgMvj+h8Axs+x8f+0e3UBgCuo0HPvPwBw9T1y/v/5+OmPLqcqAMAl8f0/AIyV7731VrK1jrLnX6+9t7e7WX/vzlqlsVms7a4WV+s728X1en09fWZP7VHvV63Xt5dejt33S81Ko1lq7O3fq9V3t5r30ud636u4sQAARu/ZFz76cy4iDl+7lm7RWcvBDwLgyus+zSdPP6hPMfB0mxh1BYCRMbTD+OozH+/qH8ZI7hH7+/5E6MP+f3MlFriFK+zWF/rM/5/9EMD/tS6nesAQ+Ucfxtf55v/9mg+eZub/YXy1Wjnr+QPAmBngCt5PBOGKe+zv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCMzaVbLl/M1gKfi3y+WIy4ERELMZW7v1GtLEbEMxHxp5mpmSS/NOpKAwDnlP9bLlv/69b8S3O9e6dz/5lJXyPix7985xfvrzSbO0tJ+T8fljc/zMrLpwaYGX4bAIBjJnsLOuN0ZxzvrO/76YOD1c52mRX85NvtxUWTuEfZ1ql6u/KFmIqI2X/luhqTu6CFiQ8/iIjne9uff7h/IVv5tDd+EvvG0OJH2sK5rvj5rvj5dF/7NfksPn8BdYFx81HS/7xx2vmXj5vpa3b+5bo700L87GTn+hg6/d9Rq7f/a5/vb98opH3Naf3fzUFjvPyH7/bd98FE64uTEUcn+t/OitCFNNUd//W07KUB4//lS195sd++1q8ibsVZ8dupUrO2XWrs7d/ZqK2sV9YrW+Xy8tLy4qt3XymX0jnqUmem+qS/v3b7mf7tj5jtE7/Qt/3tOn19wPb/+r/v/vCrZ8T/5tdOi5+P586In4yJ3xgw/srsb/su353EX+vT/smu+NNdf5eU3R4w/sd/3V8b8FAA4BI09vY3V6rVyo7EeROFYb3z9SekgRJnJCai2pmPeiLqc+7EiDsmYOg+O+lHXRMAAAAAAAAAAAAAAKCfxvezR/4N8Wa4UbcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAq+v/AQAA//+3Z8n7")
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x121, 0x40000000, 0xffffffffffffffff, 0x0)
fremovexattr(0xffffffffffffffff, 0x0)
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000080)='./file1\x00', 0x400000f000)

2m30.716859234s ago: executing program 9 (id=813):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f00000002c0)={0xb}, 0x1)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000040)={0x61}, 0x1)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000080)="b1", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)

2m30.209660563s ago: executing program 9 (id=816):
r0 = io_uring_setup(0x6f94, &(0x7f0000001240)={0x0, 0xfffffffd, 0x0, 0x2})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x5, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "6a53198af9b87849"}}, 0x48}}, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="050000000008"], 0x80}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m29.968816315s ago: executing program 9 (id=819):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000300)=0x208)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
read(r0, &(0x7f0000000240)=""/30, 0x1e)
sendto$inet6(r0, &(0x7f0000000080)='D', 0x1, 0x281, 0x0, 0x0)

2m28.928908297s ago: executing program 9 (id=823):
syz_mount_image$bcachefs(&(0x7f00000058c0), &(0x7f0000005900)='./file0\x00', 0x10000, &(0x7f0000000240)=ANY=[@ANYBLOB='fsck,inline_data,nocow,degraded,str_hash=siphash,norecovery,discard,reconstruct_alloc,erasure_code,acl,no_splitbrain_check,hash,uid=', @ANYRESDEC=0x0, @ANYRES32], 0x0, 0x58b4, &(0x7f0000005980)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJIgEFCCCy4UYKGlpagf0EJq0WhRBatESuRlE1ZRitWltpBa3UU/+BTykBLIQ1k+5qmZvqfTc6fv3J7unpDA71fJ3D6nb//PueeevtP/Mz3TAQAAgNeE3ddv2XvOUR/41RdHX7rmwz/bcG3oL4/XV+MOA+n2ileqhxxIvZVF49vsvHjTVT/489DF7/vl3X3ff3nXmmPX/v79h118/2fO3Hnbtx96ce69/3ymKG6cTyfuLyfPJSFUf77n61/a9diRY3VJCKGcDGwPYUGy8KEFSSbE8N9DCGvSwqLMnfe8dMrase21N/VOqJ+f2c98f22rpvNs297LTwp/eO+q636z+Mc/6tnx7Pb9uyTVhvkUwrwLGx/fE0KYnf4fE2dbnI9x0q4MIfQ1PO6Mgn4d12L/l+WUj063s9Jtf0GceP+STLmU2S9bjnoy276C9jqV14929ysyJ1POXow6ldfPWL8g3f403Z44zfjl+D8JpSRU6t1fn+yfI6HhvCUhGT+X1Xq5VD+3IT3+TDnJlEuZcrknc1zj7aYTrZwkE+vjfpn6eDmupPXHNl6rmzg3p/716baaPlFfjuWQvVHTP+lG/bjGxX7tmaIvB0Kp4RrUrL5+4tOT0Z/W9ScLJz1mXxPxvl2rbl5aXv3w7oGcfiR3J2n8pK342369YM6nfnjjZdnv6/X4F5bS+KW24v/xrMefP//G730rN/6tMX65rfgnP9D33FmPXL8kd3z2xPGptBV/5JlHb1l8+EU7cvt/e4xfbSv+ip2P987d+8CDuf0fjuMzu634T7/zg3+668n7ns2NH2L8vrbir9656cu9g3tPyI3/YByf/vbmzws7Tn9qcPAvQ3nxn4jx57YV/87tt73jjvk3nZl7flfG8RloK/7Zx99/3Zy99x2Td+1Mbu/Wd06A16bD0tdYN6TldvPMTjXkC98cqtRe881J/8/tZkMZY+3Mm8H4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALw2HXHS//zQ///4wHOVtNyb3ni6VNvG+lkhJLNDCFu2jmzeum7jJUOfufSyzRtH1g+NbB0a3bh185VDp75laPPopvUjV47dO/zWU2qPWxiS2jY5ZlLb+/bt21camFgX2/tPx+/4w9Iz/uWvIQwf8bvBSm7/l9224Y7Dm3zNSFbse8+Gy8753WnfTY9rIO3XQE6/Qk6//vW8f9zx1T1/PiGE4ddN1a9Hn373LyZ0aLxif5xUqTfUOtSb9DXtR73XaX/ieFXWrls/Olw8vuWc4/jPVz3797VXfOUftfGt5h5Hi+M7e8W+9aVvrDr7379xda3iYD3vReMdjyL2L45fNR3veelxzcs5rkrOcV3/mwef/PlRN764PQxXXlg8ue2i4+pJJ0BP8vqW2o0t9CULJtRX0/3jGY+PW7Z1w6ZlW67c9tZ1G0YuGb1kdOPbl5+6/PTh004/bdn4kS/r8vHH9t/Y4vEfmPk0/3Pbfxq/tjafivpVNB5j/Soej8Ye5T3/+s790tfeftsj59QqiuZ53Lt+PUm3fWPneXlomG+Tx6rZcRWNQwhhqNk4PP/imeHI/7PuuqLrUOOZafyakazY99iSv333jO8selet4oBc5xs71OZ1vt7r/f0ZH69qej4O1vHtDeX0uPqb9mv5Y4/03Lz7r5+v92/WrHDFyNatm5fXvs5JezonObppv7K18bgWj38th3RYQn2aNpmvY3pCrX/Z62fcPTuq/el9/cnCpseVFe/btermpeXVD+/OG+nk7lqLs8Pc2jZ5Q86e6zMPLNc73Kz9Q3V+DH7oO/d+/N6fnDppfpxc+1p0XEnOcf34yTu/9v2v/NefdO+4PvTuxwf+9n8/vbRWcahcV+q9TvuTNF5XTg6h6Pm3ODQ/jtznX6n58RQ9/7Lt7N+/ebyhTLk/lNt6vp78QN9zZz1y/ZLc5+ueVp+vV08olQuerwfL/Hnlnl8TJkqyYt8vbzhs+0PXrDyqVlE0r+t7N5vXp7SQf+Qc1y/Of2rw0qH/8r+7d934wVvuueD3Iyu+UKs4WM57NR3fas741nsd887G8X3bxZeuX1OrP3hf/6bbgvwnXkq2XLntsyPr149u3tLacbX6/TS2kx3ldr+fxqvbwoLjKk06rpm70cp4tfp8i/1f0/Z4TXy+9Yekre8L2369YM6nfnjjZQOTHpU2dGEpjV9qK/4fz3r8+fNv/N63cuPfGuNX2oo/8syjtyw+/KIdufFvT9L41bbir9j5eO/cvQ88mBt/OPZ/dlvxn37nB/9015P3PZsbP8T4/e2N/ws7Tn9qcPAvufGfSNJ2xl4jhXDPS6esrZWT0JM+32I/eib0K2TLSaZcypTLjeVSba213kA5SSbWx/3S+mMb+tLMJ3Lq46uw6qLa9uVYDtkbU9cfbEoN1/5m9UWvUwEAXu3iz//ja9D48//R9IVS/koD7NdpHrYoJ27Mw/av58yacP+iNH58fFwHHHxbGB7bXjtUe6E/3XXO+HzIrnPGdk44bmKMdtc5i9bfl2TKsV+19fJKQx6ampzXVEIL6++T25l6/T1z+MXr40M3TOrWUMO6Vfb89aQrZs3e75Dpb2UsQt78yK6LxfdzDM4LK8fba3F+ZN9HE89D9n00sZ2jMhfOdt9H0+n8iN2eYn6Md7n45xuTz1+YYnz3n7/m0bLnbxrnuzq2/0z/fPbQXzec2Z+HWZfMiZ8+wQ72dcNYH4+j0uJ64sdz6ru1nhgvF7Ffe6boy4FgPRF4tYr5f/weMZb/j70A/7fMfkWvQ7OvGmO83PcJlZv3pyjvmPw+vb62vo+v3rnpy72De0/IfZ3zYKvv+9k0odRX8L6fonFcmikXjmPOAk1Rvpdtp2jcs+/L6A9z2xr3O7ff9o475t90Zu64r6x9Iy0e969NKM0tGHf5Qk58+cJBkS/M9PrZK5aPpG98mql85GM59dPNR/om3agf17hDLh/pObD9AgAOHTH/r//8LM3//19mv6K89cRMOcbLzVtzXp/k5a0fSbdXZPbvT3+jYrqvm88+/v7r5uy975jcvOX2VvPQ/zahNFCYh3aWN+fmESu7837x3Dyinmd1lifm9r+eJ3aWp+fGr+fpneXRueNTz6M7WwfIjV9fBzjU89yZXa971ebR6a/PzlQefW5O/XTz6P5JN+rHNU4eDQDwyor5f3wZF/P/RzL7dfq6PTcv6NLr9uzfA6nHf+JA5ZUznffNdN4603n9TK9LHOp58UyvC83sOpm8OC2H7I0aeTEAAAeDmP/PTsv5+X9n+Ulu/lbPT+TnTePLzw+S/PxQX/+S/8v/i8n/AQBe3WL+H3/tMf79v/+RlrN/t16enhNfni5Pn2r+tJynz/Q6m3UA6wDFrAMAALy69IxnSpN/z/6T6Tb7e/Z5v5d/fs7+raqM/459CBdt3Tw6esFlm9aMbB29YOOla0a3XHD55nVbt45urO3Xad6Ym7ekeWNPqKTj0Xy/bN42P/17CPNz/h5Cdv8Y9ujxG5P/HkK22dkFf0dg//lrrb955680xf7N5kfe+c6L/4mc/aP6+b/40ydfsHbLBes2rtu6bmT9um2jE/cby1r7pvG5mXFYpvW5mZkvk5Sm//md3elHaVI/etLxyPt89iTTjwVpTxbkff5BTr9/9b+++rnj9/3jrhCGjyi/oaPxS1bs++/njX5k6+7fbRrrf2nK/tf3TPtV9Hml2f3j8VTWX7pl60lrL71sY/YTJdsT1zNK9fIMrWekT/9yi+sTq3Pqp7s+UZ504+DU8voEAAATxJ//x9ez8eeHX0lfQMX61vP0zn5+nJunD7eWp2c/l6woT8/uH4+31Ty92mGenm2/KE9vtn+zPD0v786L/7Gc/aer9XnS2fs8cufJha3Nk+znGRTNk+z+050nSYfzJNt+0Txptn+zeZJ33vPifzRn/zytz4fO3peTOx9ubW0+vDlTLpoP2f2nOx9KHc6HbPtF86HZ/s3mQ975zYt/Ts7+rZo4P8Ymxvi8GL3g8ks3f7Zhv5n+/IvO+zezn//Rrtb7P7Pv+5r5/s/s+8pmvv+dva8st/9PdLYS1nr/Z/bzXdp1wNZr0zebFb3/rGgdd1VO/XTXcWdNunFwso4Lr5yY/8cf98T8/6Z02+0fAx36n5Pmc8yaxu/S55gVvY7x/XyKxg4Cvp8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtKa3smh8u/v6LXvPOeoDv/ri6EvXfPhnG65901U/+PPQxe/75d19339515pj1/7+/YddfP9nztx527cfenHuvf98pjDwQG1zYlqshpA8l4RQ/fmer39p12NHjtUlIYRyMrA9hAXJwocWJJkIw38PIayp93Pinfe8dMrase21N/VOqJ+fCZI9rtBfjv2Z0M9wReERcQiqpvNs297LTwp/eO+q636z+Mc/6tnx7Pb9uyTVhvkUwrwLGx/fE0KYnf4fE2fbovjgdLsyhNDX8LgzCvp1XIv9X5ZTPjrdzkq3/QVx4v1LMuVSZr9sOerJbPsK2utUXj/a3a/InEw5ezHqVF4/Y/2CdPvTdHviNOOX4/8klJJQqXd/fbJ/joSG85aEZPxcVuvlUv3chvT4M+UkUy5lyuWezHGNt5tOtHKSTKyP+2Xq4+W4ktYf23itbuLcnPrXp9tq+kR9OZZD9kZN/6Qb9eMaF/u1Z4q+HAilhmtQs/r6iU9PRn9a158snPSYfU3E+3atunlpefXDuwdy+pHcnaTxk7bib/v1gjmf+uGNly3Ki39hKY1faiv+H896/Pnzb/zet3Lj3xrjl9uKf/IDfc+d9cj1S3LHZ08cn0pb8UeeefSWxYdftCO3/7fH+NW24q/Y+Xjv3L0PPJjb/+E4PrPbiv/0Oz/4p7uevO/Z3Pghxu9rK/7qnZu+3Du494Tc+A/G8elvb/68sOP0pwYH/zKUF/+JGH9uW/Hv3H7bO+6Yf9OZued3ZRyfgbbin338/dfN2XvfMXnXzuT2bn3nBHhtOix9jXVDWm43z+xUQ77wzaFK7TXfnPT/3G42lDHWzrwZjA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKvTb68+9ZPnveejqypJCEnOPvuaiPeVZ61YMdRGuyPPPHrL4sMv2tFYt6iNOAAAAECxmIeX6jXVsChcnswORzfdP64RHB1LycT67BpCjJNdI2g3TqlLccpdilPpUpyeLsWZ1aU4vV2KUy2IUw2txZk9ZZxSy/3p61Kc/i7FmdOlOHO7FGdel+LM71KcgSnjtD4PF3QpzsIuxTmsS3EO71KcI7oU53VdinNkl+Jk15SnOw/npnselRdn/Ea5ME4lKdfvaLaeHts5psN2+ltsJ/f7cYvtzG6xneMyjytNs51qi+28scN2khbbeXOH7ZQK2onz9ops/2I7sdTi/L+yS3G2dSnOVV2Kc3WX4ny+S3G+0KU413QYB6BVMf/fn+8NhN7Ku0JfesXJrgLEfHfx+NfJ3+/yLkgx3hsy9bOy8bJhsol6Jt7i6fYvu4CQibckU98zIV6lno9MEa/aGG9p5s5Jx5vtX3ZBIdO/EzP1vUXxsgsLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCDfnv1qZ887z0fXRWSMPavqX1NxPvKs1asGGqj3V2rbl5aXv3w7sa63kobgQAAAIBCMQ/vqddUQ29leehNZk3Yr5quA1TTcnmgth2cF1aObZOh0ni5L1kw5eMq6eOWbd2wadmWK7e9dd2GkUtGLxnd+Pblpy4/ffi0009btnbd+tHh2tcQegvihRDGlx+2XLntsyPr149u3lKrzPZ/Ufq4RWk5SR83+LYwPLa9Nu3/woL2SpPam7kbxWcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2DX/kLdPOs4gD9vkpNkZ6uN7F9W1tPQP6Pq0LZm0ulYXhAcbG3pYSDJ9DiKa3F4upatHXXGreA2WxRho1AqvanU4ebwZn/cEPeHQmVWC55aZBu6C71QNp10oxfSEek5eXOSNGlO41i37vO5eN/keX7P88uTiwPf9wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA/WVL08Ua2M10ajEKI+NY0ekrl0No5LQ/T9+vNbf5wbO7m8fSyXGWIjAAAAYKAkh4+0RvIhl0mHdLhq+t3i0DYRZnM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw8TNVL09UK+O1i6MQoj41jR6SuXQ2jktD9H3jnSe/8OrY2D/ax4pD7AMAAAAMluTwVGskH4phSRiJruqoS54NLOha312X7LNwjnXdzw761S2ZY901c6z71IC6dc37jgAAAAAffUn+z7RGCiGXmdc3/w/K9Undoq66dPM+zG8FAAAAgP9Pkv9zrZFiyGWKrbw+17y/uKsuWT/o//bJ+mV91g/6f/7a5t3/6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgo2OqXp6oVsZr6SiEqE9No4dkLp2N49IQfVe9MPqvWw49tLh9LJcZYiMAAABgoCSHz0bvfMhlRsNIuHg694/dtP/prz79bDmEMBPzs9mwY8O2bXevmrkmdSuPHBr50eG3vndG3cqZ63k7IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8L6ZqpcnqpXx2kVRCFGfmkYPyVw6G8elIfq+/qWv/O3x48+92T5WHGIfAAAAYLAkh89m/3wohmzIhium37Vn/dNSXev7PTMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhz3fOe+b2+YnNx4txdeeOFF68X5/ssEAAC83xaFKDTO0ZXrz/enBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgym6uWJamW8lo9CiPrUNHpI5tLZOC4N0Td+/mhu3skXXmofKw6xDwAAADBYksNns38+FMNIGAmXT7/r9UxgOv8XPsAPCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHyoTNXLE9XKeG1eFELUp6bRQzKXzsZxaYi+j+3c98WD8394c/tYLjPERgAAAMBASQ7PtkbyIZf5dMiFq5vvJzsXROnmvfdzgdl1WzuWjc55Xb1jXXrO63Z1nSzTPM3MunyyX2Hm3lpXOnNdqW1dMbTalzrWhT0dq+YN+JwBAAAAzqMk/+daI4WQy+Tacu7PO+oLci4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0MdUvTxRrYzXoiiEqE9No4dkLp2N49IQfe/7/Scv+cYvdm9vHysOsQ8AAAAwWJLDZ7N/PhTDwvCJsHA694dCZ31S9+/qqYOP/ufvy0NYccWxsUzf/X/7+o0vdl9CSHUWpUKY3+wX9en3uz8+eu/SxqnHQ1hxefrqc+3XuWXceKa6ce22w8e2nuWLAQAAgAtIkv9HWiOFkMvc1Tf/J8n7nPL//Ht3/uqy5rWZyLtWpArNfqk+/b689Mm/Llv9z7dO5/+z9fvcvs0HL+toODPSJYoblc3b1x277kAqOfVM/3RX/+R7+dp33/zvph2PnJrpnw/55viCTK/+Z167XBQ3JlN7a2ve21vv7J/pc/6H/vDS8d8s2P3u6f7vLBpt9b/mLOc/e//RWx/ec/2+Q+s6+4cQSr36v/3uzeHKP9/5YPf5R7s2bv/m269dorhxZPGJA6v3F2/o7B919U++/18ef2zPzx75wbNJ/+S3IsuXzLV/qqv/K7su3fnyA+sXdPZP9Tn/i7e9Oral9P0/dZ//jqHP/8S1T93+2ob4/u4pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAC8tUvTxRrYzXUlEIUZ+aRg/JXDobx6Uh+r5xy9G3b9v905+0jxWH2AcAAAAYLMnhs9k/H4ohG7JhdDr3P1PduHbb4WNbQ2FmNmreM5Nb7tn2mU1btt91x3n65AAAAMBcJfk/0xophFxmaRhp5v/K5u3rjl13IJXk/1SS/zfdOblxRWjVvbLr0p0vP7B+Qes5QQjTPwvIn677/GzdTTceLZz4y7eW9axbNVt3ZPGJA6v3F29I6kJ73crQej7xxLVP3f7ahvj+1udrr/vsN7dMNh9PJPuO3vrwnuv3HVrXOkfzPtrcN6mbTO2trXlvbz2pSzfv+ea5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAzTdXLE9XKeC2kQ4j61DR6SObS2TguDdF3zdJfP3jJyecWto/lMkNsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8jx04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs101oHVUfB+Bz7k3e3OYmbdK+YFRM06oodWFRENGNioq0IgVXlSLV1i5EQRBR6sJUWrFUxY1gdVNEBTVKQcHGYmmVVPwqblyooFBdCKUY0IbiQiXJObc304xXJ1VQnweGc8+Zmd/8Z87J5F4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4R+npGpppD++4f+qWc2746NG7Tjxy0zv3brvo4Ve/G9l03Yd7e186ObF5xZYvr1+2af/da8Z3P3/op/63fjnaMfih2WZV6jZCiMdjCI13J595bOLjs6bHYgihHgdGQxiMSw8NxkLC6p9DCJtbdc7d+eaJy7dMt9t29cwZX1IIKd5XaNZzPbMG5tbLv0sjrbOtUw9eEr6+dv32T5e/8Xr32LHRU4fERtt6CmHxxvbzu0MIi9I2La+2oXxyateFEHrbzruyQ13n/8H6Ly3pn5va/6W22SEn719Z6NcKxxX7WXeh7e1wvYUqq6PqcZ30FfrFl9FCldWZxwdT+3ZqV/3J/HreYqjF0NUq/554ao2EtnmLIc7MZaPVr7XmNqT7L/RjoV8r9OvdhfuauW5aaPUY547n4wrj+XXclcZXtL+r53FryfjZqW2kP9STuR+KH2Y1T/vQuq8Zua7J36nl71BrewfNN96a+DQZzTTWjEtPO+fXeeR9E+ufuLC+4b3DAyV1xL0x5cdK+Vs/Gey7/bWdDwyV5W+spfxapfxv1h754badLzxXmv90zq9Xyr/sQO/xte/vWFn6fCbz8+mqlH/H0Q+eXP7/O8dK69+T8xuV8q8ZP9LTP3XgYGn9q/PzWVQp/6urb/z2lc/3HSvNDzm/t1L+hvH7nuoZnrq4NP9gfj7Nauvnx7Ervhge/n6kLP+znN9fKf/l0d1Xvbhk15rS+V2Xn89ApfybL9i/vW9q33ll786450z95wT4b1qWvmM9nvpVf2cuVNvvhWdHuma/8/Wlrf9MXqhg+jqL/8J8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dd24IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngoAAP//pkA1WQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x101100, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r1, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x4010bc14, &(0x7f0000000200)={0x10, 0x10005, 0xffffffffffff8ab7, 0x2, 0x86b, 0x6})

