last executing test programs:

2m58.576085194s ago: executing program 2 (id=793):
syz_mount_image$cramfs(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x2200400, &(0x7f0000000080)=ANY=[@ANYRES8=0x0], 0xfe, 0x160, &(0x7f0000000200)="$eJzs0M+LEnEYx/H3d+brKKRYZCBBKXTIksAf1C3CiSQhGyi6dBJs+gGKkVDeUqJbB6Grh9q9Lgv7F+jqYdlFL7v/xF68LezRZWbcXZb1P9jndZvP830+D8yLp7OM4tzzVvPrN7fddj+k3zjV8tvD4bDk5RZ0ti7Mg/ejEnxGM9Iw74EXT2Lw8UvDNeqthvc9L0EYsK8tc5rx03t2QtPTkCfYz9yD8S3/ncHlzC0S8vdua7DjQZYDFv/hvgX2jSDz+o4AE5SylsfumPyuZFM3FXQG2c2NvdfT3cqjh8/cP4Vy/0E0aWZ/whq2iuxMPh2Yy63ZtPrKqTqzYqHwpJjLGzze9wu7ffTL6Hd4r0B7fQZ+n0Xyrn4HvxT89W/Nt1UMGP87dprhs3/d/WGmQaUG9VoytF5LXDcwM9qbLFjBnxBZNRJCCCGEEEIIIYQQQgghhBBCCHHVnQQAAP//A2lTBA==")
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xea)
syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000200)='./bus\x00', 0x2010805, &(0x7f0000000180)={[{@order_strict}, {@errors_continue}, {@discard}, {@nobarrier}, {@norecovery}, {@nobarrier}, {@order_strict}, {}, {@nobarrier}]}, 0x3, 0xd97, &(0x7f0000000e80)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDNn7v3fueecmTt37tzXScCIW1ycrlJ6+9ZbF+/NjP9vdcxMKza79jieh5ZSSs2UUiMPT4Y5LU2s5599cu1Se/55zqt0IVWpao1Pz95tvfZISul6mk2302R67uOTN1/64Jnl907cOHHxjbk7O9VyAAAYJfd+9O4v//b4D68d///vzyylidb4sn2+lIeP5u3+pWp9OGet/wFVW161DRcHwnTjOTXCdGMdpmsvpxmmG+9S/oEw32aX6SZqyh9rG9ep3TDMNv7HV435TcONxvz8+n/yVR+OHajmX7my/MLVAVUU2HafzuRdfJIkjVxaOTboNRDAunjc8D7X456FB9Oa23hv5d99utH59bANdnv5V/5wlf/uDWscts9+XZpKu8r36GgejscRxsPr+v3+l/nF4xHNHuvZ7TjCsBxf6FbPsV2ux1Z1q39cLvarr+W8vA9nQrz9+xM/02H5jIHO7tn/L0kjm1YGvQIC9qx43txKVuLxvL4Yn6iJH6yJH6qJH66JH6mJwyj7w6u/TTerjf/58T99v/vDyn62h3L+pT7rE/dH9lt+PO+3Xw9afjyfGPa0uf+e/vTXt/8ez///PJz/fzb/lk7mFUTZXxj3q7fO/Q8XBje6TPdwqM5DHaZfez61ebpqamM+qW09c189pje/7li36U5vnm4yTHc4b4scDPWN2yeHw+vK9kdZr5b3azy0txnacSDUo3wyx3N+MLTneLd2hR3ZB8J0zZxOhHZNhXY9El735dCuanpzu+L+81Kfk2F8PE5Spgsf232/S/GziNdlPJrzN3P+Ts7fz/lHHcodRWV57Hb+f1k+p1OzeuHK8uUn8nBZTu+MNSdWx5/f5XoDD67X63+m0+brf462xjcb7euFYxvjq/b1wmQYf6HL+CfzcPk9++nYobXx85d+vvyT7W48jLirr73+s+eXly//yhNPPPGk9WTQayZgpy28+vIvFq6+9vq5Ky8//+LlFy+/cv6J73/vyaeeWlxY26pfaN+2B/aXjR/9QdcEAAAAAAAAAAAA6Fl1qPPonNfd37ZcT16uT4/XxzMcyudWloZyH4Ny/We3+7qU6zeP70Id2X67cTnRoNsIdPZv9/+VpJFNKyvu4g/sDYPu/6/c97DkR8/98/hqKpPdfXrz+jLevxAexF7vf075+6v/v1b/Vz2v/0KPWZNbK/eP9w79o63YdKrX8mP7y31gp/or/0+5/NKax1Jv5a/8LpQfb1Taoz+H8g/3WP597T+9tfL/kssvb9vc2V7LX69x1dhcj7jfuNwHMO43Lv4a2l/u7dd3+7fYUdutXD6MsmHpZ7Jfw9L/ZzdlvmU9mFfPreN05f7bsb+Dfutf7vtdfgceCfOvan7f9P853Or6/yzL34L+P2Hf+dDxP0ka2bSysjLQrk9Gtd+VvWLQ7/+gtyEHXf6g3/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x/Yz9f8b4yTDf2D/odE38KzXxUzXxr9bET9fE4/+3GJ+tiZ+pic/UxB+uiT9aEz9bE/9GTfyxmvjjNfG5mvh+9/Wcj2r7YZTFfiN9/2F0lOM/3b7/UzVxYHjFfp3j9/ubNXFgeJXzPHy/YQRVne/YEfe3l/24b+b8nZy/n/OPdqyC7IZv5fzbOf9Ozr+b83M5n8/5Qs71DTncfvOvU2duVhvn+R0L8V7PJ43XA8T7xJzvsT7x+Fy/57Oe7LGcnSp/i5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxtrj4uJ0ldLbt966+J+pH/x4dcxMa4rZtcfxPLSUUmqmlKo8PB7md31iPf/sk2uXOuVVurD2WIbTs3dbrz2y+vo0m26nyfTcxydvvvTBM8vvnbhx4uIbc3d2pvUAAAAwGr4IAAD//zXp5b8=")
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x50009405, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_io_uring_setup(0x215c, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2d42, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xa05007, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
getdents64(0xffffffffffffffff, &(0x7f0000000fc0)=""/224, 0xe0)

2m57.501503038s ago: executing program 2 (id=797):
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="043e060c"], 0x9)
listen(0xffffffffffffffff, 0xf)

2m56.17623504s ago: executing program 2 (id=800):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
getpid()
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYBLOB="600000000206030000000000b8791fa80000000014000780080012400000000005001500010000000500010006000000050005000200000005000400000000000900020073797a310000000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ac1414aa050007008400000006000440462000000c00028008000140"], 0x54}, 0x1, 0x0, 0x0, 0x34040017}, 0x80)

2m55.036105107s ago: executing program 2 (id=804):
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04080400c8"], 0x7)

2m54.696672518s ago: executing program 2 (id=805):
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x16ba82, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x5a)
mount$afs(0x0, 0x0, &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x20004805)
fsopen(0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000140)={0xe000001b})
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20004044)

2m53.813881735s ago: executing program 2 (id=807):
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x45, 0x0, 0x1, 0xfffffffc}, {}, {0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = socket$inet6(0xa, 0x1, 0x0)
mount(0x0, &(0x7f0000000040)='.\x00', 0x0, 0x11828, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000040)={@local, 0x800, 0x0, 0x2, 0x1, 0x3}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
r4 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x2a00005, &(0x7f0000000340)=ANY=[], 0x0, 0x2c6, &(0x7f0000000840)="$eJzs3c9KK1ccB/Bv7s2/ezcR2lXpYqBQupKrbxCKBWmgYAnUrgxVaTEiRBDaRXXXd+nj9DH6ArVQSKkTY2JTreh1NH4+EOZHznxnzklCJglnJjsfHx7sHh3vb3/we9rtIvXkLH8myau8zsS0SGppZtZZAIDnZmtr0K26D7xfo1F30EjS+ldLv1FJhwAAAAAAAAAAALi3hfP/z5OVmfn/tcnylfn/ALAUzP9ffqNRd/B28vltXv/XSjoEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOR8PO6Mb7hV3T8A4OHd5/j/x7j0eL0FAB7C/PG/dpb4/g8Ay+587lhfi9//AWD5fb397ZfdXm9jqyjayeEvJ/2Tfrks27v7+SHD7OVdOvkrGU+V9Rf13sa74sJKdg5PJ/nTk9ZkB5f5tXSysiC/2dtYK/PFXL7fyNvZ/a+nkw8X59cX5pv57JOZ/Go6+e27HGWY3fyTvcr/vFYUn3/Vu5ZvXawHAAAAAAAAAAAAAAAAAAAAj2G1mJo/f7//umxf/a/2JI3JRm66PsDm9PoA186vr+ejeqVDBwAAAAAAAAAAAAAAAAAAgCfj+MefDgbD4d5IcXPxaWtRU23+njcP+6hePklVj/1uRTu3rfPmf26wmScwnGdfjDvlq+iO8YrekAAAAAAAAAAAAAAAAAAA4AW7Ouk3aVbdGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoyNX//9+5+Ob7chO3rlz1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICX4e8AAAD//+TX3yY=")
fstatfs(r4, 0x0)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000001c0)={@empty, 0x800, 0x2, 0x0, 0xb, 0x8bd}, 0x20)

