last executing test programs:

3m38.153205539s ago: executing program 0 (id=540):
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = socket(0x2, 0x3, 0xff)
setsockopt$inet_int(r1, 0x0, 0x3, 0x0, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_int(r1, 0x0, 0xb, &(0x7f00000000c0)=0x400, 0x4)
sendfile(r1, r0, 0x0, 0xffba83)

3m37.930620236s ago: executing program 0 (id=543):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x6, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0xc}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='devices.list\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000200)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000080), &(0x7f00000000c0)=0x40)

3m37.723984626s ago: executing program 0 (id=546):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x91ea6c1af182532)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x2, r1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r2, 0x2000009)

3m37.375962589s ago: executing program 0 (id=551):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2a08086, &(0x7f00000007c0)={[{@quota}]}, 0xfc, 0x49f, &(0x7f0000000ec0)="$eJzs3MtrHVUYAPDvTt59xkfVPtT4wuKjadOHXbhQUXChIOiiuotpUmJTK00EW4qpInUpBffiUvAvcKUbUVeCW125kUKRgLRawZGZO5NXb25zb29y297fD244Z+Zk5nxz5tx75szcG0DHGsr+VCI2RcSvWTrJs/PSolBW7src2bG/586OVSJNX/+zkq+7PHd2rCxb/t+mIrM7iUg+qcTOGvudPn3m+OjU1PipIj88c+K94enTZ56ePDF6bPzY+Lsjhw8f2L/vmUMjB1sS5+asrjs+PLlr+8tvXnh17MiFt3/8urus67I4WmUohpYcy8Uea/XO2mzzonSlu40VoSFdEZE1V0/e/7dGVyw03tZ46eO2Vg5YU2mapltWXn0uBW5jlWh3DYD2KD/oL88NRP8aXQffzC49X70AyuK+Uryqa7ojKcr0LLu+baX+Yt7kyLl/voj8+Pd11PEHANbft9n456nq+Kd8VdcMxj2Lyj2XzwdnSyPuiIg7I+KuiLg7IrZF5GXvjYj7Gtz/0LL8tePP5GJTga1SNv57tri3tXT8V4z+/ksHu4rc5hiIweipTExOje+NiC0RsTt6+iYmpwbq7eO7F3/5bMmCucvzA++hYuxXvrL9l2PBoh4Xu/uWbu/o6MxoK2LPXPoonwOcvTb+hTtXWWp7ROxoYvvZuHnyia92rbT++vHX0YL7TOmXEY9X2/9c1Il/+f3JssEPjRwc7o+p8b3DEz35hUINP/18/rWV9n9D8bdA1v4bap7/8/EPVhbfr51e6Bqrdf63T1e8pmng/H+rXJKd/72VN/J0b7Hsg9GZmVP7Inorr1y7fGRha2W+LH9p07aIR2r3/+w9LjvHsvh3RkR2Et8fEQ9ExINF3R+KiIcj30Qts1ci4ocXHn2nmfgbPMxNydr/6JL2j+u0f+OJruPff9NM/FVZ+x/IU7uLJat5/1ttBW/k2AEAAMCtIsmfga8ke+bTSbJnT8TGfG53QzJ1cnrmyYmT7189Wn1WfjB6knL+szofXJ0P3VfMDZf5kWX5/cW88eddA3l+Q3HvG2ifjYv7fz7hWO3/mT+62lw5YO35vhZ0rib6f90HHoBbh89/6FwN9H9vFXCbme/UffXLpetQF2B91fpQn21DPYD1Z1APnUv/h86l/0Pn0v+hI93I9/qbSVRW/c382yAxW/vw/r7yf/VHvQ323iRx5YlI8kQ628Zq/Fs8hraqwleLn7xcg/qUv5ZRLPlr5cLlT8TcDC1YP9G+9yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBW+j8AAP//HRbixA==")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x1)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f00000000c0)='./bus\x00', 0x0, 0x1c10, 0x0)
r0 = open(&(0x7f0000000400)='./bus\x00', 0xc40, 0x0)
ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000080)=0x3f)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

3m36.857626469s ago: executing program 0 (id=557):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000240)={0x6, 0x101, 0x206, 0x2, 0x754d, 0x6, 0x9, 0x120000}, 0x20)
bind$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x11, 0x0, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000200)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x4}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x20, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x8, 0x2, 0x100, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x6, 0x1000}]}}}}}}}}, 0x0)

3m36.207939883s ago: executing program 0 (id=565):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f00000000c0)="b2", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x80398, @empty, 0xfffffffe}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000300)={&(0x7f00002cc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000006c0)=""/224, 0xe0, 0x1, &(0x7f00000003c0)=""/116, 0x74}, &(0x7f0000000380)=0x40)

3m35.696504945s ago: executing program 32 (id=565):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f00000000c0)="b2", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x80398, @empty, 0xfffffffe}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000300)={&(0x7f00002cc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f00000006c0)=""/224, 0xe0, 0x1, &(0x7f00000003c0)=""/116, 0x74}, &(0x7f0000000380)=0x40)

2m31.964806934s ago: executing program 4 (id=1026):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
wait4(r0, 0x0, 0x8, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000100)=""/35, 0x23}], 0x1)
ptrace$setregs(0xd, r0, 0x2, &(0x7f0000000180))
ptrace$getregset(0x4204, r0, 0x1, &(0x7f00000005c0)={0x0, 0xffffffffffffff18})

2m31.498433384s ago: executing program 4 (id=1030):
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f00000001c0)="90897667cf137b057a2d399e1a6a56cda6e968033fef6c258f47125b303915a782acf971740c769cfe1004611108d7e1aa4fa1f2418591c1447ca414c41ce520a89dfcd30c22b68d27fb76bd1e7999c8ed673e61407dbf9dc323797f171e077a34d5fd0790cb94686eed4b21e477dbb6ad848240c86333e12e89", 0x7a)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x800)
splice(r0, 0x0, r3, 0x0, 0x8001, 0x2)

2m31.313454528s ago: executing program 4 (id=1033):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @rand_addr=0x64010100}]}, &(0x7f00000002c0)=0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000"], 0x0, 0x4}, 0x94)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000000300)=0x8)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r1, 0x4, 0x6}, 0xc)

2m30.305658113s ago: executing program 4 (id=1043):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3214212, &(0x7f00000001c0)=ANY=[], 0x1, 0xf1e, &(0x7f0000006600)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcRXnvfXuiye7nqxnd72/n/T32zdvPP//eCNnZjz7JgBjq7H+9fDhpSKED754/4nXni1+d2XZva019q1/LWKvGUKYausX2fa+igsunX/12GZtEQ6uf0398OS51vfOhRDOhH3hy9AMn66sXvjkw8f3f/bW7O3vnn7+9W3a/ZZ8PwAAYCc6+5fVfzz4rz8/vHjx7N6jYaa1PB2fN2N/Lh73H4gHyul4uRE6+0VbtJvO1puI0cjWm8jWm8zyTJbkm8q2M1Wy3nSXfBNtyzbbTwAAABhF6by2GYrGcke/0Vhevnref8VXC9PF8osnV0+cGlChAAAAQGX/fWP9plshhBBCCCGEEH2M1j3KQ1CLEFdibWGw1x8AAACA8ZPPF3aNM/2dqau1tWZv+c891tj8+6EP6v73L/9o5f/4Tb9xAACobqceTab9SsfRaR6DfB7Biez7tnr838i2M7nFOsvmFRyV+QbL6sx/rsOqrP6tvo+DUlZ/Ph/msCqrP5+nc1iV1T9Tcx1VldU/W3MdVZXVv6vmOqoqq393zXVUVVb/XM11VFVW/3zNdVRVVv9NNddRVVn9e2quo6qy+kflttqy+ps111FVWf2LNddRVVn9N9dcR1Vl9d9Scx1VldV/a811DMo9sU0/h73ZePv5c35ONyrneAAAADDu/mf+PyGEGNto3esyBLUIIW40bhuCGoQQQgxzvDHYyw8AAADAEEifC0ifel+L0vhEl/HJLuNTXcanu4zPdBkHAAAAQvj92yfufK/Y+Jz/jc6Htz5vVGNj/qWtzmOUz0e41fw3Ou9Z2trV+i9sOf+ozFsGAADAeCm+/+Xlh5746OXFi2f3Hm07+74cz3fTPKCT8drA57Gf7guYz/pFOoc+2pmnUbJefn3gprLtPXWDOwoAAABjLJ2/N0OxfsrdaPUbjeXljfPxpTBVnDi5evxA7Kfns/xpYWpUHrUEAAAAY2vjfL9oLG9y/p+e47sUpovlF0+unjh1tT/fWj7VaL8usLCxfP16waOt7XUuP1iy/FDsp+d3/nBh1/ry5WM/Wn223zsPAAAAY+LUK6eff2Z19fiPN32RPs1+vXW28iJ9vmAr3xVCEfqT3QsvvOj1xQB/KQEAANvi66/fn/rJofk/XP38/8b8d+nz//tivxnn9vtrXCHdJ5A+B3DN5/Wf7syzULbeS53rNbP1JmLMZHXPtm0nhI35BtP3LZbla3ZuZ7ok31yWbz7Ll89TMJmtn/LtyZbn8xOm9Ray5fk8jJNZjiLLf18AAACAcisvv/DSyqlXTj9y8oVnnjv+3PEXDx088r0jRw48+t1HV9bv619pv7sfAAAAGEUbN/0OuhIAAAAAAAAAAAAAAAAAAAAYX3U8TmzQ+wgAAADj7j9vhBDOCCFK4uojMPu/3Y0nUQ5+H8XOjV1DUIMQQoh+x8XrjE0MQX1CiKGNtbX8SfMAAAAA2+vS+VePtbfXOFP0NV9ra/GvsZdj3tTOP/L3xSuRVjv3WOf1kt19rYZxV/e/f/lHK//Hb/Y3/2x60fPvv0bnBo5Wy/vAyq+W2vPfNdlj/nz/n6qWf3+W/4HQW/61j7L8T1fL/2CWf3eP+a/Z/5eq5X8o5l+K/f3395q/8/2fiW3aj13XS9r2X+d3sv1/NvSaP9v/Zo87nHk45geAcdQYdAHbJB0lpOPoudhP+xsPN0N+98NWj/8b2XYmb7jyzu2m46A7Yj8dL81neZOt1j+Xbe+minXmRuWukrL6+/U+brey+qdqrqOqsvqna66jqrL6Z2quo6qy+mdrrqOqsvqvex46RMrqH5XrymX1z9VcR1Vl9c/XXEdVZfVv9f/xQSmrf0/NdVRVVv9CzXVUVVZ/xctqtSurf7HmOqoqq//mmuuoqqz+W2quo6qy+m+tuY5BuTu2ZefD6fxzIY6lfjPrz2zys9yp1xYAAABg1Pzb/H9iVOLw/OBrEEKIvsWuIahBjHfEv/4MvA4hdkasrV1eu2LQdQhxvVhbG/QVCAZpez/NDMCw8vt/vHn/x5v3f7x5/7medA9/kfWTiS7jk13Gp7qMT2fj+b/XmS7jt2TbXYvS+K1dxm/rMr6ny/gdXcaXuozf2WX8ri7jd3cZBwAAYDzcHlvnhwAAALBzvfbrz9/57QNPn1+8eHbv0TB9zbzzB2J/Jv5t/e3Yz+e9T6bi3/x/Gvu/jO0fY/vPbH33nwAAAMD2S8+J8fd/AAAA2LnSc0qd/wMAAMDOtRhb5/8AAACwc90cW+f/AAAAsIMVs5svjm26LnBfbHud1w8AGH7fiO09sd0b23tj+83YpuOA+2P7rZrqAwD65xc/+NmR94qN+f4PZeOX4vLUXuPM1SsFRaNzJv9dsd0d22/3WE/+PIBe8yd7esyzXfkXbjA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBzNNa/Hj68VITwwRfvP/Hz6Xf+dmXZva019q1/LWKvGUKYan1fGt3o/yaueOn8q8fa28uxLcLBUISitTw8ea6VaS6EcCbsC1+GZvh0ZfXCJx8+vv+zt2Zvf/f0869v44+gY/8AAABgJ/p/AAAA//9D9Bis")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
creat(&(0x7f0000000040)='./file1\x00', 0xd)

2m29.386509226s ago: executing program 4 (id=1045):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x2, 0x841, 0x4, 0x100, 0x2001, 0xb})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2m28.247981846s ago: executing program 4 (id=1052):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x8957)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg(r1, &(0x7f000000ec00)=[{{0x0, 0x0, 0x0}}], 0x40000000000028a, 0x0)

2m27.643099719s ago: executing program 33 (id=1052):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x8957)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg(r1, &(0x7f000000ec00)=[{{0x0, 0x0, 0x0}}], 0x40000000000028a, 0x0)

2m27.223608949s ago: executing program 2 (id=1061):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'sit0\x00', 0x4}, 0x18)

2m25.67945198s ago: executing program 2 (id=1062):
r0 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev={0xfe, 0x80, '\x00', 0x33}, 0x8000000}}, 0x80, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001000000000000000000000010"], 0x28}, 0x4044454)
r1 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev, 0x8000000}}, 0x80, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000100100000100000000000000000000001000000000000000100100000b"], 0x28}, 0xfc40)
r2 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=[{0x18, 0x110, 0x1, "dc"}], 0x18}, 0xfc00)

2m25.614205657s ago: executing program 2 (id=1063):
r0 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x32, &(0x7f0000000040)=ANY=[@ANYBLOB="e90c610fac6f39d87f0000020800450000240000e0000011"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000380)=ANY=[@ANYBLOB="000000001000bbbbbbbbbbbb08004500003c000000020011"], 0x0)

2m25.453966996s ago: executing program 2 (id=1065):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="2c235aa9c5", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a", 0x27}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a1047", 0x49}], 0x2}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x2000)

2m25.298196216s ago: executing program 2 (id=1066):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x3214212, &(0x7f00000001c0)=ANY=[], 0x1, 0xf1e, &(0x7f0000006600)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcRXnvfXuiye7nqxnd72/n/T32zdvPP//eCNnZjz7JgBjq7H+9fDhpSKED754/4nXni1+d2XZva019q1/LWKvGUKYausX2fa+igsunX/12GZtEQ6uf0398OS51vfOhRDOhH3hy9AMn66sXvjkw8f3f/bW7O3vnn7+9W3a/ZZ8PwAAYCc6+5fVfzz4rz8/vHjx7N6jYaa1PB2fN2N/Lh73H4gHyul4uRE6+0VbtJvO1puI0cjWm8jWm8zyTJbkm8q2M1Wy3nSXfBNtyzbbTwAAABhF6by2GYrGcke/0Vhevnref8VXC9PF8osnV0+cGlChAAAAQGX/fWP9plshhBBCCCGEEH2M1j3KQ1CLEFdibWGw1x8AAACA8ZPPF3aNM/2dqau1tWZv+c891tj8+6EP6v73L/9o5f/4Tb9xAACobqceTab9SsfRaR6DfB7Biez7tnr838i2M7nFOsvmFRyV+QbL6sx/rsOqrP6tvo+DUlZ/Ph/msCqrP5+nc1iV1T9Tcx1VldU/W3MdVZXVv6vmOqoqq393zXVUVVb/XM11VFVW/3zNdVRVVv9NNddRVVn9e2quo6qy+kflttqy+ps111FVWf2LNddRVVn9N9dcR1Vl9d9Scx1VldV/a811DMo9sU0/h73ZePv5c35ONyrneAAAADDu/mf+PyGEGNto3esyBLUIIW40bhuCGoQQQgxzvDHYyw8AAADAEEifC0ifel+L0vhEl/HJLuNTXcanu4zPdBkHAAAAQvj92yfufK/Y+Jz/jc6Htz5vVGNj/qWtzmOUz0e41fw3Ou9Z2trV+i9sOf+ozFsGAADAeCm+/+Xlh5746OXFi2f3Hm07+74cz3fTPKCT8drA57Gf7guYz/pFOoc+2pmnUbJefn3gprLtPXWDOwoAAABjLJ2/N0OxfsrdaPUbjeXljfPxpTBVnDi5evxA7Kfns/xpYWpUHrUEAAAAY2vjfL9oLG9y/p+e47sUpovlF0+unjh1tT/fWj7VaL8usLCxfP16waOt7XUuP1iy/FDsp+d3/nBh1/ry5WM/Wn223zsPAAAAY+LUK6eff2Z19fiPN32RPs1+vXW28iJ9vmAr3xVCEfqT3QsvvOj1xQB/KQEAANvi66/fn/rJofk/XP38/8b8d+nz//tivxnn9vtrXCHdJ5A+B3DN5/Wf7syzULbeS53rNbP1JmLMZHXPtm0nhI35BtP3LZbla3ZuZ7ok31yWbz7Ll89TMJmtn/LtyZbn8xOm9Ray5fk8jJNZjiLLf18AAACAcisvv/DSyqlXTj9y8oVnnjv+3PEXDx088r0jRw48+t1HV9bv619pv7sfAAAAGEUbN/0OuhIAAAAAAAAAAAAAAAAAAAAYX3U8TmzQ+wgAAADj7j9vhBDOCCFK4uojMPu/3Y0nUQ5+H8XOjV1DUIMQQoh+x8XrjE0MQX1CiKGNtbX8SfMAAAAA2+vS+VePtbfXOFP0NV9ra/GvsZdj3tTOP/L3xSuRVjv3WOf1kt19rYZxV/e/f/lHK//Hb/Y3/2x60fPvv0bnBo5Wy/vAyq+W2vPfNdlj/nz/n6qWf3+W/4HQW/61j7L8T1fL/2CWf3eP+a/Z/5eq5X8o5l+K/f3395q/8/2fiW3aj13XS9r2X+d3sv1/NvSaP9v/Zo87nHk45geAcdQYdAHbJB0lpOPoudhP+xsPN0N+98NWj/8b2XYmb7jyzu2m46A7Yj8dL81neZOt1j+Xbe+minXmRuWukrL6+/U+brey+qdqrqOqsvqna66jqrL6Z2quo6qy+mdrrqOqsvqvex46RMrqH5XrymX1z9VcR1Vl9c/XXEdVZfVv9f/xQSmrf0/NdVRVVv9CzXVUVVZ/xctqtSurf7HmOqoqq//mmuuoqqz+W2quo6qy+m+tuY5BuTu2ZefD6fxzIY6lfjPrz2zys9yp1xYAAABg1Pzb/H9iVOLw/OBrEEKIvsWuIahBjHfEv/4MvA4hdkasrV1eu2LQdQhxvVhbG/QVCAZpez/NDMCw8vt/vHn/x5v3f7x5/7medA9/kfWTiS7jk13Gp7qMT2fj+b/XmS7jt2TbXYvS+K1dxm/rMr6ny/gdXcaXuozf2WX8ri7jd3cZBwAAYDzcHlvnhwAAALBzvfbrz9/57QNPn1+8eHbv0TB9zbzzB2J/Jv5t/e3Yz+e9T6bi3/x/Gvu/jO0fY/vPbH33nwAAAMD2S8+J8fd/AAAA2LnSc0qd/wMAAMDOtRhb5/8AAACwc90cW+f/AAAAsIMVs5svjm26LnBfbHud1w8AGH7fiO09sd0b23tj+83YpuOA+2P7rZrqAwD65xc/+NmR94qN+f4PZeOX4vLUXuPM1SsFRaNzJv9dsd0d22/3WE/+PIBe8yd7esyzXfkXbjA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALBzNNa/Hj68VITwwRfvP/Hz6Xf+dmXZva019q1/LWKvGUKYan1fGt3o/yaueOn8q8fa28uxLcLBUISitTw8ea6VaS6EcCbsC1+GZvh0ZfXCJx8+vv+zt2Zvf/f0869v44+gY/8AAABgJ/p/AAAA//9D9Bis")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
creat(&(0x7f0000000040)='./file1\x00', 0xd)