2m27.037855209s ago: executing program 9 (id=831):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x2c, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

2m19.538823346s ago: executing program 7 (id=494):
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)

2m11.906890702s ago: executing program 38 (id=831):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x2c, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bda", 0x7)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

2m3.89155001s ago: executing program 2 (id=909):
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000180)={0x0, 0x1, 0x0, @local}, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00U\x00=\t\x00\x00\x00\x00\x00\x00\x00\x00\a\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a000000000000000000001420000100", @ANYRES32=r2], 0x58}}, 0x0)

2m3.638704851s ago: executing program 2 (id=911):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r1, r0, 0x0, 0x578410eb)

2m2.519269337s ago: executing program 2 (id=913):
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000340), 0x76, 0x101341)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f00000001c0), 0x95)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0x80045515, &(0x7f0000000040)=@usbdevfs_connect)

2m2.290978917s ago: executing program 2 (id=914):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYRES8=0x0], 0x1, 0x14c, &(0x7f00000001c0)="$eJzszzFLOgEYx/Hf/e+Uf6VRYGANIjR0FOZ1Yk0NGklCelC4NAl2UaAZCdGotDYEjTVYruJbsCwC64SwN9FyW9AUF+cdlGP777PofZ+Hh7v11Z6MMCDCsVYuHR3rlYq+G97SDlPb7+12wu5eAP+H5s7+XQLYt38lwKwBdn7wA3sHRX2xUC7az2YCkAEkx5yuwNkdtVvAaUsQBLMGEbNAZ8ppqrsn/2oxt81IQPjr5551A8zZ9yaddgXgA8Dp9ULLg6xhWZYFPHXczxz05nPW6KYj8yH9XE1NN3xBETn98RZJwZ6/RbuR12ir2e8ZmU0to/ViqrocUyRFife1FyMdr15A2vCdADvC8D0vgiEpB5wJwOVgZt4LfgCd+qdWGl+pu+9QHXH/FPJBTyMfmPgHUYYAIiIiIiIiIiIiIiIiIiKiv/oOAAD//0rtZa4=")
chroot(&(0x7f0000000180)='./file0\x00')
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

2m2.015083718s ago: executing program 2 (id=915):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000580)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000340)="77541b79b2cdf236214d5c6030f56bcc81099bf4eca4a4c279db4b7e8e4d550f39cc1ad60ae65497be28f71730088548a68d9aa7afd86ad9122a4315c665d9f9a7f7c3035c87853f3a671528bed0af960382b361b5405172cf4b72aff47a3a1fb9766107ff341812bae78c24c3be59e31dd652a1bbdf6c44eb85d3a34802abaf4c23988b507ea8440b3b6ca5b48a8b2bd6b915cd4c71ad1195c516e9ff03165aeb92b043fc4e55ec085c6278c4", 0xad}], 0x1, 0x0, 0x0, 0x20004080}], 0x1, 0x30000800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000001c0)=""/24, 0x18}, {&(0x7f0000000980)=""/146, 0x92}], 0x2}, 0x20)

2m1.032044269s ago: executing program 2 (id=919):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

2m0.390802484s ago: executing program 39 (id=919):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1m40.610686801s ago: executing program 7 (id=494):
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)

1m26.616540229s ago: executing program 0 (id=1080):
r0 = gettid()
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000240), 0x0)
read(r1, &(0x7f0000000b80)=""/215, 0xd7)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000000)={0x32f, @tick=0xfffffffc, 0x0, {0x6}, 0x1, 0x1})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f00000006c0)={0x400, 0x2, 0xe})
tkill(r0, 0x7)

1m26.246493699s ago: executing program 0 (id=1083):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0xc0049364, 0x0)

1m26.051052467s ago: executing program 0 (id=1085):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000000)=""/73, 0x49)
write$char_usb(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)

1m23.818660058s ago: executing program 0 (id=1103):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000400)='./file0/file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x3125899, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m23.580544405s ago: executing program 0 (id=1106):
r0 = signalfd4(0xffffffffffffffff, &(0x7f00000003c0)={[0x1fffffffff]}, 0x8, 0x0)
r1 = syz_io_uring_setup(0x184, &(0x7f0000000680)={0x0, 0x3416, 0x13100, 0x2, 0x4, 0x0, r0}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0})
io_uring_enter(r1, 0x2def, 0x9566, 0x0, 0x0, 0x0)
unshare(0x24020400)
signalfd4(r0, &(0x7f0000000140), 0x8, 0x0)

1m22.824298438s ago: executing program 0 (id=1110):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r1)
sendmmsg$inet6(r1, &(0x7f00000061c0)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)="73eb3c68d55a847f79742ab7bf1e5ea9c4c057272ee99ef16f87e17d03ae9ceb31aa8a61e1043b426b3b319bfbb82bc24ddf1576d2502bd582ec39ee7eacd0d2d6cad76bbd0d1c11b71e7b95775029998e826c8f680ee5636136d6ea9263aaa9a3b141ba0638df9cbc1b0720da170ee067941485ff3a4434840b8efa4dfc33f39194ea3ecf580549f339f065a089e79ea81857f22e500ecac0aeaeb4a8474438b385744f36239f32f610dbc0040fde83ddeea0eae63bbeae33b2075d001fc555c307a1fe5b2917cd25cb3838a6be3683d39afa17d9c151082184a8796888c1540b0d8525aa1d1f1a7c", 0xe9}, {&(0x7f0000000280)="f08235ef90ce13d30864b5c0e52c78a6832ff55bab777cdd27dc08f6b1ccd9e8221883162efbc030b05d43f77480bcb5f6443f178331bbaf028a3c51e1eba89c6b21c7d733a4300c579f8376fa85d97c3768d837d30b72edb53b24b4a3d265856d464840129d3df6d1b07b61677b9b57081f482018f26e1db191f87df2cb903a09", 0x81}, {&(0x7f0000000340)="8762ca6d74d59a8346ffd1a295d3d26c3371dde84f9e5c96f883baf9b9f455c7d76590982dcfee4db7a7e68886f5d9666d2d6fbb3e585181aa5ee2f4c9ca5ba339f09c93567d51242908fbfafd43c15106a527ffb0316dbc3e6a11f191bef3dd0eb3be92b376101aa8f509c990e28ab50643d22e05a2d680f41cbdadfb315e8eb2fb025ed83664f9f76bf806c27eef3bb24d766b1da6", 0x96}], 0x3}}], 0x1, 0x80)

1m22.066860894s ago: executing program 40 (id=1110):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r1)
sendmmsg$inet6(r1, &(0x7f00000061c0)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000180)="73eb3c68d55a847f79742ab7bf1e5ea9c4c057272ee99ef16f87e17d03ae9ceb31aa8a61e1043b426b3b319bfbb82bc24ddf1576d2502bd582ec39ee7eacd0d2d6cad76bbd0d1c11b71e7b95775029998e826c8f680ee5636136d6ea9263aaa9a3b141ba0638df9cbc1b0720da170ee067941485ff3a4434840b8efa4dfc33f39194ea3ecf580549f339f065a089e79ea81857f22e500ecac0aeaeb4a8474438b385744f36239f32f610dbc0040fde83ddeea0eae63bbeae33b2075d001fc555c307a1fe5b2917cd25cb3838a6be3683d39afa17d9c151082184a8796888c1540b0d8525aa1d1f1a7c", 0xe9}, {&(0x7f0000000280)="f08235ef90ce13d30864b5c0e52c78a6832ff55bab777cdd27dc08f6b1ccd9e8221883162efbc030b05d43f77480bcb5f6443f178331bbaf028a3c51e1eba89c6b21c7d733a4300c579f8376fa85d97c3768d837d30b72edb53b24b4a3d265856d464840129d3df6d1b07b61677b9b57081f482018f26e1db191f87df2cb903a09", 0x81}, {&(0x7f0000000340)="8762ca6d74d59a8346ffd1a295d3d26c3371dde84f9e5c96f883baf9b9f455c7d76590982dcfee4db7a7e68886f5d9666d2d6fbb3e585181aa5ee2f4c9ca5ba339f09c93567d51242908fbfafd43c15106a527ffb0316dbc3e6a11f191bef3dd0eb3be92b376101aa8f509c990e28ab50643d22e05a2d680f41cbdadfb315e8eb2fb025ed83664f9f76bf806c27eef3bb24d766b1da6", 0x96}], 0x3}}], 0x1, 0x80)

1m16.234637454s ago: executing program 3 (id=1152):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x5, 0x2)
syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x400)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x0, 0xfffffffa, 0x80, 'syz0\x00'}, 0x5, 0x400, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})

1m15.757099166s ago: executing program 3 (id=1154):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001340)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r0, 0x2, 0x0, 0x9, &(0x7f0000000580)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)

1m15.498147686s ago: executing program 3 (id=1157):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000940)={[{@mblk_io_submit}, {@nogrpid}, {@barrier_val}, {@journal_ioprio}, {@debug}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x572, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EP8A330c/gP+FQMdDBlFH0So3PSmy9qkv5aZbPl84Lbn5N7bc78593t7Tm5CAhhYx7IfhYiXI+KbJOJQy7pi5CuPrW63/PD6VLYksbLy6Z9JJPljze2T/PeBvPJSRPz6VcTJwsZ2a4tLs+VKJZ3P62P1uStjtcWlU5fmyjPpTHp5YnLyzFuTE+++83bXYn39/N/ff3L3wzNfH1/+7uf7h28ncTYO5uta43gCN1orx8r/5qXhOLtuw/EuNNZPkl4fALsylOf5cGTXgEMxlGc98Pz7MiJWgAGVyH8YUM1xQHNu36V58DPjwQerE6BG7COt8RdXXxuJvY250f7l5LGZUTbfHe1C+1kbv/xx53a2xOavQ+zbog6wIzduRsTpYnHj9T/Jr3+7d7rx4vHm1rcxaP9/oJfuZuOfN9qN/wpr459oM/450CZ3d2Pr/C/c70IzHWXjv/fajn/XLl2jQ3nthcaYbzi5eKmSno6IFyPiRAzvyeqb3c85s3xvpdO61vFftmTtN8eC+XHcL+55fJ/pcr0cESNPEnfTg5sRrxTbxZ+s9X/Spv+z5+P8Nts4mt55tdO6reN/ulZ+initbf8/uqOVbH5/cqxxPow1z4qN/rp19LdO7fc6/qz/928e/2jSer+2tvM2ftz7T9pp3W7P/5Hks0a5mQTXyvX6/HjESPLxxscnHu3brDe3z+I/cXzz61+78z+bfH2+zfhvHbnVcdN+6P/pHfX/zgv3Pvrih07tb6//32yUTuSP5Ne/9vJzZbsH+KTPHwAAAAAAAPSTQkQcjKRQWisXCqXS6vs7jsT+QqVaq5+8WF24PB2Nz8qOxnCheaf7UMv7Icbz98M26xPr6pMRcTgivh3a16iXpqqV6V4HDwAAAAAAAAAAAAAAAAAAAH3iQIfP/2d+H+r10QFPXeOLDfb0+iiAXtjyK/+78U1PQF/aMv+B55b8h8El/2FwyX8YXPIfBpf8h8El/2FwyX8AAAAAAAAAAAAAAAAAAAAAAAAAAADoqvPnzmXLyvLD61NZffrq4sJs9eqp6bQ2W5pbmCpNVeevlGaq1ZlKWpqqzm319yrV6pXxiVi4NlZPa/Wx2uLShbnqwuX6hUtz5Zn0Qjr8v0QFAAAAAAAAAAAAAAAAAAAAz5ba4tJsuVJJ5xU6Ft6PvjiMpxngql3tXuyXKBQ6FG7m3buzvXp4UQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4LAAD//++4Mnc=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000a80)={'#! ', '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/'}, 0x51)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
pread64(r0, &(0x7f0000000b80)=""/4089, 0xff9, 0x5)

1m11.023613032s ago: executing program 3 (id=1180):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000200)={@dev={0xfe, 0x80, '\x00', 0xfc}}, 0x14)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
close(r0)

56.89196168s ago: executing program 7 (id=494):
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)

39.762471756s ago: executing program 3 (id=1180):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000200)={@dev={0xfe, 0x80, '\x00', 0xfc}}, 0x14)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
close(r0)

20.675435746s ago: executing program 7 (id=494):
unlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000080)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
openat$cgroup_netprio_ifpriomap(r0, &(0x7f0000000000), 0x2, 0x0)

12.552934044s ago: executing program 8 (id=1408):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000000c0)=0x81)
r1 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_setup(0x197d, &(0x7f0000000280), &(0x7f0000000300)=<r3=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x48e9, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xffffffff, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})

12.371725577s ago: executing program 8 (id=1410):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000005c0), 0x10)
ioctl$SIOCGSTAMP(r0, 0x8906, 0x0)
recvmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x600100a2, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000140)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "5b7ba3698f28aaf0"}, 0x10}}, 0x0)