2m38.401565066s ago: executing program 32 (id=807):
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x45, 0x0, 0x1, 0xfffffffc}, {}, {0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = socket$inet6(0xa, 0x1, 0x0)
mount(0x0, &(0x7f0000000040)='.\x00', 0x0, 0x11828, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000040)={@local, 0x800, 0x0, 0x2, 0x1, 0x3}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
r4 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000100)='./file0\x00', 0x2a00005, &(0x7f0000000340)=ANY=[], 0x0, 0x2c6, &(0x7f0000000840)="$eJzs3c9KK1ccB/Bv7s2/ezcR2lXpYqBQupKrbxCKBWmgYAnUrgxVaTEiRBDaRXXXd+nj9DH6ArVQSKkTY2JTreh1NH4+EOZHznxnzklCJglnJjsfHx7sHh3vb3/we9rtIvXkLH8myau8zsS0SGppZtZZAIDnZmtr0K26D7xfo1F30EjS+ldLv1FJhwAAAAAAAAAAALi3hfP/z5OVmfn/tcnylfn/ALAUzP9ffqNRd/B28vltXv/XSjoEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkOR8PO6Mb7hV3T8A4OHd5/j/x7j0eL0FAB7C/PG/dpb4/g8Ay+587lhfi9//AWD5fb397ZfdXm9jqyjayeEvJ/2Tfrks27v7+SHD7OVdOvkrGU+V9Rf13sa74sJKdg5PJ/nTk9ZkB5f5tXSysiC/2dtYK/PFXL7fyNvZ/a+nkw8X59cX5pv57JOZ/Go6+e27HGWY3fyTvcr/vFYUn3/Vu5ZvXawHAAAAAAAAAAAAAAAAAAAAj2G1mJo/f7//umxf/a/2JI3JRm66PsDm9PoA186vr+ejeqVDBwAAAAAAAAAAAAAAAAAAgCfj+MefDgbD4d5IcXPxaWtRU23+njcP+6hePklVj/1uRTu3rfPmf26wmScwnGdfjDvlq+iO8YrekAAAAAAAAAAAAAAAAAAA4AW7Ouk3aVbdGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoyNX//9+5+Ob7chO3rlz1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICX4e8AAAD//+TX3yY=")
fstatfs(r4, 0x0)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000001c0)={@empty, 0x800, 0x2, 0x0, 0xb, 0x8bd}, 0x20)

1m41.565105932s ago: executing program 4 (id=978):
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$DEVLINK_CMD_SB_POOL_GET(0xffffffffffffffff, 0x0, 0x24000000)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, &(0x7f0000000040)={0x2, 0x1, 0x2, "b1101afdc142942fa9a9d58ec439737efb2cc9ce860cc520a00ac397d8a4b964", 0x31363553})
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000900)={&(0x7f0000000100)="0affc5d99d80e60de45d238cbbaa3d3c4f26be0f75", &(0x7f0000000500)=""/124, 0x0, &(0x7f0000000880)="75eb74e710f2ef7927a2f600a148de6980d80d6c81e94f071abb61cc4d93eb8dddf493781a4d02c35a9a66054cc3ed7b669edf55ba9f53a206b38ba18df4d991db99db4c7f652e7844fa729fc90f8555dc16432e69fb02ae0b2cfc", 0x907, r0, 0x4}, 0x38)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000000c0)={0x0, 0x1, 0x0, &(0x7f0000000340)=""/70, 0x0, 0xfec00000})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x2, 0x1, 0x0, &(0x7f0000000580)=""/91, 0x0, 0x25000})
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af04, &(0x7f00000003c0)={0x1})
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000300), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
write$binfmt_script(r0, &(0x7f0000000180)={'#! ', './file0', [{0x20, '\x00'}, {0x20, '\\.'}, {0x20, 'f2fs\x00'}, {0x20, ')'}, {0x20, ':!'}]}, 0x1b)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, 0x0, 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x100000001, 0x2000000})
syz_genetlink_get_family_id$batadv(&(0x7f0000000640), r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000680)={'batadv_slave_0\x00'})
creat(&(0x7f0000000e00)='./file0\x00', 0xc)

1m39.530840137s ago: executing program 4 (id=986):
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4)
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)

1m35.737941437s ago: executing program 4 (id=995):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100005ff000000000000000000006140", @ANYRES32=0x0, @ANYBLOB="2000000000000000140012800b000100626174616476000004000280"], 0x34}}, 0x40010)

1m34.953984652s ago: executing program 4 (id=998):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0x1000000, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00'], 0x2, 0x58a, &(0x7f0000000740)="$eJzs3c1rXWkZAPDnPc1NbzrtzJ22ttaOckHBMmJJ006qpjjWyQSE4oRp04UrY5N2wtwkJclIOgzahejG/8HVbBRkQN0ILnTrQnciA67ErVEGBhRHOSfnfiUZk5mbm4/m94PknnvOcz7eAwk872cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFff/nm8JW0308BAAAA9NM3b786PCL/BwAAgCfaHe3/AAAAAAAAAHDYpcjih5Fi9dRaOll8X1e9NbfwxurU+MTWpw2l4sxjRXz+U70ycvXaC6PXv9T8/P/n77YL8crtOzfrLy3OP1yaXV6enalPLczdW5yZ3fEVej1/o+eLF1Cff/2Nmfv3l+sjl692HV6t/e34U+dqY19++eytZuzU+MTE7Y6YgcrHvvsmengAAAAcbYORxbVIcefiz9OpiMii91x4m7qDfhuKWp5/F4WYGp8oCtKYm15YyQ9ONhPhWndOPNjMkfcgF+9JLeJ0/qyDMnoAAAB2rhJZfCZSXPhgLT0dEceaefAXiokBt79AbQ8ecgsDEXEmIi7FIcjZAQAAYJ8djyxejRS/adTimTKvLvL/r0WM7ffDAQAAALtiILK4HineG1tLtaI/QEQ8PzU+Ub91t/6NhfuLHbGTqWxRP+zjA/aSvgkAAAAcANXI4lTR4r+Wnv2QmIE9fiYAAABgdw1FFv+KFJ9/8bvFvHJRzEv/zNhXTt6Y6Jxh7vw218ljL0fExR2Oya+Ucw1OpsmUsk1Xe7wrhQMAAAAK1ZTFXyPF+3+uFt8vlbl50ugPAAAAT46UxQ8ixVcn11LasC79sY71/VsO+9j//j7/UPWlxYePluYevLay5fET1ZvfWV5Zmr639eH1tQu7ukNst44hAAAA7EAlZfHPSPH7xjutvLNcA6DsAdBONN++0c5Nq2nD0aLe4Omi3qA1huCpkZHO7S1T1o8wP16tvO+x3osNAAAAR0pKWQxGis/97pPl2v8nYlMbdBn3h0hxY/G5Mi4bzOOawwRqxe/q/bnG7HAeOx4pftloxkYRe7yMPdOOvZLH/ja/7nR3bLWMPduOHcljP4gUry1tHfuJduzVPHYpUvzsJ/Vm7Ik89mQZe64de/neYmOmby8YAAAADoBKyuJXkeLH/663hvx3t/+3W9vffqvd3r9pgr4PafPvtf2/1rHvcVkPcbysrxjYpr7ilUhx4dnnmuUp6gqa3QrW1zpo11f8I1Isfas7drCMPd2OvbLjFwsAAAAHSLP//x/v/rrV5b7MgcuvW+f/n9o4P2Cf8v/ONQnzey4/evP16UZjdmk/Nyof8azvR0TXnnQQSmHjv6WD8jx7ulH+UT0+KM/T60Zv/wcBAOAoyPP/u5Fi9b13W+3dZf5fdpVv5//vf6+d/49tvFCf8v/THfvGyvkGKgMR1ZX5h5XzEdXlR29+cW5++sHsg9mFq6MvjA6Pjl6/NlIZbDbut7d6flcAAABwWOX5/3Ck+PuPftoan7+T9v8TGy/Up/z/TMe+/J7tRr98z196LT4AAAAcCXn+/4tI8aeL77Tm0evO/zvm/3+rPc7+0mfXewu0agf6lP+f7dhXK+4bMbRLZQcAAAAAAAAAAAAAAAAAAICDopKy+E+keLc6kMoJ/3c0/9/Mxgv1afz/uY59M7E36//1/FIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkMoii7lI8enza+nFfMe3I052fgIAAACH3v8CAAD//16XHzs=")
write$binfmt_script(r0, &(0x7f00000008c0), 0xfecc)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000006ac0)='cpuacct.stat\x00', 0x275a, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000640)='.log\x00', 0xa5d, 0x1)
syz_clone(0x2000400, 0x0, 0xfffffebf, 0x0, 0x0, 0x0)
open(0x0, 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='freezer.state\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)