2m24.419834497s ago: executing program 2 (id=1070):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

2m8.672098624s ago: executing program 34 (id=1070):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x20400, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

6.512678468s ago: executing program 6 (id=1872):
rt_sigprocmask(0x0, &(0x7f0000001480)={[0xffffffffffffffff]}, 0x0, 0x8)
r0 = getpgrp(0x0)
r1 = gettid()
rt_tgsigqueueinfo(r0, r1, 0x12, &(0x7f0000000140)={0x83b, 0x8000006, 0x3})
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x80000)
read$FUSE(r2, &(0x7f0000002bc0)={0x2020}, 0x2020)

6.271084262s ago: executing program 6 (id=1873):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
fsetxattr$security_capability(r0, 0x0, 0x0, 0x0, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x59, 0xe0, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000000640)=@vmx={0x103, 0x0, 0x2080, {0xeeee0000, 0x54000, {}, 0x1, 0xd}, {"d07ee511000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000057ae00", "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007a7f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000"}})

5.779856917s ago: executing program 6 (id=1877):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0xcc0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
setrlimit(0x1, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff})
truncate(&(0x7f0000000200)='./file1\x00', 0x20fffffffc)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0x0)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000000c0)={{r0}, 0x0, 0x0, 0x100000})

5.17100249s ago: executing program 3 (id=1881):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f0000000540), &(0x7f0000000000)='./bus\x00', 0x322020, &(0x7f0000000580)=ANY=[], 0x3, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

4.881389683s ago: executing program 3 (id=1883):
unshare(0x6020400)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000001c0)="9c", 0x1}], 0x1}}], 0x1, 0xc800)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0)

4.290445939s ago: executing program 5 (id=1888):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000001007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000085000000a000000095"], &(0x7f0000001000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4800)

3.988800911s ago: executing program 6 (id=1890):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x841e, &(0x7f00000001c0)={[{@nojournal_checksum}, {@jqfmt_vfsold}, {@lazytime}, {@usrquota}, {@usrquota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000780)='./bus\x00', 0x4c07e, 0x0)
io_setup(0x80, &(0x7f0000000480)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r0}])

3.941038452s ago: executing program 5 (id=1891):
r0 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1, 0x8000000000000003, {}, 0xfd}, 0x18)
r2 = io_uring_setup(0x1f1c, &(0x7f00000005c0)={0x0, 0x17d7, 0xa, 0x3, 0x283})
recvmsg$unix(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

3.872250289s ago: executing program 3 (id=1892):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty, 0x100}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
shutdown(r0, 0x2)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000880)={@in6={{0xa, 0x4e20, 0x2, @loopback, 0x7}}, 0x0, 0x0, 0x22, 0x0, "bb353738cb473fc7c94c0b42a21d7214bf92594925208a0e2f964e654dc534a63207008cfcf19b49f3ee818a118a7c49462189316d556d2ccd00"}, 0xd8)
sendto$inet6(r0, &(0x7f00000000c0)="e9", 0x1, 0x20008045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)

3.800840305s ago: executing program 1 (id=1893):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@window={0x3, 0x5, 0x4}, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x4}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @mss={0x2, 0x6}, @mss, @sack_perm], 0x8)
r1 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb9423523599751d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)

3.715434528s ago: executing program 3 (id=1894):
r0 = io_uring_setup(0x194f, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x351})
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x2a648000)
close_range(r0, 0xffffffffffffffff, 0x0)

3.579894842s ago: executing program 1 (id=1895):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926", 0x20}], 0x1}], 0x1, 0x40800)
recvmsg$can_bcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000480)=""/41, 0x29}], 0x1}, 0x50)

3.521103651s ago: executing program 3 (id=1896):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000200)='./bus\x00', 0x2010800, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f646973636172640000008000000000ff5f78617474722c646973636172642c7768696e745f6d6f64653d757365722d6201010000000000006e6f696e6c696e48c8b8bd9db833403801c199ffba3691ebc17570972cb0aab560ecd4a62772a15b05a04f8812838b18c2fd700d6d154a85515cf6a313e8043c58707a92904e0d69fdd8fd380734190ccaff409ba8953c23b0c6f1c09d49447f1e1d0cedb97bb4daf266dcc2cec17b92cbbe1303abfc278ad789ffe0f34862de20f721a4b968385446d1964503b1815a337e284216bd6809000000000004000000d593d55b7516ceab7cd61a02b7aa1f09af6411cc77b8aeb6cb60fe02009fbd67bd8d700393ec17bc2e355467864b7e313f5f5ebead17e18e7fa077c6bf2fe6d11ac484b13898ad0c52ac011935f191a29c59989b29fbff40203633f6a872871902aac35c6283ac06e5e7ce247c941ac2b7fe4491e338e0b38c882074a6d0b7bd3fb2c80f2c39a2d41f44c8e0"], 0xfe, 0x54f8, &(0x7f0000005980)="$eJzs3LtvW1UcB/DjpGn6okSIga1XqpASqbbiPCrYArTiIVJFPAYmcGzHcmv7RrHjhEwMjIiB/wSBxMTI38DAzIYYQGxIIN9zQpvyWOLECfl8pOvvvcfXv3uOVVX6XUc3ABfWXPbbL6VwM1wNIUyHEG6EUOyX0lZYi/FCCOFWCGHqia2Uxv8auBxCuBZCuJkKJqO3vrgzvL3681u/fvv97KXrX37zwwSWC5wRL4YQuttxf68bM2/FfJjGa8N2kd2VYcr4RvdROs5j7jU3iwp7tcPzakUut+L5+fZuf5RbnVp9lK32VjG+3YsX7A9bh3WKDzys7RTHjeZmke1+XmTrIM5r/yD+93bQH8Q6jVTv46J8GAwOM44395txPduPiqz3Bmk81s0bzf1RDlOmy4V63mkU89g8zjd9tr3d7u3uZ8PmTr+d97LVSvWlSvVuubqTN5qD5kq51m3cXcnmW53RaeVBs9Zda+V5q9Os1PPuQjbfqtfL1Wo2f6+52a71smq1slxZLK8upL072esP3s86jWx+lK+2e7uDdqefbeU7WfzEQrZUWX55Ibtdzd5d38g23rl/f33jvQ/vffDglfU3X0sn/W1a2fzS4tJSubpYXqouXKD1f5omPcb1w7GUJj0BgPPnRPv/uVizpP8HnnLe+/+g/x+Lc9X/XvT+/wTWD8ei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLB+nPnqjWJnLh5fT+PPpKHn0nEphDAVQvjjH0yHy0dqTqc6M/9y/sxTc1gLoagwusZs2q6l8dH2+7Mn/S0AAADA/9fXn9z6PHbr8WVu0hPiNMWbNlM3PhpTvVIIYWbupzFVmxq9PD+mYsW/70thf0zVihtYV8ZULN5yuzSuav/h8X236SNx5YkoxZg6hekAAACn7GgncBpdCAAAAJPx2aQnwGSUwuPfBNMf8M/GSD8IXj1yBAAAAJxDpUlPAAAAADhxRf9/Fp7/913J8/8AAADgpMTn/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCf7NxPTsJAFAfg10IF/0Vi3HsVd3AMj+DSpeEAXoIj4BW8AGfAnUcwYGhLtAYTkw7FkO9L2jIT8uOVsHkzpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD69FfPJy9Ptc9uc1bqdNHcDAAAA7LIs5pPyxagan9fzl/XUdT3OIiKPiF29ey9OGpm9Oqf45f3FjxpeI8qEzWcM6uMsIu7q4+Nq398CAAAAHK/FdDauuvXqNDp0QXSpWrTJL+4T5WURUYzeE6Xlm9NNorDy992Px0Rp5QLWMFFYteTWT5X2J73GZfjtklWXvNNyAACATjQ7gW67EAAAALr0cOgCOIwstluZ273g8p/3XxuCp40RAAAA8L8Ndk1m3dcBAAAAdKzs/z3/DwAAAI5b9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9mlZzCeL6WzcNme1bifN3QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfLI/7ygQAmEQBnvXdyZz/8NKg6amJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc79+8ZNxQEAf7bPF1pAHAFlCEIgMcBCr9fS0pUBFDHwJyBF6bUErvxoM9CqQsrChjJ3QTAihAQKW/6HzImUJWwZbggSc5B9duL8kDgIsa/J5yM9v+9Z1nvf50RRvn5OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS8L2DOMkOnVEcF+c2dh8vZP3mkT6ztrI1m7UsjupM+unwavVDNNNcIgAAAFwcSVnfhxC209W5rI87ef2fltdkNf8Pz4/isp4/WveXfVn7Z+3333Ze3p+oM5onG/TO4qB/9XgqrbNb5WR74R+vaOV3Pn/2kuRfkPjD5ZeGaX4/o+/W199v5+FUHdkCAP/FlbIvgvL3oazvNZkYABdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6DJfDs2UchRBmWwdxZnP38cJJ/drK1mzZbj55slIdMxsiDSHcWRz0r9a4lkn34OGjz+YHg/79+oPXQgjNzV4EH49xTQhNZig4bRAX3+v/48h70QSs62yDhn8wAQBw7qRFy+r67XR1LjsXTYew9+Ph+v/NShzGrP93Prm5UZ2rWv/3alvh5Osu3fuy++Dho7cX783f7d/tf/7Otd67veu3bty41c2flXQ9MQEAAOB02kWr1v/x9PH9/8uVOIxZ/3/1fe+b6lyJ+v9EB5t+TWcCAABwsb34+l9/Riecj9rt8PX80tL93ui4//na6NhAqv/aVNGq9X8y3XRWAAAAQB2Gy9Gh/f/blTiMuf//3E+v/FIdMwkhXCr2/68sfDG4Xd9yJlodf07c9BoBAABo1qWiVff/0/z9/3j/lYc4hPDWG6O4+DeAY9X/yQff/lydq/r+//X6ljiR4pnR/cj7qRBaM01nBAAAwHn2TNGyYv+PdHXu018vf9T2/j8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//xwcQP8=")
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x109342, 0x0)
fallocate(r1, 0x0, 0x800, 0x8000c62)
fallocate(r0, 0x3, 0x2, 0x8000c62)

3.331814174s ago: executing program 1 (id=1897):
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f010400000008"], 0x0)
r0 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)={@cgroup, 0xffffffffffffffff, 0xa, 0x1}, 0x20)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890c, &(0x7f0000000000))

2.911063263s ago: executing program 5 (id=1898):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000000000/0x400000)=nil)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000036000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x49, 0x0, 0x0)
getrandom(&(0x7f0000000580)=""/265, 0xffffff3f, 0x3)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)

2.875909516s ago: executing program 6 (id=1899):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5e060987f70e06d038e7ff7fc6e5539b0d650e8b089b3f363b68090890e0878f0e1ac6e7049b3b46959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07440936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x104d}}, 0x1006)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010000104fcffffff8000000000000000", @ANYRES32=0x0, @ANYBLOB="0317040000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r3], 0x44}, 0x1, 0x0, 0x0, 0x2004d01d}, 0x0)

1.577199455s ago: executing program 3 (id=1900):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f000000cd00)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0x40086e81, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x22)

1.573884175s ago: executing program 1 (id=1901):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000020000000000000000000008000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r2 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

1.371075405s ago: executing program 5 (id=1902):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd(0x3)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x7c, 0x3000, 0x0, r2})
unshare(0x28000600)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000003c0)={0xb03, 0x3000, 0x0, r2, 0x4})

1.359485273s ago: executing program 1 (id=1903):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c0001"], 0xe4}, 0x1, 0x0, 0x0, 0x100}, 0x4000044)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

1.111931676s ago: executing program 1 (id=1904):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='westwood', 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$inet(r0, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000000140)="91f8a9", 0x3}], 0x1}}], 0x1, 0x2090)