6.932249505s ago: executing program 8 (id=1436):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000041c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="137876c8178733e28e279411d442f03a1e9a2045d38a64ecf8f650e208bc72fa1441e938b6101b5a6a42ab3466311fae3cab9dc2fb0edf449b8e2bea08136ee7838b27ce7f0079815feaff75275ab3f629b98b5b475458b0ede6d67f43a63bfd249c480dc3a2fbb3f108fb49cb0e9e6cb69efd7a199baeb8249b2d76568f9df0522bf4a2d8fb2bb0ee04e9dc3d22e30d200cabb9bd2e131da9cf0f55de15134a4a39a894654cd7adccb40f81e16e409b54e0527c8b1053b6abdf0bd5a44cb9340af0b3172441f994a46f2a9bd7390e734eb0f9e995d31c7e4cdb5031a75d801bbb21296b4c4df6c2796c209d973d41ef40408333f92c62b26354f89c0e4049f753781e42f235c3eb000c7623bbaa47dc3f3677773e053e3f712ee7cf4fac7d14aa5cd9ff5ef4cd0ddbf169ab2c8d1e76dd12df03575339b0b11a8adc15262dfd66353dbb95cc22135add2942fac5221cdbef430b728e44595899bbf9ca0d43b9e174aa059788648d9935c18a1f196db78d593ae70179781447146616bea085689b65f807fe5461379f1401dd03f286f4631312aee3f06a38b845e18c81d4474dfad5ba7d52f3a533c131ace242ed073d2ace6288781db6f5e7f6114582ae750ba01d9cfd57dc13c8f6ecee6d4bb8439a5bee54f317d28866220d2ec54cbd8820f7a70062820b40089c6ca6f7027a42cc46542267642bde1df63931198b591d0071a1adc44fdadfd37390b1b54eff582e18772c0556cc6e3f2dd9aa1a4248d3fba74a115f052e2dbefe6d585f37b5e5f274bb971c4af9bd1a133c24619e74ef449f5c371f58b21702650e74000df7002e9608a988347ff6fe7ae21ffc656704359551b85b92a670d380ecab8f3bba47625302b97e8ffb745c83e918c947911382f87791f0f81dd4e256f349cd47dd4fc2143928f415dd98fdc6cafe0af072d9097f8ae192ae5c72c922b7ba09e635cb7107863101d1aaa4931a97b0ef887dea2bd973db262b73d0a8fde23fdd54211a2baa9e97b59806943864246244fde8a995c64f912cef4283776a0bea6ce730caa92da261bd909528ead7acc2840d16c58c05eee987b33cd8abd106bb1387cbf471e0c31d39d5a2918ab27f6555020833621fcb8e5047506013af5774825350bb21aba134a63322ad799a4f9effbcb7d0a1139d27e46a40bb368733d9bb9fe0643084238f314bba647b575dab834157ef54a7b44a9bbef86af70bf106dba6ad44436c0cc8f660d1e6e20168bcfa3cb9cff2be2c0117735d094f4ded9445566508f095d87ae94431ce85fde1d05ef475dbb6f752f4bdc038f1f3dbef0cf9cf138eb5f9c3955420f3b6ca63ddb185162aeface5b28bc98936373dc9db22cf08f6347884135adda0a48818bd64f8fe7dd98ab591a3a5960afa3d344c6601663683dc0ca8d9fe751c597a3bbc4c976b412f7ec57fe820b4b135c9e91b838e05711453f05b687761a46a31bfa1e24b3dc1fdd7948f7cc07515e86b8777a0edb10e45a28f5173bfa523cfb68321de1cc13fdc71b2c9ac03b6b1732a49e54046a179fe8317f635048b0f495db270b84c6515bde0d5d132e8de0b2b8dd80b0813f982998507cbd3baa1672d3898d0b50b48247aa8ec8e7d6cce258d90e54f59c7f3b022ab43ae56494b1130771c8b714f33ba46a9a74ccdf8d29b5c34339372e1dd55f4a371bea0db293db7376bd6fbeb7261d4482306b11e28fa91c636b60e6dec3f5e8d42ae9f301bc4fd92bb27e1a469611c782def160452fb7487de0b063140dbcd9b9fefb997bb74a3f703fe4b70f2d8108d5c978a6bacd18f239df377567ea10ca0854bb1e9f25e55c9e381cb7217825c402c63378fa2d574122fa2e1bfa05edc2882322632597baa20cfabdae5ea99b8db69dee29faee8a746218e0b4b04f10a869f552a69944bda5e02f5a8c453b73f8b8906dfbcb8c7e7f42fb82bccd431092ec099ef6bbd819db64058715e1501b6fca4d3592401f2c840e7f045385f99df9b548dc2249ff0d2062a34ee5883ab81c3bfe1d53ab48ccd67fe4f652def131e762ecbdcfe448d00d78b913ff5223444494b25093b9921a8ae425ddcd6921fa518b530cfa77ff9e174c79f7309a9a60e514b6fb0b7a378cd4de0a8bb27fbce690c0d0669004983c9fa85c0db6425b5b68392f1e37757f46596d2f20b44400567c586202dde8c9f8759867ba4fc6da990b98637d67a7328969392bfa39b7b0db7d4c540bd142f475d8dcf939bdf3d79e992ba25d8bd3c53b8de6d35ac401b6d76c58442dd57bc0863e3036e26778c3370cf068776de1bc915c3798684ad36680a2fe7f27d416122f8a7961104688ed1089ebd3d596480a6ec242de145226d5ba4454d1893ff48d0a94c62c60d07783c0b9264009079d6131b1cec6a7a8fd2822e98baf4e56049fdea7fd7b79cca42acf4f34761b3bb096f1ad9e393a53977bcb94c141fe0aba3c759417ff86825fb0cc791a6329c9dcc0d89c6c3206766b9cb515200a2b9fcc8d4efead951f7efe141781159dafe3c9ba5b7fd8ef7a1b9ba1a59274233cc0db50e2bd16ccede7da6144e8bcc373f55d81e65be1094e9913ccc36d3682568f13f70bb51ba74630cfc9785e5c3dc451010a4ce3c98d5c5dbba0a15888173bc9431e04bbbddb8a69e182cfad35c0eae89294c2b01d77bc4a51899d4f51bb871683d7093f94545f99b3092a937921e812016d634284978d0a4c76afa8bd1e470b3df2bc7bccf07c62fbc25370d2430b841e8f017cbda6d1111f982c3aae78f6a24c5b1711d11952fce47110db89e9ab19e2831f21938028470fc4bdab58c36cc713da7255b3155f2bb3a2db95e206e44e19e6c084131c531c8bedaa81c1e68573b8e9f14b4fab278ea123b8f1133d5dc6d89963bee393f7fe603ffb7a7dc36d943c99c7d428ecdedc4edff63a54d4b6e652e5dbd6e2e49a4719c4b2c03bb9bdfbe4fba922d5e849e92374b1e824319dd0c6a0cbe9bfa769b5edb66a493ec2ddc8e94d99e53fc7439eb91718da87964eb148997761daee8fde7a37ff181f389ed3b29b1a6b17c7b78314ea9535a2df132e491d40425b8e8e074a8e7666e785033b167746303bce4570e1eb0fdb4b0aaa1ad06980934f27c47e29d32eabc50018875494bd31b3901e49e456952c9325d6e85eeda74eaa4964265375140f4ab1cdb13c121d9892b3c6a134204ea98f3e69b4d172acb523c77775f16df730777b36e8cb247b86a073ecca905ca6c0d1cafe12e4fa9bb001e75424b6c41d34a051936266b741612a6d609c192f8f3ff0890f2e2b2e47561d633066481a74c77c42df7122c889f3c67976e9f7d64dcd3365839accbd980564dc5eb585e899d1e24fc15a5e05af697edf1667da05377fe6eeb6977344cd62c4b9e2df405eb99cfdb4572a023b568e3eb8c66a3fcf10abdb932dfc5598f70b746650db4fe857dbc8095e371554c25be991cf4dd0c2ecd2a4abd60435536b0fbd981c0121833387e286d3ed38d5154e7ec981a5f0e980547caff8bb2c1754caa97fea6fd38195f6d82a3c6acf681d3b9309d3172f7e089d3122d3cf2e9f6492201fce0327d3c90bb7c63997a78dee69b5a02a633844eed97372ff5567cca1393d71950c62bc875549d87d3a7dfc0c7cd954e44895c7af972e4b7b85e585e8d4e142a47050d6dad7f36d4012f89d73fa7b6c8ee41923a066ce6080e957f34c9d00198602d7a2680fb3c8d93c74bdf8d7a08c6b0fd93ee9ad1f3006a9e3c1c4830d66cd8697c57fb5334472e3214b28f65f938621af46890e61b4aaba0fee024972c90fd03ee29f4c65998f12e80ecbcce3be4f845001c07c0d55da14e7e13e71f34357bcf43b1c1ba57264cf41cf389ac70136c5284a5dcb2e31382c86b036f02cfea7fbedf0019f9d0b73ab4636826c9260f30f4a78c738c5fb4885780faa78ba21012d95a5d4f022346dea4674cfa0507590afee37af041651e10a0138213d817a1e544666f0a3d98c0a43fa150e64c94bcb8952f7e92a7b10b0dc28154ab6b63d8b37bdb9d6ea48ec0ca798031e8b98a7f3d890af705a066d1221859552a7b1e2e27052006427d205495c1dc379fd10ece4165f7e6339daa1ebce37107e0acef4a121d3e6639a0ea2a27d612522eee07e02d6a61705703e3262ae0178a136598009de4c240e05514125dd8289d1d8b2f9b307b67cbfc2a1e9345bd0700420a94263c57ce9e3a2bbcea0382a875abd4119ab21b23bab030a5c19e8141f320d54b9d07713d1d75b8f755b4a57dd4e75b8f368d7bb0e9bed22caf7d9444d41f6d2f33c42e792448f4214326dda3a6b940a797ee1f08288899bf848934da1748d387c86b22321cf918aea4f29df2676900713201f3dc6bb6d53d247266b4eefa7d4b3abaf1ae8feb144b78b80344540edb08954aab5c647081d1cab3b46fc954e9b56bb2bbc59bb38203004c9af73ff0857ec561ac540d9d7aac15aa118befcb77eb5e946d2d6d3bd0257ec59ca338d576fa34d36e9738d81e58a2897f34a0a043194ee63ad80ff08dd8e556b4b85631ca2e8741301fc8adc65d23a7dc0df26e1e248fc8aba2e8c738b8b25a909d957a4bd14424d046696f2e2c27893f9ef0a68240e9042f731e0ee477d4f4b333d058190dadb8fbdace049003a3f5b286a16b13ec8d397ca4a5af176b1ddefe8001a35b512878c44a81e41e51c391a5f18bc6ed75226732d0c9e2dfc00c79a62764c4b8e6f31aefc80fcedc2b316c5ea1616a39eaf1f1e0f4f665868d77d8d6cedab7208d7c2f627e221b4bc9d3cf38feebe0b0eb1b6fa508ab6694c7b06e1a0069cf5b43bf6a9536b5dc18a114a05f1d0a1808266309c71b5e4b363a51544c62713c5f34a4f4c4ecc014eddc324146f14ea4384eaeafae0b06dc67de231c09b01c592bc357d7f132ddaf565efafdaf09e3d250f8568d62366145cd1bf2e48413acc37dec66f4c092d58671567595cc987d416a95e36262367f095a5853fd9c91cddfad636e54669fca22f20ba2b50b3d4635f11aab917b3cbb2318a3607b1e50a32d9baf1c08a148a1cfcdaab0dae6fec30b37818e7f476284aca1095546391b9d5fd888283e8aec80fa88a05f8dba9947390f56ee65580d3ec7c631dfd6ea3289bcf96f786da1cab2c991360b0b1caaee47e75451aaa986c6163c8ef0b173dfb72c8848da3a77cd9045261951e44832483c5723aee19db12fce8abd94b292c7860b8a3a2857e633d133885aadb8083a5cef889aee95a253d8d460659436859bff29adcd99590c137c88ae3192d78bd204060e9775129c8ce560b356aa95f5effa6850155a02e170d4dbf2e2c5047074de23afdb81d4222dcda6abf01c1138056df43c9f6952fa9a0f9d61fde1d3313d3211f8fc4aa92c758f57fbd762566d616e1163795bdbb143e981813b4a3c8810bec2512a77c8aa8a0fd9887f0541777c790edd7ca65ec6b0d2b2d8c99294e42ac11fa0c18d57b1a9fb65725c9512c08af16147bd0fe9402611cecb6927925d8b9e9ca987a9f512467aca35ae15098c1d4d49990fcc16f52a6be568002095a2fea5a5a1aaaf0c0b40b070053392f70cadf701234a3e9eaaac800bfabc2af254f432bff57c2b094bdc9858c100338387e3f27d7c04ca5113c56e239e3334cd34717bb015c83d3e62b77a10505fa0add7f5a26049ce010b485268fe01c8f70ab20007028fb41f211e40bc0b1544371166e2b03e5753d045c0e242ba82de31620286a9a642ea4e185d0077777c8519ea834e965dd450d33bdb0a25e6b6f6d511605133bf09ba06bd121289b69d731fce5034d43bafb71e385a80118130fd15d2daf5bde4a4c0de089545b92d0b2bc62f26b2096f830f16f3f77bcbee711411a04f07c0e27bf24f8a26fb4a29712be446e201b8394cc5904b3db4164875e589fc074f2984cb288e14787ad70deebd4659b03f5e7d2ecae839f98c3b381165c04d9054e6075711b096abe874463dda921424ddb02c2f6ee9cdd4fea62a8fcc0c502d752ad9d1cdae73d7dadcabb28ee5a7aceb9d03f8ef02b40cf3fda129a143e9e02032f984f8b09ebd7820f3bc967a89d1390b923db80b0555ef744565c3fd3f4cc3d139d846e8729998b7a31f1714b7fe02b05674dc445b2cda8926a80f5ca5bd8855a5f44a6270c7c16bd83c608bcb005bb984d463bce82ee6ed7b99627890422f588317318b41662726bc724c0f4dd747e9fa830e13d8a3a5e31b2aedfef86c58c3026ccdb8436987d3c6c5d36b7f02be18245bd7ce00ce0f7dcb64bc686d57a1c40a63c38e3ad54d8d9ec87b270178805e0601718754c44b2dafd681522b83725fff3fbb219ae3f5f1ad94a67781d881b62ec567fbf1bdbcb73faf656cf0a0c37a59b3d863fc134ec8dbd8a4d5986e7bbfc4e89ee3a49e43bf44acd22387a651903faea7fc0ef5bc6303d4bc995096d8215544c2965a4b3d841aafe688ce7d04f9010e68c157e2ee473545994684233e404e3da297fc3707bc55d754e4482879b3c61eb11ba613a6ead98549bc349b60e99e74f655abc330c06da0346b3ecb085d4938f485da29eaf103c0d174df72f36db0d6e7764b23a9e2a99aa3af12d480ed2ce4d22770d91a1c5fa144d7824703b598524008944e8e6d89bd9be5ccd0357d22de6295e01257c61a3f848ab8a22bdc73c182fce8bbe6cfbe9cdd4d01f6356503c7e07a1c9a7e7838db9db078dd8de2e20e56af1915afe363c1a647c6899864312014f221ec07e6296b94ab4ff159fcc61f4323a1b029973ec162a0dce897008aec77b25c1e7550ad02f22bd4c704cfbf0997e1f59a30f57568950929a47ddf7966f5594243bf83c1f442fbadab2e30286ff83595558918d70151e974fa4d18111bec166fd713b36ee3bcfc9034c67dabb6216527991047147bc9329d54cd596d9724951223e4247c031bbe3d78d79a9b0143f9daca9d2f57c6bd11c1a2432c46f6bf5a10e4da4c02c0af5bad1584d76108292d534a6341c56ffdea950b9ca9aae2b5b1d056b967aaea4866e5278aba51859b4ac3c600d3607db714cde8faaff4a44dc36210e2a3410aac2a2448e030e811dab81dc27d9aa325d9951dd0a1904eafc69918a0e976a8372c254984a2bcbf09ee15c0316ad34ae5d30102f0b563608aae7ef9ef3ec85fb9e963185d469e01fc73cc76a84b24272f541eaf4726030e7a2b31c5eb8cdd891bdf16e2ab5aaba4e162e616fffbff322761329b702588e300d3f549e41d64f17bd7ea57efb91200afff90b4b297585f400644a2e2c5052c53b22f5ae4fd131cd01419c97576239e302e7fe04fa8ffd3628be93b4171d9a903c39adcc912d375f00c4134ffe2926ae88ebc9218a0302356a5f78327c84af51224cf40fa353dc70f2c3285f5f43b1da138607400162608de558732ed85d3f2450a7674aeb8039331f19787c155aa86db1b99e70cf28b3ee5babfffa5360c15ba384b9238dfdd3be8fd5cdd20863ae28eb85be8a70e7233441cf9f57f01c49b229fcf2717f78512cf708ca32ecd2925e3869639dfbefc653c07ea5a4ec24a66e1769067f4218300c4dfcdfb3c2a09116429444774ceef9e2f63a59f7a0f8cccb9d383d31ee5246ac6d2b024f56deca8262474a5737b5c26531cb4d3efef43fe78625caf2a03445b526cdb0ba7b1840ec435a8ca8ad9727cb1da3ebd4654f08a938970c39fd369f3165e39956a719949a13959f065e1e9d5c6da813b8217f4ad56fffd94a6cb0e13e053352b4aa4740017774b6851414ab89041c987534f62d242364b845824922a239c93000a8820d5363fe54011dd0fc95142b239cbed9ca145362b7dc258f44ced4067d4847c98153ee88b96f679a54c39d3926779ca311d984088b1a20eb85d7caa022080395349366d629527eb5702cae43e749eddc1ce72a7e9a61b82ff0712672c333b7eab5b419a9453e48ec5a9d95afd9d9dcc78b9d8fe42e530ea7727cb55ac2a4137cf95bbce93b43ef1300a3dc8d5a1da59ce7656a41d63e43cdb150fb73511198ef1407244d804fa4f2b74af701b2232abc0fe3af6fa935667638e5bc8bdea18f2f9d1ec7a9f70be9e05915548faaabbf3549a1c96833d0ecad364acb13170f59418a4ade7b3b02bfe2b4f1a24f618f14fd1c8b347d23065655e1acdaa0b3efd76ed9201c1169b2c57f8f5b60dd8d471e3312498d11caf52e552ffd69276b21c5d57842f02c8431ef27c4af1e4c48e9dcf72aa390d2885cc3341b4786b59885cb5e8d255f9b489c7c91797b303ddf0a6532b9954ace1114e2b7f89f4616bffca49639de90b8ff598a7c1e4c1d166d16a479366948d2dcc32c2caada636371e24d7af077134e7e9f3a31ebb43c44b2b2c06d2f1348af6abacc304007bca6b046f047eb2fceddefd22e1a2171dfa1283d464f5d2b603abcd267e4ff0537d6c584c3bbc25287f3d6f61460693f1016737faa4bfb2a5704dbe56e209cc64066def18a79c7bbe913cf6b96af1278160842160399390060996deb370597dbbf62f9dc9755e95fe5b115c0ad7e10ff50c685293ee00801b7284b66e964b0e53efa243450b2cd35ef1c181913cba19d957cef8ca110aae842c966e0f2d065c9e27100e3312d08a2285767ac716ebd1f642f3acd7be882a08a17d0dae5af33b344604e778c62862d93aecf3ee5df4d0cba79b36ed66eaa9d31589514e8cf4ae2529a6eb4e025dd24e20242346d80f0380399eb1e855f54747fae589f8ac019a6645e5cb64804f095e97201e9704c5cee4ba3f0ae231d2f159e693fa8021e8b47f492e4e0280bf376d4a56905ceb27294a511a0a25c5f595246b646e5ad96dd2e89d2ba96fc93a7a8039248baf86ed47943aa84849e61df220dcf42032948000dfb6729eb0517905d5df0e902ddee409eed61861488a74988bf9ef67c46d663cd7b3f680448dbfedfbbbe243557428a1574d995d379aa54969e12fcf4c64a166cb0bc7c48de3b5b89537dcc16d3a7c2181943f015d04da83d1f5b5dbdf2631b97c0181f123c55189ec1f3daa65a74fa9480d1b75caaaebc133f5e93fd8415dcb634259b79345eb1aac9c59a744cbd7e593e9b744bac1ad96df76a6f056878c886fdac1fa66d0274b40fc84ad520f43b49e43358b1f9019a4b540a86e49168db9304fb9095345cebcfce9dc2ca24106aa86e61b989596e654c49a1789532698ce5f826f3ee1d4cd66c90b5458127894b19633c958b041bb6e0576e4d14fb3866911003e174cc8991adffed91702d4ac9dfbf23a4702a5232f0881ad340f7cce37865a2e659d05b09c18c96851adca01573e3feaf024043f655d487938255e408ca7c53db105d31664daa6d7e83a3d8b22c74f2d28fd2074bcc22c169031c7b83717b0320977bc9ad8dfe351bfb3c03627c5e45314df24466cfb70d6ab41b1b5a398eb506180f77d49b2f5777a7b925a3722323b24c89ef36f47420a68d44b28760ca4f8eb568a4bd01b55f16e07425982ca628699b9eefa30ecbe0a3307454a77faa22aae5248f2f3dea23397cc3ee65961cb85a7703eefa2d2863b2ab896ef2cd32dd1699af3683474e9bd5e61622a1907fe345793d71c1561af944d041312fbf77cff2dd8004b1a0625947cd514826b23500b20481eb9f30073f85938ea892ce629403cc7c2dc907a5f11091f36a61989a164532b929bd4077c38c22a1b9ce9f46ae95aba5e7ec09e82d429bf13a5d5c64f0d869822c53640cfc70a7dba3e6bd83aeedd797626499bd1bd436f15d1a70e30127b93eb5526d1cf4a162d19fd0edabb6498a19f114128ddb32b1f69520df0324987fb2640e72ae1c5c3df1cf92543eaf6c8077e5689a7240477a3516ca90a4ca656ef310e1dc5d131d09438fbd6844b53aa5f0a77e64f296970da57ef93851517f5593d0926e9c8e10bd829094a9cbb8318ec5c599b3e2b2d7ff6907c82158b718c2b488948ab1bd914e5eeea9af3c9f89b28bb225d12e65ce75d48c7b03e2d081ebef2a4005aaf94de9263ceb2badd5a5e6617dbb6dcdc9f9a9a3f950f1201c1d6d3ae16a12b91e86430b804059cf8e04628f9f965e05cd54b3bbfcc331dbec2999c76cd8337835324dd467cb6d50466594e313ca5341ae6c9df2957395d1281f1829da62ecb4906ccc03e4d57023d95b08044886df03a20f8e12e713b4dc5ac899ce1046e8aa216d98960f6f9d22ee44e5a118a1b8e01c9ff016b3ec0757012f3e97c3a19b5bdb4353f5c89835a3d551d128a09ee001791e590ca60c1bad86032cea577735725d5ab2190fa887ed57698edd686bb1c60435d9e33602b7cd8df4bb7dfcba0de499302cb1e0689270e76c8177618a59d9c89e1563f70b4fc7a63b28a23eb0e1c1c19642ca8c0c25369db5a66b1e683a28e47601c79bd307d4084ca9d55baad3c170757318a6b693de46b5cc93ce28b8ae8f04ac75bd20c03d050741d450f5b1474aad95e4dbac3b01dec9b9ae790d4a9ccff293960b1a007e025af7708243d182d731fb469553e629d4f49b35f2e218ddd5226036658d6f96791c1431c188fea29fd4b147d1866a5371f66e81ba1a2f05eccd5ed2f35bc49dfb47d702048cbea550c47b93fd617fb644d8b6a0fc6d6ea7301234b100397b36cb8e90867b1dbbd4b2dbeff8dd83a7d1f7002d2e0e69f500b50f514749debbac75d72be2ebeb09ce124227a9759a41572a1e7ca0d6973c4e2c1375337c811d5cd6466f92593dd77cf6c1e195215f4005025c2bd020a3a38858cf3bb1c3b45d86a5f34986fd8cf4b8499208925c35aeb01597126f6f1f9d86a97fee8ad0d81f5ae7097a453848ea664fcd538b1f5c6d5fc6c782f3fa22141715b072226fef9f0b83baa8d3ee7eb843eaa928d07126b7e613f8bc753be011ab7c80e5f4a786840247323f8ca0059b3764183de076cf4cfd9aebabb3c81f8ecbf74380be0b1362467d1bbdcb69fd8254483a91c6ae60bc1b03803aeadc57de5d11eec711179332a7d55d029113e911ff03fc162996805d5491d382d90d5a115de430fed70c826ff29a90de3d64e704266e5da550b6d70199f15b88448494cb266e1268db958cf1428668a6404271e3178180093dcba224e2bea76f1031494f508b4fde87914d0cd6083f368347562600d31ae83b5a4ba1b4f034c0b1f2bf4308fe23753ea503f32cb4c1051f297cf426c6c621cef3634906b77870ebcf8212a2f455315a866f24138aff69c1a4ebf3e5ad588b0e2e95162cc13a25c73c28a7acb9ec60b4b3890ac032cdde08200fb18220ff999cab3b64cac813c5fdb568b41a3c009deb11370c51f4dccffca98956d9699d286c5a3615310026ba26d8a49a4256dbc09cd0aedece660b00bd3eadeaa59f0d355c64fdcd17ac609305732cc6e72164228ba70616c660b60554620bfcb132a578c05d66d5e1f90912985793fcf0e3cd20a8bc7b74fce1c86d8cd1434a1bfad9b6564d0533362b4d19a2adb1191329c631096746d8f0714f2dea2ded1df23c7b38ac1b491ef3d6255d44ed4c56db102462221a15f8278c2c17bc9d0c8d655b15ccfad8f66b2d3b2161eba655bb104a3c099e5010b01f4", 0x2000, &(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)={0x90, 0x0, 0x8, {0x1, 0x0, 0xcba, 0x5, 0x1, 0x4, {0x0, 0x0, 0xd8, 0x2, 0x2, 0xfffffffffffffffc, 0x2, 0xfffffff9, 0xa, 0x6000, 0x1, 0x0, r2, 0x0, 0x7ff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000380)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x801001a, 0x66d, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/../file0/file0\x00')

6.884343066s ago: executing program 6 (id=1438):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r0, &(0x7f0000000ac0)="cc", 0x1, 0xc804, &(0x7f0000000200)={0xa, 0x4e22, 0x487000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
shutdown(r0, 0x1)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r2=>0x0}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000380)={r2}, &(0x7f0000000400)=0x8)

6.862452373s ago: executing program 4 (id=1439):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x14008850}, 0x40000)
read$alg(r1, &(0x7f0000000000)=""/35, 0x23)
sendmsg$nl_generic(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000380)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x8080}, 0x4000090)

6.600089851s ago: executing program 8 (id=1440):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x1, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000001300)=""/4, 0x3, 0xc9100120, 0x0, 0xffffffffffffff34)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, 0x0)

6.552683916s ago: executing program 4 (id=1441):
syz_mount_image$tmpfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x21408, 0x0, 0x1, 0x0, &(0x7f0000006380))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000004240)=ANY=[@ANYBLOB="1500000065ffff001000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000001740)={0x50, 0x0, 0x0, {0x7, 0x21, 0x0, 0x0, 0xfffd}}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000004380), 0x0, &(0x7f0000004540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',access=user,afid=0x00000000000001ff,'])

6.532419634s ago: executing program 6 (id=1442):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x8000203d})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x34, [0x8000, 0x3, 0xf, 0x8008, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x20000000, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c1b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe662, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x8071, 0x7, 0x6, 0xffffffff, 0x7, 0x5, 0x3e, 0x8f, 0x7, 0x6, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e2, 0xc8, 0xf9, 0xe, 0x2bf, 0x1, 0x9, 0xfffffffc, 0x4, 0x10001, 0x0, 0x5, 0x2f, 0xe, 0x6, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x3, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0x1000d, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x4, 0xd, 0xffff8001, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x5, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x2, 0x6, 0x38, 0x800003, 0x200, 0x83, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x4002, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x3, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x9, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x9, 0x7fff, 0xffff, 0xa620, 0x1, 0x78b, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0x5, 0x3, 0x7e, 0x100, 0x9602, 0x207, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x20b1d693, 0xa1f, 0xf44, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff343e, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

6.276020601s ago: executing program 6 (id=1443):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000640)=@newchain={0x80, 0x64, 0x100, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xa}, {0x6}, {0xc, 0xe}}, [@f_rsvp6={{0x2d}, {0x50, 0x2, [@TCA_RSVP_POLICE={0xc, 0x5, [@TCA_POLICE_RESULT]}, @TCA_RSVP_SRC={0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x12}}, @TCA_RSVP_DST={0x14, 0x2, @rand_addr=' \x01\x00'}, @TCA_RSVP_POLICE={0x18, 0x5, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_RATE64={0xc, 0x8, 0xd}]}]}}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x40805)
recvmmsg$unix(r1, &(0x7f00000029c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000002a00)=""/4100, 0x1004}], 0x1}}], 0x1, 0x10000, 0x0)