1m33.999271333s ago: executing program 4 (id=1000):
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4d11d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c628b9b90195024ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd4c9a6e94acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x27, 0x558d, &(0x7f00000014c0)="$eJzs3L1vG2UYAPDnnKbflAgxsPWkCimRaqtOPwQTBVrxIVpVfAxM4Niu5db2RbHrhi50YEQM/CcIJCZG/gYGGGFDDCA2pCLfXaBpGwiN45T295POz93j18+978mK9NxFDuCJtZD+/msSx+JQRMxFxNEk8v2k3CJuR5wvxj4XEccjonLXlpT5vxL7I+JwRBybFC9qJuVbn58cnzj7y5u/ffPdgX1Hvvj6+z1dOLCnno+I/mqxf7NfxKxTxGtlvjHu5rF/ZlzG1U01+lmRv9leySvcbGyMa+TxdKcYn63eGE7i1V6jOYmd7tU8vzooTjgcdzbqTD6QXmus5cet9koeu8Msj51bxXnXbxV/224NR0WdVlnvo7x8jEYbsci319vFelav57E5GJX5om7Waq9P4riM5emimfVa+TxWHvIi/w+81R3cWE/H7bVhNxukZ2v1F2r1c9X6WtZqj9pnqo1+69yZdLHTmwyrjtqN/vlOlnV67Voz6y+li51ms1qvp4sX2ivdxiCt12una6eqZ5fKvZPpa5ffS3utdHESX+kOboy6vWF6NVtLi08spcu10y8upSfq6TuXrqRX3r548dKVdz+48P7lly+98Wo56L5ppYvLp5aXq/VT1eX60hO0/k/KSf+H9ScPTv/4w84uGxS2+IIBsLX7+v+4t/8P/T8wdTvp//vXy+Pd6f9jO/1/TLP/n7RU+v9/738re9D/zof+fxfXDzvycP3//qnPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftp/svX852F4vhImX+qTD1THicRUYmIOw8wF/s31Zwr68xvMX7+njl8m0ReYXKOA+V2OCLOl9sfT+/2VQAAAIDH11e3j39WdOvFy8JeT4hZKm7aVI5+OKV6SUTML/w8pWqVycuzUyqWf7/3xfqUquU3sA5OqVhxy23ftKpty9ymcPCukBShMtPpAAAAM7G5E5htFwIAAMAsffqP7740s3kwY0lsPMrceBac/+f93w8ED216DwAAAHhE3Pl4+2OT3ZwIAAAA8EjI+3+//wcAAACPt+L3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/ZuZvbxIEwDMCfDYb91aLV3reG7WBvUMaWsMc9LhSQJiiBtJAGqIFIOaSECCJsg+IEpEiMcYKeR/LPjNHrGeDyjSUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAm26LxeT6/8+rU3PWm9OkmQ0AAABwyKpYTMqTUdX+XPd/rbu+1+0sIvKIOFS792LQyOzVOcWRzxfPxnATUSZs+4f19ikiftfbw7e2vwUAAAC4WL+enG9L9t0SwF1H4+G8qkWb/MufRHlZRBSj+0Rp+Xb3I1FY+f/ux79EaeUC1odEYdWSW//wtUGqmzT1GofdTKblj1i28nbuCwAAdKlZCRypQgAAALgAf7seAOfwsrTP9rv9c8ZhdagfCH5stAAAAIB3KOt6AAAAAEDryvr/Lb3/L/P+PwAAAEhuOZuPux4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADApVsVi8lyNh8fuz59Zc56c5p0MwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7Zn3cUCIEwCIO96zuTuf9hpUFDY5MqED7+xmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB487u//J+YGmeSudfG0vNIsnZqbJ0ae+fG0R/G168BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GJ/XlIgBIIgCuaM/530/Q8rCXoGESKg4VFFLRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7od7/8n5gaZ5K508bS8UiydtXYumrsPWgcPRhv/wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GLffnqjKMMAgD+7010oaqzVNLFqMOGgFykLglyN0TQe/AgmTdlidRGFHoQ0Yi/eTM9cjB6NMdHUW78DZ5pwwRuHHmriyUPN/Cuz7QoNykyhv1/y7vvs7PD+2wnpM+8sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGnz3Xi1XcRJ+jKRx+Wx21vL82m9satOra/emU5LGrdqHvcT4LXqm+NTzQ0EAACAwyMp8/uIuNtZm03r9kSW/3fKc9Kc/4fn8rjM53fn/Rtby0eLj6bL/P/33+69tNPRRJL1kza6sDjon9o7lLHHNMUD7/mHnjGWrXx27yXJvpD2hysvbnay9Wx9d+vW+90sPFLHaAGAR3GyrIug/HsorXtNDgyAQ2OskniX+X8y0eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuRLPlHErIqbH7sepja3l+VH1N6t3pteLcu7mzdVqm2kTnYhYWBz0T9U4l4OrXM3rn80NBv0rV6/VHRyPiBEf3djfP0+K4f/rOd2IGDpy4uUR7Xy8j752tbMnKC7PqHcNx9P5PfTk1tCR1p4Ff28718QFUFfQLr6fx9HFeO3f+3BQXnv/f8s1/3cEAMBTr1OUNBO921mbTY+1JiO2fxzO/9+oxDGU92/fyI/k79cr+f+9T87drvZVzf97Nc3vSTCzdOmLmavXrr+1eGnuYv9i//O3T/fe6Z05f/bs+ZnsXsnMQrTdMQEAAOA/6Balmv+3J/fu/x+rxPGA/f98SzjP/7/8vvd1ta9E/j/S/U2/pkcCAABwGHV3ohde/+vP1ogzWt1ufDW3tHSll7/uvD+dv9Y63Ed0pCjV/D+ZbHpUAAAAQB02V1pD+/8XKnE8YP+/+vz/sz+98ku1zSQixiMuR0T/5PzlwYX6pnOg1fFD5ayjbtMzBQAAoCnjRanu/3ey5//bO488tCPizRMRfxe/4Y995v/JB9/+XO2r+vz/mVpnefC0p/L1yOqpiLGppkcEAADA0+xoUdJk/4/O2uynvx77qOv5fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6/RMAAP//gBsrfQ==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0xa, @loopback, 0xffffffff}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(0x0, 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x172)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

1m33.037464523s ago: executing program 4 (id=1006):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000000280))

1m32.026600455s ago: executing program 33 (id=1006):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000000280))

34.93105853s ago: executing program 3 (id=1127):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x5)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_wait(r4, &(0x7f0000000340)=[{}], 0x1, 0x80000000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001})

34.132752066s ago: executing program 3 (id=1130):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_procfs(0x0, &(0x7f0000000440)='net/rt6_stats\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20048045)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TCSETSW2(r0, 0x5408, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x4e22, 0x3, 'rr\x00', 0x1e, 0x4, 0x68}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010101, 0x4e21, 0x3, 'lc\x00', 0x11, 0x3240, 0x3d}, {@loopback, 0x4e23, 0x4, 0x8628, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@loopback, 0x4e23, 0x10000, 0xc24, 0x9, 0xfffffffc}}, 0x44)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendto(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x4000080, 0x0, 0x0)
bpf$MAP_CREATE(0x700000000000000, 0x0, 0x50)
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = syz_open_dev$video4linux(&(0x7f00000001c0), 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r5, 0xc0305602, &(0x7f0000000000)={0x0, 0x7, 0x1008, 0x1})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c8c1}, 0x20)

28.459040676s ago: executing program 3 (id=1142):
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd='])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4)
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)

27.278690633s ago: executing program 3 (id=1145):
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x16ba82, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x5a)
mount$afs(0x0, 0x0, &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB])
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {0x1, 0x0, 0xa}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x20004044)