933.884971ms ago: executing program 5 (id=1905):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x10, &(0x7f0000006d40)=ANY=[], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QnYjtXWOPC19t43L4knybzXXjdPMmySJEOSDEmSJEmmhCRJkpBMmZKQhMxJ5pBMIZnnKXOSHEmShIQk+3+9dfqc83W+r3P+53x/3/+863dd9/Xsde177XvvZ73vcw/XO3zTYXCVelUr1mFm+Kfgry/dASAFAPoBQBYAiACgZNaSWVP7M2js/s8dRPxrPTjtSs9AXElS/7RN6p+2Sf3TNql/2ib1T9uk/mmb1D9tk/oLkZZtm57rGtnS7vbPP/9P+fVFnv//f0jO/2mb1P/fzZkM/8jeUv9/J5dCCP9YhtQ/bZP6p21S/7RN6p+2Sf3TNqm/EGnZlX7+LNuV3a70158QQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiLThfLjMAMBv7Ss9LyGEEEIIIYQQQvzrhPRXegZCCCGEEEIIIYT4n4egQIOBCNJBekiBDJARroJMcDVkhiyQgGsgK1wL2eA6yA45ICfkgtyQB/KCBQIHDDHkg/yQhOuhANwABaEQFIYi4KEoFIMboTjcBCXgZigJt0ApuBVKQxkoC+XgNigPt0MFuAMqwp1QCSpDFagKd0E1uBuqwz1QA+6FmnAf1IL7oTY8AHXgQagLD0E9eBjqwyPQABpCI2gMTf6v8l+ALvAidIVu0B16QE94CXpBb+gDfaEfvAz94RUYAK/CQBgEg+E1GAKvw1B4A4bBcBgBb8JIGAWjYQyMhXEwHt6CCfA2TIR3YBJMhikwFabBdJgB78JMmAWz4T2YA+/DXJgH82EBLIQPYBEshiXwISyFj2AZLIcVsBJWwWpYA2thHayHDbARNsFm2AJbYRt8DNthB+yEXbAb9sBe+AT2waewHz6DA/D5P5h/7j/ld0RAQIUKDRpMh+kwBVMwI2bETJgJM2NmTGACs2JWzIbZMDtmx5yYE3NjbsyLeZGQkJExH+bDJCaxABbAglgQC2Nh9OixGBbD4ngTlsASWBJLYikshaWxDJbBclgOy2N5rIAVsCJWxEpYCatgFbwL78K7sTpWxxpYA2tiTayFtbA21sY6WAfrYl2sh/WwPtbHBtgAG2EjbIJNsCk2xWbYDFtgC2yJLbEVtsLW2BrbYBtsi22xHbbD9tgeO2AH7IidsBO+gC/gi/gidsNKqgf2xJ7YC3thH+yLffFl7I+v4Cv4Kg7EQTgYX8PX8HUcimdxGA7HETgCy6tROBrHIKtxOB7H4wScgBNxIk7CyTgZp+I0nI4zcAbOxFk4C9/DOfg+vo/zcB4uwIW4EBfhYlyCS3ApnsNluBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34MX6MO3AH7sJduAf34Cf4CX6Kn+JAPIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfwJJ7C03gKz+AZPIvn8Dyexwt4AS/iRbyEl1K/+VUqo4xKp9KpFJWiMqqMKpPKpDKrzCqhEiqryqqyqWwqu8qucqqcKrfKrfKqvIoUKVaxyqfyqaRKqgKqgCqoCqrCqrDyyqtiqpgqroqrEqqEKqluUaXUraq0KqOa+3KqnCqvWvgK6g5VUVVUlVRlVUVVVVVVNVVNVVfVVQ1VQ9VUNVUtdb+qrXpgH3xQpVamnhqE9dVgbKAaqkaqsXodH1VN1VBsppqrFupxNRyHYSvV1LdWT6k2ajS2Vc+oMfisaq/GYQf1vOqoOqnO6gXVRTXzXVU3NQl7qJ5qKvZSvVUf1VfNxMoqtWJV1KtqoBqkBqvX1AJ8XQ1Vb6hhargaod5UI9UoNVqNUWPVODVevaUmqLfVRPWOmqQmqylqqpqmpqsZqR+tapaard5Tc9T7aq6ap+arBWqh+kAtUovVEvWhWqo+UsvUcrVCrVSr1Gq1Rq1V69R6tUFtVJsiUFvUVrVNfay2qx1qp9qldqs9aq/6RO1Tn6r96jN1QH2uDqo/qUPqC3VYfamOqK/UUfW1Oqa+UcfVt+qE+k6dVKfUafW9OqN+UGfVOXVe/aguqJ/URfWzuqSCAo1aaa2NjnQ6nV6n6Aw6o75KZ9JX68w6i07oa3RWfa3Opq/T2XUOnVPn0rl1Hp1XW03aadaxzqfz66S+XhfQN+iCupAurItor4vqYvpGXVzfpEvom3VJfYsupW/VpXUZXVaX07fp8vp2XUHfoSvqO3UlXVlX0VX1XbqavltX1/foGvpeXVPfp2vp+3Vt/YCuox/UdfVDup5+WNfXj+gGuqFupBvrJvpR3VQ/ppvp5rqFfly31E/oVvpJ3Vo/pdvop3Vb/Yxup5/V7fVzuoN+XnfUnXRn/bO+pIPuqrvp7rqH7qlf0r10b91H99X99Mu6v35FD9Cv6oF6kB6sX9ND9Ot6qH5DD9PD9Qj9ph6pR+nReoweq8fp8fotPUG/rSfqd/QkPVlP0VP1ND1d9/nzSLP/jvy3/0b+gF+OvlVv0x/r7XqH3ql36d16j96r9+p9ep/er/frA/qAPqgP6kP6kD6sD+sj+og+qo/qY/qYPq6P6xP6hD6pT+kf9ff6jP5Bn9Xn9Dn9o76gL+iLf34PwKBRRhtjIpPOpDcpJoPJaK4ymczVJrPJYhLmGpPVXGuymetMdpPD5DS5TG6Tx+Q11pBxhk1s8pn8JmmuNwXMDaagKWQKmyLGm6KmmLnxn87/o/k1MU1MU9PUNDPNTAvTwrQ0LU0r08q0Nq1NG9PGtDVtTTvTzrQ37U0H08F0NB1NZ9PZdDFdTACA7qa76WleMr1Mb9PH9DX9zMumv+lvBpgBZqAZaAabwWaIGWKGmqFmmBlmRpgRZqQZaUab0WasGWvGm/FmgplgJpqJZpKZZKaYKWaamWZmmBlmpplpZpvZZo6ZY+aauWa+mW8WmoVmkVlklpglZqlZapaZ5Wa5WWlWmtVmtVlr1pr1Zr3ZaDaazWazWWZ++wHNnWan2W12m71mr9ln9pn9Zr85YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmJPmpDltTpsz5ow5a86a8+a8uWAumIvmorlkLqVe9kUqUpGJTJQuShelRClRxihjlCnKFGWOMkeJKBFljbJG2aLrouxRjihnlCvKHeWJ8kY2oshFHMVRvih/lIyujwpEN0QFo0JR4ahI5KOiUbHoxqh4dFNUIro5KhndEpWKbo1KR2WislG56LaofHR7VCG6I6oY3RlViipHVaKq0V1RtejuqHp0T1QjujeqGd0X1Yruj2pHD0R1ogejutFDUb3o4ah+9EjUIGoYNYoaR03+peOHcDbHY76r7Wa72x62p33J9rK9bR/b1/azL9v+9hU7wL5qB9pBdrB9zQ6xr9uh9g07zA63I+ybdqQdZUfbMXasHWfH27fsBPu2nWjfsZPsZDvFTrXT7HQ7w75rZ9pZdrZ9z86x79u5dp6dbxfYhfYDu8gutkvsh3ap/cgus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVbrMf2+12h91pd9nddo/daz+x++yndr/9zB6wn9uD9k/2kP3CHrZf2iP2K3vUfm2P2W/scfutPWG/syftKXvafm/P2B/sWXvOnrc/2gv2J3vR/mwv2ZB6cZ96eidDhtJROkqhFMpIGSkTZaLMlJkSlKCslJWyUTbKTtkpJ+Wk3JSb8lJeSsXElI/yUZKSVIAKUEEqSIWpMHnyVIyKUXEqTiWoBJWkklSKSlFpKk1lKfWkeRvdTrfTHXQH3Ul3UmWqTFWpKlWjalSdqlMNqkE1qSbVolpUm2pTHapDdaku1aN6VJ/qUwNqQI2oETWhJtSUmlIzakYtqAW1pJbUilpRa2pNbagNtaW21I7aUXtqTx2oA3WkjtSZOlMX6kJdqSt1p+7Uk3pSL+pFfagP9aN+1J/60wAaQANpIA2mwTSEhtBQGkrDaDiNoDdpJI2i0TSGxtI4Gk/jaQJNoIk0kSbRJJpCU2gaTaMZNINm0kyaTbNpDs2huTSX5tN8WkgLaREtoiW0hJbSUlpGy2gFraBVtIrW0BpaR+toA22gTbSJttAW2kbbaDttp520k3bTbtpLe2kf7aP9tJ8O0AE6SAfpEB2iw3SYjtAROkpH6Rgdo+N0nE7QCTpJJ/E0naYzdIbO0lk6T+fpAv1EF+lnukSBUlwGl9Fd5TK5q11ml8WluAzdAOA/4pwul8vt8ri8zrrsLsdfxeScK+gKucKuiPOuqCvmbvxdXLpHGVfWlXO3ufLudlfBlXZ/HVdzd7vq7h5Xw93rqrq7/iqu6e5ztdzDrrZ7xNVxDV1d19jVcw+7+u4R18A1dI1cY9fSPeFauSdda/eUa+Oe/l28yC1269x6t8FtdPvcp+68+9Edc9+4C+4n19V1c/3cy66/e8UNcK+6gW7Q7+IR7k030o1yo90YN9aN+108xU1109x0N8O962a6Wb+LF7oP3By3xM1189x8t+CXOHVOS9yHbqn7yC1zy90Kt9KtcqvdGrf2P+a60m12W9xWt9d94ra7HW6n2+V2uz2/xKnr2O8+cwfc5+6o+9odcl+4w+64O+K++iVOXd9x96074b5zJ90pd9p97864H9xZd+6X9aeu/Xv3s7vkggNGVqzZcMTpOD2ncAbOyFdxJr6aM3MWTvA1nJWv5Wx8HWfnHJyTc3FuzsN52TKxY+aY83F+TvL1XIBv4IJciAtzEfZclIvxjVycb+ISfDOX5Fu4FN/KpbkMl+VyfBuX59u5At/BFflOrsSVuQpX5bu4Gt/N1fkersH3ck2+j2vx/VybH+A6/CDX5Ye4Hj/M9fkRbsANuRE35ib8KDflx7gZN+cW/Di35Ce4FT/JrfkpbsNPc1t+htvxs9yen+MO/Dx35E7cmV/gLvwid+Vu3J17cE9+iXtxb+7Dfbkfv8z9+RUewK/yQB7Eg/k1HsKv81B+g4fxcB7Bb/JIHsWjeQyP5XE8nt/iCfw2T+R3eBJP5ik8lafxdJ7B7/JMnsWz+T2ew+/zXJ7H83kBL+QPeBEv5iX8IS/lj3gZL+cVvJJX8Wpew2t5Ha/nDbyRN/Fm3sJbeRt/zNt5B+/kXbyb9/Be/oT38ae8nz/jA/w5H+Q/8SH+gg/zl3yEv+Kj/DUf42/4OH/LJ/g7Psmn+DR/z2f4Bz7L5/g8/8gX+Ce+yD/zJQ4MMcYq1rGJozhdnD5OiTPEGeOr4kzx1XHmOEuciK+Js8bXxtni6+LscY44Z5wrzh3nifPGNqbYxRzHcb44f5yMr48LxDfEBeNCceG4SOzjonGx+Ma4eHxTXCK+OS4Z3xKXim+NS8dl4rJxufi2uHx8e1whviOuGN8ZV4orx1XiqvFdcbX47rh6fE9cI743LhHfF9eK749rxw/EdeIH47rxQ3G9+OG4fvxI3CBuGDeKG8dN4kfjpvFjcbO4edwifjxuGT8Rt4qfjFvHT8Vt4qf/sL973CPuGb8UvxSHcI+en1yQXJj8ILkouTi5JPlhcmnyo+Sy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObkluTWZAhV04NHr7z2xkc+nU/vU3wGn9Ff5TP5q31mn8Un/DU+q7/WZ/PX+ew+h8/pc/ncPo/P660n7zz72Ofz+X3SX+8L+Bt8QV/IF/ZFvPdFfTHf2DfxTXxT/5hv5pv7Fv5x/7h/wj/hn/RP+qd8G/+0b+uf8e38s769f84/55/3HX0n39m/4Lv4F31X38139919T9/T9/K9fB/fx/fz/Xx/398P8AP8QD/QD/aD/RA/xA/1Q/0wP8yP8CP8SD/Sj/aj/Vg/1o/34/0EP8FP9BP9JD/JT/FT/DQ/zc/wM/xMP9PP9rP9HD/Hz/Vz/Xw/3y/0C/0iv8gv8Uv8Ur/UL/PL/Aq/wq/yq/wav8av8+v8Br/Bb/Kb/Ba/xW/z2/x2v93v9Dv9br/b7/V7/T6/z+/3+/0Bf8Af9Af9IX/IH/Zf+iP+K3/Uf+2P+W/8cf+tP+G/8yf9KX/af+/P+B/8WX/On/c/+gv+J3/R/+wv+eDHJ95KTEi8nZiYeCcxKTE5MSUxNTEtMT0xI/FuYmZiVmJ24r3EnMT7ibmJeYn5iQWJhYkPEosSixNLEh8mliY+SixLLE+sSKxMrEqsToSQZ3sc8oX8IRmuDwXCDaFgKBQKhyLBh6KhWLgxFA83hRLh5lAy3BJKhVtD6VAmlA2PhAahYWgUGocm4dHQNDwWmoXmoUV4PLQMT4RW4cnQOjwV2oSnQ9vwTGgXng3tw3OhQ3g+dAydQufwQugSXgxdQ7fQPfQIPcNLoVfoHfqEvqFfeDn0D6+EAeHVMDAMCoPDa2FIeD0MDW+EYWF4GBHeDCPDqDA6jAljw7gwPrwVJoS3w8TwTpgUJocpYWqYFqaHGeHdMDPMCrPDe2FOeD/MDfPC/LAgLAwfhEVhcVgSPgxLw0dhWVgeVoSVYVVYHdaEtWFdWB82hI1hU9gctoStYVv4OGwPO8LOsCvsDnvC3vBJ2Bc+DfvDZ+FA+DwcDH8Kh8IX4XD4MhwJX4Wj4etwLHwTjodvw4nwXTgZToXT4ftwJvwQzoZz4Xz4MVwIP4WL4edwSX5nTQghhBDi76L/oL/Hf5Gj/tzuCQBX78h15D/3b8r+a7t3+twtEwDwVLcOD/62VarUvXv3P++7TEOUfx4AJC7np4PL8XJoAU9Aa2gOxf+jP+UvjtVbdbrA/934AFHyFoCMf5GTmv9bfHn8m/7m+nurUXP+2/E1RMl5AAXzX87JAJfjy+OX+C/Gz9H0D8bP8MV4gGZ/kZMJLseXxy8Gj8HT0Pqv9hRCCCGEEEIIIX7VW5Vt90f3t6n357nN5Zz0cDn+W/fnQgghhBBCCCGE+N/l2U6dn3y0devm7aTxP9UIWX59q/+3zEca0vg7Glf6k0kIIYQQQgjxr3b5ov9Kz0QIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhEi7/l/8ObHfjvVH/2tQCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGE+Hf1fwIAAP//drU5SA==")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x400017e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
io_setup(0x3, &(0x7f0000000600)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000000)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x7, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])

329.979524ms ago: executing program 5 (id=1906):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x6d207ee5}, 0x8)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000140)={0x0, 0x0, 0x9}, 0x8)

0s ago: executing program 6 (id=1907):
pipe2$watch_queue(&(0x7f0000001180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
r2 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r0, 0x70)
pipe2$watch_queue(&(0x7f0000000300)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0xe2)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r1, 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