6.212466184s ago: executing program 4 (id=1444):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1, @local, 'geneve0\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
close(r0)

5.836965106s ago: executing program 4 (id=1445):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1a37c1, 0x1e6)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x441, 0x0)
write$FUSE_BMAP(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x100}}, 0x18)
fallocate(r1, 0x0, 0xa00, 0x1000005)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r1, 0xf502, 0x0)

5.430998993s ago: executing program 8 (id=1446):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x444a, &(0x7f0000011180)="$eJzs3b1vFGcaAPB3xuaw+TrDUXDSSbfSId2nLJvq7ox0xhiMDT4iEijSLGt7ASdrL7LXUQoKp0NKFSlFlAIlUjpXyBJNGvInpElJaqSkSBMpEoqj3Z01nvEu3li7dox+v2LH834+9rMz+w7S8saJyr355dz8cq6wmCvP3lk+l3uvXFpZKIZ4jzSd/9DezU97uvE+edWYTzoWOc1cv3j5zVvnQvhq7pvnGxsbG6GqNzQ1vOXnH394MLv12BBn+lTHbTLUoeYz7MbbIYTT2+Kq6gkh9IUQohDChaRsLDn2hxCOJ3W3Hnx4O9ehaB4/K57Pv5h+uD5ydmrt0Xqz370uCuHT0h//dXfhu7/0jHz7j9Yjfnm0Q6EBAAAAAAAAAAAAAAAAAHAATNy4fvONoeHwNAq9a9H27+tOJMdW34/d6Jg/vyrMv5/o2G8MAAAAAAAAAAAAAAAAAAAAvz0vv/+fi041+f7/eHIcbdF/43/dj5Humfz/9fFLQ8PJ/u/Rtvp/J0XfX+gJJ5vs+57d//1Cpn/z/d+3z7Nbjfga8w6EKB5Mncfx4GAInycbv5+JjsSl8nLln3fKK4tzHQvjwErnv757fyo7yYb+beY/HsuM32L//w76w7Z3U/X8dufeYq+1dP57Wrb74oOorev/YqbfXuSf3Uvnv7dW1r+1wWj9BlDN/0e9O+d/PDN+t/J/IoSQi6qx5lJ3gOoaplrear1CWjr/h2plqVtn8odsdf3/lMn/pcz4+3X/X81+ENFUOv+/q5X1pVocrr3W8h/vfP1fzoy/H/mvxr9aL9zo7twHXzr/9VyH3lST2l+y3fv/RGb8lvk/3HaIT5oV3oyTOE9EqXfAWlQvb/X/1ZGWzn/ftvqXz39xW+u/K5n+e/X815i38fzXuP3/Lao//9FcOv/9Ldu1e/1PZvp1+/4/Wlv/sVvp/B+plaXXzgO113bzP5UZv1v5rz2V9DXy//J+8vPhevln1n9tSef/aL0w3tpitfZaW/9FO6//r2bG34/1XzX+1bi7s74u0vk/1rJdNf9ft/H5fy3Tr/v5D2HIv/XtWjr/x1u2q13/fTvnfzrTr9v5/2s3BwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4AMaS40CI4sHUeRwPDoZwMTk/E45EM4W5/EypPPvucgjjSXkunIrulsozhVJ+frE8V8wXSqXybAiXkvrToS9aLpUr+YXC/cubY/VH94qFpcpMsVAJIUwk5X8KxxtjzcxXFgr3QwhXNut+H5eX7t8rLObn5pf+OzQ0NBQmN2M4GRXfrxQXK/XZ67UhTG32HYi2BFervroZy7HonfLK0mKhVCu/tqVPqTxbKG3pM53UfRxORpWllcXZQqWYL5XvNubbT6PJcXzyxls3rg1vq78d1Y9jexsWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL/S05H/fBJC6K2fxSGE0cYPUbP2j58Vz+dfTD9cHzk7tfZo/XmrdgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXTpGTSCIwgD8ZlIk6XKMVEvSpd0QCEmRDYIn0GN4GD2Kl/AOFha2FiLILuq6C9to9X3Ng/mZeQ/mAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwzPeoGv+/vUekeNo/Riynq/V5/lvX+Wf3/Yc7zMjt/PxVX6c/TFf5R320KfMx3W1nk+iojUVrT9r7dNnnuXeuvn3rm6/p+xIpFxFR1vlryrkohr0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXwEAAP//nBAd+w==")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000180)='./bus\x00', 0x1104032, 0x0, 0xfb, 0x0, &(0x7f0000000000))
renameat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000180)='I', 0x1, 0x204fed0)

5.212523608s ago: executing program 6 (id=1447):
r0 = eventfd(0x800a6)
r1 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
write$eventfd(r0, &(0x7f0000000000)=0xfffffffffffffffb, 0x8)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

3.976324696s ago: executing program 6 (id=1451):
r0 = syz_usb_connect$cdc_ecm(0x2, 0x56, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000020000082505a5a4400000000101090244000101000000090400000302060000052406000005240000000d240f0100000000000000000009058103200000000009058202080000000009050302"], 0x0)
r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
readv(r1, &(0x7f0000000040)=[{&(0x7f0000000100)=""/144, 0x90}], 0x1)
write$proc_mixer(r1, &(0x7f0000000080)=ANY=[], 0xb0)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x80000, 0x0)
dup3(r2, r1, 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000000000)={0x0, 0x7, 0x2, {0x2, 0x28}}, &(0x7f0000000040)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x423}}, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x60, 0x3, 0xfb, 0x7, 0x2, 0x7}}}, 0x0)

3.604393314s ago: executing program 4 (id=1453):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220f000000560900a1004daf25cee2d5d1c1"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xd01c4813, &(0x7f00000000c0)={0x2, 0x200, 0x4, 0x0, 0x70, 0x4})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000140)={0x2000001a})

3.601938118s ago: executing program 8 (id=1454):
io_setup(0x6, &(0x7f0000000140))
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x2000000c})
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, 0xffffffffffffffff, 0x0)
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="040e040c122022"], 0x7)

2.967294076s ago: executing program 3 (id=1180):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000200)={@dev={0xfe, 0x80, '\x00', 0xfc}}, 0x14)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
close(r0)

2.056338677s ago: executing program 1 (id=1456):
r0 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
sendto$inet(r0, &(0x7f0000000100)='\x00', 0x1, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r0, 0x1)
setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000001c0)={0x0, 0xf7, 0xc, 0x8}, 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x34, 0xfffffffe}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x9c)

1.012276759s ago: executing program 1 (id=1457):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

823.335359ms ago: executing program 1 (id=1458):
io_uring_setup(0x3a07, &(0x7f0000000000)={0x0, 0x6e50, 0x20, 0x3, 0x2de})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001800"], 0x1c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

648.576116ms ago: executing program 6 (id=1459):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000009)
syz_usb_connect$cdc_ecm(0x0, 0x0, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

490.360233ms ago: executing program 1 (id=1460):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x2, 0x4)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x22)

307.8487ms ago: executing program 1 (id=1461):
dup(0xffffffffffffffff)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==")
r0 = creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000100)='./file0\x00')
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
fsync(r0)

57.223067ms ago: executing program 4 (id=1462):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x29, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)=[<r3=>0x0], &(0x7f00000000c0), 0x0, 0x1, 0x0, 0x0, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f00000002c0)=[r2], &(0x7f0000000140), &(0x7f0000000800)=[r3], &(0x7f0000000100), 0x0, 0x400000000})

0s ago: executing program 1 (id=1463):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000840)={'batadv_slave_0\x00', <r4=>0x0})
r5 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r4, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB="2c00000010000100"/20, @ANYRES32=r2, @ANYBLOB="00410000000000000c002b8008000100", @ANYRES32=r5], 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):