26.358169113s ago: executing program 3 (id=1147):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./control\x00', 0x480, &(0x7f0000000000)={[{@nojournal_checksum}, {@journal_checksum}, {@minixdf}]}, 0x1, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
open(&(0x7f00000003c0)='./file1\x00', 0x44142, 0x191)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x0, 0x0})
set_robust_list(&(0x7f0000000180)={0x0, 0xed0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4e24, 0x10000008, @mcast2, 0x9}, 0x1c)
sendto$inet6(r2, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000100)={{0x5, 0x0, 0x2, 0x6}, 'syz1\x00'})
ioctl$UI_SET_LEDBIT(r4, 0x40045569, 0x4)
ioctl$UI_DEV_DESTROY(r4, 0x5502)
ioctl$NS_GET_OWNER_UID(r3, 0xb704, &(0x7f0000003e80))

24.160802252s ago: executing program 3 (id=1149):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_PHY(r0, 0x0, 0x40000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0xc0686611, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

22.287573662s ago: executing program 6 (id=1156):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000140)={0x13, 0x10, 0xfa00, {0x0, r3, 0x1}}, 0x18)

17.64415051s ago: executing program 6 (id=1162):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

17.452718986s ago: executing program 5 (id=1163):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@nobh}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@quota}, {@quota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@orlov}, {@test_dummy_encryption_v1}, {@jqfmt_vfsv1}]}, 0x3, 0x448, &(0x7f0000000440)="$eJzs3M1vG0UbAPBnN3H6tmnfhFI++gEECiLiI2nSAr2CQOIAEhIcyjEkaVXqNqgJEq0qKAiVI6rEHXFE4i/gBBcEnJC4wh1VqlAvLZwWrb3bOK6d1q5dF/z7SZvM7I4183h37JmdbAIYWlP5jyRie0T8FhET9ezGAlP1X9eunFv868q5xSSy7M0/k1q5q1fOLZZFy9eNF5npNCL9NIm9LepdPXP2xEK1uny6yM+unXxvdvXM2WePn1w4tnxs+dT84cOHDs698Pz8cz2JM2/T1T0fruzb/erbF19fPHLxnZ++Scr4m+LokanNDj6RZT2ubrB2NKST0QE2hI6MRER+uiq1/j8RI7F+8ibilU8G2jigr7Isy8bbHz6fAf9hSQy6BcBglF/0+fy33O7Q0OOucPnF+gQoj/tasdWPjEZalKk0zW97aSoijpz/+8t8i/7chwAA2OC7fPzzTKvxXxr3N5T7f7E2NBkR90TEzoi4NyJ2RcR9EbWyD0TEgx3W37xIcuP4J73UVWC3KB//jaf1ta2N479y9BeTI0VuRy3+SnL0eHX5QPGeTEdlS56f26SO71/+9fN2xxrHf/mW11+OBYt2XBrdsvE1SwtrC7cTc6PLH0fsGW0Vf3J9JSCJiN0RsafLOo4/9fW+dsduHv8merDOlH0V8WR9bfN8NMVfSjZfn5z9X1SXD8yWV8WNfv7lwhvt6r+t+HsgP//bovX5L0wmjeu1q53XceH3z9rOabq9/seSt2rpsWLfBwtra6fnIsaS1+qNbtw/v/7aMl+Wz+Of3t+6/++M9Xdib0TkF/FDEfFwRDxStP3RiHgsIvZvEv+PLz3+bvfx91ce/1JH5389MRbNe1onRk788O2GSic7iT8//4dqqeliz618/t1Ku7q7mgEAAODfJ42I7ZGkM9fTaTozU/97+V2xLa2urK49fXTl/VNL9WcEJqOSlne6Jhruh84V0/oyP9+UP1jcN/5iZGstP7O4Ul0adPAw5Mbb9P/cHyODbh3Qd57XguGl/8Pw0v9heOn/MLxa9P+tg2gHcOe1+v7/aADtAO68pv5v2Q+GiPk/DC/9H4aX/g9DaXVr3Pwh+YEnyg+ou6U9XSSyLKLfdVU6+McHt52I9C54VyX6lhjwBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BMAAP//qlXhwA==")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x400, 0x0, 0x0, 0x0, &(0x7f0000000300))
syz_mount_image$ext4(0x0, &(0x7f00000000c0)='./bus/file0\x00', 0x80008, 0x0, 0x0, 0x0, &(0x7f0000000000))
socket(0x10, 0x3, 0x0)
fchdir(0xffffffffffffffff)

11.473413326s ago: executing program 1 (id=1170):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, 0x0, 0x0, 0x2400c444)
sendmmsg$inet6(r0, 0x0, 0x0, 0x84)

11.380855359s ago: executing program 6 (id=1171):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_pidfd_open(0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000580)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x0, 0x0, 0x1, 0x3, 0x2, 0x3c}, 0x20)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, 0x0, 0x28)
mount$9p_fd(0x0, 0x0, 0x0, 0x104000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00004093'], 0x2a, 0xfffffffffffffffc)
r5 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000), &(0x7f00000002c0)='s', 0x1, 0xfffffffffffffffe)
keyctl$read(0xb, r5, &(0x7f0000000240)=""/112, 0x349b7f55)

10.473567658s ago: executing program 6 (id=1172):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000140)={0x13, 0x10, 0xfa00, {0x0, r3, 0x1}}, 0x18)

10.461099718s ago: executing program 1 (id=1173):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@nobh}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@quota}, {@quota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@orlov}, {@test_dummy_encryption_v1}, {@jqfmt_vfsv1}]}, 0x3, 0x448, &(0x7f0000000440)="$eJzs3M1vG0UbAPBnN3H6tmnfhFI++gEECiLiI2nSAr2CQOIAEhIcyjEkaVXqNqgJEq0qKAiVI6rEHXFE4i/gBBcEnJC4wh1VqlAvLZwWrb3bOK6d1q5dF/z7SZvM7I4183h37JmdbAIYWlP5jyRie0T8FhET9ezGAlP1X9eunFv868q5xSSy7M0/k1q5q1fOLZZFy9eNF5npNCL9NIm9LepdPXP2xEK1uny6yM+unXxvdvXM2WePn1w4tnxs+dT84cOHDs698Pz8cz2JM2/T1T0fruzb/erbF19fPHLxnZ++Scr4m+LokanNDj6RZT2ubrB2NKST0QE2hI6MRER+uiq1/j8RI7F+8ibilU8G2jigr7Isy8bbHz6fAf9hSQy6BcBglF/0+fy33O7Q0OOucPnF+gQoj/tasdWPjEZalKk0zW97aSoijpz/+8t8i/7chwAA2OC7fPzzTKvxXxr3N5T7f7E2NBkR90TEzoi4NyJ2RcR9EbWyD0TEgx3W37xIcuP4J73UVWC3KB//jaf1ta2N479y9BeTI0VuRy3+SnL0eHX5QPGeTEdlS56f26SO71/+9fN2xxrHf/mW11+OBYt2XBrdsvE1SwtrC7cTc6PLH0fsGW0Vf3J9JSCJiN0RsafLOo4/9fW+dsduHv8merDOlH0V8WR9bfN8NMVfSjZfn5z9X1SXD8yWV8WNfv7lwhvt6r+t+HsgP//bovX5L0wmjeu1q53XceH3z9rOabq9/seSt2rpsWLfBwtra6fnIsaS1+qNbtw/v/7aMl+Wz+Of3t+6/++M9Xdib0TkF/FDEfFwRDxStP3RiHgsIvZvEv+PLz3+bvfx91ce/1JH5389MRbNe1onRk788O2GSic7iT8//4dqqeliz618/t1Ku7q7mgEAAODfJ42I7ZGkM9fTaTozU/97+V2xLa2urK49fXTl/VNL9WcEJqOSlne6Jhruh84V0/oyP9+UP1jcN/5iZGstP7O4Ul0adPAw5Mbb9P/cHyODbh3Qd57XguGl/8Pw0v9heOn/MLxa9P+tg2gHcOe1+v7/aADtAO68pv5v2Q+GiPk/DC/9H4aX/g9DaXVr3Pwh+YEnyg+ou6U9XSSyLKLfdVU6+McHt52I9C54VyX6lhjwBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BMAAP//qlXhwA==")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x400, 0x0, 0x0, 0x0, &(0x7f0000000300))
rename(&(0x7f0000000380)='./bus/file0\x00', &(0x7f0000000100)='./file0\x00')
socket(0x10, 0x3, 0x0)
fchdir(0xffffffffffffffff)

8.19889451s ago: executing program 34 (id=1149):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LIST_PHY(r0, 0x0, 0x40000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0xc0686611, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

8.079859704s ago: executing program 5 (id=1175):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
getrlimit(0x1, &(0x7f0000000000))
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x106f)
r4 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x41)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r4, 0x40146f2c, &(0x7f00000000c0)={0x1, 0x0, 0x3, 0x0, 0x4})
fcntl$getown(r4, 0x9)
ioctl$DVB_DEMUX_DMX_ADD_PID(r4, 0x40026f33, &(0x7f0000000100)=0x808c)
r5 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r5, 0x0, 0x40000)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x20000)