7333] EXT4-fs (loop0): 1 truncate cleaned up
[  150.831646][ T7333] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.940659][ T7338] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  150.965167][ T7338] team0: Port device macvlan2 added
[  150.997813][   T28] audit: type=1800 audit(1772722259.561:11): pid=7333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.551" name="bus" dev="loop0" ino=18 res=0 errno=0
[  151.038525][ T7333] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.551: corrupted in-inode xattr: invalid ea_ino
[  151.131012][ T5778] Trying to write to read-only block-device loop0
[  151.156791][ T5778] EXT4-fs error (device loop0): ext4_lookup:1858: inode #16: comm syz-executor: iget: bogus i_mode (6355)
[  151.187722][ T5778] EXT4-fs error (device loop0): ext4_lookup:1858: inode #16: comm syz-executor: iget: bogus i_mode (6355)
[  151.624192][ T5778] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.831970][  T962] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  151.863887][  T962] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.042766][  T962] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.063275][  T962] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.163097][  T962] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.181869][  T962] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.305291][  T962] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  152.343309][  T962] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.547404][ T7369] netlink: 76 bytes leftover after parsing attributes in process `syz.3.570'.
[  152.580297][ T7371] loop1: detected capacity change from 0 to 256
[  152.636273][ T7371] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  153.321776][ T5776] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  153.334351][ T5776] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  153.345695][ T5776] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  153.356242][ T5776] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  153.369644][ T5776] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  153.379992][ T5776] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  154.479359][    C1] sched: RT throttling activated
[  154.670888][ T7386] loop1: detected capacity change from 0 to 131072
[  154.681362][ T7386] F2FS-fs (loop1): Invalid log sectorsize (67108873)
[  154.688126][ T7386] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  154.700082][ T7386] F2FS-fs (loop1): invalid crc value
[  154.745077][ T7386] F2FS-fs (loop1): Found nat_bits in checkpoint
[  154.820068][ T7386] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  154.827190][ T7386] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  155.306776][ T7381] chnl_net:caif_netlink_parms(): no params data found
[  155.429555][ T5776] Bluetooth: hci3: command tx timeout
[  156.290867][ T7381] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.319558][ T7381] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.327019][ T7381] bridge_slave_0: entered allmulticast mode
[  156.361868][ T7381] bridge_slave_0: entered promiscuous mode
[  156.412869][ T7381] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.436497][ T7381] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.455950][ T7381] bridge_slave_1: entered allmulticast mode
[  156.467489][ T7381] bridge_slave_1: entered promiscuous mode
[  156.520473][  T962] hsr_slave_0: left promiscuous mode
[  156.530503][  T962] hsr_slave_1: left promiscuous mode
[  156.619864][  T962] veth1_macvtap: left promiscuous mode
[  156.628532][  T962] veth0_macvtap: left promiscuous mode
[  156.643150][  T962] veth1_vlan: left promiscuous mode
[  156.654704][  T962] veth0_vlan: left promiscuous mode
[  157.267837][  T786] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  157.468276][  T786] usb 2-1: Using ep0 maxpacket: 32
[  157.491850][  T786] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  157.510026][ T5776] Bluetooth: hci3: command tx timeout
[  157.515971][  T786] usb 2-1: config 0 interface 0 has no altsetting 0
[  157.534938][  T786] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  157.555867][  T786] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.580852][  T786] usb 2-1: config 0 descriptor??
[  158.391245][  T786] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  158.413334][  T786] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  158.437918][  T786] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  158.445500][  T786] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  158.454143][  T786] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  158.502147][  T786] corsair-psu 0003:1B1C:1C09.0002: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.1-1/input0
[  158.876117][  T786] corsair-psu 0003:1B1C:1C09.0002: unable to initialize device (-110)
[  158.895605][  T786] corsair-psu: probe of 0003:1B1C:1C09.0002 failed with error -110
[  158.927919][  T786] usb 2-1: USB disconnect, device number 6
[  159.184662][  T962] bond0 (unregistering): Released all slaves
[  159.454582][ T7381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  159.545992][ T7381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  159.589529][ T5776] Bluetooth: hci3: command tx timeout
[  159.619126][ T7454] loop1: detected capacity change from 0 to 8
[  159.736787][ T7381] team0: Port device team_slave_0 added
[  159.747417][ T7454] SQUASHFS error: Unable to read inode 0x127
[  159.841084][ T7381] team0: Port device team_slave_1 added
[  159.972747][ T7381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  160.015617][ T7381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.093952][ T7468] overlayfs: failed to resolve './file0': -2
[  160.111981][ T7381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  160.155983][ T7381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  160.178339][ T7381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  160.278733][ T7381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  160.820720][ T7381] hsr_slave_0: entered promiscuous mode
[  160.881266][ T7381] hsr_slave_1: entered promiscuous mode
[  160.923536][ T7381] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  160.940120][ T7381] Cannot create hsr debugfs directory
[  160.965874][  T962] IPVS: stop unused estimator thread 0...
[  161.669708][ T5776] Bluetooth: hci3: command tx timeout
[  161.687082][ T7381] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  161.767761][ T7381] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  161.805940][ T7381] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  161.837068][ T7381] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  162.155256][ T7381] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.252270][ T7381] 8021q: adding VLAN 0 to HW filter on device team0
[  162.292652][ T3434] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.299929][ T3434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.357912][ T3480] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.365520][ T3480] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.149875][ T7381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  164.063300][ T7381] veth0_vlan: entered promiscuous mode
[  164.102730][ T7381] veth1_vlan: entered promiscuous mode
[  164.178643][ T7381] veth0_macvtap: entered promiscuous mode
[  164.227474][ T7381] veth1_macvtap: entered promiscuous mode
[  164.315204][ T7381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.353609][ T7381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.364777][ T7586] overlayfs: failed to clone upperpath
[  164.387328][ T7381] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.407214][ T7381] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.418910][ T7381] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.432614][ T7381] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.581558][ T7570] loop1: detected capacity change from 0 to 32768
[  164.619092][ T7570] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.610 (7570)
[  164.718149][ T7570] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  164.750454][ T7570] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  164.779957][ T7570] BTRFS info (device loop1): using free space tree
[  164.834844][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  164.888984][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  164.996425][ T3509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.023786][ T7570] BTRFS info (device loop1): enabling ssd optimizations
[  165.054235][ T3509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.066169][ T7570] BTRFS info (device loop1): auto enabling async discard
[  165.230190][   T28] audit: type=1800 audit(1772722273.791:12): pid=7570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.610" name="file1" dev="loop1" ino=260 res=0 errno=0
[  165.483043][ T7627] netlink: 8 bytes leftover after parsing attributes in process `syz.4.566'.
[  166.002861][ T5772] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  166.023013][ T7642] Bluetooth: MGMT ver 1.22
[  166.870407][ T7665] ip6gre1: entered allmulticast mode
[  166.913676][ T7668] Bluetooth: hci0: unsupported parameter 256
[  166.935893][ T7668] Bluetooth: hci0: invalid length 0, exp 2 for type 11
[  167.397495][ T7661] loop1: detected capacity change from 0 to 32768
[  167.538890][ T7661] JBD2: Ignoring recovery information on journal
[  167.719621][ T7680] netlink: 12 bytes leftover after parsing attributes in process `syz.3.627'.
[  167.795260][ T7661] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  167.945659][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  167.968180][ T7687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.630'.
[  168.349696][ T7661] syz.1.616 (7661) used greatest stack depth: 18768 bytes left
[  168.647279][ T5772] ocfs2: Unmounting device (7,1) on (node local)
[  168.662925][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  168.663007][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  168.711011][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  168.770067][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  168.777890][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  168.906557][ T7685] llcp: llcp_sock_recvmsg: Recv datagram failed state 4 -11 0
[  170.139491][    T8] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  170.144652][ T7736] syz.4.645(7736): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  170.360148][    T8] usb 3-1: unable to get BOS descriptor or descriptor too short
[  170.399547][    T8] usb 3-1: not running at top speed; connect to a high speed hub
[  170.432947][    T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  170.479467][    T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  170.512959][    T8] usb 3-1: string descriptor 0 read error: -22
[  170.529518][    T8] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  170.564803][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.615701][    T8] usb 3-1: 0:2 : does not exist
[  171.317935][ T7770] capability: warning: `syz.3.654' uses deprecated v2 capabilities in a way that may be insecure
[  171.833928][    T8] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[  171.865124][    T8] usb 3-1: 5:0: failed to get current value for ch 1 (-22)
[  171.959158][ T7768] loop1: detected capacity change from 0 to 32768
[  172.069226][    T8] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[  172.109688][    T8] usb 3-1: USB disconnect, device number 5
[  172.149434][   T28] audit: type=1800 audit(1772722280.711:13): pid=7768 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.653" name="file1" dev="loop1" ino=7 res=0 errno=0
[  172.304649][   T28] audit: type=1800 audit(1772722280.861:14): pid=7786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.653" name="file1" dev="loop1" ino=7 res=0 errno=0
[  172.606050][ T7794] netlink: 25 bytes leftover after parsing attributes in process `syz.4.658'.
[  172.989694][ T7802] netlink: 'syz.2.660': attribute type 10 has an invalid length.
[  173.113263][ T7802] 8021q: adding VLAN 0 to HW filter on device team0
[  173.157167][ T7802] bond0: (slave team0): Enslaving as an active interface with an up link
[  173.663824][ T7826] netlink: 104 bytes leftover after parsing attributes in process `syz.1.669'.
[  173.688653][ T7826] netlink: 104 bytes leftover after parsing attributes in process `syz.1.669'.
[  176.299493][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  176.491493][    T9] usb 3-1: config 1 interface 0 has no altsetting 0
[  176.507845][    T9] usb 3-1: string descriptor 0 read error: -22
[  176.514550][    T9] usb 3-1: New USB device found, idVendor=0738, idProduct=1713, bcdDevice= 0.40
[  176.524127][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.974508][ T7915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.695'.
[  177.174164][    T9] saitek 0003:0738:1713.0003: global environment stack underflow
[  177.190388][    T9] saitek 0003:0738:1713.0003: item 0 4 1 11 parsing failed
[  177.210509][    T9] saitek 0003:0738:1713.0003: parse failed
[  177.216534][    T9] saitek: probe of 0003:0738:1713.0003 failed with error -22
[  177.378021][ T5849] usb 3-1: USB disconnect, device number 6
[  178.161472][ T7942] TCP: TCP_TX_DELAY enabled
[  179.147360][ T7968] loop1: detected capacity change from 0 to 32768
[  179.215109][ T7968] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  179.275684][ T7968] JBD2: Ignoring recovery information on journal
[  179.421360][ T7968] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  179.529990][ T7988] xt_hashlimit: size too large, truncated to 1048576
[  179.852521][ T5772] ocfs2: Unmounting device (7,1) on (node local)
[  180.679468][ T5848] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  180.879595][ T5848] usb 2-1: Using ep0 maxpacket: 32
[  180.895212][ T5848] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  180.923010][ T5848] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  180.943506][ T5848] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.968944][ T5848] usb 2-1: config 0 descriptor??
[  180.996804][ T5848] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  181.239598][ T5848] usb 2-1: USB disconnect, device number 7
[  181.407201][ T8011] loop4: detected capacity change from 0 to 128
[  181.457256][ T8011] FAT-fs (loop4): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  181.541597][ T8011] FAT-fs (loop4): error, invalid FAT chain (i_pos 548, last_block 8)
[  181.561375][ T8011] FAT-fs (loop4): Filesystem has been set read-only
[  181.568241][ T8011] FAT-fs (loop4): error, corrupted file size (i_pos 548, 522)
[  183.423603][ T8032] loop2: detected capacity change from 0 to 32768
[  183.482765][ T8032] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  183.592506][ T8032] XFS (loop2): Ending clean mount
[  184.418299][ T5774] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  184.546962][ T8062] loop4: detected capacity change from 0 to 1024
[  184.644924][ T8065] netlink: 8 bytes leftover after parsing attributes in process `syz.1.744'.
[  184.990467][ T8070] netlink: 'syz.2.743': attribute type 7 has an invalid length.
[  185.005633][ T8070] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  185.014854][ T8070] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  185.024145][ T8070] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  185.037031][ T8070] netlink: 'syz.2.743': attribute type 7 has an invalid length.
[  185.612520][ T8083] warning: `syz.4.751' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  185.880890][ T8090] loop4: detected capacity change from 0 to 128
[  185.888507][ T8090] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  186.248400][ T8099] netlink: 32 bytes leftover after parsing attributes in process `syz.4.755'.
[  186.289775][ T8099] netlink: 32 bytes leftover after parsing attributes in process `syz.4.755'.
[  186.499509][ T8109] netlink: 'syz.4.758': attribute type 10 has an invalid length.
[  186.517684][ T8109] netlink: 2 bytes leftover after parsing attributes in process `syz.4.758'.
[  186.538202][ T8109] team0: entered promiscuous mode
[  186.551830][ T8109] team_slave_0: entered promiscuous mode
[  186.566016][ T8109] team_slave_1: entered promiscuous mode
[  186.587167][ T8109] bridge0: port 3(team0) entered blocking state
[  186.602408][ T8109] bridge0: port 3(team0) entered disabled state
[  186.618196][ T8109] team0: entered allmulticast mode
[  186.653709][ T8109] team_slave_0: entered allmulticast mode
[  186.679534][ T8109] team_slave_1: entered allmulticast mode
[  186.714891][ T8109] bridge0: port 3(team0) entered blocking state
[  186.721787][ T8109] bridge0: port 3(team0) entered forwarding state
[  187.459630][ T8138] netlink: 'syz.3.768': attribute type 12 has an invalid length.
[  187.770387][ T8154] netlink: 8 bytes leftover after parsing attributes in process `syz.4.773'.
[  188.385093][ T8170] netlink: 6 bytes leftover after parsing attributes in process `syz.1.778'.
[  188.907136][ T8189] netlink: 104 bytes leftover after parsing attributes in process `syz.3.782'.
[  190.420664][ T8229] veth1_to_bond: entered allmulticast mode
[  190.441077][ T8229] netlink: 4 bytes leftover after parsing attributes in process `syz.4.792'.
[  190.687730][ T8229] veth1_to_bond (unregistering): left allmulticast mode
[  190.776547][ T8229] bond0: (slave bond_slave_1): Releasing backup interface
[  191.651403][ T8273] "syz.3.808" (8273) uses obsolete ecb(arc4) skcipher
[  192.018507][ T8286] loop4: detected capacity change from 0 to 1024
[  192.062793][ T8286] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.096767][   T28] audit: type=1800 audit(1772722300.661:15): pid=8286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.813" name="file1" dev="loop4" ino=15 res=0 errno=0
[  192.134987][   T28] audit: type=1800 audit(1772722300.691:16): pid=8286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.813" name="file1" dev="loop4" ino=15 res=0 errno=0
[  192.530831][ T8301] input: syz1 as /devices/virtual/input/input5
[  192.564019][ T8301] input: failed to attach handler leds to device input5, error: -6
[  192.990763][ T7381] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.634335][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  194.642219][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  194.651124][ T8363] netlink: 8 bytes leftover after parsing attributes in process `syz.3.830'.
[  195.553908][ T8397] netlink: 392 bytes leftover after parsing attributes in process `syz.1.839'.
[  196.379699][ T5814] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  196.562249][ T5814] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  196.582132][ T5814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.632516][ T5814] usb 2-1: config 0 descriptor??
[  196.666336][ T5814] cp210x 2-1:0.0: cp210x converter detected
[  196.937858][ T8450] loop2: detected capacity change from 0 to 4096
[  197.076094][ T5814] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  197.142998][ T5814] usb 2-1: cp210x converter now attached to ttyUSB0
[  197.318218][ T5814] usb 2-1: USB disconnect, device number 8
[  197.346999][ T5814] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  197.388536][ T5814] cp210x 2-1:0.0: device disconnected
[  197.615103][ T8472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.861'.
[  197.628460][ T8472] netlink: 'syz.3.861': attribute type 18 has an invalid length.
[  197.637277][ T8472] netlink: 4 bytes leftover after parsing attributes in process `syz.3.861'.
[  197.653399][ T8472] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  197.662637][ T8472] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  197.671495][ T8472] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  197.681703][ T8472] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  197.694096][ T8472] netlink: 8 bytes leftover after parsing attributes in process `syz.3.861'.
[  197.703231][ T8472] netlink: 'syz.3.861': attribute type 18 has an invalid length.
[  197.712591][ T8472] netlink: 4 bytes leftover after parsing attributes in process `syz.3.861'.
[  197.946145][ T8478] loop1: detected capacity change from 0 to 256
[  198.233450][ T8482] netlink: 'syz.1.866': attribute type 1 has an invalid length.
[  198.253489][ T8482] netlink: 'syz.1.866': attribute type 4 has an invalid length.
[  198.269119][ T8482] netlink: 15334 bytes leftover after parsing attributes in process `syz.1.866'.
[  198.873320][ T8500] loop1: detected capacity change from 0 to 4096
[  198.914068][ T8500] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  199.255693][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.875310][ T8524] loop4: detected capacity change from 0 to 256
[  199.948713][ T8524] FAT-fs (loop4): Directory bread(block 64) failed
[  199.967223][ T8524] FAT-fs (loop4): Directory bread(block 65) failed
[  199.995634][ T8524] FAT-fs (loop4): Directory bread(block 66) failed
[  200.019839][ T8524] FAT-fs (loop4): Directory bread(block 67) failed
[  200.026563][ T8524] FAT-fs (loop4): Directory bread(block 68) failed
[  200.051198][ T8524] FAT-fs (loop4): Directory bread(block 69) failed
[  200.057920][ T8524] FAT-fs (loop4): Directory bread(block 70) failed
[  200.080642][ T8524] FAT-fs (loop4): Directory bread(block 71) failed
[  200.087419][ T8524] FAT-fs (loop4): Directory bread(block 72) failed
[  200.115368][ T8524] FAT-fs (loop4): Directory bread(block 73) failed
[  200.151784][ T8528] af_packet: tpacket_rcv: packet too big, clamped from 4308 to 3952. macoff=96
[  200.361393][ T8516] loop2: detected capacity change from 0 to 32768
[  200.483994][ T8516] JBD2: Ignoring recovery information on journal
[  200.523003][ T8537] netlink: 4 bytes leftover after parsing attributes in process `syz.3.888'.
[  200.683246][ T8516] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  201.183018][ T8535] loop4: detected capacity change from 0 to 32768
[  201.284737][ T8535] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  201.297790][ T5774] ocfs2: Unmounting device (7,2) on (node local)
[  201.458966][ T8535] XFS (loop4): Ending clean mount
[  201.727537][ T7381] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  201.962546][ T8570] sctp: [Deprecated]: syz.2.894 (pid 8570) Use of struct sctp_assoc_value in delayed_ack socket option.
[  201.962546][ T8570] Use struct sctp_sack_info instead
[  202.071373][ T8574] netlink: 8 bytes leftover after parsing attributes in process `syz.3.902'.
[  202.253314][ T8577] tipc: Started in network mode
[  202.258749][ T8577] tipc: Node identity d2467f76bc23, cluster identity 4711
[  202.274365][ T8577] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  202.295899][ T8577] tipc: Disabling bearer <eth:syzkaller0>
[  202.380784][ T8584] netlink: 'syz.4.905': attribute type 1 has an invalid length.
[  202.403913][ T8584] netlink: 'syz.4.905': attribute type 2 has an invalid length.
[  202.441647][ T8584] netlink: 'syz.4.905': attribute type 1 has an invalid length.
[  202.459496][ T8584] netlink: 'syz.4.905': attribute type 2 has an invalid length.
[  202.676616][ T8596] overlayfs: failed to clone upperpath
[  202.976098][ T8607] overlayfs: failed to clone upperpath
[  203.261486][ T8615] loop1: detected capacity change from 0 to 8
[  203.283876][ T8615] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  203.332453][ T5773] udevd[5773]: incorrect cramfs checksum on /dev/loop1
[  203.339979][ T8615] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  203.360700][ T8617] overlayfs: failed to clone upperpath
[  203.412703][ T5773] udevd[5773]: incorrect cramfs checksum on /dev/loop1
[  203.440083][ T8615] cramfs: bad data blocksize 4294967224
[  203.453084][ T8615] cramfs: bad data blocksize 4294967224
[  204.408199][ T8641] loop2: detected capacity change from 0 to 1024
[  204.434206][ T8641] EXT4-fs: Ignoring removed bh option
[  204.538662][ T8641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  204.788611][ T5774] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.299767][ T5849] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  205.524827][ T5849] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  205.549510][ T5849] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  205.591782][ T5849] usb 5-1: New USB device found, idVendor=0856, idProduct=ac33, bcdDevice= 0.f8