1326 audit(1750135417.892:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9668 comm="syz.0.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff7d232ab19 code=0x7ffc0000
[  291.571153][   T30] audit: type=1326 audit(1750135417.892:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9668 comm="syz.0.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff7d232ab19 code=0x7ffc0000
[  291.641259][ T9361] veth0_vlan: entered promiscuous mode
[  291.697919][ T9361] veth1_vlan: entered promiscuous mode
[  291.787135][   T30] audit: type=1326 audit(1750135417.892:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9668 comm="syz.0.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ff7d232ab19 code=0x7ffc0000
[  291.825455][ T9697] loop3: detected capacity change from 0 to 2048
[  291.916445][   T30] audit: type=1326 audit(1750135417.892:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9668 comm="syz.0.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff7d238e929 code=0x7ffc0000
[  291.938441][    C1] vkms_vblank_simulate: vblank timer overrun
[  292.037597][ T9706] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  292.170383][   T30] audit: type=1326 audit(1750135417.892:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9668 comm="syz.0.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d238e929 code=0x7ffc0000
[  292.197009][ T9709] Invalid ELF header len 8
[  292.239566][ T9697] syz.3.991 (9697) used greatest stack depth: 18520 bytes left
[  292.360890][   T30] audit: type=1326 audit(1750135417.892:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9668 comm="syz.0.983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff7d238e929 code=0x7ffc0000
[  292.426917][ T8988] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.747278][ T8988] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.852680][ T9361] veth0_macvtap: entered promiscuous mode
[  292.926168][ T8988] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.946176][ T9361] veth1_macvtap: entered promiscuous mode
[  292.987481][ T9361] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.007885][ T9361] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.047527][ T8988] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.085451][ T9361] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.094634][ T9361] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.103948][ T9361] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.113263][ T9361] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.513222][ T8992] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.533176][ T8988] bridge_slave_1: left allmulticast mode
[  293.538872][ T8988] bridge_slave_1: left promiscuous mode
[  293.571033][ T8992] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.606187][ T8988] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.675272][ T9736] loop4: detected capacity change from 0 to 128
[  293.705104][ T8988] bridge_slave_0: left allmulticast mode
[  293.737004][ T8988] bridge_slave_0: left promiscuous mode
[  293.757155][ T8988] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.803710][ T9736] EXT4-fs (loop4): Test dummy encryption mode enabled
[  293.848867][ T9736] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  293.888314][ T9736] ext4 filesystem being mounted at /10/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  293.933723][ T9744] netlink: 'syz.1.1002': attribute type 10 has an invalid length.
[  293.988790][ T9736] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  294.023861][ T9749] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1002'.
[  294.188081][ T9027] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  294.609715][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  294.622041][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  294.637859][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  294.669834][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  294.677835][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  295.173899][ T9753] loop4: detected capacity change from 0 to 32768
[  295.225457][ T9753] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  295.286660][ T9753] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  295.370229][ T9753] XFS (loop4): Ending clean mount
[  295.403806][ T9753] XFS (loop4): Quotacheck needed: Please wait.
[  295.529762][ T9753] XFS (loop4): Quotacheck: Done.
[  295.669638][ T8988] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  295.702796][ T9777] input: syz1 as /devices/virtual/input/input25
[  295.720355][ T8988] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  295.753180][ T8988] bond0 (unregistering): Released all slaves
[  295.826849][ T9027] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  295.935220][ T9744] 8021q: adding VLAN 0 to HW filter on device bond0
[  295.957055][ T9744] team0: Port device bond0 added
[  296.007940][ T9783] loop3: detected capacity change from 0 to 512
[  296.022676][ T9783] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  296.074282][ T9783] EXT4-fs (loop3): 1 truncate cleaned up
[  296.162391][ T9783] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.203873][ T9783] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1012: bg 0: block 256: padding at end of block bitmap is not set
[  296.251206][ T9783] EXT4-fs (loop3): Remounting filesystem read-only
[  296.403003][ T8995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.448074][ T8995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.552531][ T5850] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.719150][ T9797] loop1: detected capacity change from 0 to 128
[  296.754368][ T5849] Bluetooth: hci3: command tx timeout
[  296.794116][ T9797] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  296.921315][ T9797] ext4 filesystem being mounted at /256/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  297.479182][ T8988] hsr_slave_0: left promiscuous mode
[  297.505059][ T8988] hsr_slave_1: left promiscuous mode
[  297.539068][ T8988] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  297.573546][ T5833] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  297.602436][ T8988] batman_adv: batadv0: Removing interface: batadv_slave_0
[  297.714840][ T8988] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.748947][ T8988] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.818189][   T24] libceph: connect (1)[c::]:6789 error -101
[  297.848468][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  297.950445][ T8988] veth1_macvtap: left promiscuous mode
[  297.966390][ T8988] veth0_macvtap: left promiscuous mode
[  297.990629][ T8988] veth1_vlan: left promiscuous mode
[  298.007715][ T8988] veth0_vlan: left promiscuous mode
[  298.237162][ T5996] libceph: connect (1)[c::]:6789 error -101
[  298.267005][ T5996] libceph: mon0 (1)[c::]:6789 connect error
[  298.553209][ T9823] ceph: No mds server is up or the cluster is laggy
[  298.820977][ T5849] Bluetooth: hci3: command tx timeout
[  298.955526][ T5996] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  299.031958][ T5913] libceph: connect (1)[c::]:6789 error -101
[  299.038042][ T5913] libceph: mon0 (1)[c::]:6789 connect error
[  299.085319][ T5913] libceph: connect (1)[c::]:6789 error -101
[  299.105110][   T10] libceph: connect (1)[b::]:6789 error -101
[  299.113480][ T5913] libceph: mon0 (1)[c::]:6789 connect error
[  299.132242][   T10] libceph: mon0 (1)[b::]:6789 connect error
[  299.151406][ T5996] usb 1-1: Using ep0 maxpacket: 32
[  299.172864][ T5996] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.219687][ T5996] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.281620][ T5996] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  299.340417][ T5996] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.372345][ T5996] usb 1-1: config 0 descriptor??
[  299.399415][   T10] libceph: connect (1)[c::]:6789 error -101
[  299.412092][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  299.429369][   T10] libceph: connect (1)[b::]:6789 error -101
[  299.471736][   T10] libceph: mon0 (1)[b::]:6789 connect error
[  299.765870][ T9851] ceph: No mds server is up or the cluster is laggy
[  299.773946][ T9856] ceph: No mds server is up or the cluster is laggy
[  299.867396][ T5996] savu 0003:1E7D:2D5A.0012: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.0-1/input0
[  300.211498][   T10] usb 1-1: USB disconnect, device number 6
[  300.327186][ T9868] fido_id[9868]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[  300.703900][ T9874] loop1: detected capacity change from 0 to 4096
[  300.902939][ T5849] Bluetooth: hci3: command tx timeout
[  300.962004][ T9876] loop6: detected capacity change from 0 to 32768
[  301.055618][ T9881] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  301.159985][ T9885] loop0: detected capacity change from 0 to 64
[  301.772221][ T9876] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  301.772256][ T9876]   allowing incompatible features above 0.0: (unknown version)
[  301.772271][ T9876]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  301.826578][ T9876] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  301.837399][ T9876] bcachefs (loop6): initializing new filesystem
[  301.857706][ T9876] bcachefs (loop6): going read-write
[  301.959257][ T9896] loop4: detected capacity change from 0 to 16
[  302.021257][ T9896] erofs (device loop4): mounted with root inode @ nid 36.
[  302.174075][ T9876] bcachefs (loop6): marking superblocks
[  302.203302][ T9876] bcachefs (loop6): initializing freespace
[  302.214327][ T9876] bcachefs (loop6): done initializing freespace
[  302.223881][ T9876] bcachefs (loop6): reading snapshots table
[  302.229823][ T9876] bcachefs (loop6): reading snapshots done
[  302.276897][ T9876] bcachefs (loop6): done starting filesystem
[  302.302868][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  302.302885][   T30] audit: type=1800 audit(1750135429.222:97): pid=9896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1050" name="file1" dev="overlay" ino=86 res=0 errno=0
[  302.496222][ T9876] syz.6.1040 (9876) used greatest stack depth: 17736 bytes left
[  302.697807][ T9361] bcachefs (loop6): shutting down
[  302.726214][ T9361] bcachefs (loop6): going read-only
[  302.739482][ T9361] bcachefs (loop6): finished waiting for writes to stop
[  302.787408][ T9361] bcachefs (loop6): flushing journal and stopping allocators, journal seq 3
[  302.975947][ T9361] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  302.988967][ T5148] Bluetooth: hci3: command tx timeout
[  303.103764][ T9361] bcachefs (loop6): clean shutdown complete, journal seq 4
[  303.123285][ T9361] bcachefs (loop6): marking filesystem clean
[  303.206569][ T8988] team0 (unregistering): Port device team_slave_1 removed
[  303.268172][ T9361] bcachefs (loop6): shutdown complete
[  303.370986][   T10] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  303.483216][ T8988] team0 (unregistering): Port device team_slave_0 removed
[  303.561028][   T10] usb 2-1: Using ep0 maxpacket: 16
[  303.568289][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  303.596218][   T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  303.641915][   T10] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  303.658338][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  303.665398][   T10] usb 2-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  303.683547][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.709720][   T10] usb 2-1: config 0 descriptor??
[  304.143228][   T10] kye 0003:0458:0153.0013: unexpected long global item
[  304.187728][   T10] kye 0003:0458:0153.0013: parse failed
[  304.197882][   T10] kye 0003:0458:0153.0013: probe with driver kye failed with error -22
[  304.255071][ T9943] loop3: detected capacity change from 0 to 16
[  304.336114][ T9943] erofs (device loop3): mounted with root inode @ nid 36.
[  304.363702][    T9] usb 2-1: USB disconnect, device number 14
[  304.627362][ T9948] tls_set_device_offload_rx: netdev not found
[  304.712953][ T9952] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1055'.
[  305.178266][ T9964] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  306.039778][ T9755] chnl_net:caif_netlink_parms(): no params data found
[  306.555450][ T9755] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.594027][ T9755] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.603314][ T9755] bridge_slave_0: entered allmulticast mode
[  306.644097][ T9755] bridge_slave_0: entered promiscuous mode
[  306.653808][T10019] 9pnet: p9_errstr2errno: server reported unknown error �@�΂�(��
[  306.668277][ T9755] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.712561][ T9755] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.751105][ T9755] bridge_slave_1: entered allmulticast mode
[  306.758974][ T9755] bridge_slave_1: entered promiscuous mode
[  306.760981][   T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  306.915744][   T30] audit: type=1326 audit(1750135433.842:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  306.956120][   T30] audit: type=1326 audit(1750135433.842:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  306.981527][   T10] usb 1-1: Using ep0 maxpacket: 8
[  306.988468][ T9755] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  307.002244][   T30] audit: type=1326 audit(1750135433.842:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba15990847 code=0x7ffc0000
[  307.030445][   T30] audit: type=1326 audit(1750135433.842:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fba159907bc code=0x7ffc0000
[  307.030606][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  307.042422][T10027] netlink: 'syz.4.1091': attribute type 11 has an invalid length.
[  307.081896][ T9755] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  307.098422][   T10] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  307.110174][   T30] audit: type=1326 audit(1750135433.842:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fba159906f4 code=0x7ffc0000
[  307.138823][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.163324][   T10] usb 1-1: config 0 descriptor??
[  307.169587][   T30] audit: type=1326 audit(1750135433.842:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fba159906f4 code=0x7ffc0000
[  307.192717][   T30] audit: type=1326 audit(1750135433.842:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fba1598d58a code=0x7ffc0000
[  307.249247][   T30] audit: type=1326 audit(1750135433.842:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  307.294399][ T9755] team0: Port device team_slave_0 added
[  307.315550][   T30] audit: type=1326 audit(1750135433.842:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  307.351019][ T9755] team0: Port device team_slave_1 added
[  307.445854][   T30] audit: type=1326 audit(1750135433.842:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  307.484403][   T10] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  307.490104][T10034] loop1: detected capacity change from 0 to 8
[  307.539552][T10034] SQUASHFS error: Unable to read inode 0x127
[  307.540655][   T30] audit: type=1326 audit(1750135433.842:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  307.650877][   T30] audit: type=1326 audit(1750135433.842:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  307.746404][ T9755] batman_adv: batadv0: Adding interface: batadv_slave_0
[  307.766780][   T30] audit: type=1326 audit(1750135433.872:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  307.789287][ T9755] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.789430][ T9755] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  307.796954][ T9755] batman_adv: batadv0: Adding interface: batadv_slave_1
[  307.949580][ T5913] usb 1-1: USB disconnect, device number 7
[  307.977001][ T9755] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.003517][   T30] audit: type=1326 audit(1750135433.872:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  308.063665][   T30] audit: type=1326 audit(1750135433.872:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  308.087297][ T9755] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.160655][   T30] audit: type=1326 audit(1750135433.872:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  308.276235][   T30] audit: type=1326 audit(1750135433.872:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  308.354174][   T30] audit: type=1326 audit(1750135433.882:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10024 comm="syz.1.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  308.444610][T10057] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  308.616241][ T9755] hsr_slave_0: entered promiscuous mode
[  308.620981][ T5913] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  308.636461][ T9755] hsr_slave_1: entered promiscuous mode
[  308.758046][T10061] loop4: detected capacity change from 0 to 4096
[  308.777624][T10061] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  308.825548][ T5913] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  308.874279][ T5913] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  308.906106][ T5913] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.955582][ T5913] usb 4-1: Product: syz
[  308.959772][ T5913] usb 4-1: Manufacturer: syz
[  308.992834][ T5913] usb 4-1: SerialNumber: syz
[  309.422960][T10078] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  310.037919][ T5913] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  310.056220][ T5913] cdc_ncm 4-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  310.057861][ T8988] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.081073][ T5913] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  310.090572][T10067] loop6: detected capacity change from 0 to 32768
[  310.107777][T10067] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1104 (10067)
[  310.177884][T10067] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  310.191086][T10067] BTRFS info (device loop6): using sha256 (sha256-x86_64) checksum algorithm
[  310.199900][T10067] BTRFS info (device loop6): using free-space-tree
[  310.242506][ T5913] cdc_ncm 4-1:1.0: setting tx_max = 76
[  310.569365][ T8988] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.827541][ T5913] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  311.040111][ T5913] usb 4-1: USB disconnect, device number 16
[  311.144520][ T5913] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  311.251876][ T9361] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  311.324065][ T8988] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.411818][T10118] 9pnet: p9_errstr2errno: server reported unknown error 184467
[  311.587250][T10114] loop4: detected capacity change from 0 to 131072
[  311.615832][T10114] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  311.624359][T10114] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  311.660860][T10114] F2FS-fs (loop4): invalid crc value
[  311.756697][T10114] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  311.763858][T10114] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  312.153458][ T5849] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  312.182100][ T5849] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  312.191134][ T5849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  312.195039][ T8988] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.232583][ T5849] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  312.260925][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  312.401250][   T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  312.524991][T10139] netlink: 'syz.3.1125': attribute type 6 has an invalid length.
[  312.565370][   T24] usb 7-1: Using ep0 maxpacket: 32
[  312.585378][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.616605][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.676094][   T24] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  312.701481][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.801525][   T24] usb 7-1: config 0 descriptor??
[  312.822697][   T24] hub 7-1:0.0: USB hub found
[  313.031168][   T24] hub 7-1:0.0: 1 port detected
[  313.148215][ T8988] bridge_slave_1: left allmulticast mode
[  313.161521][ T8988] bridge_slave_1: left promiscuous mode
[  313.167356][ T8988] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.232080][ T8988] bridge_slave_0: left allmulticast mode
[  313.253872][ T8988] bridge_slave_0: left promiscuous mode
[  313.260717][ T8988] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.665063][ T5972] hub 7-1:0.0: activate --> -90
[  313.668195][T10152] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  314.102114][ T5996] usb 7-1: USB disconnect, device number 3
[  314.103519][T10157] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  314.331202][ T5972] usb 7-1-port1: config error
[  314.356344][ T5849] Bluetooth: hci6: command tx timeout
[  314.492202][T10169] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1134'.
[  314.553857][ T8988] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  314.580739][ T8988] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  314.624584][ T8988] bond0 (unregistering): Released all slaves
[  314.883590][ T9755] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  315.055986][T10183] netlink: 'syz.6.1142': attribute type 1 has an invalid length.
[  315.092396][ T9755] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  315.236160][ T9755] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  315.266306][ T9755] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  315.522896][T10195] loop4: detected capacity change from 0 to 7
[  315.535400][T10195] Dev loop4: unable to read RDB block 7
[  315.550982][T10195]  loop4: unable to read partition table
[  315.556910][T10195] loop4: partition table beyond EOD, truncated
[  315.581083][T10195] loop_reread_partitions: partition scan of loop4 (�被x������ ) failed (rc=-5)
[  315.920474][T10186] loop4: detected capacity change from 0 to 32768
[  315.936556][T10186] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1141 (10186)
[  316.081945][T10210] Invalid ELF header len 8
[  316.107132][T10186] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  316.154992][T10186] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  316.180648][T10186] BTRFS info (device loop4): using free-space-tree
[  316.386191][T10233] loop1: detected capacity change from 0 to 164
[  316.419614][ T8988] hsr_slave_0: left promiscuous mode
[  316.437070][ T5849] Bluetooth: hci6: command tx timeout
[  316.443172][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  316.449574][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  316.475613][ T8988] hsr_slave_1: left promiscuous mode
[  316.495164][T10186] BTRFS info (device loop4): rebuilding free space tree
[  316.516459][ T8988] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  316.553720][ T8988] batman_adv: batadv0: Removing interface: batadv_slave_0
[  316.604044][T10233] iso9660: Corrupted directory entry in block 4 of inode 1792
[  316.631928][ T8988] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  316.639355][ T8988] batman_adv: batadv0: Removing interface: batadv_slave_1
[  316.745310][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  316.745330][   T30] audit: type=1800 audit(1750135443.672:118): pid=10186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1141" name="file0" dev="loop4" ino=258 res=0 errno=0
[  316.786062][ T8988] veth1_macvtap: left promiscuous mode
[  316.813925][ T8988] veth0_macvtap: left promiscuous mode
[  316.819620][ T8988] veth1_vlan: left promiscuous mode
[  316.867856][ T8988] veth0_vlan: left promiscuous mode
[  317.285795][ T9027] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  317.490715][T10250] loop6: detected capacity change from 0 to 256
[  318.511522][ T5849] Bluetooth: hci6: command tx timeout
[  318.946402][T10267] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  318.972228][T10263] loop6: detected capacity change from 0 to 40427
[  319.006238][T10263] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  319.013263][T10263] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  319.022380][T10263] F2FS-fs (loop6): build fault injection rate: 17008
[  319.029092][T10263] F2FS-fs (loop6): build fault injection type: 0x1f8
[  319.036225][T10263] F2FS-fs (loop6): build fault injection type: 0x6
[  319.050955][T10263] F2FS-fs (loop6): invalid crc value
[  319.190762][T10263] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  319.198083][T10263] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  319.262462][T10263] syz.6.1166: attempt to access beyond end of device
[  319.262462][T10263] loop6: rw=2049, sector=53248, nr_sectors = 136 limit=40427
[  319.328352][T10276] loop1: detected capacity change from 0 to 1024
[  319.340160][T10276] EXT4-fs: Ignoring removed orlov option
[  319.350677][ T9361] syz-executor: attempt to access beyond end of device
[  319.350677][ T9361] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  319.379190][ T9361] CPU: 1 UID: 0 PID: 9361 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  319.379223][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.379238][ T9361] Call Trace:
[  319.379246][ T9361]  <TASK>
[  319.379256][ T9361]  dump_stack_lvl+0x189/0x250
[  319.379318][ T9361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.379354][ T9361]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  319.379391][ T9361]  ? __pfx_queue_work_on+0x10/0x10
[  319.379415][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.379442][ T9361]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  319.379477][ T9361]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  319.379512][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.379539][ T9361]  ? f2fs_hw_is_readonly+0x39b/0x470
[  319.379574][ T9361]  f2fs_handle_critical_error+0x37c/0x540
[  319.379612][ T9361]  f2fs_write_end_io+0x495/0x810
[  319.379643][ T9361]  ? blkg_put+0x22/0x240
[  319.379688][ T9361]  __submit_merged_bio+0x27a/0x6a0
[  319.379729][ T9361]  __submit_merged_write_cond+0x255/0x530
[  319.379766][ T9361]  f2fs_write_data_pages+0x261d/0x3000
[  319.379800][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.379867][ T9361]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  319.379915][ T9361]  ? arch_stack_walk+0xfc/0x150
[  319.379971][ T9361]  ? __mod_zone_page_state+0xd7/0x140
[  319.380022][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.380049][ T9361]  ? folios_put_refs+0x560/0x640
[  319.380093][ T9361]  ? __pfx_folios_put_refs+0x10/0x10
[  319.380123][ T9361]  ? rcu_is_watching+0x15/0xb0
[  319.380172][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.380200][ T9361]  ? __lock_acquire+0xab9/0xd20
[  319.380255][ T9361]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  319.380289][ T9361]  do_writepages+0x32e/0x550
[  319.380334][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.380366][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.380393][ T9361]  ? do_raw_spin_unlock+0x122/0x240
[  319.380427][ T9361]  filemap_fdatawrite+0x191/0x230
[  319.380451][ T9361]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  319.380524][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.380558][ T9361]  ? do_raw_spin_unlock+0x122/0x240
[  319.380591][ T9361]  f2fs_sync_dirty_inodes+0x31f/0x830
[  319.380645][ T9361]  f2fs_write_checkpoint+0x94a/0x1de0
[  319.380715][ T9361]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  319.380810][ T9361]  ? kill_f2fs_super+0x298/0x6c0
[  319.380852][ T9361]  kill_f2fs_super+0x2c3/0x6c0
[  319.380895][ T9361]  ? __pfx_kill_f2fs_super+0x10/0x10
[  319.380927][ T9361]  ? radix_tree_delete_item+0x2b6/0x400
[  319.380972][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.381000][ T9361]  ? shrinker_free+0x2ce/0x3e0
[  319.381034][ T9361]  deactivate_locked_super+0xbc/0x130
[  319.381072][ T9361]  cleanup_mnt+0x425/0x4c0
[  319.381105][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.381133][ T9361]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.381176][ T9361]  task_work_run+0x1d4/0x260
[  319.381212][ T9361]  ? __pfx_task_work_run+0x10/0x10
[  319.381239][ T9361]  ? __x64_sys_umount+0x122/0x160
[  319.381268][ T9361]  ? exit_to_user_mode_loop+0x40/0x110
[  319.381307][ T9361]  exit_to_user_mode_loop+0xec/0x110
[  319.381342][ T9361]  do_syscall_64+0x2bd/0x3b0
[  319.381364][ T9361]  ? lockdep_hardirqs_on+0x9c/0x150
[  319.381399][ T9361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.381422][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  319.381448][ T9361]  ? exc_page_fault+0x9f/0xf0
[  319.381487][ T9361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.381510][ T9361] RIP: 0033:0x7efe3778fc57
[  319.381530][ T9361] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  319.381549][ T9361] RSP: 002b:00007ffd8ec6f338 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  319.381573][ T9361] RAX: 0000000000000000 RBX: 00007efe37810925 RCX: 00007efe3778fc57
[  319.381589][ T9361] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd8ec6f3f0
[  319.381605][ T9361] RBP: 00007ffd8ec6f3f0 R08: 0000000000000000 R09: 0000000000000000
[  319.381619][ T9361] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd8ec70480
[  319.381635][ T9361] R13: 00007efe37810925 R14: 000000000004df32 R15: 00007ffd8ec704c0
[  319.381673][ T9361]  </TASK>
[  319.816830][T10276] EXT4-fs: Ignoring removed nomblk_io_submit option
[  319.824360][ T9361] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  319.884215][T10276] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.934608][ T8988] team0 (unregistering): Port device team_slave_1 removed
[  319.950507][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.044814][ T8988] team0 (unregistering): Port device team_slave_0 removed
[  320.580961][ T5849] Bluetooth: hci6: command tx timeout
[  321.086785][T10131] chnl_net:caif_netlink_parms(): no params data found
[  321.339379][T10297] bridge0: port 3(erspan0) entered blocking state
[  321.372297][T10297] bridge0: port 3(erspan0) entered disabled state
[  321.447500][T10297] erspan0: entered allmulticast mode
[  321.463059][T10297] erspan0: entered promiscuous mode
[  321.468998][T10297] bridge0: port 3(erspan0) entered blocking state
[  321.475832][T10297] bridge0: port 3(erspan0) entered forwarding state
[  321.526008][T10298] erspan0: left allmulticast mode
[  321.531806][T10298] erspan0: left promiscuous mode
[  321.541432][T10298] bridge0: port 3(erspan0) entered disabled state
[  321.762568][T10131] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.791236][T10131] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.813190][T10131] bridge_slave_0: entered allmulticast mode
[  321.843503][T10131] bridge_slave_0: entered promiscuous mode
[  321.858725][T10131] bridge0: port 2(bridge_slave_1) entered blocking state
[  321.871853][T10131] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.215285][T10308] loop6: detected capacity change from 0 to 40427
[  322.223257][T10308] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  322.230519][T10308] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  322.247007][T10308] F2FS-fs (loop6): build fault injection rate: 17008
[  322.255863][T10308] F2FS-fs (loop6): build fault injection type: 0x1f8
[  322.262659][T10308] F2FS-fs (loop6): build fault injection type: 0x6