7.24477801s ago: executing program 1 (id=1177):
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4d11d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c628b9b90195024ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd4c9a6e94acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x27, 0x558d, &(0x7f00000014c0)="$eJzs3L1vG2UYAPDnnKbflAgxsPWkCimRaqtOPwQTBVrxIVpVfAxM4Niu5db2RbHrhi50YEQM/CcIJCZG/gYGGGFDDCA2pCLfXaBpGwiN45T295POz93j18+978mK9NxFDuCJtZD+/msSx+JQRMxFxNEk8v2k3CJuR5wvxj4XEccjonLXlpT5vxL7I+JwRBybFC9qJuVbn58cnzj7y5u/ffPdgX1Hvvj6+z1dOLCnno+I/mqxf7NfxKxTxGtlvjHu5rF/ZlzG1U01+lmRv9leySvcbGyMa+TxdKcYn63eGE7i1V6jOYmd7tU8vzooTjgcdzbqTD6QXmus5cet9koeu8Msj51bxXnXbxV/224NR0WdVlnvo7x8jEYbsci319vFelav57E5GJX5om7Waq9P4riM5emimfVa+TxWHvIi/w+81R3cWE/H7bVhNxukZ2v1F2r1c9X6WtZqj9pnqo1+69yZdLHTmwyrjtqN/vlOlnV67Voz6y+li51ms1qvp4sX2ivdxiCt12una6eqZ5fKvZPpa5ffS3utdHESX+kOboy6vWF6NVtLi08spcu10y8upSfq6TuXrqRX3r548dKVdz+48P7lly+98Wo56L5ppYvLp5aXq/VT1eX60hO0/k/KSf+H9ScPTv/4w84uGxS2+IIBsLX7+v+4t/8P/T8wdTvp//vXy+Pd6f9jO/1/TLP/n7RU+v9/738re9D/zof+fxfXDzvycP3//qnPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAmftp/svX852F4vhImX+qTD1THicRUYmIOw8wF/s31Zwr68xvMX7+njl8m0ReYXKOA+V2OCLOl9sfT+/2VQAAAIDH11e3j39WdOvFy8JeT4hZKm7aVI5+OKV6SUTML/w8pWqVycuzUyqWf7/3xfqUquU3sA5OqVhxy23ftKpty9ymcPCukBShMtPpAAAAM7G5E5htFwIAAMAsffqP7740s3kwY0lsPMrceBac/+f93w8ED216DwAAAHhE3Pl4+2OT3ZwIAAAA8EjI+3+//wcAAACPt+L3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/ZuZvbxIEwDMCfDYb91aLV3reG7WBvUMaWsMc9LhSQJiiBtJAGqIFIOaSECCJsg+IEpEiMcYKeR/LPjNHrGeDyjSUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAm26LxeT6/8+rU3PWm9OkmQ0AAABwyKpYTMqTUdX+XPd/rbu+1+0sIvKIOFS792LQyOzVOcWRzxfPxnATUSZs+4f19ikiftfbw7e2vwUAAAC4WL+enG9L9t0SwF1H4+G8qkWb/MufRHlZRBSj+0Rp+Xb3I1FY+f/ux79EaeUC1odEYdWSW//wtUGqmzT1GofdTKblj1i28nbuCwAAdKlZCRypQgAAALgAf7seAOfwsrTP9rv9c8ZhdagfCH5stAAAAIB3KOt6AAAAAEDryvr/Lb3/L/P+PwAAAEhuOZuPux4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADApVsVi8lyNh8fuz59Zc56c5p0MwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7Zn3cUCIEwCIO96zuTuf9hpUFDY5MqED7+xmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB487u//J+YGmeSudfG0vNIsnZqbJ0ae+fG0R/G168BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GJ/XlIgBIIgCuaM/530/Q8rCXoGESKg4VFFLRoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL7od7/8n5gaZ5K508bS8UiydtXYumrsPWgcPRhv/wYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GLffnqjKMMAgD+7010oaqzVNLFqMOGgFykLglyN0TQe/AgmTdlidRGFHoQ0Yi/eTM9cjB6NMdHUW78DZ5pwwRuHHmriyUPN/Cuz7QoNykyhv1/y7vvs7PD+2wnpM+8sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGnz3Xi1XcRJ+jKRx+Wx21vL82m9satOra/emU5LGrdqHvcT4LXqm+NTzQ0EAACAwyMp8/uIuNtZm03r9kSW/3fKc9Kc/4fn8rjM53fn/Rtby0eLj6bL/P/33+69tNPRRJL1kza6sDjon9o7lLHHNMUD7/mHnjGWrXx27yXJvpD2hysvbnay9Wx9d+vW+90sPFLHaAGAR3GyrIug/HsorXtNDgyAQ2OskniX+X8y0eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuRLPlHErIqbH7sepja3l+VH1N6t3pteLcu7mzdVqm2kTnYhYWBz0T9U4l4OrXM3rn80NBv0rV6/VHRyPiBEf3djfP0+K4f/rOd2IGDpy4uUR7Xy8j752tbMnKC7PqHcNx9P5PfTk1tCR1p4Ff28718QFUFfQLr6fx9HFeO3f+3BQXnv/f8s1/3cEAMBTr1OUNBO921mbTY+1JiO2fxzO/9+oxDGU92/fyI/k79cr+f+9T87drvZVzf97Nc3vSTCzdOmLmavXrr+1eGnuYv9i//O3T/fe6Z05f/bs+ZnsXsnMQrTdMQEAAOA/6Balmv+3J/fu/x+rxPGA/f98SzjP/7/8vvd1ta9E/j/S/U2/pkcCAABwGHV3ohde/+vP1ogzWt1ufDW3tHSll7/uvD+dv9Y63Ed0pCjV/D+ZbHpUAAAAQB02V1pD+/8XKnE8YP+/+vz/sz+98ku1zSQixiMuR0T/5PzlwYX6pnOg1fFD5ayjbtMzBQAAoCnjRanu/3ey5//bO488tCPizRMRfxe/4Y995v/JB9/+XO2r+vz/mVpnefC0p/L1yOqpiLGppkcEAADA0+xoUdJk/4/O2uynvx77qOv5fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6/RMAAP//gBsrfQ==")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0xa, @loopback, 0xffffffff}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x172)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

7.005554328s ago: executing program 0 (id=1178):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_procfs(0x0, &(0x7f0000000440)='net/rt6_stats\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20048045)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TCSETSW2(r0, 0x5408, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x4e22, 0x3, 'rr\x00', 0x1e, 0x4, 0x68}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010101, 0x4e21, 0x3, 'lc\x00', 0x11, 0x3240, 0x3d}, {@loopback, 0x4e23, 0x4, 0x8628, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@loopback, 0x4e23, 0x10000, 0xc24, 0x9, 0xfffffffc}}, 0x44)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendto(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x4000080, 0x0, 0x0)
bpf$MAP_CREATE(0x700000000000000, 0x0, 0x50)
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = syz_open_dev$video4linux(&(0x7f00000001c0), 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r5, 0xc0305602, &(0x7f0000000000)={0x0, 0x7, 0x1008, 0x1})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c8c1}, 0x20)

5.99222358s ago: executing program 0 (id=1179):
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4)
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)

5.773846587s ago: executing program 1 (id=1180):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, 0x0, &(0x7f0000000040)=0x24)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0xc1cc6, 0x0, 0x8000008, 0x3, 0xfffffffe, 0x2, 0x0, 0x7cce8c743ee810df, 0x4})

4.914866304s ago: executing program 0 (id=1181):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
chdir(&(0x7f0000000540)='./cgroup\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x78)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
lseek(r0, 0x7fffdfff, 0x2)
getdents64(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchown(r4, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14e174135c0b87af)

3.537924139s ago: executing program 0 (id=1182):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="c00200001600018000000000000000000000000000bbfe80000000400000000000000000001b000000fb"], 0x2c4}, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003801800008008000340000000020c0004400000000000000c7f14000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000000d0a010800000000000000000a0000010900020073797a3100000000090000038014000080080001800400010008000a800400010042e42b416c7990286d3a1a75cc4565e03504aefcef7bdcbf608db19f74da2c36d79c607f162b9efe08f5b06be6d63d54ccd13d4aee7deb7712bc135dffd1eb66c6eeca9ad927d9"], 0x44}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
syz_open_dev$loop(&(0x7f00000001c0), 0x6, 0x40000)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e330509"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.500106879s ago: executing program 6 (id=1183):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)
sendmmsg$inet6(r0, 0x0, 0x0, 0x2400c444)
sendmmsg$inet6(r0, 0x0, 0x0, 0x84)