[  205.611675][ T5849] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.659654][ T5849] usb 5-1: Product: syz
[  205.664030][ T5849] usb 5-1: Manufacturer: syz
[  205.668685][ T5849] usb 5-1: SerialNumber: syz
[  205.699125][ T5849] usb 5-1: config 0 descriptor??
[  205.959495][ T5849] usb 5-1: USB disconnect, device number 2
[  207.146802][ T8727] netlink: 'syz.4.954': attribute type 4 has an invalid length.
[  207.247935][ T8733] loop1: detected capacity change from 0 to 1024
[  207.321755][ T8733] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  207.552608][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.936799][ T8748] loop1: detected capacity change from 0 to 256
[  208.047405][ T8748] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  208.073690][ T8748] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  208.158877][ T8748] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  208.249833][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  209.930729][ T8789] loop1: detected capacity change from 0 to 2048
[  209.993481][    C0] Dead loop on virtual device ipvlan1, fix it urgently!
[  210.165155][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  210.262848][ T8789] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.326851][ T8789] ext4 filesystem being mounted at /230/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  210.720123][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.392760][ T8812] IPVS: persistence engine module ip_vs_pe_ not found
[  211.678546][ T8825] tipc: Started in network mode
[  211.687744][ T8825] tipc: Node identity 4, cluster identity 4711
[  211.695524][ T8825] tipc: Node number set to 4
[  212.069659][ T5787] Bluetooth: hci0: command 0x0406 tx timeout
[  212.069668][ T5088] Bluetooth: hci1: command 0x0406 tx timeout
[  212.573598][ T8856] netlink: 8 bytes leftover after parsing attributes in process `syz.3.995'.
[  212.968098][ T8868] loop1: detected capacity change from 0 to 256
[  212.978048][ T8870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1000'.
[  213.009635][ T8870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1000'.
[  213.029648][ T5848] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  213.040083][ T8870] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1000'.
[  213.079796][ T8870] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1000'.
[  213.219243][ T8874] loop1: detected capacity change from 0 to 4096
[  213.234182][ T8874] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  213.263458][ T5848] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.275070][ T5848] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.286201][ T5848] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  213.306447][ T5848] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.336237][ T5848] usb 3-1: config 0 descriptor??
[  213.419228][   T28] audit: type=1800 audit(1772722321.981:17): pid=8874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1002" name="file1" dev="loop1" ino=30 res=0 errno=0
[  213.461223][   T28] audit: type=1800 audit(1772722322.021:18): pid=8874 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1002" name="file1" dev="loop1" ino=30 res=0 errno=0
[  213.983922][ T5848] usb 3-1: string descriptor 0 read error: -22
[  214.220107][ T5848] input: HID 256c:006d as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0004/input/input6
[  214.362520][ T5848] uclogic 0003:256C:006D.0004: input,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  214.422796][ T5848] usb 3-1: USB disconnect, device number 7
[  214.526656][ T8896] fido_id[8896]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  214.887009][ T8907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1014'.
[  214.896451][ T8907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1014'.
[  214.906679][ T8907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1014'.
[  214.916119][ T8907] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1014'.
[  216.004051][ T8930] loop2: detected capacity change from 0 to 8
[  216.093339][ T8930] SQUASHFS error: Failed to read block 0x8f: -5
[  216.136532][   T28] audit: type=1800 audit(1772722324.691:19): pid=8930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1025" name="file1" dev="loop2" ino=5 res=0 errno=0
[  216.872861][ T8961] netlink: 'syz.2.1034': attribute type 25 has an invalid length.
[  216.886910][ T8961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1034'.
[  216.896413][ T8961] netlink: 'syz.2.1034': attribute type 25 has an invalid length.
[  217.404445][    T9] Dead loop on virtual device ipvlan1, fix it urgently!
[  217.486146][    T9] Dead loop on virtual device ipvlan1, fix it urgently!
[  217.820984][ T8970] IPVS: You probably need to specify IP address on multicast interface.
[  217.841234][ T8970] IPVS: Error connecting to the multicast addr
[  217.852426][ T8988] loop4: detected capacity change from 0 to 4096
[  218.039848][ T8989] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  218.213757][ T8979] ceph: No mds server is up or the cluster is laggy
[  218.230342][ T8990] loop4: detected capacity change from 4096 to 64
[  218.239594][ T8982] ceph: No mds server is up or the cluster is laggy
[  218.257934][ T8989] segctord: attempt to access beyond end of device
[  218.257934][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  218.329468][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  218.348729][ T8991] syz.4.1043: attempt to access beyond end of device
[  218.348729][ T8991] loop4: rw=0, sector=288, nr_sectors = 8 limit=64
[  218.377390][ T8991] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=226)
[  218.443770][ T8991] NILFS (loop4): error -5 truncating bmap (ino=15)
[  218.480004][ T8989] segctord: attempt to access beyond end of device
[  218.480004][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  218.518982][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  218.632324][ T8989] segctord: attempt to access beyond end of device
[  218.632324][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  218.658846][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.053430][ T8989] segctord: attempt to access beyond end of device
[  219.053430][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  219.104604][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.152020][ T8989] segctord: attempt to access beyond end of device
[  219.152020][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  219.209708][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.220483][ T8989] segctord: attempt to access beyond end of device
[  219.220483][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  219.259427][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.280874][ T8989] segctord: attempt to access beyond end of device
[  219.280874][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  219.329075][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.346633][ T8989] segctord: attempt to access beyond end of device
[  219.346633][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  219.367819][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.379091][ T8989] segctord: attempt to access beyond end of device
[  219.379091][ T8989] loop4: rw=0, sector=232, nr_sectors = 8 limit=64
[  219.412806][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.463297][ T8995] loop2: detected capacity change from 0 to 32768
[  219.480114][ T8995] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.1046 (8995)
[  219.494573][ T8989] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.511821][ T8995] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  219.523634][ T8995] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  219.535436][ T8995] BTRFS info (device loop2): using free space tree
[  219.558843][ T3440] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.576838][ T7381] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.614448][ T7381] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.638328][ T7381] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.647464][ T7381] NILFS (loop4): I/O error reading meta-data file (ino=3, block-offset=1)
[  219.656541][ T7381] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  219.670595][ T7381] Buffer I/O error on dev loop4, logical block 511, lost sync page write
[  219.685813][ T7381] NILFS (loop4): unable to write superblock: err=-5
[  219.780850][ T8995] BTRFS info (device loop2): enabling ssd optimizations
[  219.788338][ T8995] BTRFS info (device loop2): auto enabling async discard
[  219.868856][ T3440] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.987970][   T28] audit: type=1800 audit(1772722328.551:20): pid=8995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1046" name="file1" dev="loop2" ino=260 res=0 errno=0
[  220.079860][ T3440] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.243247][ T5774] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  220.292180][ T3440] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.509470][ T5773] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop2 scanned by udevd (5773)
[  221.503434][ T5781] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  221.518747][ T5781] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  221.533166][ T5781] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  221.556656][ T5781] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  221.570605][ T5781] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  221.578083][ T5781] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  222.148241][ T9044] IPVS: You probably need to specify IP address on multicast interface.
[  222.157375][ T9044] IPVS: Error connecting to the multicast addr
[  222.852878][ T9085] loop2: detected capacity change from 0 to 4096
[  222.919572][ T9050] chnl_net:caif_netlink_parms(): no params data found
[  222.961327][ T3440] hsr_slave_0: left promiscuous mode
[  222.988704][ T3440] hsr_slave_1: left promiscuous mode
[  223.006929][ T3440] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.019491][ T3440] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.045033][ T3440] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.056260][ T9092] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  223.077953][ T3440] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.100699][ T3440] team0: left allmulticast mode
[  223.116696][ T3440] team_slave_0: left allmulticast mode
[  223.136202][ T3440] team_slave_1: left allmulticast mode
[  223.151970][ T3440] bridge0: port 3(team0) entered disabled state
[  223.191970][ T3440] bridge_slave_1: left allmulticast mode
[  223.198166][ T3440] bridge_slave_1: left promiscuous mode
[  223.205191][ T3440] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.234188][ T3440] bridge_slave_0: left allmulticast mode
[  223.249483][ T3440] bridge_slave_0: left promiscuous mode
[  223.255358][ T3440] bridge0: port 1(bridge_slave_0) entered disabled state
[  223.271241][ T9094] loop2: detected capacity change from 4096 to 64
[  223.292615][ T9085] bio_check_eod: 6 callbacks suppressed
[  223.292631][ T9085] syz.2.1066: attempt to access beyond end of device
[  223.292631][ T9085] loop2: rw=0, sector=288, nr_sectors = 8 limit=64
[  223.352996][ T9085] NILFS (loop2): I/O error reading meta-data file (ino=3, block-offset=226)
[  223.409534][ T9085] NILFS (loop2): error -5 truncating bmap (ino=15)
[  223.442600][ T3440] veth1_macvtap: left promiscuous mode
[  223.474871][ T3440] veth0_macvtap: left promiscuous mode
[  223.495349][ T3440] veth1_vlan: left promiscuous mode
[  223.515454][ T3440] veth0_vlan: left promiscuous mode
[  223.669774][ T5776] Bluetooth: hci3: command tx timeout
[  224.521540][ T9101] ceph: No mds server is up or the cluster is laggy
[  224.535187][ T9104] ceph: No mds server is up or the cluster is laggy
[  225.374144][ T3440] team_slave_1 (unregistering): left promiscuous mode
[  225.391443][ T3440] team0 (unregistering): Port device team_slave_1 removed
[  225.467968][ T3440] team_slave_0 (unregistering): left promiscuous mode
[  225.486989][ T3440] team0 (unregistering): Port device team_slave_0 removed
[  225.567313][ T3440] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.769731][ T5776] Bluetooth: hci3: command tx timeout
[  226.377159][ T3440] bond0 (unregistering): Released all slaves
[  226.882083][ T9050] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.939549][ T9050] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.957828][ T9050] bridge_slave_0: entered allmulticast mode
[  226.971398][ T9050] bridge_slave_0: entered promiscuous mode
[  226.991488][ T9050] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.998719][ T9050] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.040955][ T9050] bridge_slave_1: entered allmulticast mode
[  227.062810][ T9050] bridge_slave_1: entered promiscuous mode
[  227.209194][ T9050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.247796][ T9050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.366982][ T9050] team0: Port device team_slave_0 added
[  227.394333][ T9050] team0: Port device team_slave_1 added
[  227.475916][ T9050] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.483104][ T9050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.516530][ T9050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.532693][ T9050] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.544051][ T9050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.590071][ T9050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.741841][ T9050] hsr_slave_0: entered promiscuous mode
[  227.748842][ T9050] hsr_slave_1: entered promiscuous mode
[  227.762095][ T9050] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  227.775887][ T9050] Cannot create hsr debugfs directory
[  227.831229][ T5776] Bluetooth: hci3: command tx timeout
[  228.206673][ T9050] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  228.233753][ T9050] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  228.253753][ T9050] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  228.280105][ T9050] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  228.462791][ T9050] 8021q: adding VLAN 0 to HW filter on device bond0
[  228.505951][ T9050] 8021q: adding VLAN 0 to HW filter on device team0
[  228.537540][ T3440] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.545321][ T3440] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.595143][ T3440] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.602470][ T3440] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.096273][ T9050] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.662876][ T9050] veth0_vlan: entered promiscuous mode
[  229.697391][ T9050] veth1_vlan: entered promiscuous mode
[  229.778406][ T9050] veth0_macvtap: entered promiscuous mode
[  229.823937][ T9050] veth1_macvtap: entered promiscuous mode
[  229.879247][ T9050] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.906720][ T9050] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.920008][ T5776] Bluetooth: hci3: command tx timeout
[  229.942481][ T9050] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.952260][ T9050] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.969036][ T9050] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.981037][ T9050] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.122577][ T3434] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.146356][ T3434] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.218187][ T3509] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.228640][ T3509] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.413293][ T9182] loop5: detected capacity change from 0 to 8
[  230.503808][ T9182] SQUASHFS error: Failed to read block 0x8f: -5
[  230.524326][   T28] audit: type=1800 audit(1772722339.091:21): pid=9182 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1054" name="file1" dev="loop5" ino=5 res=0 errno=0
[  231.062725][ T9199] netlink: 'syz.5.1084': attribute type 10 has an invalid length.
[  231.098545][ T9199] 8021q: adding VLAN 0 to HW filter on device team0
[  231.141260][ T9199] bond0: (slave team0): Enslaving as an active interface with an up link
[  232.253346][ T9208] loop5: detected capacity change from 0 to 32768
[  232.310745][ T9208] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  232.768369][ T5773] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 10
[  233.100724][ T9211] loop1: detected capacity change from 0 to 40427
[  233.376090][ T9211] F2FS-fs (loop1): Found nat_bits in checkpoint
[  233.792581][ T9211] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  234.079225][ T9227] f2fs_ckpt-7:1: attempt to access beyond end of device
[  234.079225][ T9227] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.122506][ T9227] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  235.792303][ T9282] __nla_validate_parse: 1 callbacks suppressed
[  235.792884][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1100'.
[  236.439978][   T23] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  236.633985][   T23] usb 6-1: config index 0 descriptor too short (expected 28277, got 36)
[  236.659840][   T23] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  236.700543][   T23] usb 6-1: config 0 has no interfaces?
[  236.706403][   T23] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  236.740670][   T23] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.775852][   T23] usb 6-1: config 0 descriptor??
[  237.057546][ T5813] usb 6-1: USB disconnect, device number 2
[  238.795004][ T9324] loop5: detected capacity change from 0 to 40427
[  238.866548][ T9324] F2FS-fs (loop5): Found nat_bits in checkpoint
[  238.993498][ T9324] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  239.119863][ T9331] f2fs_ckpt-7:5: attempt to access beyond end of device
[  239.119863][ T9331] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  239.165876][ T9331] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  240.007289][ T5781] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  240.018835][ T5781] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  240.027860][ T5781] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  240.051840][ T5781] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  240.060109][ T5781] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  240.068723][ T5781] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  241.005893][ T9344] chnl_net:caif_netlink_parms(): no params data found
[  241.252529][ T9344] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.260232][ T9344] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.267861][ T9344] bridge_slave_0: entered allmulticast mode
[  241.277546][ T9344] bridge_slave_0: entered promiscuous mode
[  241.289994][ T9344] bridge0: port 2(bridge_slave_1) entered blocking state
[  241.298579][ T9344] bridge0: port 2(bridge_slave_1) entered disabled state
[  241.306543][ T9344] bridge_slave_1: entered allmulticast mode
[  241.314757][ T9344] bridge_slave_1: entered promiscuous mode
[  241.361220][ T9344] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  241.402767][ T9344] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.537281][ T9344] team0: Port device team_slave_0 added
[  241.576923][ T9344] team0: Port device team_slave_1 added
[  241.670329][ T9344] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.697765][ T9344] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.749417][ T9344] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.782208][ T9344] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.789243][ T9344] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.871753][ T9344] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.152357][ T5776] Bluetooth: hci4: command tx timeout
[  242.271361][ T9344] hsr_slave_0: entered promiscuous mode
[  242.432898][ T9344] hsr_slave_1: entered promiscuous mode
[  242.460507][ T9344] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.468243][ T9344] Cannot create hsr debugfs directory
[  243.275780][ T9402] loop1: detected capacity change from 0 to 128
[  243.369460][ T9402] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  243.384150][ T9344] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  243.480316][ T9402] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8)
[  243.499548][ T9344] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  243.509936][ T9402] FAT-fs (loop1): Filesystem has been set read-only
[  243.524612][ T9402] FAT-fs (loop1): error, corrupted file size (i_pos 548, 522)
[  243.562323][ T9344] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  243.603092][ T9344] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  243.957948][ T9344] 8021q: adding VLAN 0 to HW filter on device bond0
[  244.063033][ T9344] 8021q: adding VLAN 0 to HW filter on device team0
[  244.113029][ T3434] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.120436][ T3434] bridge0: port 1(bridge_slave_0) entered forwarding state
[  244.176362][ T3434] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.183749][ T3434] bridge0: port 2(bridge_slave_1) entered forwarding state
[  244.229743][ T5776] Bluetooth: hci4: command tx timeout
[  244.864386][ T9344] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.637008][ T9344] veth0_vlan: entered promiscuous mode
[  245.661622][ T9344] veth1_vlan: entered promiscuous mode
[  245.741286][ T9344] veth0_macvtap: entered promiscuous mode
[  245.785770][ T9344] veth1_macvtap: entered promiscuous mode
[  245.847328][ T9344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.862608][ T9344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.876802][ T9344] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.905777][ T9344] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.949448][ T9344] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.991169][ T9344] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.035748][ T9344] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.084137][ T9344] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.093591][ T9344] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.113776][ T9344] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.309492][ T5776] Bluetooth: hci4: command tx timeout
[  246.481751][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.491798][ T9437] loop5: detected capacity change from 0 to 128
[  246.528080][ T9437] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  246.549479][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.639884][ T9440] loop1: detected capacity change from 0 to 128
[  246.687171][ T9440] EXT4-fs (loop1): Test dummy encryption mode enabled
[  246.711897][ T3480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  246.761701][ T3480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  246.771021][ T9440] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  246.909944][ T9440] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.977912][ T9440] xt_hashlimit: size too large, truncated to 1048576
[  247.758624][ T9458] netlink: 'syz.5.1142': attribute type 10 has an invalid length.
[  247.809532][ T9458] netlink: 2 bytes leftover after parsing attributes in process `syz.5.1142'.
[  247.881289][ T9458] team0: entered promiscuous mode
[  247.921015][ T9458] team_slave_0: entered promiscuous mode
[  247.959773][ T9458] team_slave_1: entered promiscuous mode
[  248.020338][ T9458] bond0: (slave team0): Releasing backup interface
[  248.101324][ T9458] bridge0: port 3(team0) entered blocking state
[  248.161517][ T9458] bridge0: port 3(team0) entered disabled state
[  248.269979][ T9458] team0: entered allmulticast mode
[  248.291602][ T9458] team_slave_0: entered allmulticast mode
[  248.340159][ T9458] team_slave_1: entered allmulticast mode
[  248.390058][ T5776] Bluetooth: hci4: command tx timeout
[  248.436696][ T9452] loop6: detected capacity change from 0 to 131072
[  248.450729][ T9452] F2FS-fs (loop6): Invalid log sectorsize (67108873)