[  322.276756][T10131] bridge_slave_1: entered allmulticast mode
[  322.282818][T10308] F2FS-fs (loop6): invalid crc value
[  322.302771][T10131] bridge_slave_1: entered promiscuous mode
[  322.395318][T10308] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  322.402474][T10308] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  322.488706][T10308] syz.6.1183: attempt to access beyond end of device
[  322.488706][T10308] loop6: rw=2049, sector=53248, nr_sectors = 16 limit=40427
[  322.515968][T10321] loop4: detected capacity change from 0 to 256
[  322.571300][ T9361] syz-executor: attempt to access beyond end of device
[  322.571300][ T9361] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  322.651234][ T9361] CPU: 1 UID: 0 PID: 9361 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  322.651267][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.651282][ T9361] Call Trace:
[  322.651291][ T9361]  <TASK>
[  322.651301][ T9361]  dump_stack_lvl+0x189/0x250
[  322.651348][ T9361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.651385][ T9361]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  322.651421][ T9361]  ? __pfx_queue_work_on+0x10/0x10
[  322.651469][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.651497][ T9361]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  322.651532][ T9361]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  322.651568][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.651595][ T9361]  ? f2fs_hw_is_readonly+0x39b/0x470
[  322.651628][ T9361]  f2fs_handle_critical_error+0x37c/0x540
[  322.651664][ T9361]  f2fs_write_end_io+0x495/0x810
[  322.651696][ T9361]  ? blkg_put+0x22/0x240
[  322.651740][ T9361]  __submit_merged_bio+0x27a/0x6a0
[  322.651777][ T9361]  __submit_merged_write_cond+0x255/0x530
[  322.651814][ T9361]  f2fs_write_data_pages+0x261d/0x3000
[  322.651844][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.651910][ T9361]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  322.651939][ T9361]  ? is_bpf_text_address+0x26/0x2b0
[  322.651989][ T9361]  ? arch_stack_walk+0xfc/0x150
[  322.652049][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652080][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652109][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652150][ T9361]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[  322.652202][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652229][ T9361]  ? __lock_acquire+0xab9/0xd20
[  322.652282][ T9361]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  322.652315][ T9361]  do_writepages+0x32e/0x550
[  322.652359][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652393][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652420][ T9361]  ? do_raw_spin_unlock+0x122/0x240
[  322.652462][ T9361]  filemap_fdatawrite+0x191/0x230
[  322.652486][ T9361]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  322.652558][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.652590][ T9361]  ? do_raw_spin_unlock+0x122/0x240
[  322.652624][ T9361]  f2fs_sync_dirty_inodes+0x31f/0x830
[  322.652676][ T9361]  f2fs_write_checkpoint+0x94a/0x1de0
[  322.652738][ T9361]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  322.652829][ T9361]  ? kill_f2fs_super+0x298/0x6c0
[  322.652870][ T9361]  kill_f2fs_super+0x2c3/0x6c0
[  322.652912][ T9361]  ? __pfx_kill_f2fs_super+0x10/0x10
[  322.652944][ T9361]  ? radix_tree_delete_item+0x2b6/0x400
[  322.652989][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.653016][ T9361]  ? shrinker_free+0x2ce/0x3e0
[  322.653050][ T9361]  deactivate_locked_super+0xbc/0x130
[  322.653088][ T9361]  cleanup_mnt+0x425/0x4c0
[  322.653120][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.653146][ T9361]  ? lockdep_hardirqs_on+0x9c/0x150
[  322.653186][ T9361]  task_work_run+0x1d4/0x260
[  322.653220][ T9361]  ? __pfx_task_work_run+0x10/0x10
[  322.653249][ T9361]  ? __x64_sys_umount+0x122/0x160
[  322.653280][ T9361]  ? exit_to_user_mode_loop+0x40/0x110
[  322.653319][ T9361]  exit_to_user_mode_loop+0xec/0x110
[  322.653354][ T9361]  do_syscall_64+0x2bd/0x3b0
[  322.653375][ T9361]  ? lockdep_hardirqs_on+0x9c/0x150
[  322.653410][ T9361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.653433][ T9361]  ? srso_alias_return_thunk+0x5/0xfbef5
[  322.653465][ T9361]  ? exc_page_fault+0x9f/0xf0
[  322.653503][ T9361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.653526][ T9361] RIP: 0033:0x7efe3778fc57
[  322.653547][ T9361] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  322.653567][ T9361] RSP: 002b:00007ffd8ec6f338 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  322.653591][ T9361] RAX: 0000000000000000 RBX: 00007efe37810925 RCX: 00007efe3778fc57
[  322.653608][ T9361] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd8ec6f3f0
[  322.653623][ T9361] RBP: 00007ffd8ec6f3f0 R08: 0000000000000000 R09: 0000000000000000
[  322.653638][ T9361] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd8ec70480
[  322.653654][ T9361] R13: 00007efe37810925 R14: 000000000004ebb2 R15: 00007ffd8ec704c0
[  322.653692][ T9361]  </TASK>
[  322.653701][ T9361] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  323.103226][T10131] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  323.132957][T10131] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.149617][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  323.169616][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  323.186027][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  323.203046][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  323.216490][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  323.344255][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.410640][T10330] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  323.606409][ T1032] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  323.621566][ T5148] Bluetooth: hci1: command 0x0406 tx timeout
[  323.955275][T10131] team0: Port device team_slave_0 added
[  323.987109][ T9755] 8021q: adding VLAN 0 to HW filter on device bond0
[  324.022183][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.045185][T10131] team0: Port device team_slave_1 added
[  324.166410][T10131] batman_adv: batadv0: Adding interface: batadv_slave_0
[  324.179613][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.208713][T10131] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  324.244113][ T9755] 8021q: adding VLAN 0 to HW filter on device team0
[  324.252534][T10131] batman_adv: batadv0: Adding interface: batadv_slave_1
[  324.260163][T10131] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  324.287138][T10131] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  324.344382][ T1032] bridge0: port 1(bridge_slave_0) entered blocking state
[  324.351648][ T1032] bridge0: port 1(bridge_slave_0) entered forwarding state
[  324.423510][ T1032] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.430722][ T1032] bridge0: port 2(bridge_slave_1) entered forwarding state
[  324.517988][T10131] hsr_slave_0: entered promiscuous mode
[  324.525008][T10131] hsr_slave_1: entered promiscuous mode
[  324.531969][T10131] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  324.539730][T10131] Cannot create hsr debugfs directory
[  324.743384][T10333] loop4: detected capacity change from 0 to 131072
[  324.768561][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.889649][T10333] F2FS-fs (loop4): Mounted with checkpoint version = 1b41e955
[  324.978678][   T30] audit: type=1800 audit(1750135451.902:119): pid=10333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1193" name="file1" dev="loop4" ino=7 res=0 errno=0
[  325.013233][T10333] F2FS-fs (loop4): f2fs_convert_inline_folio: corrupted inline inode ino=7, i_addr[0]:0xff0000, run fsck to fix.
[  325.113767][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.310906][ T5148] Bluetooth: hci5: command tx timeout
[  325.680176][T10325] chnl_net:caif_netlink_parms(): no params data found
[  325.941866][ T5849] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  326.323523][T10347] loop6: detected capacity change from 0 to 32768
[  326.375384][T10347] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  326.391640][T10347] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  326.443563][T10347] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  326.466875][   T10] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  326.480922][   T10] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  326.690285][   T10] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 209ms
[  326.706773][T10369] mmap: syz.4.1201 (10369) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  326.730284][   T10] gfs2: fsid=syz:syz.0: jid=0: Done
[  326.736919][T10347] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  326.805485][ T9755] 8021q: adding VLAN 0 to HW filter on device batadv0
[  326.927022][   T12] bridge_slave_1: left allmulticast mode
[  326.942400][   T12] bridge_slave_1: left promiscuous mode
[  326.955199][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.990788][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.033206][T10347] gfs2: fsid=syz:syz.0: found 1 quota changes
[  327.380927][ T5849] Bluetooth: hci5: command tx timeout
[  327.461465][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  328.019208][T10385] loop6: detected capacity change from 0 to 32768
[  328.019735][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.070440][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.092029][T10385] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  328.102321][   T12] bond0 (unregistering): Released all slaves
[  328.237390][T10385] XFS (loop6): Ending clean mount
[  328.359069][T10325] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.383740][T10325] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.418347][T10325] bridge_slave_0: entered allmulticast mode
[  328.427482][T10325] bridge_slave_0: entered promiscuous mode
[  328.653279][T10325] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.660471][T10325] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.691120][T10325] bridge_slave_1: entered allmulticast mode
[  328.699125][T10325] bridge_slave_1: entered promiscuous mode
[  328.707262][ T5905] XFS (loop6): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  328.736188][ T9361] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  328.750408][ T5905] XFS (loop6): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xe0, xfs_rmapbt block 0x14 
[  328.778294][ T5905] XFS (loop6): Unmount and run xfs_repair
[  328.798728][ T5905] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  328.848549][ T5905] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  328.858944][ T5905] 00000010: 00 00 00 00 00 00 00 14 00 00 00 01 00 00 00 10  ................
[  328.884935][ T5905] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  328.903961][ T5905] 00000030: 00 00 00 00 6c 4b dc c9 00 00 00 00 00 00 00 01  ....lK..........
[  328.924787][ T5905] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  328.965496][T10325] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  329.000016][ T5905] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  329.039227][ T5905] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  329.092248][ T5905] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  329.111946][ T5905] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x14 len 4 error 74
[  329.151689][ T5905] XFS (loop6): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8e0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  329.188358][T10325] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  329.210873][ T5905] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  329.461064][ T5849] Bluetooth: hci5: command tx timeout
[  329.507382][T10131] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  329.609606][T10422] serio: Serial port ptm0
[  329.644548][   T12] hsr_slave_0: left promiscuous mode
[  329.658860][   T12] hsr_slave_1: left promiscuous mode
[  329.673240][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  329.710996][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  329.727038][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  329.752201][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  329.828415][   T12] veth1_macvtap: left promiscuous mode
[  329.837599][   T12] veth0_macvtap: left promiscuous mode
[  329.873225][   T12] veth1_vlan: left promiscuous mode
[  329.878614][   T12] veth0_vlan: left promiscuous mode
[  329.940349][T10428] loop1: detected capacity change from 0 to 1024
[  329.978547][T10428] EXT4-fs: Ignoring removed nobh option
[  330.004683][T10428] EXT4-fs: Ignoring removed bh option
[  330.073100][T10428] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.190547][   T30] audit: type=1804 audit(1750135457.122:120): pid=10428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1219" name="/newroot/319/file1/cgroup" dev="loop1" ino=18 res=1 errno=0
[  330.308357][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.519056][T10439] loop1: detected capacity change from 0 to 512
[  330.640398][T10439] EXT4-fs (loop1): 1 orphan inode deleted
[  330.651958][ T8995] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  330.666076][T10439] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.686885][T10439] ext4 filesystem being mounted at /320/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.691566][ T8995] EXT4-fs error (device loop1): ext4_release_dquot:6969: comm kworker/u8:14: Failed to release dquot type 1
[  330.879262][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.178801][   T12] team0 (unregistering): Port device team_slave_1 removed
[  331.221278][   T12] team0 (unregistering): Port device team_slave_0 removed
[  331.544383][ T5849] Bluetooth: hci5: command tx timeout
[  331.654777][T10325] team0: Port device team_slave_0 added
[  331.672491][T10131] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  331.725016][T10325] team0: Port device team_slave_1 added
[  331.751277][T10131] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  331.828101][T10131] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  332.068218][T10325] batman_adv: batadv0: Adding interface: batadv_slave_0
[  332.076025][T10325] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.106355][T10325] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  332.167007][T10325] batman_adv: batadv0: Adding interface: batadv_slave_1
[  332.178038][T10325] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  332.248405][T10325] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  332.366026][ T9755] veth0_vlan: entered promiscuous mode
[  332.448661][T10325] hsr_slave_0: entered promiscuous mode
[  332.474221][T10325] hsr_slave_1: entered promiscuous mode
[  332.495709][T10325] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  332.503851][T10470] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  332.515647][T10325] Cannot create hsr debugfs directory
[  332.546331][T10468] loop6: detected capacity change from 0 to 1024
[  332.653240][ T9755] veth1_vlan: entered promiscuous mode
[  332.685670][T10468] hfsplus: keylen 65060 too large
[  332.774294][T10472] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  333.086293][T10476] loop1: detected capacity change from 0 to 256
[  333.193182][T10476] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xcc9b7de9, utbl_chksum : 0xe619d30d)
[  333.233974][ T9755] veth0_macvtap: entered promiscuous mode
[  333.329910][ T9755] veth1_macvtap: entered promiscuous mode
[  333.366255][T10480] input: syz1 as /devices/virtual/input/input27
[  333.575340][T10131] 8021q: adding VLAN 0 to HW filter on device bond0
[  333.667453][ T9755] batman_adv: batadv0: Interface activated: batadv_slave_0
[  333.750123][T10131] 8021q: adding VLAN 0 to HW filter on device team0
[  333.816606][ T9755] batman_adv: batadv0: Interface activated: batadv_slave_1
[  333.842549][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  333.849728][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  333.885067][ T9755] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  333.911287][ T9755] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.920015][ T9755] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.930091][   T10] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  333.939045][T10475] loop4: detected capacity change from 0 to 32768
[  333.964714][T10475] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1236 (10475)
[  333.972705][ T9755] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  334.009797][T10475] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  334.009982][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  334.027091][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  334.048662][T10475] BTRFS info (device loop4): using crc32c (crc32c-x86_64) checksum algorithm
[  334.084605][T10475] BTRFS info (device loop4): disk space caching is enabled
[  334.104059][T10475] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  334.118723][   T10] usb 7-1: Using ep0 maxpacket: 16
[  334.147522][   T10] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  334.176414][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  334.217410][   T10] usb 7-1: Product: syz
[  334.248588][   T10] usb 7-1: Manufacturer: syz
[  334.292524][   T10] usb 7-1: SerialNumber: syz
[  334.341675][   T10] r8152-cfgselector 7-1: Unknown version 0x0000
[  334.358285][   T10] r8152-cfgselector 7-1: config 0 descriptor??
[  334.406875][T10475] BTRFS info (device loop4): rebuilding free space tree
[  334.484259][T10509] syz.1.1243: attempt to access beyond end of device
[  334.484259][T10509] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  334.498582][T10475] BTRFS info (device loop4): disabling free space tree
[  334.511076][T10509] FAT-fs (loop3): unable to read boot sector
[  334.531396][T10475] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  334.564015][T10475] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  334.698940][   T30] audit: type=1800 audit(1750135461.622:121): pid=10475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1236" name="bus" dev="loop4" ino=263 res=0 errno=0
[  334.720974][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.761068][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.792696][   T10] r8152-cfgselector 7-1: USB disconnect, device number 4
[  334.903373][ T1032] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.921696][ T1032] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.981052][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  335.016446][T10325] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  335.054512][T10325] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  335.095826][T10325] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  335.217813][T10325] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  335.372612][ T9027] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  336.441545][T10524] loop1: detected capacity change from 0 to 32768
[  336.472089][T10524] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1248 (10524)
[  336.625992][ T1032] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.731164][T10524] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  336.767216][T10532] loop4: detected capacity change from 0 to 131072
[  336.793142][T10524] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  336.811754][T10131] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.818721][T10524] BTRFS info (device loop1): using free-space-tree
[  336.836936][T10532] F2FS-fs (loop4): invalid crc value
[  336.970918][T10532] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  337.002821][   T30] audit: type=1800 audit(1750135463.932:122): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1247" name="file1" dev="loop4" ino=7 res=0 errno=0
[  337.174548][T10549] F2FS-fs (loop4): truncate node fail, ino:7, nid:256, offset[0]:927, offset[1]:0, nofs:1022
[  337.788759][ T1032] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.150339][ T5148] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  338.171519][ T5148] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  338.184036][ T5148] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  338.213690][ T5148] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  338.233688][ T5148] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  338.242791][ T1032] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.587065][ T5833] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  338.747205][ T1032] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.041907][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1253'.
[  339.167417][T10325] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.647543][T10131] veth0_vlan: entered promiscuous mode
[  339.794935][T10131] veth1_vlan: entered promiscuous mode
[  339.895290][T10325] 8021q: adding VLAN 0 to HW filter on device team0
[  340.119593][ T8988] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.126882][ T8988] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.223865][ T8998] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.231114][ T8998] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.241128][   T10] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  340.342835][ T5148] Bluetooth: hci3: command tx timeout
[  340.365001][ T1032] bridge_slave_1: left allmulticast mode
[  340.371067][ T1032] bridge_slave_1: left promiscuous mode
[  340.387821][ T1032] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.412974][   T10] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  340.421418][   T10] usb 2-1: config 0 has no interface number 0
[  340.430027][ T1032] bridge_slave_0: left allmulticast mode
[  340.435247][   T10] usb 2-1: config 0 interface 41 has no altsetting 0
[  340.449016][ T1032] bridge_slave_0: left promiscuous mode
[  340.455330][   T10] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  340.460664][ T1032] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.468891][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.485779][   T10] usb 2-1: Product: syz
[  340.490017][   T10] usb 2-1: Manufacturer: syz
[  340.496642][   T10] usb 2-1: SerialNumber: syz
[  340.506192][   T10] usb 2-1: config 0 descriptor??
[  341.339819][   T10] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  341.408337][ T1032] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  341.426785][ T1032] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  341.444272][ T1032] bond0 (unregistering): Released all slaves
[  341.572415][   T10] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  341.584876][   T10] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): Failed to power down PHY : -71
[  341.605632][   T10] CoreChips 2-1:0.41: probe with driver CoreChips failed with error -71
[  341.621523][   T10] usb 2-1: USB disconnect, device number 15
[  342.086932][T10569] chnl_net:caif_netlink_parms(): no params data found
[  342.138428][T10325] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  342.152747][T10641] loop4: detected capacity change from 0 to 2048
[  342.240124][T10131] veth0_macvtap: entered promiscuous mode
[  342.290042][T10641] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  342.395386][   T30] audit: type=1800 audit(1750135469.322:123): pid=10641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1263" name="bus" dev="loop4" ino=1436 res=0 errno=0
[  342.436866][ T5148] Bluetooth: hci3: command tx timeout
[  342.543818][ T1032] hsr_slave_0: left promiscuous mode
[  342.561106][ T1032] hsr_slave_1: left promiscuous mode
[  342.567165][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  342.571062][  T975] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  342.583658][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_0
[  342.625317][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  342.643780][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_1
[  342.680307][ T1032] veth1_macvtap: left promiscuous mode
[  342.700958][ T1032] veth0_macvtap: left promiscuous mode
[  342.706786][ T1032] veth1_vlan: left promiscuous mode
[  342.734759][ T1032] veth0_vlan: left promiscuous mode
[  342.770566][  T975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.790663][  T975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.825204][  T975] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  342.855117][  T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.884810][  T975] usb 2-1: config 0 descriptor??
[  343.103295][T10656] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1266'.
[  343.539750][  T975] usb 2-1: string descriptor 0 read error: -22
[  343.749934][  T975] uclogic 0003:256C:006D.0014: interface is invalid, ignoring
[  343.973718][  T915] usb 2-1: USB disconnect, device number 16
[  344.105830][ T1032] team0 (unregistering): Port device team_slave_1 removed
[  344.150019][ T1032] team0 (unregistering): Port device team_slave_0 removed
[  344.511191][ T5148] Bluetooth: hci3: command tx timeout
[  344.746522][T10668] ip6tnl1: entered promiscuous mode
[  344.784630][T10668] ip6tnl1: entered allmulticast mode
[  344.803955][T10668] team0: Device ip6tnl1 is of different type
[  344.895639][T10131] veth1_macvtap: entered promiscuous mode
[  345.282342][T10569] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.329428][T10569] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.378662][T10569] bridge_slave_0: entered allmulticast mode
[  345.398358][T10569] bridge_slave_0: entered promiscuous mode
[  345.467435][T10131] batman_adv: batadv0: Interface activated: batadv_slave_0
[  345.526658][T10569] bridge0: port 2(bridge_slave_1) entered blocking state
[  345.555693][T10569] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.591778][T10569] bridge_slave_1: entered allmulticast mode
[  345.629167][T10569] bridge_slave_1: entered promiscuous mode
[  345.867097][T10131] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.898929][T10131] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.928337][T10131] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.957929][T10131] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.991000][T10131] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.024406][T10569] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.047406][T10685] loop1: detected capacity change from 0 to 40427
[  346.073107][T10685] F2FS-fs (loop1): build fault injection rate: 771
[  346.084621][T10569] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  346.135453][T10685] F2FS-fs (loop1): invalid crc value
[  346.424890][T10569] team0: Port device team_slave_0 added
[  346.507970][T10325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  346.553349][T10685] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  346.574798][T10569] team0: Port device team_slave_1 added
[  346.581921][ T5148] Bluetooth: hci3: command tx timeout
[  346.595739][T10694] loop6: detected capacity change from 0 to 32768
[  346.676586][T10694] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[  346.835819][T10569] batman_adv: batadv0: Adding interface: batadv_slave_0
[  346.844960][T10569] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.882616][T10569] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  346.898413][T10694] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  346.966995][ T5833] syz-executor: attempt to access beyond end of device
[  346.966995][ T5833] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  347.016766][T10569] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.047223][ T5833] CPU: 1 UID: 0 PID: 5833 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  347.047256][ T5833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  347.047271][ T5833] Call Trace:
[  347.047280][ T5833]  <TASK>
[  347.047289][ T5833]  dump_stack_lvl+0x189/0x250
[  347.047338][ T5833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.047375][ T5833]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  347.047411][ T5833]  ? __pfx_queue_work_on+0x10/0x10
[  347.047435][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.047463][ T5833]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  347.047498][ T5833]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  347.047534][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.047561][ T5833]  ? f2fs_hw_is_readonly+0x39b/0x470
[  347.047596][ T5833]  f2fs_handle_critical_error+0x37c/0x540
[  347.047634][ T5833]  f2fs_write_end_io+0x495/0x810
[  347.047666][ T5833]  ? blkg_put+0x22/0x240
[  347.047711][ T5833]  __submit_merged_bio+0x27a/0x6a0
[  347.047753][ T5833]  __submit_merged_write_cond+0x255/0x530
[  347.047790][ T5833]  f2fs_write_data_pages+0x261d/0x3000
[  347.047820][ T5833]  ? __lock_acquire+0xab9/0xd20
[  347.047895][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  347.047925][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048010][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048038][ T5833]  ? stack_depot_save_flags+0x40/0x900
[  347.048094][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048121][ T5833]  ? __lock_acquire+0xab9/0xd20
[  347.048165][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048192][ T5833]  ? do_raw_spin_lock+0x121/0x290
[  347.048226][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048258][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048285][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  347.048314][ T5833]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  347.048348][ T5833]  do_writepages+0x32e/0x550
[  347.048393][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048425][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048453][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  347.048486][ T5833]  filemap_fdatawrite+0x191/0x230
[  347.048510][ T5833]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  347.048583][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048617][ T5833]  ? do_raw_spin_unlock+0x122/0x240
[  347.048651][ T5833]  f2fs_sync_dirty_inodes+0x31f/0x830
[  347.048705][ T5833]  f2fs_write_checkpoint+0x94a/0x1de0
[  347.048774][ T5833]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  347.048859][ T5833]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  347.048893][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.048920][ T5833]  ? kfree+0x18e/0x440
[  347.048960][ T5833]  ? kill_f2fs_super+0x298/0x6c0
[  347.049001][ T5833]  kill_f2fs_super+0x2c3/0x6c0
[  347.049043][ T5833]  ? __pfx_kill_f2fs_super+0x10/0x10
[  347.049075][ T5833]  ? radix_tree_delete_item+0x2b6/0x400
[  347.049119][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.049146][ T5833]  ? shrinker_free+0x2ce/0x3e0
[  347.049180][ T5833]  deactivate_locked_super+0xbc/0x130
[  347.049218][ T5833]  cleanup_mnt+0x425/0x4c0
[  347.049250][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.049278][ T5833]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.049319][ T5833]  task_work_run+0x1d4/0x260
[  347.049354][ T5833]  ? __pfx_task_work_run+0x10/0x10
[  347.049382][ T5833]  ? __x64_sys_umount+0x122/0x160
[  347.049411][ T5833]  ? exit_to_user_mode_loop+0x40/0x110
[  347.049452][ T5833]  exit_to_user_mode_loop+0xec/0x110
[  347.049488][ T5833]  do_syscall_64+0x2bd/0x3b0
[  347.049510][ T5833]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.049546][ T5833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.049569][ T5833]  ? srso_alias_return_thunk+0x5/0xfbef5