3.4930388s ago: executing program 0 (id=1184):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5d97e67886d55be18cac95a1aa093479596c3613670aaf2a3b1edc465bedfdb5156035719c0baa8bb8bf2a825ec04f424", 0x4d}], 0x1}, 0x41)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[@ANYBLOB="c00200001600018000"/21], 0x2c4}, 0x1, 0x0, 0x0, 0x48001}, 0x4044050)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003801800008008000340000000020c0004400000000000000c7f14000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000000d0a010800000000000000000a0000010900020073797a3100000000090000038014000080080001800400010008000a800400010042e42b416c7990286d3a1a75cc4565e03504aefcef7bdcbf608db19f74da2c36d79c607f162b9efe08f5b06be6d63d54ccd13d4aee7deb7712bc135dffd1eb66c6eeca9ad927d9"], 0x44}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
syz_open_dev$loop(&(0x7f00000001c0), 0x6, 0x40000)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e330509"], 0xd)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3.468794441s ago: executing program 5 (id=1185):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
r1 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000100)={0x20000014})
epoll_wait(r4, &(0x7f0000000340)=[{}], 0x1, 0x80000000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f0000000000)={0xa0000001})

3.368768014s ago: executing program 6 (id=1186):
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x140, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@commit={'commit', 0x3d, 0x5}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}, {@nobh}, {@nodelalloc}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x1, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000080)={[{@quota}, {@quota}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@orlov}, {@test_dummy_encryption_v1}, {@jqfmt_vfsv1}]}, 0x3, 0x448, &(0x7f0000000440)="$eJzs3M1vG0UbAPBnN3H6tmnfhFI++gEECiLiI2nSAr2CQOIAEhIcyjEkaVXqNqgJEq0qKAiVI6rEHXFE4i/gBBcEnJC4wh1VqlAvLZwWrb3bOK6d1q5dF/z7SZvM7I4183h37JmdbAIYWlP5jyRie0T8FhET9ezGAlP1X9eunFv868q5xSSy7M0/k1q5q1fOLZZFy9eNF5npNCL9NIm9LepdPXP2xEK1uny6yM+unXxvdvXM2WePn1w4tnxs+dT84cOHDs698Pz8cz2JM2/T1T0fruzb/erbF19fPHLxnZ++Scr4m+LokanNDj6RZT2ubrB2NKST0QE2hI6MRER+uiq1/j8RI7F+8ibilU8G2jigr7Isy8bbHz6fAf9hSQy6BcBglF/0+fy33O7Q0OOucPnF+gQoj/tasdWPjEZalKk0zW97aSoijpz/+8t8i/7chwAA2OC7fPzzTKvxXxr3N5T7f7E2NBkR90TEzoi4NyJ2RcR9EbWyD0TEgx3W37xIcuP4J73UVWC3KB//jaf1ta2N479y9BeTI0VuRy3+SnL0eHX5QPGeTEdlS56f26SO71/+9fN2xxrHf/mW11+OBYt2XBrdsvE1SwtrC7cTc6PLH0fsGW0Vf3J9JSCJiN0RsafLOo4/9fW+dsduHv8merDOlH0V8WR9bfN8NMVfSjZfn5z9X1SXD8yWV8WNfv7lwhvt6r+t+HsgP//bovX5L0wmjeu1q53XceH3z9rOabq9/seSt2rpsWLfBwtra6fnIsaS1+qNbtw/v/7aMl+Wz+Of3t+6/++M9Xdib0TkF/FDEfFwRDxStP3RiHgsIvZvEv+PLz3+bvfx91ce/1JH5389MRbNe1onRk788O2GSic7iT8//4dqqeliz618/t1Ku7q7mgEAAODfJ42I7ZGkM9fTaTozU/97+V2xLa2urK49fXTl/VNL9WcEJqOSlne6Jhruh84V0/oyP9+UP1jcN/5iZGstP7O4Ul0adPAw5Mbb9P/cHyODbh3Qd57XguGl/8Pw0v9heOn/MLxa9P+tg2gHcOe1+v7/aADtAO68pv5v2Q+GiPk/DC/9H4aX/g9DaXVr3Pwh+YEnyg+ou6U9XSSyLKLfdVU6+McHt52I9C54VyX6lhjwBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECP/BMAAP//qlXhwA==")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x400, 0x0, 0x0, 0x0, &(0x7f0000000300))
rename(&(0x7f0000000380)='./bus/file0\x00', &(0x7f0000000100)='./file0\x00')
socket(0x10, 0x3, 0x0)
fchdir(0xffffffffffffffff)

2.289519638s ago: executing program 1 (id=1187):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x4e21, @broadcast}, 0x2, 0x9800, 0xffff7ff9, 0x20}}, 0x2e)
socket$pppl2tp(0x18, 0x1, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.167664452s ago: executing program 0 (id=1188):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_open_procfs(0x0, &(0x7f0000000440)='net/rt6_stats\x00')
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20048045)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TCSETSW2(r1, 0x5408, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f00000000c0)={0x84, @multicast2, 0x4e22, 0x3, 'rr\x00', 0x1e, 0x4, 0x68}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010101, 0x4e21, 0x3, 'lc\x00', 0x11, 0x3240, 0x3d}, {@loopback, 0x4e23, 0x4, 0x8628, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_DELDEST(r2, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e20, 0x3, 'lblc\x00', 0x1d, 0x2, 0x2a}, {@loopback, 0x4e23, 0x10000, 0xc24, 0x9, 0xfffffffc}}, 0x44)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendto(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x4000080, 0x0, 0x0)
bpf$MAP_CREATE(0x700000000000000, 0x0, 0x50)
close(0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = syz_open_dev$video4linux(&(0x7f00000001c0), 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r6, 0xc0305602, &(0x7f0000000000)={0x0, 0x7, 0x1008, 0x1})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c8c1}, 0x20)

2.047054796s ago: executing program 5 (id=1189):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r3, 0x5)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
fcntl$notify(r4, 0x402, 0x40000029)
fcntl$notify(0xffffffffffffffff, 0x402, 0x1c)
fcntl$notify(0xffffffffffffffff, 0x402, 0x1a)
getdents64(r4, &(0x7f0000000080)=""/226, 0xe2)

1.112332045s ago: executing program 5 (id=1190):
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000640)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4)
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)

848.104924ms ago: executing program 1 (id=1191):
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
chdir(&(0x7f0000000540)='./cgroup\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x78)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeee, 0x8031, 0xffffffffffffffff, 0xfffff000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
close(0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
lseek(r0, 0x7fffdfff, 0x2)
getdents64(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fchown(r4, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14e174135c0b87af)

0s ago: executing program 5 (id=1192):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x111, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r2, &(0x7f0000000140)={0x13, 0x10, 0xfa00, {0x0, r3, 0x1}}, 0x18)

kernel console output (not intermixed with test programs):