[  248.457598][ T9452] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  248.474377][ T9452] F2FS-fs (loop6): invalid crc value
[  248.551389][ T9452] F2FS-fs (loop6): Found nat_bits in checkpoint
[  248.633862][ T9452] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  248.641706][ T9452] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  249.357207][ T9484] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1149'.
[  249.897870][ T9491] netlink: 6 bytes leftover after parsing attributes in process `syz.3.1151'.
[  252.283288][ T9518] loop5: detected capacity change from 0 to 131072
[  252.293279][ T9518] F2FS-fs (loop5): Invalid log sectorsize (67108873)
[  252.300268][ T9518] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  252.314526][ T9518] F2FS-fs (loop5): invalid crc value
[  252.380641][ T9518] F2FS-fs (loop5): Found nat_bits in checkpoint
[  252.440531][ T9518] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  252.447663][ T9518] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  253.317658][ T9547] netlink: 'syz.6.1164': attribute type 12 has an invalid length.
[  254.955492][ T9568] netlink: 6 bytes leftover after parsing attributes in process `syz.5.1162'.
[  256.074980][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  256.090481][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  258.678458][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  258.892733][ T9648] loop5: detected capacity change from 0 to 128
[  258.939804][ T9648] EXT4-fs (loop5): Test dummy encryption mode enabled
[  258.959373][ T9651] veth1_to_bond: entered allmulticast mode
[  258.979213][ T9651] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1195'.
[  259.062165][ T9648] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  259.152521][ T9651] veth1_to_bond (unregistering): left allmulticast mode
[  259.181617][ T9648] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.287380][ T9648] xt_hashlimit: size too large, truncated to 1048576
[  263.472261][ T9728] netem: change failed
[  263.858774][ T9736] loop1: detected capacity change from 0 to 4096
[  266.099921][ T9050] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  266.797623][ T9759] netlink: 392 bytes leftover after parsing attributes in process `syz.3.1217'.
[  267.245838][ T9768] loop5: detected capacity change from 0 to 4096
[  267.291114][ T9768] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.423810][ T9777] netlink: 'syz.3.1222': attribute type 1 has an invalid length.
[  267.443894][ T9777] netlink: 'syz.3.1222': attribute type 4 has an invalid length.
[  267.461964][ T9777] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.1222'.
[  267.757022][ T9050] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.945141][ T9786] netlink: 392 bytes leftover after parsing attributes in process `syz.6.1227'.
[  269.262696][ T9817] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1239'.
[  269.741879][ T9831] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1243'.
[  269.770361][ T9831] netlink: 'syz.5.1243': attribute type 18 has an invalid length.
[  269.785352][ T9831] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1243'.
[  269.826225][ T9831] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  269.835683][ T9831] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  269.844723][ T9831] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  269.853550][ T9831] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  269.901557][ T9831] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1243'.
[  269.950309][ T9831] netlink: 'syz.5.1243': attribute type 18 has an invalid length.
[  269.990273][ T9831] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1243'.
[  270.160411][ T9836] loop6: detected capacity change from 0 to 4096
[  270.259549][ T9836] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.824589][ T9849] loop5: detected capacity change from 0 to 256
[  270.842802][ T9344] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.897264][ T9849] FAT-fs (loop5): Directory bread(block 64) failed
[  270.933809][ T9849] FAT-fs (loop5): Directory bread(block 65) failed
[  270.990834][ T9849] FAT-fs (loop5): Directory bread(block 66) failed
[  271.012505][ T9849] FAT-fs (loop5): Directory bread(block 67) failed
[  271.035314][ T9849] FAT-fs (loop5): Directory bread(block 68) failed
[  271.042260][ T9849] FAT-fs (loop5): Directory bread(block 69) failed
[  271.049088][ T9849] FAT-fs (loop5): Directory bread(block 70) failed
[  271.057312][ T9849] FAT-fs (loop5): Directory bread(block 71) failed
[  271.064492][ T9849] FAT-fs (loop5): Directory bread(block 72) failed
[  271.071882][ T9849] FAT-fs (loop5): Directory bread(block 73) failed
[  271.499281][ T9862] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1256'.
[  271.630300][ T9866] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1268'.
[  271.654019][ T9866] netlink: 'syz.1.1268': attribute type 18 has an invalid length.
[  271.685396][ T9866] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  271.694327][ T9866] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  271.703268][ T9866] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  271.713695][ T9866] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  271.789439][ T9866] netlink: 'syz.1.1268': attribute type 18 has an invalid length.
[  271.816502][ T9866] __nla_validate_parse: 2 callbacks suppressed
[  271.816520][ T9866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1268'.
[  272.030503][ T9874] sctp: [Deprecated]: syz.5.1260 (pid 9874) Use of struct sctp_assoc_value in delayed_ack socket option.
[  272.030503][ T9874] Use struct sctp_sack_info instead
[  273.199620][ T9892] netlink: 'syz.1.1267': attribute type 1 has an invalid length.
[  273.247482][ T9892] netlink: 'syz.1.1267': attribute type 2 has an invalid length.
[  273.275428][ T9892] netlink: 'syz.1.1267': attribute type 1 has an invalid length.
[  273.293630][ T9892] netlink: 'syz.1.1267': attribute type 2 has an invalid length.
[  273.553553][ T9900] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1271'.
[  274.644068][ T9920] sctp: [Deprecated]: syz.6.1281 (pid 9920) Use of struct sctp_assoc_value in delayed_ack socket option.
[  274.644068][ T9920] Use struct sctp_sack_info instead
[  274.763204][ T9905] loop1: detected capacity change from 0 to 32768
[  274.860626][ T9905] JBD2: Ignoring recovery information on journal
[  274.983208][ T9905] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  275.417276][ T9912] loop5: detected capacity change from 0 to 32768
[  275.513521][ T9912] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  275.689124][ T9912] XFS (loop5): Ending clean mount
[  276.000487][ T5772] ocfs2: Unmounting device (7,1) on (node local)
[  276.058252][ T9050] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  277.428489][ T9971] loop5: detected capacity change from 0 to 1024
[  277.453559][ T9971] EXT4-fs: Ignoring removed orlov option
[  277.537970][ T9971] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.645671][ T9957] loop1: detected capacity change from 0 to 40427
[  277.691199][ T9957] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[  277.716828][ T9957] F2FS-fs (loop1): invalid crc value
[  277.737133][ T9957] F2FS-fs (loop1): Found nat_bits in checkpoint
[  277.843367][ T9050] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.044670][ T9957] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  278.344928][ T5772] syz-executor: attempt to access beyond end of device
[  278.344928][ T5772] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  278.384867][ T5772] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  278.559390][   T23] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  278.769117][   T23] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  278.797073][   T23] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  278.824724][   T23] usb 7-1: New USB device found, idVendor=0856, idProduct=ac33, bcdDevice= 0.f8
[  278.863760][   T23] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.907908][   T23] usb 7-1: Product: syz
[  278.918245][   T23] usb 7-1: Manufacturer: syz
[  278.935242][   T23] usb 7-1: SerialNumber: syz
[  278.961757][   T23] usb 7-1: config 0 descriptor??
[  279.238752][   T23] usb 7-1: USB disconnect, device number 2
[  279.322644][ T9999] loop1: detected capacity change from 0 to 256
[  279.396613][ T9999] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  280.183694][T10013] Dead loop on virtual device ipvlan1, fix it urgently!
[  280.299537][T10013] syz.3.1312 (10013) used greatest stack depth: 12368 bytes left
[  280.395342][T10019] loop6: detected capacity change from 0 to 1024
[  280.481721][T10019] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  280.752827][ T9344] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.169430][   T23] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  281.361528][   T23] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  281.382638][   T23] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  281.405563][   T23] usb 6-1: New USB device found, idVendor=0856, idProduct=ac33, bcdDevice= 0.f8
[  281.421029][   T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.429107][   T23] usb 6-1: Product: syz
[  281.453795][   T23] usb 6-1: Manufacturer: syz
[  281.458490][   T23] usb 6-1: SerialNumber: syz
[  281.478737][   T23] usb 6-1: config 0 descriptor??
[  281.619647][T10037] loop6: detected capacity change from 0 to 40427
[  281.638547][T10037] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x7ffff
[  281.665726][T10037] F2FS-fs (loop6): invalid crc value
[  281.687067][T10037] F2FS-fs (loop6): Found nat_bits in checkpoint
[  281.733190][   T23] usb 6-1: USB disconnect, device number 3
[  281.817697][T10037] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  281.969130][ T9344] syz-executor: attempt to access beyond end of device
[  281.969130][ T9344] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  281.991969][ T9344] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  282.332981][T10046] IPVS: persistence engine module ip_vs_pe_ not found
[  283.459443][T10066] tipc: Started in network mode
[  283.499185][T10066] tipc: Node identity 4, cluster identity 4711
[  283.538614][T10066] tipc: Node number set to 4
[  284.928868][T10076] loop5: detected capacity change from 0 to 40427
[  284.950276][T10076] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  284.968950][T10076] F2FS-fs (loop5): invalid crc value
[  284.978464][T10076] F2FS-fs (loop5): Found nat_bits in checkpoint
[  285.106961][T10076] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  285.437908][ T9050] syz-executor: attempt to access beyond end of device
[  285.437908][ T9050] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  285.495771][ T9050] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  286.524261][T10101] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1341'.
[  286.567029][T10101] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1341'.
[  286.587666][T10101] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1341'.
[  286.639016][T10101] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1341'.
[  286.790280][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  286.990639][T10109] tipc: Started in network mode
[  287.011541][T10109] tipc: Node identity 4, cluster identity 4711
[  287.040460][T10109] tipc: Node number set to 4
[  287.931625][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  287.979756][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  287.989897][    T0] NOHZ tick-stop error: local softirq work is pending, handler #3c2!!!
[  288.679604][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  288.733528][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  288.836102][T10121] netlink: 'syz.3.1351': attribute type 25 has an invalid length.
[  288.854382][T10121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1351'.
[  289.000819][T10121] netlink: 'syz.3.1351': attribute type 25 has an invalid length.
[  289.008958][T10121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1351'.
[  290.216247][   T28] audit: type=1326 audit(1772722398.781:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.318484][T10154] netlink: 'syz.5.1363': attribute type 1 has an invalid length.
[  290.335873][   T28] audit: type=1326 audit(1772722398.781:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.400719][   T28] audit: type=1326 audit(1772722398.821:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.439430][   T28] audit: type=1326 audit(1772722398.821:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.462967][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  290.490161][T10154] 8021q: adding VLAN 0 to HW filter on device bond1
[  290.569456][   T28] audit: type=1326 audit(1772722398.821:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.646779][   T28] audit: type=1326 audit(1772722398.831:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.718958][T10159] netlink: 'syz.6.1365': attribute type 25 has an invalid length.
[  290.741904][T10159] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1365'.
[  290.759583][   T28] audit: type=1326 audit(1772722398.831:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.794110][T10159] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  290.803008][T10159] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  290.811890][T10159] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  290.820760][T10159] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  290.852501][T10159] netlink: 'syz.6.1365': attribute type 25 has an invalid length.
[  290.862168][   T28] audit: type=1326 audit(1772722398.851:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.905970][T10159] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1365'.
[  290.940799][   T28] audit: type=1326 audit(1772722398.851:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  290.999523][   T28] audit: type=1326 audit(1772722398.851:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10149 comm="syz.6.1362" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ab139c799 code=0x7ffc0000
[  293.118451][T10208] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1387'.
[  293.615748][T10217] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1392'.
[  293.677556][T10217] vlan2: entered promiscuous mode
[  293.689435][T10217] gretap0: entered promiscuous mode
[  294.441206][T10232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1398'.
[  295.542194][T10256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1410'.
[  298.354857][T10314] loop5: detected capacity change from 0 to 128
[  298.385147][T10314] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  298.401990][T10314] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  298.646256][ T9050] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  299.009569][ T5813] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  299.232617][ T5813] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  299.268475][ T5813] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  299.298595][ T5813] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  299.321684][ T5813] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  299.356677][ T5813] usb 2-1: SerialNumber: syz
[  299.610495][ T5813] usb 2-1: 0:2 : does not exist
[  299.626006][ T5813] usb 2-1: unit 5 not found!
[  299.713423][ T5813] usb 2-1: USB disconnect, device number 9
[  299.799265][ T5773] udevd[5773]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  301.257960][T10368] overlayfs: failed to clone upperpath
[  303.299923][T10401] overlayfs: failed to clone upperpath
[  304.671760][T10423] sctp: [Deprecated]: syz.1.1481 (pid 10423) Use of struct sctp_assoc_value in delayed_ack socket option.
[  304.671760][T10423] Use struct sctp_sack_info instead
[  304.994797][T10430] loop1: detected capacity change from 0 to 2048
[  305.005221][T10433] loop6: detected capacity change from 0 to 256
[  305.039673][T10430] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  305.141558][T10436] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  305.591669][T10436] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  305.614154][T10444] Dead loop on virtual device ipvlan1, fix it urgently!
[  305.649634][T10436] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4)
[  305.666543][T10445] Dead loop on virtual device ipvlan1, fix it urgently!
[  305.706800][T10436] Remounting filesystem read-only
[  305.722434][ T3428] NILFS (loop1): discard dirty page: offset=4096, ino=6
[  305.750610][ T3428] NILFS (loop1): discard dirty block: blocknr=39, size=1024
[  305.758166][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  305.794169][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  305.830447][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  305.853967][ T3428] NILFS (loop1): discard dirty page: offset=0, ino=3
[  305.869517][ T3428] NILFS (loop1): discard dirty block: blocknr=42, size=1024
[  305.876931][ T3428] NILFS (loop1): discard dirty block: blocknr=43, size=1024
[  305.918089][ T3428] NILFS (loop1): discard dirty block: blocknr=44, size=1024
[  305.946151][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  305.974284][ T3428] NILFS (loop1): discard dirty page: offset=65536, ino=3
[  305.990714][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.012483][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.042575][ T3428] NILFS (loop1): discard dirty block: blocknr=0, size=1024
[  306.069507][ T3428] NILFS (loop1): discard dirty block: blocknr=0, size=1024
[  306.076903][ T3428] NILFS (loop1): discard dirty page: offset=196608, ino=3
[  306.084561][T10435] loop5: detected capacity change from 0 to 32768
[  306.093938][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.106491][T10435] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.1488 (10435)
[  306.124889][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.143799][ T3428] NILFS (loop1): discard dirty block: blocknr=49, size=1024
[  306.162909][T10435] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  306.173731][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.187801][ T3428] NILFS (loop1): discard dirty page: offset=0, ino=5
[  306.194902][T10435] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  306.208257][ T3428] NILFS (loop1): discard dirty block: blocknr=41, size=1024
[  306.218796][T10435] BTRFS info (device loop5): setting nodatacow, compression disabled
[  306.227151][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.244374][T10435] BTRFS info (device loop5): setting datasum, datacow enabled
[  306.252084][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.263591][T10435] BTRFS info (device loop5): force clearing of disk cache
[  306.270925][ T3428] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.280081][T10435] BTRFS info (device loop5): enabling ssd optimizations
[  306.287463][T10435] BTRFS info (device loop5): using spread ssd allocation scheme
[  306.296638][ T5772] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  306.307414][T10435] BTRFS info (device loop5): turning on sync discard
[  306.316582][ T5772] NILFS (loop1): discard dirty page: offset=0, ino=6
[  306.328971][T10435] BTRFS info (device loop5): turning off barriers
[  306.338642][ T5772] NILFS (loop1): discard dirty block: blocknr=35, size=1024
[  306.345127][T10445] syz.3.1491 (10445) used greatest stack depth: 12008 bytes left
[  306.349649][T10435] BTRFS info (device loop5): enabling auto defrag
[  306.365064][ T5772] NILFS (loop1): discard dirty block: blocknr=36, size=1024
[  306.386855][T10435] BTRFS info (device loop5): not using ssd optimizations
[  306.404199][ T5772] NILFS (loop1): discard dirty block: blocknr=37, size=1024
[  306.429232][T10435] BTRFS info (device loop5): not using spread ssd allocation scheme
[  306.437447][T10435] BTRFS info (device loop5): using free space tree
[  306.444661][ T5772] NILFS (loop1): discard dirty block: blocknr=38, size=1024
[  306.471674][ T5772] NILFS (loop1): discard dirty page: offset=0, ino=4
[  306.479034][ T5772] NILFS (loop1): discard dirty block: blocknr=40, size=1024
[  306.497163][ T5772] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.516154][ T5772] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.539433][ T5772] NILFS (loop1): discard dirty block: blocknr=18446744073709551615, size=1024
[  306.773602][T10435] BTRFS info (device loop5): rebuilding free space tree
[  307.125310][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  307.125326][   T28] audit: type=1800 audit(1772722415.691:37): pid=10435 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1488" name="file1" dev="loop5" ino=260 res=0 errno=0
[  307.242451][   T28] audit: type=1800 audit(1772722415.791:38): pid=10480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1488" name="file1" dev="loop5" ino=260 res=0 errno=0
[  307.618017][T10435] BTRFS info (device loop5): balance: start -sconvert=raid0,soft
[  307.778052][T10435] BTRFS info (device loop5): balance: canceled
[  307.883726][T10493] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.1503'.
[  307.962024][ T9050] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  309.223004][T10516] netlink: 65047 bytes leftover after parsing attributes in process `syz.6.1513'.
[  310.519553][T10548] netlink: 'syz.5.1524': attribute type 3 has an invalid length.
[  311.627817][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1536'.
[  311.668300][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1536'.
[  311.725898][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1536'.
[  311.776752][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1536'.
[  313.439395][    T8] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  313.634916][    T8] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  313.665766][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  313.701258][    T8] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  313.729410][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  313.737600][    T8] usb 6-1: SerialNumber: syz
[  313.989730][    T8] usb 6-1: 0:2 : does not exist
[  314.002897][T10610] loop6: detected capacity change from 0 to 32768
[  314.021010][    T8] usb 6-1: unit 16 not found!
[  314.044660][T10610] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop6 scanned by syz.6.1548 (10610)
[  314.113684][    T8] usb 6-1: USB disconnect, device number 4
[  314.159496][T10610] BTRFS info (device loop6): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  314.195180][T10610] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  314.228301][T10610] BTRFS info (device loop6): enabling disk space caching
[  314.262969][ T5773] udevd[5773]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  314.283931][T10610] BTRFS info (device loop6): force clearing of disk cache
[  314.302673][T10610] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  314.335934][T10610] BTRFS info (device loop6): use zstd compression, level 3
[  314.381043][T10610] BTRFS info (device loop6): disk space caching is enabled
[  314.525327][T10610] BTRFS info (device loop6): enabling ssd optimizations
[  314.568034][T10610] BTRFS info (device loop6): auto enabling async discard
[  314.591990][T10610] BTRFS info (device loop6): rebuilding free space tree
[  314.712462][T10610] BTRFS info (device loop6): disabling free space tree
[  314.728535][T10610] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  314.780927][T10610] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  315.027598][T10653] loop1: detected capacity change from 0 to 512
[  315.140509][T10653] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  315.202389][T10653] EXT4-fs (loop1): 1 truncate cleaned up
[  315.217723][T10653] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.246602][ T9344] BTRFS info (device loop6): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  315.525282][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.469484][    T8] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  316.689951][    T8] usb 7-1: Using ep0 maxpacket: 32