[  347.049596][ T5833]  ? exc_page_fault+0x9f/0xf0
[  347.049636][ T5833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.049659][ T5833] RIP: 0033:0x7fba1598fc57
[  347.049679][ T5833] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  347.049700][ T5833] RSP: 002b:00007ffd833d1bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  347.049724][ T5833] RAX: 0000000000000000 RBX: 00007fba15a10925 RCX: 00007fba1598fc57
[  347.049751][ T5833] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd833d1c90
[  347.049766][ T5833] RBP: 00007ffd833d1c90 R08: 0000000000000000 R09: 0000000000000000
[  347.049782][ T5833] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd833d2d20
[  347.049799][ T5833] R13: 00007fba15a10925 R14: 0000000000054a8f R15: 00007ffd833d2d60
[  347.049838][ T5833]  </TASK>
[  347.049848][ T5833] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  347.100997][T10569] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.587933][T10569] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.720175][ T8988] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  347.745984][ T8988] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.760538][ T9361] ocfs2: Unmounting device (7,6) on (node local)
[  348.296292][T10569] hsr_slave_0: entered promiscuous mode
[  348.382077][T10569] hsr_slave_1: entered promiscuous mode
[  348.609324][T10325] veth0_vlan: entered promiscuous mode
[  348.645992][ T8995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.690920][ T8995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.887541][T10732] loop4: detected capacity change from 0 to 131072
[  348.934977][T10325] veth1_vlan: entered promiscuous mode
[  348.944543][T10732] F2FS-fs (loop4): invalid crc value
[  349.047618][T10732] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  349.430765][T10325] veth0_macvtap: entered promiscuous mode
[  349.505093][T10325] veth1_macvtap: entered promiscuous mode
[  349.715525][T10325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  349.893774][T10325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  349.983597][T10765] loop1: detected capacity change from 0 to 2048
[  350.003679][T10325] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  350.041545][T10325] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  350.080746][T10325] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  350.090134][T10325] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  350.096522][T10767] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  350.125696][T10765] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.194410][T10765] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  350.224185][   T30] audit: type=1800 audit(1750135477.122:124): pid=10765 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1285" name="file1" dev="loop1" ino=15 res=0 errno=0
[  350.284534][T10765] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  350.341640][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  350.354779][T10765] EXT4-fs (loop1): This should not happen!! Data will be lost
[  350.354779][T10765] 
[  350.385169][T10765] EXT4-fs (loop1): Total free blocks count 0
[  350.441471][T10765] EXT4-fs (loop1): Free/Dirty block details
[  350.471130][T10765] EXT4-fs (loop1): free_blocks=2415919504
[  350.475902][   T30] audit: type=1326 audit(1750135477.382:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10756 comm="syz.6.1284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe3778e929 code=0x7fc00000
[  350.524852][T10765] EXT4-fs (loop1): dirty_blocks=16
[  350.530022][T10765] EXT4-fs (loop1): Block reservation details
[  350.621267][T10765] EXT4-fs (loop1): i_reserved_data_blocks=1
[  350.628489][ T8998] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.648274][ T8998] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.795295][ T8995] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.847879][ T8995] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.867520][T10747] loop8: detected capacity change from 0 to 32768
[  350.917005][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.174186][T10747] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  351.258490][T10782] loop4: detected capacity change from 0 to 40427
[  351.269184][T10782] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  351.276248][T10782] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  351.285714][T10782] F2FS-fs (loop4): build fault injection rate: 17008
[  351.291450][T10569] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  351.292493][T10782] F2FS-fs (loop4): build fault injection type: 0x1f8
[  351.306553][T10782] F2FS-fs (loop4): build fault injection type: 0x6
[  351.323228][T10782] F2FS-fs (loop4): invalid crc value
[  351.379758][T10747] XFS (loop8): Ending clean mount
[  351.436345][T10747] XFS (loop8): Quotacheck needed: Please wait.
[  351.449611][T10782] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  351.454372][T10569] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  351.456711][T10782] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  351.672158][T10569] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  351.679174][T10747] XFS (loop8): Quotacheck: Done.
[  351.811507][T10569] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  352.146048][T10131] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  352.405255][T10804] loop1: detected capacity change from 0 to 32768
[  352.520576][T10804] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  352.582265][T10804] XFS (loop1): Ending clean mount
[  352.649399][   T30] audit: type=1800 audit(1750135479.572:126): pid=10804 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1293" name="file1" dev="loop1" ino=4422 res=0 errno=0
[  352.748703][ T5833] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  353.253200][   T30] audit: type=1326 audit(1750135480.182:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10832 comm="syz.1.1296" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x0
[  353.275042][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.365728][ T8995] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.652960][T10845] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22)
[  353.718988][ T8995] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.058970][ T8995] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.131651][T10852] input: syz0 as /devices/virtual/input/input28
[  354.407582][T10859] loop4: detected capacity change from 0 to 512
[  354.524459][ T8995] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  354.592040][T10859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.654162][T10569] 8021q: adding VLAN 0 to HW filter on device bond0
[  354.781765][T10859] ext4 filesystem being mounted at /82/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.820044][ T5849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  354.833994][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  354.842894][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  354.853327][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  354.862511][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  354.941855][T10569] 8021q: adding VLAN 0 to HW filter on device team0
[  355.171779][ T8992] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.178963][ T8992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.224516][ T9027] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.282400][ T8992] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.289609][ T8992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.537249][T10890] loop1: detected capacity change from 0 to 1024
[  355.708571][T10890] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.731071][T10890] ext4 filesystem being mounted at /349/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.883270][T10890] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  356.070145][ T8995] bridge_slave_1: left allmulticast mode
[  356.083419][ T8995] bridge_slave_1: left promiscuous mode
[  356.111093][ T8995] bridge0: port 2(bridge_slave_1) entered disabled state
[  356.189613][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.192113][ T8995] bridge_slave_0: left allmulticast mode
[  356.241849][ T8995] bridge_slave_0: left promiscuous mode
[  356.289461][ T8995] bridge0: port 1(bridge_slave_0) entered disabled state
[  356.784311][T10883] loop8: detected capacity change from 0 to 40427
[  356.831187][T10883] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[  356.838949][T10883] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[  356.907655][ T5148] Bluetooth: hci5: command tx timeout
[  357.185651][T10901] loop6: detected capacity change from 0 to 32768
[  357.344418][T10883] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[  357.363430][T10883] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  357.879315][ T8995] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  357.904126][ T8995] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.938667][ T8995] bond0 (unregistering): Released all slaves
[  358.496325][T10953] loop4: detected capacity change from 0 to 512
[  358.614507][T10953] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  358.627286][T10953] UDF-fs: Scanning with blocksize 512 failed
[  358.685352][T10953] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  358.735350][T10953] UDF-fs: Scanning with blocksize 1024 failed
[  358.801463][T10953] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  358.809830][T10953] UDF-fs: Scanning with blocksize 2048 failed
[  358.866246][T10964] loop6: detected capacity change from 0 to 1024
[  358.895450][T10953] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  358.912412][T10964] EXT4-fs: Ignoring removed i_version option
[  358.938366][T10964] EXT4-fs: Ignoring removed nobh option
[  358.956517][T10953] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  358.960967][T10964] EXT4-fs: Ignoring removed bh option
[  358.991602][ T5148] Bluetooth: hci5: command tx timeout
[  359.088286][T10964] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  359.219356][   T30] audit: type=1804 audit(1750135486.142:128): pid=10974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1320" name="/newroot/89/file0/file1" dev="loop4" ino=36 res=1 errno=0
[  359.343905][T10964] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.1324: Allocating blocks 385-513 which overlap fs metadata
[  359.406077][T10964] EXT4-fs (loop6): pa ffff88804ccf60e8: logic 16, phys. 129, len 24
[  359.414895][T10964] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  359.463421][ T8995] hsr_slave_0: left promiscuous mode
[  359.491336][ T8995] hsr_slave_1: left promiscuous mode
[  359.497363][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  359.508141][T10971] loop1: detected capacity change from 0 to 8192
[  359.519091][T10964] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 28
[  359.541196][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_0
[  359.564768][ T8995] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  359.579473][ T8995] batman_adv: batadv0: Removing interface: batadv_slave_1
[  359.630930][T10964] EXT4-fs (loop6): This should not happen!! Data will be lost
[  359.630930][T10964] 
[  359.651022][T10964] EXT4-fs (loop6): Total free blocks count 0
[  359.667233][ T8995] veth1_macvtap: left promiscuous mode
[  359.683638][ T8995] veth0_macvtap: left promiscuous mode
[  359.689172][T10964] EXT4-fs (loop6): Free/Dirty block details
[  359.715593][ T8995] veth1_vlan: left promiscuous mode
[  359.728536][T10964] EXT4-fs (loop6): free_blocks=128
[  359.758101][ T8995] veth0_vlan: left promiscuous mode
[  359.771019][T10964] EXT4-fs (loop6): dirty_blocks=0
[  359.777111][T10964] EXT4-fs (loop6): Block reservation details
[  359.816911][T10964] EXT4-fs (loop6): i_reserved_data_blocks=0
[  359.838182][T10983] loop4: detected capacity change from 0 to 2048
[  359.949181][T10983] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  360.061092][T10983] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.181914][T10983] EXT4-fs (loop4): shut down requested (2)
[  360.232462][T10983] fs-verity: sha512 using implementation "sha512-avx2"
[  360.254075][T10973] loop8: detected capacity change from 0 to 32768
[  360.284145][T10973] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.1326 (10973)
[  360.384322][ T9027] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.400867][T10973] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  360.439905][T10973] BTRFS info (device loop8): using crc32c (crc32c-x86_64) checksum algorithm
[  360.468295][T10973] BTRFS info (device loop8): disk space caching is enabled
[  360.507559][T10973] BTRFS warning (device loop8): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  360.861795][T10973] BTRFS info (device loop8): rebuilding free space tree
[  360.941720][T10973] BTRFS info (device loop8): disabling free space tree
[  360.948673][T10973] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  361.018051][T10973] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  361.062110][ T5148] Bluetooth: hci5: command tx timeout
[  361.390076][T10985] loop1: detected capacity change from 0 to 32768
[  361.408773][T10985] BTRFS: device /dev/loop1 (7:1) using temp-fsid a4e848e8-b8dd-4c3a-bd5a-7f17d4e068b0
[  361.490989][T10985] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1328 (10985)
[  361.613434][T10131] BTRFS info (device loop8): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  361.624030][T10985] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  361.685023][T10985] BTRFS info (device loop1): using crc32c (crc32c-x86_64) checksum algorithm
[  361.760286][T10985] BTRFS info (device loop1): using free-space-tree
[  362.485017][   T30] audit: type=1800 audit(1750135489.392:129): pid=10985 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1328" name="file1" dev="loop1" ino=260 res=0 errno=0
[  362.869399][ T5833] BTRFS info (device loop1): last unmount of filesystem a4e848e8-b8dd-4c3a-bd5a-7f17d4e068b0
[  363.025655][  T915] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  363.145205][ T5148] Bluetooth: hci5: command tx timeout
[  363.191510][  T915] usb 7-1: Using ep0 maxpacket: 16
[  363.265037][  T915] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  363.340933][  T915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  363.404896][  T915] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  363.441025][  T915] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.476216][  T915] usb 7-1: Product: syz
[  363.507244][  T915] usb 7-1: Manufacturer: syz
[  363.522067][  T915] usb 7-1: SerialNumber: syz
[  363.560736][  T915] usb 7-1: config 0 descriptor??
[  363.593721][  T915] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  363.607675][  T915] em28xx 7-1:0.0: Audio interface 0 found (Vendor Class)
[  363.752942][ T8995] team0 (unregistering): Port device team_slave_1 removed
[  363.905901][ T8995] team0 (unregistering): Port device team_slave_0 removed
[  364.189517][  T915] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  364.196635][  T915] em28xx 7-1:0.0: Config register raw data: 0x2f
[  364.212121][  T915] em28xx 7-1:0.0: I2S Audio (1 sample rate(s))
[  364.218297][  T915] em28xx 7-1:0.0: No AC97 audio processor
[  364.828117][  T915] usb 7-1: USB disconnect, device number 5
[  364.889149][T10569] 8021q: adding VLAN 0 to HW filter on device batadv0
[  365.511582][ T5905] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  365.526901][T11124] loop6: detected capacity change from 0 to 8
[  365.563161][T11115] team0: Port device team_slave_1 removed
[  365.641525][T10871] chnl_net:caif_netlink_parms(): no params data found
[  365.697753][ T5905] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  365.735929][ T5905] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.770666][ T5905] usb 2-1: Product: syz
[  365.785662][ T5905] usb 2-1: Manufacturer: syz
[  365.790280][ T5905] usb 2-1: SerialNumber: syz
[  365.836173][ T5905] usb 2-1: config 0 descriptor??
[  365.947646][T11133] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1351'.
[  366.100385][ T5905] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  366.430292][T10871] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.447872][T10871] bridge0: port 1(bridge_slave_0) entered disabled state
[  366.461162][T10871] bridge_slave_0: entered allmulticast mode
[  366.479551][T10871] bridge_slave_0: entered promiscuous mode
[  366.499351][T10871] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.549138][T10871] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.577187][T10871] bridge_slave_1: entered allmulticast mode
[  366.598371][T10871] bridge_slave_1: entered promiscuous mode
[  366.652621][T11124] tmpfs: Bad value for 'usrquota_inode_hardlimit'
[  366.674065][T11152] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1354'.
[  366.832892][T10871] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  366.879939][T10871] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  367.113654][ T5905] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  367.152464][ T5905] usb 2-1: USB disconnect, device number 17
[  367.198863][T10871] team0: Port device team_slave_0 added
[  367.237336][T10871] team0: Port device team_slave_1 added
[  367.283836][T10569] veth0_vlan: entered promiscuous mode
[  367.297646][T10569] veth1_vlan: entered promiscuous mode
[  367.310588][T11136] loop4: detected capacity change from 0 to 40427
[  367.371228][T11136] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  367.428159][T11136] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  367.505083][T11136] F2FS-fs (loop4): invalid crc value
[  367.535368][T10871] batman_adv: batadv0: Adding interface: batadv_slave_0
[  367.581393][T10871] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.658633][T10871] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.682504][T10871] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.690121][T10871] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.795937][T10871] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.992014][T11136] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  368.012107][T11174] trusted_key: syz.8.1359 sent an empty control message without MSG_MORE.
[  368.031675][T11136] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  368.095872][T10871] hsr_slave_0: entered promiscuous mode
[  368.142052][T10871] hsr_slave_1: entered promiscuous mode
[  368.161665][T10871] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  368.182859][T10871] Cannot create hsr debugfs directory
[  368.425368][T11180] affs: No valid root block on device nullb0
[  369.061586][T10569] veth0_macvtap: entered promiscuous mode
[  369.213681][T10569] veth1_macvtap: entered promiscuous mode
[  369.360677][T10569] batman_adv: batadv0: Interface activated: batadv_slave_0
[  369.474560][T11197] loop1: detected capacity change from 0 to 512
[  369.591010][T11197] EXT4-fs error (device loop1): ext4_iget_extra_inode:5035: inode #15: comm syz.1.1366: corrupted in-inode xattr: invalid ea_ino
[  369.608586][T10569] batman_adv: batadv0: Interface activated: batadv_slave_1
[  369.725463][T11197] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.1366: couldn't read orphan inode 15 (err -117)
[  369.764906][T10569] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  369.779506][T11197] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.824558][T10569] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  369.862715][T10569] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  369.898601][T10569] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.029415][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.230366][T11213] loop8: detected capacity change from 0 to 764
[  370.321731][T11213] Symlink component flag not implemented
[  370.349342][T11213] Symlink component flag not implemented (7)
[  370.850729][ T8998] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.870847][ T8998] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.951203][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.975882][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.983589][   T10] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  371.160681][   T10] usb 9-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  371.192009][   T10] usb 9-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  371.241079][   T10] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  371.284101][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.314114][T10871] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  371.353995][T11224] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  371.400078][T10871] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  371.421529][   T10] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  371.445551][T11210] loop6: detected capacity change from 0 to 32768
[  371.470746][T10871] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  371.621096][   T10] usb 9-1: USB disconnect, device number 6
[  371.658430][T10871] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  372.028691][ T1032] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.116925][T11220] loop4: detected capacity change from 0 to 40427
[  372.160667][T11220] F2FS-fs (loop4): build fault injection type: 0x7
[  372.171195][ T5972] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  372.189402][T11220] F2FS-fs (loop4): invalid crc value
[  372.305309][ T1032] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.331280][ T5972] usb 7-1: Using ep0 maxpacket: 32
[  372.360174][ T5972] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  372.392598][ T5972] usb 7-1: config 0 has no interface number 0
[  372.398727][ T5972] usb 7-1: config 0 interface 12 has no altsetting 0
[  372.450319][ T5972] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  372.483349][ T5972] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.515463][ T5972] usb 7-1: Product: syz
[  372.519672][ T5972] usb 7-1: Manufacturer: syz
[  372.572705][ T5972] usb 7-1: SerialNumber: syz
[  372.603281][ T5972] usb 7-1: config 0 descriptor??
[  372.691066][ T1032] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.696101][T11220] F2FS-fs (loop4): Start checkpoint disabled!
[  372.731872][T11220] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  372.779427][   T30] audit: type=1800 audit(1750135499.702:130): pid=11220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1372" name="file1" dev="loop4" ino=10 res=0 errno=0
[  372.787091][T11220] syz.4.1372: attempt to access beyond end of device
[  372.787091][T11220] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  372.823067][T11220] syz.4.1372: attempt to access beyond end of device
[  372.823067][T11220] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  372.885764][   T30] audit: type=1800 audit(1750135499.812:131): pid=11260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1372" name="file1" dev="loop4" ino=10 res=0 errno=0
[  372.886961][T11220] syz.4.1372: attempt to access beyond end of device
[  372.886961][T11220] loop4: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  372.939834][ T1032] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.942998][T11220] syz.4.1372: attempt to access beyond end of device
[  372.942998][T11220] loop4: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  372.973527][T11260] syz.4.1372: attempt to access beyond end of device
[  372.973527][T11260] loop4: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  373.018409][T11220] syz.4.1372: attempt to access beyond end of device
[  373.018409][T11220] loop4: rw=2049, sector=45128, nr_sectors = 8 limit=40427
[  373.046657][T11220] syz.4.1372: attempt to access beyond end of device
[  373.046657][T11220] loop4: rw=2049, sector=45136, nr_sectors = 8 limit=40427
[  373.074190][T11220] syz.4.1372: attempt to access beyond end of device
[  373.074190][T11220] loop4: rw=2049, sector=45144, nr_sectors = 8 limit=40427
[  373.088176][T10871] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.108584][T11220] syz.4.1372: attempt to access beyond end of device
[  373.108584][T11220] loop4: rw=2049, sector=45152, nr_sectors = 8 limit=40427
[  373.132195][T11220] syz.4.1372: attempt to access beyond end of device
[  373.132195][T11220] loop4: rw=2049, sector=45160, nr_sectors = 8 limit=40427
[  373.146532][T10871] 8021q: adding VLAN 0 to HW filter on device team0
[  373.200770][ T8992] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.207991][ T8992] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.285428][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  373.285462][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  373.285478][   T36] Workqueue: writeback wb_workfn (flush-7:4)
[  373.285610][   T36] Call Trace:
[  373.285620][   T36]  <TASK>
[  373.285631][   T36]  dump_stack_lvl+0x189/0x250
[  373.285680][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.285718][   T36]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  373.285767][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  373.285792][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.285821][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  373.285858][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  373.285897][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.285926][   T36]  ? f2fs_hw_is_readonly+0x39b/0x470
[  373.285963][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  373.286003][   T36]  f2fs_write_end_io+0x495/0x810
[  373.286038][   T36]  ? blkg_put+0x22/0x240
[  373.286093][   T36]  __submit_merged_bio+0x27a/0x6a0
[  373.286140][   T36]  __submit_merged_write_cond+0x255/0x530
[  373.286180][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  373.286260][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  373.286314][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  373.286402][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  373.286436][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.286480][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  373.286509][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  373.286540][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  373.286578][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.286615][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  373.286651][   T36]  do_writepages+0x32e/0x550
[  373.286697][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.286726][   T36]  ? reacquire_held_locks+0x127/0x1d0
[  373.286762][   T36]  ? writeback_sb_inodes+0x372/0x1000
[  373.286815][   T36]  __writeback_single_inode+0x145/0xff0
[  373.286856][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.286885][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  373.286920][   T36]  writeback_sb_inodes+0x6b5/0x1000
[  373.286979][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287024][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  373.287119][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287148][   T36]  ? rcu_is_watching+0x15/0xb0
[  373.287188][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287230][   T36]  wb_writeback+0x43b/0xaf0
[  373.287281][   T36]  ? queue_io+0x311/0x590
[  373.287325][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  373.287377][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.287420][   T36]  wb_workfn+0x409/0xef0
[  373.287471][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  373.287508][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287535][   T36]  ? __lock_acquire+0xab9/0xd20
[  373.287584][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287616][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287648][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.287680][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  373.287717][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  373.287763][   T36]  process_scheduled_works+0xae1/0x17b0
[  373.287837][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  373.287886][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.287924][   T36]  worker_thread+0x8a0/0xda0
[  373.287979][   T36]  kthread+0x711/0x8a0
[  373.288011][   T36]  ? __pfx_worker_thread+0x10/0x10
[  373.288050][   T36]  ? __pfx_kthread+0x10/0x10
[  373.288074][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.288107][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.288140][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.288167][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.288206][   T36]  ? __pfx_kthread+0x10/0x10
[  373.288236][   T36]  ret_from_fork+0x3fc/0x770
[  373.288276][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  373.288319][   T36]  ? __switch_to_asm+0x39/0x70
[  373.288343][   T36]  ? __switch_to_asm+0x33/0x70
[  373.288367][   T36]  ? __pfx_kthread+0x10/0x10
[  373.288396][   T36]  ret_from_fork_asm+0x1a/0x30
[  373.288442][   T36]  </TASK>
[  373.288482][   T36] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  373.610607][T10871] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  373.734697][T10871] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  373.864802][ T8992] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.872024][ T8992] bridge0: port 2(bridge_slave_1) entered forwarding state
[  374.036876][ T1032] bridge_slave_1: left allmulticast mode
[  374.066247][ T1032] bridge_slave_1: left promiscuous mode
[  374.096693][ T5972] f81534 7-1:0.12: f81534_set_register: reg: 1003 data: 20 failed: -71
[  374.105818][ T5972] f81534 7-1:0.12: f81534_find_config_idx: read failed: -71
[  374.109389][ T1032] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.137132][ T5972] f81534 7-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  374.183356][ T5972] f81534 7-1:0.12: probe with driver f81534 failed with error -71
[  374.217733][ T1032] bridge_slave_0: left allmulticast mode
[  374.252588][ T1032] bridge_slave_0: left promiscuous mode
[  374.258804][ T1032] bridge0: port 1(bridge_slave_0) entered disabled state
[  374.261924][ T5972] usb 7-1: USB disconnect, device number 6
[  375.023419][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  375.046590][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  375.071106][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  375.137029][ T5842] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  375.171433][ T5842] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  375.681451][T11299] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22)
[  376.831580][T11297] loop4: detected capacity change from 0 to 32768
[  376.860353][T11297] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1380 (11297)
[  376.885435][T11297] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  376.913012][T11297] BTRFS info (device loop4): using sha256 (sha256-x86_64) checksum algorithm
[  376.928843][T11297] BTRFS info (device loop4): disk space caching is enabled
[  376.945480][T11297] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  377.229507][ T5842] Bluetooth: hci3: command tx timeout
[  377.273950][T11297] BTRFS info (device loop4): rebuilding free space tree
[  377.340035][T11297] BTRFS info (device loop4): disabling free space tree
[  377.400472][T11297] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  377.450952][T11297] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  377.736939][   T30] audit: type=1800 audit(1750135504.662:132): pid=11297 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1380" name="file1" dev="loop4" ino=261 res=0 errno=0