] loop0: detected capacity change from 0 to 40427
[  220.777842][ T5602] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[  220.786083][ T5602] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  220.802311][ T5606] F2FS-fs (loop0): invalid crc value
[  220.808367][ T5602] F2FS-fs (loop1): invalid crc value
[  220.823170][ T5606] F2FS-fs (loop0): Found nat_bits in checkpoint
[  220.854541][ T5606] F2FS-fs (loop0): Start checkpoint disabled!
[  220.885253][ T5606] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  221.341939][ T5602] F2FS-fs (loop1): Found nat_bits in checkpoint
[  221.382838][ T5602] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  221.389893][ T5602] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  221.726649][ T1232] attempt to access beyond end of device
[  221.726649][ T1232] loop0: rw=2049, want=40976, limit=40427
[  222.897255][ T5629] loop1: detected capacity change from 0 to 16
[  222.935619][ T5629] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  222.946446][ T5629] cramfs: root is not a directory
[  223.468609][ T5639] loop4: detected capacity change from 0 to 40427
[  223.526746][ T5639] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  223.534581][ T5639] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  223.544814][ T5639] F2FS-fs (loop4): invalid crc value
[  223.586040][ T5639] F2FS-fs (loop4): Found nat_bits in checkpoint
[  223.651059][ T5639] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  223.658276][ T5639] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  224.959081][ T5653] loop2: detected capacity change from 0 to 128
[  225.054399][ T5653] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  225.093681][ T5653] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  225.184412][ T5655] input input9: cannot allocate more than FF_MAX_EFFECTS effects
[  226.324959][ T5657] loop4: detected capacity change from 0 to 131072
[  226.382836][ T5657] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  226.391063][ T5657] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  226.405549][ T5657] F2FS-fs (loop4): invalid crc value
[  226.445875][ T5657] F2FS-fs (loop4): Found nat_bits in checkpoint
[  226.479454][ T5664] loop3: detected capacity change from 0 to 512
[  226.510893][ T5657] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  226.518212][ T5657] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  228.455023][ T5677] loop1: detected capacity change from 0 to 64
[  229.947202][ T4321] attempt to access beyond end of device
[  229.947202][ T4321] loop1: rw=1, want=268435470, limit=64
[  230.040232][ T4321] Buffer I/O error on dev loop1, logical block 134217734, lost async page write
[  230.314695][ T5689] loop3: detected capacity change from 0 to 40427
[  230.436775][ T5689] F2FS-fs (loop3): invalid crc value
[  230.503218][ T5689] F2FS-fs (loop3): Found nat_bits in checkpoint
[  230.542832][ T5689] F2FS-fs (loop3): Start checkpoint disabled!
[  230.576728][ T5689] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  233.649133][ T5705] loop1: detected capacity change from 0 to 40427
[  233.711931][ T5705] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  233.719795][ T5705] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  233.729792][ T5705] F2FS-fs (loop1): invalid crc value
[  233.850609][ T5705] F2FS-fs (loop1): Found nat_bits in checkpoint
[  234.134030][ T5705] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  234.141168][ T5705] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  234.171359][ T4321] attempt to access beyond end of device
[  234.171359][ T4321] loop3: rw=2049, want=40976, limit=40427
[  236.592424][ T5743] input input10: cannot allocate more than FF_MAX_EFFECTS effects
[  237.611724][ T5748] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  239.319756][ T5755] loop1: detected capacity change from 0 to 128
[  239.424396][ T5755] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  239.474946][ T5755] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  240.976211][ T5771] loop3: detected capacity change from 0 to 40427
[  241.036600][ T5771] F2FS-fs (loop3): invalid crc value
[  241.051678][ T5771] F2FS-fs (loop3): Found nat_bits in checkpoint
[  241.096227][ T5771] F2FS-fs (loop3): Start checkpoint disabled!
[  241.125675][ T5771] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  243.338437][ T4360] attempt to access beyond end of device
[  243.338437][ T4360] loop3: rw=2049, want=40976, limit=40427
[  244.865670][ T5801] loop4: detected capacity change from 0 to 131072
[  244.908590][ T5801] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  244.916770][ T5801] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  244.929955][ T5801] F2FS-fs (loop4): invalid crc value
[  245.086238][ T5801] F2FS-fs (loop4): Found nat_bits in checkpoint
[  245.155006][ T5801] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  245.163494][ T5801] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  246.777618][ T5808] loop0: detected capacity change from 0 to 512
[  248.983100][ T5838] input input11: cannot allocate more than FF_MAX_EFFECTS effects
[  251.046818][ T5855] loop2: detected capacity change from 0 to 128
[  251.182553][ T5855] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  251.249467][ T5855] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  251.936378][ T5857] loop3: detected capacity change from 0 to 131072
[  251.987467][ T5857] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  251.995678][ T5857] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  252.007243][ T5857] F2FS-fs (loop3): invalid crc value
[  252.146948][ T5857] F2FS-fs (loop3): Found nat_bits in checkpoint
[  252.833987][ T5857] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  252.841080][ T5857] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  252.981274][ T5870] loop4: detected capacity change from 0 to 512
[  253.115357][ T5868] loop0: detected capacity change from 0 to 40427
[  253.186146][ T5868] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  253.194162][ T5868] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  253.227280][ T5868] F2FS-fs (loop0): invalid crc value
[  253.285381][ T5868] F2FS-fs (loop0): Found nat_bits in checkpoint
[  253.326697][ T5868] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  253.333866][ T5868] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  255.753720][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  255.769117][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  258.071739][ T5918] input input12: cannot allocate more than FF_MAX_EFFECTS effects
[  258.183219][ T5910] loop4: detected capacity change from 0 to 131072
[  258.209166][ T5910] F2FS-fs (loop4): Wrong CP boundary, start(512) end(1536) blocks(0)
[  258.218416][ T5910] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  258.274117][ T5910] F2FS-fs (loop4): invalid crc value
[  258.320974][ T5910] F2FS-fs (loop4): Found nat_bits in checkpoint
[  258.395451][ T5910] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  258.402554][ T5910] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  258.904999][ T5926] loop2: detected capacity change from 0 to 512
[  260.266582][ T5942] loop0: detected capacity change from 0 to 16
[  260.603439][ T5942] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  260.617216][ T5942] cramfs: root is not a directory
[  260.704299][ T4493] udevd[4493]: incorrect cramfs checksum on /dev/loop0
[  261.218517][ T5945] loop2: detected capacity change from 0 to 40427
[  261.429499][ T5945] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  261.437791][ T5945] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  261.471652][ T5945] F2FS-fs (loop2): invalid crc value
[  261.632312][ T5945] F2FS-fs (loop2): Found nat_bits in checkpoint
[  261.702126][ T5945] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  261.709374][ T5945] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  263.027232][ T5965] loop1: detected capacity change from 0 to 128
[  263.100471][ T5965] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  263.174265][ T5965] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  265.173856][ T5982] loop4: detected capacity change from 0 to 512
[  265.834207][ T5993] loop2: detected capacity change from 0 to 40427
[  265.963482][ T5993] F2FS-fs (loop2): invalid crc value
[  266.005785][ T5993] F2FS-fs (loop2): Found nat_bits in checkpoint
[  266.050315][ T5993] F2FS-fs (loop2): Start checkpoint disabled!
[  266.070005][ T5993] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  268.101643][    T9] attempt to access beyond end of device
[  268.101643][    T9] loop2: rw=2049, want=40976, limit=40427
[  268.491000][ T6021] input input13: cannot allocate more than FF_MAX_EFFECTS effects
[  269.123016][ T6033] loop0: detected capacity change from 0 to 512
[  270.375752][ T6043] loop2: detected capacity change from 0 to 40427
[  270.439393][ T6043] F2FS-fs (loop2): invalid crc value
[  270.477796][ T6043] F2FS-fs (loop2): Found nat_bits in checkpoint
[  270.521738][ T6043] F2FS-fs (loop2): Start checkpoint disabled!
[  270.551849][ T6043] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  270.667944][ T6048] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  270.825103][    T9] attempt to access beyond end of device
[  270.825103][    T9] loop2: rw=2049, want=40976, limit=40427
[  272.235946][ T6059] loop3: detected capacity change from 0 to 128
[  272.381039][ T6059] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  272.425154][ T6059] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  273.005457][ T6067] input input14: cannot allocate more than FF_MAX_EFFECTS effects
[  274.563994][ T6086] loop1: detected capacity change from 0 to 64
[  274.788126][    T9] attempt to access beyond end of device
[  274.788126][    T9] loop1: rw=1, want=268435470, limit=64
[  274.824927][    T9] Buffer I/O error on dev loop1, logical block 134217734, lost async page write
[  275.344575][ T6091] loop1: detected capacity change from 0 to 40427
[  275.449851][ T6091] F2FS-fs (loop1): invalid crc value
[  275.465226][ T6091] F2FS-fs (loop1): Found nat_bits in checkpoint
[  275.507052][ T6091] F2FS-fs (loop1): Start checkpoint disabled!
[  275.580316][ T6091] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  275.876917][ T6100] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  276.003386][    T9] attempt to access beyond end of device
[  276.003386][    T9] loop1: rw=2049, want=40976, limit=40427
[  277.123189][ T6106] loop1: detected capacity change from 0 to 512
[  277.252926][ T6119] loop4: detected capacity change from 0 to 64
[  278.203600][ T5820] attempt to access beyond end of device