[  316.705162][    T8] usb 7-1: config index 0 descriptor too short (expected 29220, got 36)
[  316.714433][    T8] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  316.739401][    T8] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81
[  316.764342][    T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  316.803581][    T8] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  316.840444][    T8] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  316.889465][    T8] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  316.941894][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.977480][    T8] usb 7-1: config 0 descriptor??
[  317.051822][T10683] ntfs: (device nullb0): read_ntfs_boot_sector(): Primary boot sector is invalid.
[  317.091944][T10683] ntfs: (device nullb0): read_ntfs_boot_sector(): Mount option errors=recover not used. Aborting without trying to recover.
[  317.133287][T10683] ntfs: (device nullb0): ntfs_fill_super(): Not an NTFS volume.
[  317.219988][    T8] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  317.457380][    T8] usb 7-1: USB disconnect, device number 3
[  317.491498][    T8] usblp0: removed
[  317.514390][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  318.637449][T10712] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1582'.
[  318.722926][T10714] loop6: detected capacity change from 0 to 164
[  319.524957][T10732] loop1: detected capacity change from 0 to 1024
[  319.581888][T10732] EXT4-fs: Ignoring removed bh option
[  319.607338][T10732] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  319.696519][T10732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.893740][T10732] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  320.035276][ T5772] EXT4-fs error (device loop1): ext4_read_inline_dir:1583: inode #12: block 7: comm syz-executor: path /374/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  320.076488][ T5772] EXT4-fs error (device loop1): ext4_read_inline_dir:1583: inode #12: block 7: comm syz-executor: path /374/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  320.125415][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.349110][T10772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1608'.
[  321.972877][T10785] netlink: 'syz.3.1612': attribute type 4 has an invalid length.
[  321.996652][T10781] loop1: detected capacity change from 0 to 8192
[  322.057129][T10781] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  322.070720][T10781] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  322.080120][T10781] REISERFS (device loop1): using ordered data mode
[  322.086896][T10781] reiserfs: using flush barriers
[  322.107456][T10781] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  322.132334][T10770] loop6: detected capacity change from 0 to 40427
[  322.151646][T10781] REISERFS (device loop1): checking transaction log (loop1)
[  322.183789][T10770] F2FS-fs (loop6): Found nat_bits in checkpoint
[  322.423935][T10770] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  322.545315][T10781] REISERFS (device loop1): Using tea hash to sort names
[  322.570448][T10781] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  322.646525][T10781] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  322.658364][ T9344] syz-executor: attempt to access beyond end of device
[  322.658364][ T9344] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  322.705438][ T9344] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  322.714628][T10795] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1614'.
[  322.747626][T10795] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1614'.
[  322.765607][T10795] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1614'.
[  322.780218][T10795] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1614'.
[  323.880044][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  324.185774][T10825] Dead loop on virtual device ipvlan1, fix it urgently!
[  324.213712][T10825] syz.3.1625 (10825) used greatest stack depth: 11888 bytes left
[  324.388553][   T28] audit: type=1326 audit(1772722432.951:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.466933][   T28] audit: type=1326 audit(1772722432.981:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.556153][   T28] audit: type=1326 audit(1772722432.991:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.618869][   T28] audit: type=1326 audit(1772722432.991:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.708915][   T28] audit: type=1326 audit(1772722432.991:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.814383][   T28] audit: type=1326 audit(1772722432.991:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.844219][   T28] audit: type=1326 audit(1772722432.991:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.868426][   T28] audit: type=1326 audit(1772722432.991:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.892365][   T28] audit: type=1326 audit(1772722432.991:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  324.915648][   T28] audit: type=1326 audit(1772722432.991:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10830 comm="syz.3.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f317599c799 code=0x7ffc0000
[  325.714927][T10863] loop6: detected capacity change from 0 to 1024
[  325.930841][T10863] hfsplus: xattr search failed
[  326.029573][    T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  326.239580][    T8] usb 6-1: Using ep0 maxpacket: 16
[  326.261837][    T8] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  326.289903][    T8] usb 6-1: config 0 interface 0 has no altsetting 0
[  326.304628][    T8] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  326.335899][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  326.377639][    T8] usb 6-1: config 0 descriptor??
[  326.799614][ T5814] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  326.826338][    T8] nzxt-smart2 0003:1E71:2009.0005: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.5-1/input0
[  326.999456][ T5814] usb 2-1: Using ep0 maxpacket: 16
[  327.018610][ T5814] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  327.047446][ T5814] usb 2-1: config 0 has no interface number 0
[  327.075993][ T5814] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  327.095574][ T5814] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.114700][ T5814] usb 2-1: Product: syz
[  327.119065][ T5814] usb 2-1: Manufacturer: syz
[  327.125232][ T5814] usb 2-1: SerialNumber: syz
[  327.151954][ T5814] usb 2-1: config 0 descriptor??
[  327.171563][ T5814] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  327.268172][    T9] usb 6-1: USB disconnect, device number 5
[  327.750892][    C0] Dead loop on virtual device ipvlan1, fix it urgently!
[  328.134402][T10907] overlayfs: failed to clone upperpath
[  328.384114][ T5814] gspca_spca1528: reg_w err -71
[  328.389152][ T5814] spca1528: probe of 2-1:0.1 failed with error -71
[  328.433423][ T5814] usb 2-1: USB disconnect, device number 10
[  328.650578][T10916] tls_set_device_offload_rx: netdev not found
[  329.047333][T10929] loop6: detected capacity change from 0 to 128
[  329.097286][T10929] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  329.164070][T10929] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  329.378954][ T9344] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  330.599418][ T5814] IPVS: starting estimator thread 0...
[  330.729546][T10970] IPVS: using max 19 ests per chain, 45600 per kthread
[  331.844265][T10996] overlayfs: failed to resolve './file0': -2
[  332.469926][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1700'.
[  333.023283][T11015] input: syz0 as /devices/virtual/input/input7
[  333.960025][T11023] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1711'.
[  334.053855][ T5814] IPVS: starting estimator thread 0...
[  334.209423][T11026] IPVS: using max 18 ests per chain, 43200 per kthread
[  334.520091][T11036] overlayfs: failed to clone upperpath
[  336.770929][T11039] loop5: detected capacity change from 0 to 40427
[  336.797085][T11039] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  336.825529][T11039] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  336.860678][T11039] F2FS-fs (loop5): invalid crc value
[  336.880716][T11039] F2FS-fs (loop5): Found nat_bits in checkpoint
[  337.054685][T11039] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  337.082304][T11039] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  337.274051][T11071] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1724'.
[  337.332468][T11071] bond0: entered promiscuous mode
[  337.369632][T11071] bond_slave_0: entered promiscuous mode
[  337.375649][T11071] bond_slave_1: entered promiscuous mode
[  337.408553][T11071] bond0: left promiscuous mode
[  337.434777][T11071] bond_slave_0: left promiscuous mode
[  337.457336][T11071] bond_slave_1: left promiscuous mode
[  337.516749][T11072] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1724'.
[  337.611673][T11072] bond0: entered promiscuous mode
[  337.645892][T11072] bond_slave_0: entered promiscuous mode
[  337.668139][T11072] bond_slave_1: entered promiscuous mode
[  337.698615][T11072] bond0: left promiscuous mode
[  337.706508][T11072] bond_slave_0: left promiscuous mode
[  337.725970][T11072] bond_slave_1: left promiscuous mode
[  338.334377][T11077] loop6: detected capacity change from 0 to 8192
[  338.387195][T11077] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  338.401414][T11077] REISERFS (device loop6): found reiserfs format "3.6" with non-standard journal
[  338.411564][T11077] REISERFS (device loop6): using ordered data mode
[  338.418178][T11077] reiserfs: using flush barriers
[  338.426365][T11077] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  338.443806][T11077] REISERFS (device loop6): checking transaction log (loop6)
[  338.582884][T11077] REISERFS (device loop6): Using tea hash to sort names
[  338.609100][T11077] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  338.647179][T11077] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  339.168563][T11092] loop5: detected capacity change from 0 to 256
[  339.215548][T11092] FAT-fs (loop5): Directory bread(block 64) failed
[  339.249482][T11092] FAT-fs (loop5): Directory bread(block 65) failed
[  339.266882][T11092] FAT-fs (loop5): Directory bread(block 66) failed
[  339.274006][T11092] FAT-fs (loop5): Directory bread(block 67) failed
[  339.299628][T11092] FAT-fs (loop5): Directory bread(block 68) failed
[  339.314720][T11092] FAT-fs (loop5): Directory bread(block 69) failed
[  339.323465][T11092] FAT-fs (loop5): Directory bread(block 70) failed
[  339.331523][T11092] FAT-fs (loop5): Directory bread(block 71) failed
[  339.338330][T11092] FAT-fs (loop5): Directory bread(block 72) failed
[  339.361707][T11092] FAT-fs (loop5): Directory bread(block 73) failed
[  339.743552][T11092] syz.5.1728: attempt to access beyond end of device
[  339.743552][T11092] loop5: rw=524288, sector=1736, nr_sectors = 32 limit=256
[  339.827834][T11092] syz.5.1728: attempt to access beyond end of device
[  339.827834][T11092] loop5: rw=0, sector=1736, nr_sectors = 8 limit=256
[  339.882644][ T5813] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  340.011841][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  340.011861][   T28] audit: type=1800 audit(1772722448.551:54): pid=11092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1728" name="file0" dev="loop5" ino=1048622 res=0 errno=0
[  340.119420][ T5813] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  340.184150][ T5813] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  340.215944][ T5813] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  340.240738][ T5813] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.280292][T11096] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  340.327721][ T5813] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[  340.909887][    T9] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  341.029836][ T5814] usb 2-1: USB disconnect, device number 11
[  341.102657][    T9] usb 7-1: Using ep0 maxpacket: 32
[  341.131479][    T9] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[  341.167525][    T9] usb 7-1: config 0 has no interface number 0
[  341.240301][    T9] usb 7-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  341.266837][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.289425][    T9] usb 7-1: Product: syz
[  341.293676][    T9] usb 7-1: Manufacturer: syz
[  341.298320][    T9] usb 7-1: SerialNumber: syz
[  341.331669][    T9] usb 7-1: config 0 descriptor??
[  341.350886][    T9] smsc95xx v2.0.0
[  341.949601][T11119] kernel read not supported for file /file0 (pid: 11119 comm: syz.1.1743)
[  341.977691][   T28] audit: type=1800 audit(1772722450.541:55): pid=11119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1743" name="file0" dev="mqueue" ino=23264 res=0 errno=0
[  342.572009][    T9] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[  342.600421][    T9] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  342.624649][    T9] smsc95xx 7-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  342.661862][    T9] smsc95xx: probe of 7-1:0.67 failed with error -71
[  342.694960][    T9] usb 7-1: USB disconnect, device number 4
[  343.078789][T11128] loop5: detected capacity change from 0 to 22
[  343.096062][T11128] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  343.138541][T11128] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  344.379742][T11169] Bluetooth: hci0: too big key_count value 32768
[  345.193555][ T5781] Bluetooth: hci3: command 0x0406 tx timeout
[  345.379567][ T5813] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  345.592695][ T5813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  345.619453][ T5813] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  345.638268][ T5813] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  345.668588][ T5813] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  345.697096][ T5813] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.722702][ T5813] usb 6-1: config 0 descriptor??
[  346.053785][T11201] ip6gre1: entered promiscuous mode
[  346.059760][T11201] ip6gre1: entered allmulticast mode
[  346.185895][ T5813] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  346.224177][ T5813] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  346.909725][T11211] loop6: detected capacity change from 0 to 128
[  346.957819][T11211] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  346.997704][T11211] hpfs: filesystem error: improperly stopped
[  347.019170][T11211] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  347.052226][T11211] hpfs: You really don't want any checks? You are crazy...
[  347.110603][T11211] hpfs: hpfs_map_sector(): read error
[  347.128609][T11211] hpfs: code page support is disabled
[  347.144775][T11211] hpfs: hpfs_map_4sectors(): unaligned read
[  347.164404][T11211] hpfs: hpfs_map_4sectors(): unaligned read
[  347.181957][T11211] hpfs: filesystem error: unable to find root dir
[  347.689457][T11209] loop1: detected capacity change from 0 to 32768
[  347.733259][T11209] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  347.848769][T11209] XFS (loop1): Ending clean mount
[  347.905114][T11209] XFS (loop1): Quotacheck needed: Please wait.
[  348.095134][T11209] XFS (loop1): Quotacheck: Done.
[  348.406326][ T5813] usb 6-1: USB disconnect, device number 6
[  348.720329][T11235] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1786'.
[  349.011743][ T5772] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  349.473174][T11255] loop5: detected capacity change from 0 to 128
[  349.511295][T11255] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  349.572289][T11255] ext4 filesystem being mounted at /187/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  349.757445][T11255] EXT4-fs error (device loop5): make_indexed_dir:2333: inode #2: block 18: comm syz.5.1796: bad entry in directory: rec_len is smaller than minimal - offset=36, inode=128, rec_len=9, size=1000 fake=0
[  349.791903][T11255] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.1796: dx entry: limit 0 != root limit 125
[  349.807033][T11255] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.1796: Corrupt directory, running e2fsck is recommended
[  349.882262][ T9050] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  350.959667][ T5849] usb 2-1: new low-speed USB device number 12 using dummy_hcd
[  351.164176][ T5849] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  351.183383][ T5849] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  351.205542][ T5849] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  351.237765][ T5849] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  351.258561][ T5849] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.291832][T11274] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  351.321011][ T5849] hub 2-1:1.0: bad descriptor, ignoring hub
[  351.329440][ T5849] hub: probe of 2-1:1.0 failed with error -5
[  351.350448][ T5849] cdc_wdm 2-1:1.0: skipping garbage
[  351.355746][ T5849] cdc_wdm 2-1:1.0: skipping garbage
[  351.399854][ T5849] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  351.416288][ T5849] cdc_wdm 2-1:1.0: Unknown control protocol
[  351.641809][ T5849] usb 2-1: USB disconnect, device number 12
[  351.648805][T11274] cdc_wdm 2-1:1.0: Error autopm - -16
[  351.969575][    T8] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  352.112494][T11296] netlink: 'syz.3.1811': attribute type 1 has an invalid length.
[  352.121759][T11296] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  352.130008][T11296] IPv6: NLM_F_CREATE should be set when creating new route
[  352.137303][T11296] IPv6: NLM_F_CREATE should be set when creating new route
[  352.150185][T11296] netlink: 'syz.3.1811': attribute type 1 has an invalid length.
[  352.158164][T11296] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  352.165494][T11296] IPv6: NLM_F_CREATE should be set when creating new route
[  352.182400][    T8] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  352.215012][    T8] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  352.253180][    T8] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  352.265945][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.279549][ T5849] usb 2-1: new low-speed USB device number 13 using dummy_hcd
[  352.312969][T11286] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  352.344383][    T8] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[  352.498328][ T5849] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  352.525695][ T5849] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  352.545324][ T5849] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  352.587451][T11302] loop6: detected capacity change from 0 to 512
[  352.598189][ T5849] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  352.618767][ T5849] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.647440][T11274] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  352.665813][T11302] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #16: comm syz.6.1814: invalid indirect mapped block 4294967295 (level 0)
[  352.694243][ T5849] hub 2-1:1.0: bad descriptor, ignoring hub
[  352.717164][ T5849] hub: probe of 2-1:1.0 failed with error -5
[  352.742832][ T5849] cdc_wdm 2-1:1.0: skipping garbage
[  352.748133][ T5849] cdc_wdm 2-1:1.0: skipping garbage
[  352.765470][   T23] usb 6-1: USB disconnect, device number 7
[  352.779429][T11302] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #16: comm syz.6.1814: invalid indirect mapped block 4294967295 (level 1)
[  352.800573][ T5849] cdc_wdm: probe of 2-1:1.0 failed with error -22
[  352.865370][T11302] EXT4-fs (loop6): 1 orphan inode deleted
[  352.897426][T11302] EXT4-fs (loop6): 1 truncate cleaned up
[  352.907320][T11302] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.061389][ T5849] usb 2-1: USB disconnect, device number 13
[  353.091022][ T9344] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.046986][T11328] loop1: detected capacity change from 0 to 1024
[  354.055375][T11328] EXT4-fs: Ignoring removed oldalloc option
[  354.064517][T11328] EXT4-fs: Ignoring removed bh option
[  354.073253][T11328] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  354.126856][T11328] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.272011][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.378708][T11336] loop6: detected capacity change from 0 to 1024
[  355.019839][T11355] loop5: detected capacity change from 0 to 128
[  355.038222][T11355] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  355.071551][T11355] hpfs: filesystem error: improperly stopped
[  355.086947][T11355] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  355.107587][T11355] hpfs: You really don't want any checks? You are crazy...
[  355.127397][T11355] hpfs: hpfs_map_sector(): read error
[  355.148301][T11355] hpfs: code page support is disabled
[  355.168699][T11355] hpfs: hpfs_map_4sectors(): unaligned read
[  355.183931][T11355] hpfs: hpfs_map_4sectors(): unaligned read
[  355.199656][T11355] hpfs: filesystem error: unable to find root dir
[  355.245290][T11355] hpfs: hpfs_map_4sectors(): unaligned read
[  355.270341][T11355] hpfs: hpfs_map_sector(): read error
[  355.303773][T11355] hpfs: hpfs_map_4sectors(): unaligned read
[  355.324725][T11355] hpfs: hpfs_map_sector(): read error
[  356.053970][    C1] Unknown status report in ack skb
[  356.309308][T11383] loop1: detected capacity change from 0 to 1024
[  356.330470][T11383] EXT4-fs: Ignoring removed bh option
[  356.382744][T11383] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  356.489382][    T9] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  356.563557][T11391] EXT4-fs error (device loop1): ext4_iget_extra_inode:4732: inode #15: comm syz.1.1847: corrupted in-inode xattr: e_value out of bounds
[  356.716222][    T9] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  356.727487][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  356.740441][    T9] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  356.766864][    T9] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  356.786548][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.812800][T11381] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  356.928262][    T9] usb 7-1: Quirk or no altest; falling back to MIDI 1.0
[  357.233982][ T5813] usb 7-1: USB disconnect, device number 5
[  357.832268][T11398] loop1: detected capacity change from 0 to 32768
[  357.891638][T11398] (syz.1.1851,11398,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  357.927186][T11398] (syz.1.1851,11398,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  358.044079][T11398] JBD2: Ignoring recovery information on journal
[  358.223527][T11398] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  358.710559][T11398] loop1: detected capacity change from 32768 to 64
[  358.732397][T11416] (syz.1.1851,11416,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x6ec2d589, computed 0xe31ba528. Applying ECC.
[  358.775523][T11416] (syz.1.1851,11416,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x6ec2d589, computed 0xe31ba528
[  358.789695][    T8] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  358.849982][T11416] (syz.1.1851,11416,1):ocfs2_validate_inode_block:1382 ERROR: Checksum failed for dinode 17
[  358.891638][T11416] (syz.1.1851,11416,1):ocfs2_assign_bh:2416 ERROR: status = -5
[  358.963719][T11416] (syz.1.1851,11416,1):ocfs2_inode_lock_full_nested:2511 ERROR: status = -5
[  358.996626][T11416] (syz.1.1851,11416,1):ocfs2_inode_lock_tracker:2695 ERROR: status = -5
[  359.020085][    T8] usb 6-1: unable to get BOS descriptor or descriptor too short
[  359.040113][    T8] usb 6-1: too many endpoints for config 1 interface 0 altsetting 13: 255, using maximum allowed: 30
[  359.078300][    T8] usb 6-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  359.102469][    T8] usb 6-1: config 1 interface 0 has no altsetting 0
[  359.102639][T11409] jbd2/loop1-29: attempt to access beyond end of device
[  359.102639][T11409] loop1: rw=38913, sector=554, nr_sectors = 1 limit=64