[  377.743639][ T1032] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  377.883693][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  377.890334][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  378.003216][ T1032] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.281605][ T1032] bond0 (unregistering): Released all slaves
[  378.385639][ T9027] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  378.432240][T11367] loop6: detected capacity change from 0 to 24
[  378.439415][T11367] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  378.585544][T11367] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  378.820388][T11372] loop1: detected capacity change from 0 to 512
[  378.840413][T11367] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  379.125394][T11372] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.147898][T10871] 8021q: adding VLAN 0 to HW filter on device batadv0
[  379.178651][T11372] ext4 filesystem being mounted at /374/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  379.308763][ T5148] Bluetooth: hci3: command tx timeout
[  379.627248][T11394] overlayfs: failed to decode file handle (len=5, type=251, flags=0, err=-22)
[  379.704213][ T5833] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.781039][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  379.943323][ T5148] Bluetooth: hci2: command 0x0406 tx timeout
[  380.052264][T11402] Failed to get privilege flags for destination (handle=0x0:0x20000)
[  380.458250][ T1032] hsr_slave_0: left promiscuous mode
[  380.490915][ T1032] hsr_slave_1: left promiscuous mode
[  380.496805][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.517047][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.547448][ T1032] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.581770][ T1032] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.658554][ T1032] veth1_macvtap: left promiscuous mode
[  380.691997][ T1032] veth0_macvtap: left promiscuous mode
[  380.712777][ T1032] veth1_vlan: left promiscuous mode
[  380.718132][ T1032] veth0_vlan: left promiscuous mode
[  381.381002][ T5842] Bluetooth: hci3: command tx timeout
[  381.567562][T11422] loop1: detected capacity change from 0 to 32768
[  381.629305][T11422] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  382.123666][T11422] XFS (loop1): Ending clean mount
[  382.147805][T11422] XFS (loop1): Quotacheck needed: Please wait.
[  382.227622][T11422] XFS (loop1): Quotacheck: Done.
[  382.517025][ T5833] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  382.677606][T11467] input: syz0 as /devices/virtual/input/input29
[  383.098169][ T1032] team0 (unregistering): Port device team_slave_1 removed
[  383.232698][   T30] audit: type=1326 audit(1750135510.152:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba1592ab19 code=0x7ffc0000
[  383.304850][ T1032] team0 (unregistering): Port device team_slave_0 removed
[  383.319853][   T30] audit: type=1326 audit(1750135510.152:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba1592ab19 code=0x7ffc0000
[  383.416528][   T30] audit: type=1326 audit(1750135510.152:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  383.461260][ T5842] Bluetooth: hci3: command tx timeout
[  383.521084][   T30] audit: type=1326 audit(1750135510.152:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  383.592572][   T30] audit: type=1326 audit(1750135510.152:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  383.660935][   T30] audit: type=1326 audit(1750135510.152:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba1592ab19 code=0x7ffc0000
[  383.807542][T11493] 9pnet: p9_errstr2errno: server reported unknown error �@�L��	O�!��L�+
[  383.813299][   T30] audit: type=1326 audit(1750135510.152:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  383.845264][   T30] audit: type=1326 audit(1750135510.152:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  383.885365][   T30] audit: type=1326 audit(1750135510.152:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fba1592ab19 code=0x7ffc0000
[  383.910457][   T30] audit: type=1326 audit(1750135510.152:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11475 comm="syz.1.1420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba1598e929 code=0x7ffc0000
[  384.569967][T11514] loop1: detected capacity change from 0 to 64
[  384.605526][T11514] hfs: Unknown parameter 'codepagz'
[  384.891154][T11524] input: syz0 as /devices/virtual/input/input30
[  385.294896][ T8995] Bluetooth: hci7: Frame reassembly failed (-84)
[  385.614868][T10871] veth0_vlan: entered promiscuous mode
[  385.694899][T10871] veth1_vlan: entered promiscuous mode
[  385.806368][T10871] veth0_macvtap: entered promiscuous mode
[  385.855379][T10871] veth1_macvtap: entered promiscuous mode
[  386.015368][T11286] chnl_net:caif_netlink_parms(): no params data found
[  386.179644][T10871] batman_adv: batadv0: Interface activated: batadv_slave_0
[  386.205942][T10871] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.277357][T10871] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.286578][T10871] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.296222][T10871] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.306092][T10871] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  386.417212][T11286] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.435213][T11286] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.447472][T11286] bridge_slave_0: entered allmulticast mode
[  386.456965][T11286] bridge_slave_0: entered promiscuous mode
[  386.478857][T11286] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.488962][T11286] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.497008][T11286] bridge_slave_1: entered allmulticast mode
[  386.518787][T11286] bridge_slave_1: entered promiscuous mode
[  386.658277][T11286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  386.701421][T11286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  386.843999][T11286] team0: Port device team_slave_0 added
[  386.865129][T11286] team0: Port device team_slave_1 added
[  387.037988][T11286] batman_adv: batadv0: Adding interface: batadv_slave_0
[  387.075876][T11286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.153978][T11286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  387.198351][T11286] batman_adv: batadv0: Adding interface: batadv_slave_1
[  387.216029][T11286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  387.280987][T11286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  387.301315][ T5842] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  387.526582][ T5956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.578760][ T5956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.892824][T11286] hsr_slave_0: entered promiscuous mode
[  387.907331][T11569] loop4: detected capacity change from 0 to 40427
[  387.920121][T11286] hsr_slave_1: entered promiscuous mode
[  387.949758][T11569] F2FS-fs (loop4): build fault injection rate: 771
[  387.997850][T11569] F2FS-fs (loop4): invalid crc value
[  388.071125][ T8988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  388.089201][ T8988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  388.148453][T11577] loop8: detected capacity change from 0 to 32768
[  388.253505][T11577] ocfs2: Slot 0 on device (7,8) was already allocated to this node!
[  388.316688][T11577] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  388.381094][T11569] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  388.454982][T11569] bio_check_eod: 1 callbacks suppressed
[  388.454999][T11569] syz.4.1445: attempt to access beyond end of device
[  388.454999][T11569] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  388.792562][ T9027] syz-executor: attempt to access beyond end of device
[  388.792562][ T9027] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  388.846810][ T9027] CPU: 0 UID: 0 PID: 9027 Comm: syz-executor Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  388.846847][ T9027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  388.846861][ T9027] Call Trace:
[  388.846871][ T9027]  <TASK>
[  388.846882][ T9027]  dump_stack_lvl+0x189/0x250
[  388.846933][ T9027]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.846969][ T9027]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  388.847006][ T9027]  ? __pfx_queue_work_on+0x10/0x10
[  388.847031][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847058][ T9027]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  388.847094][ T9027]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  388.847131][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847159][ T9027]  ? f2fs_hw_is_readonly+0x39b/0x470
[  388.847197][ T9027]  f2fs_handle_critical_error+0x37c/0x540
[  388.847237][ T9027]  f2fs_write_end_io+0x495/0x810
[  388.847269][ T9027]  ? blkg_put+0x22/0x240
[  388.847319][ T9027]  __submit_merged_bio+0x27a/0x6a0
[  388.847358][ T9027]  __submit_merged_write_cond+0x255/0x530
[  388.847399][ T9027]  f2fs_write_data_pages+0x261d/0x3000
[  388.847483][ T9027]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  388.847546][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847626][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847659][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847705][ T9027]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[  388.847760][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847786][ T9027]  ? __lock_acquire+0xab9/0xd20
[  388.847847][ T9027]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  388.847883][ T9027]  do_writepages+0x32e/0x550
[  388.847930][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847964][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.847991][ T9027]  ? do_raw_spin_unlock+0x122/0x240
[  388.848028][ T9027]  filemap_fdatawrite+0x191/0x230
[  388.848054][ T9027]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  388.848139][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.848175][ T9027]  ? do_raw_spin_unlock+0x122/0x240
[  388.848210][ T9027]  f2fs_sync_dirty_inodes+0x31f/0x830
[  388.848269][ T9027]  f2fs_write_checkpoint+0x94a/0x1de0
[  388.848341][ T9027]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  388.848440][ T9027]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  388.848475][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.848502][ T9027]  ? kfree+0x18e/0x440
[  388.848553][ T9027]  ? kill_f2fs_super+0x298/0x6c0
[  388.848597][ T9027]  kill_f2fs_super+0x2c3/0x6c0
[  388.848643][ T9027]  ? __pfx_kill_f2fs_super+0x10/0x10
[  388.848675][ T9027]  ? radix_tree_delete_item+0x2b6/0x400
[  388.848723][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.848750][ T9027]  ? shrinker_free+0x2ce/0x3e0
[  388.848786][ T9027]  deactivate_locked_super+0xbc/0x130
[  388.848825][ T9027]  cleanup_mnt+0x425/0x4c0
[  388.848858][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.848886][ T9027]  ? lockdep_hardirqs_on+0x9c/0x150
[  388.848928][ T9027]  task_work_run+0x1d4/0x260
[  388.848965][ T9027]  ? __pfx_task_work_run+0x10/0x10
[  388.848993][ T9027]  ? __x64_sys_umount+0x122/0x160
[  388.849025][ T9027]  ? exit_to_user_mode_loop+0x40/0x110
[  388.849067][ T9027]  exit_to_user_mode_loop+0xec/0x110
[  388.849104][ T9027]  do_syscall_64+0x2bd/0x3b0
[  388.849125][ T9027]  ? lockdep_hardirqs_on+0x9c/0x150
[  388.849161][ T9027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.849183][ T9027]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.849210][ T9027]  ? exc_page_fault+0x9f/0xf0
[  388.849251][ T9027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.849274][ T9027] RIP: 0033:0x7fe7f358fc57
[  388.849296][ T9027] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  388.849317][ T9027] RSP: 002b:00007ffd69c825e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  388.849343][ T9027] RAX: 0000000000000000 RBX: 00007fe7f3610925 RCX: 00007fe7f358fc57
[  388.849360][ T9027] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd69c826a0
[  388.849376][ T9027] RBP: 00007ffd69c826a0 R08: 0000000000000000 R09: 0000000000000000
[  388.849391][ T9027] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd69c83730
[  388.849408][ T9027] R13: 00007fe7f3610925 R14: 000000000005edf8 R15: 00007ffd69c83770
[  388.849452][ T9027]  </TASK>
[  388.849462][ T9027] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  388.889950][T10131] ocfs2: Unmounting device (7,8) on (node local)
[  388.896662][    T9] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  389.442855][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  389.480407][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  389.529285][    T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  389.576911][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  389.600860][    T9] usb 7-1: SerialNumber: syz
[  389.608603][ T8529] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.673728][    T9] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  389.718024][    T9] usb-storage 7-1:1.0: USB Mass Storage device detected
[  389.766539][    T9] usb-storage 7-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  389.810943][    T9] scsi host1: usb-storage 7-1:1.0
[  389.900230][T11606] ALSA: mixer_oss: invalid OSS volume ''
[  390.045761][ T8529] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.349231][ T8529] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.508181][T11617] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  390.531270][T11617] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  390.597381][ T8529] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.641181][ T5972] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  390.756675][T11617] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  390.776409][T11617] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  390.813308][ T5972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  390.820498][T11617] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  390.842443][ T5972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  390.877046][ T5972] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  390.880633][T11617] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  390.926504][ T5972] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  390.956402][ T5972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.999871][ T5972] usb 5-1: config 0 descriptor??
[  391.073400][ T5913] usb 7-1: USB disconnect, device number 7
[  391.077974][T11286] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  391.303692][T11286] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  391.333105][T11286] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  391.432734][ T5972] plantronics 0003:047F:FFFF.0015: reserved main item tag 0xe
[  391.445227][ T5972] plantronics 0003:047F:FFFF.0015: unknown main item tag 0x0
[  391.454782][ T5972] plantronics 0003:047F:FFFF.0015: No inputs registered, leaving
[  391.499877][ T5972] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  391.512737][T11617] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  391.518661][T11617] Bluetooth: hci6: Error when powering off device on rfkill (-4)
[  391.566571][T11286] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  391.679933][ T8529] bridge_slave_1: left allmulticast mode
[  391.687972][ T8529] bridge_slave_1: left promiscuous mode
[  391.713266][ T8529] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.726628][ T5913] usb 5-1: USB disconnect, device number 3
[  391.759132][T11659] Bluetooth: hci0: invalid len left 7, exp >= 35
[  391.814406][ T8529] bridge_slave_0: left allmulticast mode
[  391.820110][ T8529] bridge_slave_0: left promiscuous mode
[  391.856864][T11651] fido_id[11651]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  391.880221][ T8529] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.140076][T11667] loop1: detected capacity change from 0 to 1024
[  392.370431][ T8988] hfsplus: b-tree write err: -5, ino 3
[  392.379255][ T5833] hfsplus: node 4:3 still has 1 user(s)!
[  392.584667][   T31] INFO: task syz-executor:8024 blocked for more than 143 seconds.
[  392.593636][   T31]       Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0
[  392.602607][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  392.615665][   T31] task:syz-executor    state:D stack:21960 pid:8024  tgid:8024  ppid:1      task_flags:0x400140 flags:0x00004006
[  392.627708][   T31] Call Trace:
[  392.631230][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  392.634197][   T31]  __schedule+0x16f5/0x4d00
[  392.651245][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  392.656956][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  392.701665][   T31]  ? do_raw_spin_lock+0x121/0x290
[  392.706780][   T31]  ? schedule+0x165/0x360
[  392.756122][   T31]  ? __lock_acquire+0xab9/0xd20
[  392.769608][   T31]  ? __pfx___schedule+0x10/0x10
[  392.810918][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  392.816727][   T31]  ? schedule+0x91/0x360
[  392.821574][   T31]  schedule+0x165/0x360
[  392.825829][   T31]  __bch2_fs_stop+0x704/0x900
[  392.830585][   T31]  ? __pfx___bch2_fs_stop+0x10/0x10
[  392.836535][   T31]  ? __pfx_autoremove_wake_function+0x10/0x10
[  392.852749][   T31]  ? __pfx_evict_inodes+0x10/0x10
[  392.858219][   T31]  ? dput+0x37/0x2b0
[  392.865986][   T31]  ? __pfx_bch2_put_super+0x10/0x10
[  392.874813][   T31]  generic_shutdown_super+0x135/0x2c0
[  392.880281][   T31]  bch2_kill_sb+0x41/0x50
[  392.885250][   T31]  deactivate_locked_super+0xbc/0x130
[  392.890709][   T31]  cleanup_mnt+0x425/0x4c0
[  392.897635][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  392.905189][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.910502][   T31]  task_work_run+0x1d4/0x260
[  392.919418][   T31]  ? __pfx_task_work_run+0x10/0x10
[  392.926497][   T31]  ? __x64_sys_umount+0x122/0x160
[  392.935842][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[  392.943446][   T31]  exit_to_user_mode_loop+0xec/0x110
[  392.948853][   T31]  do_syscall_64+0x2bd/0x3b0
[  392.955136][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.960433][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.967124][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  392.973090][   T31]  ? exc_page_fault+0x9f/0xf0
[  392.977866][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.984224][   T31] RIP: 0033:0x7f4aa0d8fc57
[  392.988725][   T31] RSP: 002b:00007ffd62a2f678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  392.997724][   T31] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f4aa0d8fc57
[  393.007117][   T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd62a2f730
[  393.023295][   T31] RBP: 00007ffd62a2f730 R08: 0000000000000000 R09: 0000000000000000
[  393.034841][   T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd62a307c0
[  393.043241][   T31] R13: 00007f4aa0e10925 R14: 000000000003be24 R15: 00007ffd62a30800
[  393.051445][   T31]  </TASK>
[  393.054607][   T31] 
[  393.054607][   T31] Showing all locks held in the system:
[  393.065836][   T31] 3 locks held by kworker/0:0/9:
[  393.072283][   T31]  #0: ffff88801a478d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  393.083646][   T31]  #1: ffffc900000e7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  393.094724][   T31]  #2: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  393.105357][   T31] 3 locks held by kworker/u8:1/13:
[  393.113182][   T31]  #0: ffff88801a481148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  393.124987][   T31]  #1: ffffc90000127bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  393.136269][   T31]  #2: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  393.145868][   T31] 1 lock held by khungtaskd/31:
[  393.150737][   T31]  #0: ffffffff8e13eda0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  393.160670][   T31] 3 locks held by kworker/0:3/975:
[  393.165849][   T31]  #0: ffff88801a478d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  393.176917][   T31]  #1: ffffc90003a9fbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  393.190492][   T31]  #2: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[  393.201914][   T31] 3 locks held by kworker/u8:5/1032:
[  393.207188][   T31]  #0: ffff88803003e148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  393.220180][   T31]  #1: ffffc90003c5fbc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  393.250898][   T31]  #2: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x112/0x14b0
[  393.260519][   T31] 1 lock held by dhcpcd/5493:
[  393.280875][   T31]  #0: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  393.290049][   T31] 2 locks held by getty/5587:
[  393.310885][   T31]  #0: ffff8880351620a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  393.330894][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  393.348082][   T31] 1 lock held by syz-executor/8024:
[  393.356631][   T31]  #0: ffff88807a3500e0 (&type->s_umount_key#105){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[  393.373883][   T31] 5 locks held by kworker/u8:9/8529:
[  393.379180][   T31]  #0: ffff88801b2f6148 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  393.398072][   T31]  #1: ffffc900043dfbc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  393.409031][   T31]  #2: ffffffff8f5036d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x800
[  393.425082][   T31]  #3: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x990
[  393.435334][   T31]  #4: ffffffff8e1448b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  393.453112][   T31] 1 lock held by syz-executor/9361:
[  393.458332][   T31]  #0: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[  393.478530][   T31] 3 locks held by syz-executor/11286:
[  393.485227][   T31]  #0: ffffffff8f576470 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  393.499223][   T31]  #1: ffffffff8f576288 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  393.509981][   T31]  #2: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: wg_set_device+0x15b/0x1fe0
[  393.526410][   T31] 2 locks held by syz.8.1454/11617:
[  393.532687][   T31]  #0: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x191/0x570
[  393.548039][   T31]  #1: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: cfg80211_rfkill_set_block+0x1e/0x50
[  393.559196][   T31] 2 locks held by syz-executor/11642:
[  393.570504][   T31]  #0: ffff888028da9118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_create_device+0x34/0x6e0
[  393.581788][   T31]  #1: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  393.600321][   T31] 2 locks held by syz.6.1459/11661:
[  393.606758][   T31]  #0: ffff88804ab8a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  393.623235][   T31]  #1: ffffffff8f7eb128 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x37/0x8e0
[  393.637193][   T31] 2 locks held by syz.4.1462/11669:
[  393.644118][   T31]  #0: ffffffff8f576470 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  393.656622][   T31]  #1: ffffffff8f576288 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x10d/0x790
[  393.667372][   T31] 1 lock held by syz.1.1463/11675:
[  393.677673][   T31]  #0: ffffffff8f5102c8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8db/0x1c70
[  393.688306][   T31] 
[  393.704767][   T31] =============================================
[  393.704767][   T31] 
[  393.717092][   T31] NMI backtrace for cpu 0
[  393.717111][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  393.717139][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  393.717153][   T31] Call Trace:
[  393.717162][   T31]  <TASK>
[  393.717172][   T31]  dump_stack_lvl+0x189/0x250
[  393.717213][   T31]  ? __wake_up_klogd+0xd9/0x110
[  393.717242][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.717272][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.717311][   T31]  ? __pfx__printk+0x10/0x10
[  393.717352][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[  393.717388][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  393.717416][   T31]  ? _printk+0xcf/0x120
[  393.717446][   T31]  ? __pfx__printk+0x10/0x10
[  393.717475][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  393.717511][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  393.717553][   T31]  watchdog+0xfee/0x1030
[  393.717588][   T31]  ? watchdog+0x1de/0x1030
[  393.717630][   T31]  kthread+0x711/0x8a0
[  393.717661][   T31]  ? __pfx_watchdog+0x10/0x10
[  393.717692][   T31]  ? __pfx_kthread+0x10/0x10
[  393.717716][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.717747][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  393.717779][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.717806][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  393.717840][   T31]  ? __pfx_kthread+0x10/0x10
[  393.717868][   T31]  ret_from_fork+0x3fc/0x770
[  393.717906][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  393.717948][   T31]  ? __switch_to_asm+0x39/0x70
[  393.717971][   T31]  ? __switch_to_asm+0x33/0x70
[  393.717995][   T31]  ? __pfx_kthread+0x10/0x10
[  393.718024][   T31]  ret_from_fork_asm+0x1a/0x30
[  393.718067][   T31]  </TASK>
[  393.718076][   T31] Sending NMI from CPU 0 to CPUs 1:
[  393.895258][    C1] NMI backtrace for cpu 1
[  393.895277][    C1] CPU: 1 UID: 0 PID: 11660 Comm: syz.6.1459 Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  393.895303][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  393.895316][    C1] RIP: 0010:lock_acquire+0x13d/0x360
[  393.895352][    C1] Code: 00 6a 00 55 ff 74 24 30 e8 e0 02 00 00 48 83 c4 28 48 c7 c7 c7 ec b6 8d e8 20 30 c8 09 b8 ff ff ff ff 65 0f c1 05 93 fd fe 10 <83> f8 01 0f 85 c9 00 00 00 48 c7 44 24 30 00 00 00 00 9c 8f 44 24
[  393.895370][    C1] RSP: 0018:ffffc900041ff880 EFLAGS: 00000057
[  393.895389][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: e2693bc374b17f00
[  393.895404][    C1] RDX: 0000000000000000 RSI: ffffffff8db6ecc7 RDI: ffffffff8be28b80
[  393.895419][    C1] RBP: ffffffff8b671d42 R08: 0000000000000000 R09: ffffffff8b671d42
[  393.895434][    C1] R10: dffffc0000000000 R11: ffffed1005f1b001 R12: 0000000000000000
[  393.895449][    C1] R13: ffffe8ffffd54608 R14: 0000000000000001 R15: 0000000000000046
[  393.895466][    C1] FS:  000055558fd5f500(0000) GS:ffff888125d51000(0000) knlGS:0000000000000000
[  393.895485][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  393.895499][    C1] CR2: 0000555572d065c8 CR3: 000000004f4bb000 CR4: 0000000000350ef0
[  393.895516][    C1] Call Trace:
[  393.895524][    C1]  <TASK>
[  393.895544][    C1]  psi_account_irqtime+0x310/0x7a0
[  393.895565][    C1]  ? __schedule+0x852/0x4d00
[  393.895599][    C1]  ? __schedule+0x852/0x4d00
[  393.895630][    C1]  __schedule+0x852/0x4d00
[  393.895669][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  393.895696][    C1]  ? schedule+0x165/0x360
[  393.895726][    C1]  ? __lock_acquire+0xab9/0xd20
[  393.895756][    C1]  ? __pfx___schedule+0x10/0x10
[  393.895801][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.895828][    C1]  ? schedule+0x91/0x360
[  393.895861][    C1]  schedule+0x165/0x360
[  393.895892][    C1]  do_nanosleep+0x1c7/0x600
[  393.895922][    C1]  ? do_nanosleep+0x7f/0x600
[  393.895949][    C1]  ? __pfx_do_nanosleep+0x10/0x10
[  393.895975][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.896001][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.896026][    C1]  ? __hrtimer_setup+0x187/0x210
[  393.896058][    C1]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  393.896080][    C1]  hrtimer_nanosleep+0x169/0x360
[  393.896116][    C1]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  393.896152][    C1]  ? __pfx_hrtimer_wakeup+0x10/0x10
[  393.896173][    C1]  ? __pfx_get_timespec64+0x10/0x10
[  393.896201][    C1]  ? blkcg_maybe_throttle_current+0x1ab/0xb40
[  393.896237][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.896265][    C1]  __se_sys_clock_nanosleep+0x2f1/0x380
[  393.896301][    C1]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  393.896330][    C1]  ? rcu_is_watching+0x15/0xb0
[  393.896368][    C1]  ? do_syscall_64+0xbe/0x3b0
[  393.896386][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.896414][    C1]  do_syscall_64+0xfa/0x3b0
[  393.896435][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.896455][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  393.896482][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  393.896503][    C1] RIP: 0033:0x7efe377c11e5
[  393.896520][    C1] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[  393.896538][    C1] RSP: 002b:00007ffd8ec701a0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  393.896559][    C1] RAX: ffffffffffffffda RBX: 00007efe379b5fa0 RCX: 00007efe377c11e5
[  393.896574][    C1] RDX: 00007ffd8ec701e0 RSI: 0000000000000000 RDI: 0000000000000000
[  393.896588][    C1] RBP: 00007efe379b7ba0 R08: 0000000000000000 R09: 7fffffffffffffff
[  393.896602][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 000000000006069e
[  393.896615][    C1] R13: 00007efe379b6080 R14: ffffffffffffffff R15: 00007ffd8ec70320
[  393.896644][    C1]  </TASK>
[  393.920898][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  393.920922][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc2-syzkaller-00024-g9afe652958c3 #0 PREEMPT(full) 
[  393.920951][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  393.920966][   T31] Call Trace:
[  393.920977][   T31]  <TASK>
[  393.920988][   T31]  dump_stack_lvl+0x99/0x250
[  393.921033][   T31]  ? __asan_memcpy+0x40/0x70
[  393.921069][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.921108][   T31]  ? __pfx__printk+0x10/0x10
[  393.921144][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921178][   T31]  panic+0x2db/0x790
[  393.921215][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921253][   T31]  ? __pfx_panic+0x10/0x10
[  393.921287][   T31]  ? __pfx_delay_tsc+0x10/0x10
[  393.921317][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921345][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[  393.921388][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921417][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  393.921450][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[  393.921486][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921519][   T31]  watchdog+0x102d/0x1030
[  393.921557][   T31]  ? watchdog+0x1de/0x1030
[  393.921600][   T31]  kthread+0x711/0x8a0
[  393.921633][   T31]  ? __pfx_watchdog+0x10/0x10
[  393.921665][   T31]  ? __pfx_kthread+0x10/0x10
[  393.921691][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921723][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  393.921757][   T31]  ? srso_alias_return_thunk+0x5/0xfbef5
[  393.921790][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[  393.921824][   T31]  ? __pfx_kthread+0x10/0x10
[  393.921854][   T31]  ret_from_fork+0x3fc/0x770
[  393.921893][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  393.921935][   T31]  ? __switch_to_asm+0x39/0x70
[  393.921960][   T31]  ? __switch_to_asm+0x33/0x70
[  393.921984][   T31]  ? __pfx_kthread+0x10/0x10
[  393.922013][   T31]  ret_from_fork_asm+0x1a/0x30
[  393.922058][   T31]  </TASK>
[  394.463777][   T31] Kernel Offset: disabled
[  394.468096][   T31] Rebooting in 86400 seconds..