[  359.125437][    T8] usb 6-1: string descriptor 0 read error: -22
[  359.134946][    T8] usb 6-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.40
[  359.144753][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.169459][T11409] jbd2/loop1-29: attempt to access beyond end of device
[  359.169459][T11409] loop1: rw=38913, sector=555, nr_sectors = 1 limit=64
[  359.220301][T11409] jbd2/loop1-29: attempt to access beyond end of device
[  359.220301][T11409] loop1: rw=38913, sector=556, nr_sectors = 1 limit=64
[  359.286129][T11409] jbd2/loop1-29: attempt to access beyond end of device
[  359.286129][T11409] loop1: rw=38913, sector=557, nr_sectors = 1 limit=64
[  359.339682][T11409] Aborting journal on device loop1-29.
[  359.368849][T11409] jbd2/loop1-29: attempt to access beyond end of device
[  359.368849][T11409] loop1: rw=38913, sector=552, nr_sectors = 1 limit=64
[  359.397414][T11409] Buffer I/O error on dev loop1, logical block 552, lost sync page write
[  359.406489][    T9] IPVS: starting estimator thread 0...
[  359.411110][T11409] JBD2: I/O error when updating journal superblock for loop1-29.
[  359.427831][ T5772] (syz-executor,5772,1):ocfs2_start_trans:379 ERROR: status = -30
[  359.437153][ T5772] OCFS2: abort (device loop1): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[  359.509733][T11424] IPVS: using max 16 ests per chain, 38400 per kthread
[  359.517207][ T5772] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  359.559494][ T5772] OCFS2: File system is now read-only.
[  359.565130][ T5772] (syz-executor,5772,0):ocfs2_modify_bh:105 ERROR: status = -30
[  359.609435][ T5772] (syz-executor,5772,0):ocfs2_local_free_info:856 ERROR: status = -30
[  359.624669][ T5772] (syz-executor,5772,0):ocfs2_start_trans:379 ERROR: status = -30
[  359.632915][ T5772] OCFS2: abort (device loop1): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[  359.645247][ T5772] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  359.655739][ T5772] (syz-executor,5772,0):ocfs2_modify_bh:105 ERROR: status = -30
[  359.738415][ T5772] (syz-executor,5772,0):ocfs2_local_free_info:856 ERROR: status = -30
[  359.775026][ T5772] (syz-executor,5772,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x69a15b13, computed 0x9892300b. Applying ECC.
[  359.815262][ T5772] (syz-executor,5772,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x69a15b13, computed 0x9892300b
[  359.858842][ T5772] (syz-executor,5772,0):ocfs2_validate_inode_block:1382 ERROR: Checksum failed for dinode 23
[  359.891078][    T8] input: HID 0458:5012 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/0003:0458:5012.0007/input/input9
[  359.914098][ T5772] (syz-executor,5772,0):ocfs2_assign_bh:2416 ERROR: status = -5
[  359.943506][ T5772] (syz-executor,5772,0):ocfs2_inode_lock_full_nested:2511 ERROR: status = -5
[  359.964582][ T5772] (syz-executor,5772,0):ocfs2_shutdown_local_alloc:411 ERROR: status = -5
[  359.977695][T11426] loop6: detected capacity change from 0 to 4096
[  360.010072][ T5772] syz-executor: attempt to access beyond end of device
[  360.010072][ T5772] loop1: rw=1, sector=16936, nr_sectors = 1 limit=64
[  360.038872][    T8] input: HID 0458:5012 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/0003:0458:5012.0007/input/input10
[  360.065375][ T5772] Buffer I/O error on dev loop1, logical block 16936, lost sync page write
[  360.088084][ T5772] (syz-executor,5772,0):ocfs2_write_block:78 ERROR: status = -5
[  360.108830][ T5772] (syz-executor,5772,0):ocfs2_update_disk_slot:199 ERROR: status = -5
[  360.127126][ T5772] (syz-executor,5772,0):ocfs2_put_slot:517 ERROR: status = -5
[  360.158240][ T5772] (syz-executor,5772,0):ocfs2_journal_shutdown:1107 ERROR: status = -5
[  360.273285][    T8] kye 0003:0458:5012.0007: input,hiddev0,hidraw0: USB HID vff.7f Device [HID 0458:5012] on usb-dummy_hcd.5-1/input0
[  360.300928][ T5772] ocfs2: Unmounting device (7,1) on (node local)
[  360.374623][    T8] usb 6-1: USB disconnect, device number 8
[  360.518223][   T28] audit: type=1804 audit(1772722469.071:56): pid=11426 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1864" name=2F6E6577726F6F742F3138322F131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D3382F66696C6531 dev="loop6" ino=33 res=1 errno=0
[  360.554205][    C1] vkms_vblank_simulate: vblank timer overrun
[  360.617936][T11427] fido_id[11427]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  361.143901][T11435] loop1: detected capacity change from 0 to 256
[  361.746031][T11449] loop1: detected capacity change from 0 to 2048
[  361.824339][T11449] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.887833][T11449] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1229: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  361.912863][T11449] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  361.929042][T11449] EXT4-fs (loop1): This should not happen!! Data will be lost
[  361.929042][T11449] 
[  361.941226][T11449] EXT4-fs (loop1): Total free blocks count 0
[  361.947317][T11449] EXT4-fs (loop1): Free/Dirty block details
[  361.956097][T11449] EXT4-fs (loop1): free_blocks=2415919104
[  361.971027][T11449] EXT4-fs (loop1): dirty_blocks=16
[  361.976626][T11449] EXT4-fs (loop1): Block reservation details
[  361.983820][T11449] EXT4-fs (loop1): i_reserved_data_blocks=1
[  362.057468][T11457] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  362.330160][ T5776] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  362.341725][ T5776] CPU: 0 PID: 5776 Comm: kworker/u5:3 Not tainted syzkaller #0
[  362.349360][ T5776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  362.359491][ T5776] Workqueue: hci3 hci_rx_work
[  362.364263][ T5776] Call Trace:
[  362.367605][ T5776]  <TASK>
[  362.370590][ T5776]  dump_stack_lvl+0x18c/0x250
[  362.375345][ T5776]  ? show_regs_print_info+0x20/0x20
[  362.380624][ T5776]  ? load_image+0x400/0x400
[  362.385219][ T5776]  sysfs_create_dir_ns+0x26e/0x2a0
[  362.390408][ T5776]  ? sysfs_warn_dup+0xa0/0xa0
[  362.395147][ T5776]  ? do_raw_spin_unlock+0x121/0x230
[  362.400419][ T5776]  kobject_add_internal+0x61c/0xcc0
[  362.405687][ T5776]  kobject_add+0x164/0x240
[  362.410162][ T5776]  ? __rwlock_init+0x150/0x150
[  362.414988][ T5776]  ? kobject_init+0x1e0/0x1e0
[  362.419717][ T5776]  ? _raw_spin_unlock+0x28/0x40
[  362.424630][ T5776]  ? get_device_parent+0x366/0x390
[  362.429814][ T5776]  device_add+0x408/0xc20
[  362.434237][ T5776]  hci_conn_add_sysfs+0xd5/0x1e0
[  362.439241][ T5776]  le_conn_complete_evt+0xf5d/0x1540
[  362.444600][ T5776]  ? hci_event_packet+0x4cb/0x1270
[  362.449792][ T5776]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[  362.456120][ T5776]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[  362.461918][ T5776]  ? skb_pull_data+0xfb/0x200
[  362.466668][ T5776]  hci_le_conn_complete_evt+0x187/0x440
[  362.472287][ T5776]  ? hci_remote_host_features_evt+0x150/0x150
[  362.478432][ T5776]  hci_event_packet+0x7ba/0x1270
[  362.483442][ T5776]  ? bis_list+0x290/0x290
[  362.487835][ T5776]  ? lockdep_hardirqs_on+0x98/0x150
[  362.493097][ T5776]  ? hci_send_to_monitor+0xd7/0x4f0
[  362.498537][ T5776]  hci_rx_work+0x43a/0xd60
[  362.503042][ T5776]  ? process_scheduled_works+0x96f/0x15d0
[  362.508822][ T5776]  process_scheduled_works+0xa5d/0x15d0
[  362.514727][ T5776]  ? worker_attach_to_pool+0x380/0x380
[  362.520259][ T5776]  ? assign_work+0x3d2/0x5d0
[  362.524919][ T5776]  worker_thread+0xa55/0xfc0
[  362.529590][ T5776]  kthread+0x2fa/0x390
[  362.533702][ T5776]  ? pr_cont_work+0x560/0x560
[  362.538435][ T5776]  ? kthread_blkcg+0xd0/0xd0
[  362.543089][ T5776]  ret_from_fork+0x48/0x80
[  362.547577][ T5776]  ? kthread_blkcg+0xd0/0xd0
[  362.552223][ T5776]  ret_from_fork_asm+0x11/0x20
[  362.557066][ T5776]  </TASK>
[  362.564380][ T5776] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  362.578875][ T5776] Bluetooth: hci3: failed to register connection device
[  362.944263][T11473] overlayfs: failed to resolve './cgroup': -2
[  363.269628][T11464] loop6: detected capacity change from 0 to 32768
[  363.326414][T11464] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  363.876822][   T28] audit: type=1800 audit(1772722472.441:57): pid=11464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1877" name="file1" dev="loop6" ino=17058 res=0 errno=0
[  363.960519][   T28] audit: type=1800 audit(1772722472.451:58): pid=11483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1877" name="file1" dev="loop6" ino=17058 res=0 errno=0
[  364.212942][ T9344] ocfs2: Unmounting device (7,6) on (node local)
[  364.629593][ T5776] Bluetooth: hci3: command 0x0406 tx timeout
[  364.685665][T11509] loop6: detected capacity change from 0 to 512
[  364.701083][T11509] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  364.752395][T11509] EXT4-fs (loop6): 1 truncate cleaned up
[  364.765180][T11509] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.864193][   T28] audit: type=1800 audit(1772722473.431:59): pid=11509 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1890" name="bus" dev="loop6" ino=18 res=0 errno=0
[  365.069390][  T786] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  365.105354][ T9344] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /188/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  365.162693][ T9344] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  365.225450][ T9344] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /188/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  365.290040][  T786] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  365.303784][ T9344] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  365.323623][  T786] usb 2-1: config 220 has 1 interface, different from the descriptor's value: 3
[  365.323689][  T786] usb 2-1: config 220 interface 0 has no altsetting 0
[  365.340849][  T786] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  365.365168][  T786] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.409455][  T786] usb 2-1: Product: syz
[  365.413722][  T786] usb 2-1: Manufacturer: syz
[  365.418365][  T786] usb 2-1: SerialNumber: syz
[  365.425075][ T9344] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /188/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  365.496626][ T9344] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  365.567727][ T9344] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /188/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  365.635702][ T9344] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  365.673702][ T5776] Bluetooth: hci4: command 0x0406 tx timeout
[  365.684803][ T9344] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /188/file1/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  365.733052][  T786] usb 2-1: Found UVC 0.00 device syz (8086:0b07)
[  365.739716][  T786] usb 2-1: No valid video chain found.
[  365.754367][  T786] usb 2-1: USB disconnect, device number 14
[  365.805430][ T9344] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  367.049187][   T49] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  367.069397][   T49] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.197576][T11533] loop5: detected capacity change from 0 to 256
[  367.285110][T11533] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  367.359043][   T49] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  367.400019][   T49] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.673967][   T49] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  367.726922][   T49] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  367.814695][ T9344] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.008844][   T49] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  368.062628][   T49] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.080431][   T29] INFO: task syz.2.151:6254 blocked for more than 143 seconds.
[  368.116060][   T29]       Not tainted syzkaller #0
[  368.125720][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  368.152197][   T29] task:syz.2.151       state:D stack:26632 pid:6254  ppid:5774   flags:0x00004006
[  368.181621][   T29] Call Trace:
[  368.191769][   T29]  <TASK>
[  368.209767][   T29]  __schedule+0x1553/0x45a0
[  368.231793][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  368.257350][   T29]  ? lock_chain_count+0x20/0x20
[  368.275928][   T29]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  368.301479][   T29]  ? asan.module_dtor+0x20/0x20
[  368.311341][   T29]  ? _raw_spin_unlock+0x40/0x40
[  368.321868][   T29]  ? prepare_to_wait_event+0x3db/0x470
[  368.329923][   T29]  ? prepare_to_wait_event+0x434/0x470
[  368.335696][   T29]  schedule+0xbd/0x170
[  368.340538][   T29]  wb_wait_for_completion+0x173/0x2a0
[  368.346353][   T29]  ? __bpf_trace_writeback_inode_template+0x100/0x100
[  368.383837][   T29]  ? wake_bit_function+0x200/0x200
[  368.400790][   T29]  sync_inodes_sb+0x1c9/0xa10
[  368.409235][   T29]  ? filemap_fdatawrite_range+0x160/0x160
[  368.421824][   T29]  ? try_to_writeback_inodes_sb+0xc0/0xc0
[  368.434333][   T29]  ? nilfs_put_super+0x150/0x150
[  368.444756][   T29]  ? get_nr_dirty_inodes+0x1d4/0x220
[  368.456036][   T29]  sync_filesystem+0x171/0x220
[  368.466561][   T29]  generic_shutdown_super+0x6f/0x2b0
[  368.481761][   T29]  kill_block_super+0x44/0x90
[  368.489627][   T29]  deactivate_locked_super+0x97/0x100
[  368.501892][   T29]  cleanup_mnt+0x43b/0x4d0
[  368.510877][   T29]  task_work_run+0x1d4/0x260
[  368.521133][   T29]  ? task_work_cancel+0x220/0x220
[  368.532285][   T29]  ? do_exit+0x955/0x2460
[  368.541197][   T29]  ? kmem_cache_free+0xf8/0x270
[  368.552492][   T29]  do_exit+0x95a/0x2460
[  368.561284][   T29]  ? put_task_struct+0xc0/0xc0
[  368.574810][   T29]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  368.589618][   T29]  ? get_signal+0x1255/0x13f0
[  368.596212][   T29]  ? lock_chain_count+0x20/0x20
[  368.601877][   T29]  do_group_exit+0x21b/0x2d0
[  368.610619][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  368.647631][   T29]  get_signal+0x12fc/0x13f0
[  368.658081][   T29]  arch_do_signal_or_restart+0xc2/0x800
[  368.690745][   T29]  ? get_sigframe_size+0x20/0x20
[  368.729325][   T29]  ? __se_sys_clock_nanosleep+0x30f/0x3a0
[  368.735165][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[  368.794198][   T29]  exit_to_user_mode_loop+0x70/0x110
[  368.809744][   T29]  exit_to_user_mode_prepare+0xee/0x180
[  368.815412][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[  368.849350][   T29]  do_syscall_64+0x61/0xa0
[  368.853887][   T29]  ? clear_bhb_loop+0x40/0x90
[  368.858621][   T29]  ? clear_bhb_loop+0x40/0x90
[  368.885635][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  368.924993][   T29] RIP: 0033:0x0
[  368.928583][   T29] RSP: 002b:00007f0d8b8fbf58 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.969373][   T29] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  368.977573][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  369.022674][   T29] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  369.047422][   T29] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[  369.084940][   T29] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  369.098286][   T29]  </TASK>
[  369.120309][   T29] 
[  369.120309][   T29] Showing all locks held in the system:
[  369.128127][   T29] 2 locks held by kworker/u4:0/11:
[  369.156933][   T29]  #0: ffff88801ce53938 ((wq_completion)writeback){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  369.179672][   T29]  #1: ffffc90000107d00 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  369.209352][   T29] 1 lock held by kworker/u4:1/12:
[  369.215430][   T29] 1 lock held by khungtaskd/29:
[  369.239576][   T29]  #0: ffffffff8d132060 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  369.269307][   T29] 5 locks held by kworker/u4:3/49:
[  369.274503][   T29]  #0: ffff888140044938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  369.300482][   T29]  #1: ffffc90000ba7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  369.319713][   T29]  #2: ffffffff8e3b3d10 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x14c/0xbb0
[  369.341916][   T29]  #3: ffff88807a3ec250 (&devlink->lock_key#7){+.+.}-{3:3}, at: devlink_pernet_pre_exit+0xee/0x360
[  369.369390][   T29]  #4: ffffffff8d137900 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x4c/0x580
[  369.397690][   T29] 2 locks held by kworker/0:2/786:
[  369.408437][   T29]  #0: ffff888017c72538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  369.429725][   T29]  #1: ffffc900039b7d00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  369.461690][   T29] 2 locks held by getty/5535:
[  369.466646][   T29]  #0: ffff88814ca1a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  369.495352][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  369.527596][   T29] 1 lock held by syz-executor/5771:
[  369.544721][   T29] 1 lock held by syz-executor/5780:
[  369.559324][   T29]  #0: ffffffff8d137a38 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3da/0x880
[  369.571122][   T29] 2 locks held by syz.2.151/6254:
[  369.576225][   T29]  #0: ffff8880591600e0 (&type->s_umount_key#114){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0
[  369.615677][   T29]  #1: ffff8881417967d0 (&bdi->wb_switch_rwsem){+.+.}-{3:3}, at: sync_inodes_sb+0x1ad/0xa10
[  369.648938][   T29] 1 lock held by segctord/9092:
[  369.655175][ T5776] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  369.669105][   T29]  #0: ffff88807b5632a0 (&nilfs->ns_segctor_sem){++++}-{3:3}, at: nilfs_transaction_lock+0x252/0x4c0
[  369.680830][ T5776] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  369.694520][ T5776] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  369.694684][   T29] 
[  369.744782][   T29] =============================================
[  369.744782][   T29] 
[  369.759550][ T5776] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  369.772107][ T5776] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  369.783026][ T5776] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  369.794441][   T29] NMI backtrace for cpu 1
[  369.798905][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  369.806165][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  369.816320][   T29] Call Trace:
[  369.819650][   T29]  <TASK>
[  369.822648][   T29]  dump_stack_lvl+0x18c/0x250
[  369.827396][   T29]  ? show_regs_print_info+0x20/0x20
[  369.832667][   T29]  ? load_image+0x400/0x400
[  369.837229][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[  369.842188][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  369.848363][   T29]  ? _printk+0xde/0x130
[  369.852642][   T29]  ? load_image+0x400/0x400
[  369.857206][   T29]  ? load_image+0x400/0x400
[  369.861776][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  369.867914][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  369.873950][   T29]  watchdog+0xf3d/0xf80
[  369.878204][   T29]  ? watchdog+0x1e1/0xf80
[  369.882598][   T29]  kthread+0x2fa/0x390
[  369.886706][   T29]  ? hungtask_pm_notify+0x90/0x90
[  369.891789][   T29]  ? kthread_blkcg+0xd0/0xd0
[  369.896476][   T29]  ret_from_fork+0x48/0x80
[  369.900950][   T29]  ? kthread_blkcg+0xd0/0xd0
[  369.905592][   T29]  ret_from_fork_asm+0x11/0x20
[  369.910470][   T29]  </TASK>
[  369.914811][   T29] Sending NMI from CPU 1 to CPUs 0:
[  369.920507][    C0] NMI backtrace for cpu 0
[  369.920519][    C0] CPU: 0 PID: 7875 Comm: syz.1.682 Not tainted syzkaller #0
[  369.920536][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  369.920545][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x0/0x120
[  369.920572][    C0] Code: 48 89 df e8 c2 c2 da f6 bf 01 00 00 00 e8 e8 c9 cd f6 65 8b 05 09 f9 74 75 85 c0 74 02 5b c3 e8 86 e0 71 f6 5b c3 0f 1f 40 00 <f3> 0f 1e fa 55 48 89 e5 41 57 41 56 41 54 53 48 83 e4 e0 48 83 ec
[  369.920587][    C0] RSP: 0018:ffffc900051f77c0 EFLAGS: 00000046
[  369.920601][    C0] RAX: 1ffffffff2eab111 RBX: 0000000000000000 RCX: 0000000000000001
[  369.920613][    C0] RDX: dffffc0000000000 RSI: 0000000000000a06 RDI: ffffffff97558890
[  369.920625][    C0] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  369.920635][    C0] R10: dffffc0000000000 R11: fffff52000a3eed4 R12: ffff888064c0a000
[  369.920648][    C0] R13: ffff888064c09000 R14: ffff888064c09000 R15: 0000000000000001
[  369.920659][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  369.920674][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  369.920685][    C0] CR2: 000055e7e6a59c70 CR3: 00000000779e6000 CR4: 00000000003506f0
[  369.920700][    C0] Call Trace:
[  369.920706][    C0]  <TASK>
[  369.920711][    C0]  debug_check_no_obj_freed+0x51f/0x540
[  369.920745][    C0]  free_unref_page_prepare+0x1da/0x8c0
[  369.920775][    C0]  free_unref_page+0x32/0x2e0
[  369.920803][    C0]  vfree+0x1a6/0x320
[  369.920825][    C0]  ? kcov_open+0x90/0x90
[  369.920847][    C0]  kcov_close+0x2b/0x50
[  369.920867][    C0]  __fput+0x234/0x970
[  369.920889][    C0]  task_work_run+0x1d4/0x260
[  369.920916][    C0]  ? task_work_cancel+0x220/0x220
[  369.920940][    C0]  ? do_exit+0x955/0x2460
[  369.920963][    C0]  ? kmem_cache_free+0xf8/0x270
[  369.920989][    C0]  do_exit+0x95a/0x2460
[  369.921021][    C0]  ? put_task_struct+0xc0/0xc0
[  369.921047][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  369.921067][    C0]  ? get_signal+0x1255/0x13f0
[  369.921092][    C0]  ? lock_chain_count+0x20/0x20
[  369.921113][    C0]  do_group_exit+0x21b/0x2d0
[  369.921138][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  369.921159][    C0]  get_signal+0x12fc/0x13f0
[  369.921186][    C0]  arch_do_signal_or_restart+0xc2/0x800
[  369.921215][    C0]  ? get_sigframe_size+0x20/0x20
[  369.921248][    C0]  ? __se_sys_clock_nanosleep+0x30f/0x3a0
[  369.921267][    C0]  ? exit_to_user_mode_loop+0x3b/0x110
[  369.921292][    C0]  exit_to_user_mode_loop+0x70/0x110
[  369.921316][    C0]  exit_to_user_mode_prepare+0xee/0x180
[  369.921339][    C0]  syscall_exit_to_user_mode+0x1a/0x50
[  369.921358][    C0]  do_syscall_64+0x61/0xa0
[  369.921381][    C0]  ? clear_bhb_loop+0x40/0x90
[  369.921401][    C0]  ? clear_bhb_loop+0x40/0x90
[  369.921421][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  369.921439][    C0] RIP: 00fb:0x294e66b3c7c44cb4
[  369.921453][    C0] Code: Unable to access opcode bytes at 0x294e66b3c7c44c8a.
[  369.921461][    C0] RSP: 002b:0000000000000000 EFLAGS: 00000202 ORIG_RAX: ce3d5c200518e753
[  369.921477][    C0] RAX: 6d02b596a6d6b2c6 RBX: 46b00e13ac8c17fa RCX: 1d6d567492f1521e
[  369.921490][    C0] RDX: eb30e365dd53f3a0 RSI: c553273f825e1cf7 RDI: b331ef28487276fd
[  369.921502][    C0] RBP: 9c8c87e20081ee76 R08: cf9d780a350b4549 R09: c7e58b697db8ef3d
[  369.921514][    C0] R10: d68d02d45a22dc24 R11: 19b4d49ef33da9ed R12: 39cb75b6fa6cb3d1
[  369.921526][    C0] R13: a8d7b5dbf29d588f R14: 9b8908dcbb4f02b4 R15: 107b9d1451766018
[  369.921548][    C0]  </TASK>
[  370.287104][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  370.294032][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  370.301360][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  370.311463][   T29] Call Trace:
[  370.314950][   T29]  <TASK>
[  370.317923][   T29]  dump_stack_lvl+0x18c/0x250
[  370.322664][   T29]  ? show_regs_print_info+0x20/0x20
[  370.327923][   T29]  ? load_image+0x400/0x400
[  370.332484][   T29]  panic+0x2dc/0x730
[  370.336421][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  370.342108][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  370.346648][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  370.352237][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  370.358441][   T29]  watchdog+0xf7c/0xf80
[  370.362726][   T29]  ? watchdog+0x1e1/0xf80
[  370.367101][   T29]  kthread+0x2fa/0x390
[  370.371205][   T29]  ? hungtask_pm_notify+0x90/0x90
[  370.376268][   T29]  ? kthread_blkcg+0xd0/0xd0
[  370.380901][   T29]  ret_from_fork+0x48/0x80
[  370.385397][   T29]  ? kthread_blkcg+0xd0/0xd0
[  370.390039][   T29]  ret_from_fork_asm+0x11/0x20
[  370.394882][   T29]  </TASK>
[  370.398523][   T29] Kernel Offset: disabled
[  370.402881][   T29] Rebooting in 86400 seconds..