[  278.203600][ T5820] loop4: rw=1, want=268435470, limit=64
[  278.287261][ T5820] Buffer I/O error on dev loop4, logical block 134217734, lost async page write
[  280.178483][ T6138] loop0: detected capacity change from 0 to 40427
[  280.227246][ T6142] loop4: detected capacity change from 0 to 128
[  280.291123][ T6138] F2FS-fs (loop0): invalid crc value
[  280.294260][ T6142] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  280.330005][ T6138] F2FS-fs (loop0): Found nat_bits in checkpoint
[  280.387771][ T6138] F2FS-fs (loop0): Start checkpoint disabled!
[  280.413142][ T6138] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  280.413373][ T6142] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  280.763581][ T5820] attempt to access beyond end of device
[  280.763581][ T5820] loop0: rw=2049, want=40976, limit=40427
[  281.027291][ T6154] input input15: cannot allocate more than FF_MAX_EFFECTS effects
[  281.339953][ T6159] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  282.337076][ T6166] loop3: detected capacity change from 0 to 64
[  283.193163][ T4363] attempt to access beyond end of device
[  283.193163][ T4363] loop3: rw=1, want=268435470, limit=64
[  283.260944][ T4363] Buffer I/O error on dev loop3, logical block 134217734, lost async page write
[  284.476615][ T6185] loop3: detected capacity change from 0 to 512
[  286.093086][ T6202] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  288.020388][ T6230] loop4: detected capacity change from 0 to 128
[  288.053990][ T6231] input input16: cannot allocate more than FF_MAX_EFFECTS effects
[  288.069748][ T6230] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  288.119534][ T6230] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  289.257635][ T6242] loop1: detected capacity change from 0 to 512
[  291.156812][ T6258] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  292.279593][ T6279] loop3: detected capacity change from 0 to 512
[  292.464737][ T6283] input input17: cannot allocate more than FF_MAX_EFFECTS effects
[  294.752388][ T6306] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  295.652689][    C1] sched: RT throttling activated
[  296.835682][ T6325] loop0: detected capacity change from 0 to 1024
[  297.044843][ T6330] input input18: cannot allocate more than FF_MAX_EFFECTS effects
[  297.066892][ T6336] loop1: detected capacity change from 0 to 512
[  297.318171][ T6339] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  297.425429][ T6343] loop0: detected capacity change from 0 to 512
[  297.615965][ T6343] EXT4-fs (loop0): 1 truncate cleaned up
[  297.622508][ T6343] EXT4-fs (loop0): mounted filesystem without journal. Opts: max_batch_time=0x000000000000000d,,errors=continue. Quota mode: none.
[  297.698761][   T26] audit: type=1326 audit(1778643931.272:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6340 comm="syz.2.536" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f14864ffe59 code=0x0
[  297.730380][ T6343] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.0.534: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  298.974727][ T6362] loop2: detected capacity change from 0 to 32768
[  299.017168][ T6362] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.540 (6362)
[  299.317659][ T6362] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  299.326729][ T6362] BTRFS info (device loop2): enabling auto defrag
[  299.333331][ T6362] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  299.342594][ T6362] BTRFS info (device loop2): use lzo compression, level 0
[  299.349835][ T6362] BTRFS info (device loop2): turning on async discard
[  299.357040][ T6362] BTRFS warning (device loop2): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  299.367888][ T6362] BTRFS info (device loop2): trying to use backup root at mount time
[  299.376313][ T6362] BTRFS info (device loop2): enabling ssd optimizations
[  299.383845][ T6362] BTRFS info (device loop2): using spread ssd allocation scheme
[  299.391523][ T6362] BTRFS info (device loop2): disabling free space tree
[  299.398459][ T6362] BTRFS error (device loop2): cannot disable free space tree
[  299.411212][ T6362] BTRFS error (device loop2): open_ctree failed: -22
[  299.429857][ T4492] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by udevd (4492)
[  300.605059][ T6385] loop2: detected capacity change from 0 to 128
[  300.655370][ T6383] loop1: detected capacity change from 0 to 4096
[  300.705772][ T6385] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  300.739210][ T6383] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[  300.748900][ T6385] ext4 filesystem being mounted at /110/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.945056][ T6389] input input19: cannot allocate more than FF_MAX_EFFECTS effects
[  301.098732][ T4189] ntfs3: loop1: ntfs_evict_inode r=3 failed, -22.
[  301.115947][ T4189] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  301.141179][ T4189] ntfs3: loop1: ntfs_set_state r=3 failed, -22.
[  301.306857][ T6394] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  304.309052][ T6440] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  304.467678][ T6446] loop0: detected capacity change from 0 to 128
[  304.488044][ T6443] loop3: detected capacity change from 0 to 512
[  304.518258][ T6447] loop4: detected capacity change from 0 to 512
[  304.528962][ T6446] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  304.564975][ T6446] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  304.600653][ T6443] EXT4-fs (loop3): mounted filesystem without journal. Opts: auto_da_alloc=0x000000000000007f,,errors=continue. Quota mode: writeback.
[  304.807149][ T6443] ext4 filesystem being mounted at /115/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.858361][ T6455] loop1: detected capacity change from 0 to 1024
[  304.995617][ T6455] EXT4-fs (loop1): inline encryption not supported
[  305.072813][ T6455] EXT4-fs error (device loop1): ext4_map_blocks:631: inode #3: block 2: comm syz.1.565: lblock 2 mapped to illegal pblock 2 (length 1)
[  305.110911][ T6455] EXT4-fs (loop1): Remounting filesystem read-only
[  305.257300][ T6455] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  305.299968][ T6455] EXT4-fs error (device loop1): ext4_map_blocks:631: inode #3: block 48: comm syz.1.565: lblock 0 mapped to illegal pblock 48 (length 1)
[  305.328118][ T6455] EXT4-fs (loop1): Remounting filesystem read-only
[  305.339892][ T6455] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  305.359823][ T6455] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.565: Failed to acquire dquot type 0
[  305.376612][ T6455] EXT4-fs (loop1): Remounting filesystem read-only
[  305.385802][ T6455] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  305.399432][ T6455] EXT4-fs (loop1): Remounting filesystem read-only
[  305.469833][ T6455] EXT4-fs error (device loop1): ext4_evict_inode:284: inode #11: comm syz.1.565: mark_inode_dirty error
[  305.715327][ T6455] EXT4-fs (loop1): Remounting filesystem read-only
[  305.997006][ T6455] EXT4-fs warning (device loop1): ext4_evict_inode:287: couldn't mark inode dirty (err -117)
[  306.043696][ T6436] input input20: cannot allocate more than FF_MAX_EFFECTS effects
[  306.129272][ T6455] EXT4-fs (loop1): 1 orphan inode deleted
[  306.143431][  T144] EXT4-fs error (device loop1): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  306.200604][ T6455] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,min_batch_time=0x0000000000000008,data_err=ignore,max_batch_time=0x00000000000008c9,nodiscard,inlinecrypt,errors=remount-ro,. Quota mode: none.
[  306.246632][  T144] EXT4-fs (loop1): Remounting filesystem read-only
[  306.294060][  T144] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  306.430934][  T144] EXT4-fs error (device loop1): ext4_release_dquot:6272: comm kworker/u4:1: Failed to release dquot type 0
[  307.406690][ T6452] EXT4-fs error (device loop1): ext4_map_blocks:631: inode #3: block 1: comm syz.1.565: lblock 1 mapped to illegal pblock 1 (length 1)
[  307.413632][  T144] EXT4-fs (loop1): Remounting filesystem read-only
[  307.438938][ T6452] EXT4-fs (loop1): Remounting filesystem read-only
[  307.474653][ T6452] Quota error (device loop1): find_next_id: Can't read quota tree block 1
[  308.725911][ T4189] EXT4-fs error (device loop1): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0
[  308.922887][ T4189] EXT4-fs (loop1): Remounting filesystem read-only
[  310.027946][ T4189] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  310.067616][ T6491] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  310.100169][ T4189] EXT4-fs (loop1): Remounting filesystem read-only
[  310.117801][ T4189] EXT4-fs error (device loop1): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error
[  310.163133][ T4189] EXT4-fs (loop1): Remounting filesystem read-only
[  310.185010][ T6494] loop3: detected capacity change from 0 to 128
[  310.222159][ T6494] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  310.328102][ T6494] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  311.909459][ T6496] loop4: detected capacity change from 0 to 40427
[  312.129947][ T6496] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  312.171258][ T6496] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  312.220473][ T6516] ubi: mtd0 is already attached to ubi31
[  313.093644][ T6496] F2FS-fs (loop4): invalid crc value
[  313.202360][ T6496] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12)
[  314.492124][ T6538] loop3: detected capacity change from 0 to 1024
[  314.555528][ T6538] EXT4-fs (loop3): Ignoring removed nobh option
[  314.562083][ T6538] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  314.700692][ T6538] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  314.850234][ T6533] loop4: detected capacity change from 0 to 4096
[  314.977547][ T6533] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[  316.051328][ T6549] loop1: detected capacity change from 0 to 128
[  316.127285][ T6533] ntfs3: loop4: ntfs3_write_inode r=1e failed, -22.
[  316.176148][ T6549] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  316.258044][ T6549] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  317.094876][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  317.101683][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  317.418691][ T6563] netlink: 28 bytes leftover after parsing attributes in process `syz.0.593'.
[  318.624052][ T6571] loop1: detected capacity change from 0 to 2048
[  318.743028][ T6572] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  319.499703][ T6588] loop2: detected capacity change from 0 to 512
[  319.590354][ T6579] loop0: detected capacity change from 0 to 40427
[  319.649286][ T6593] loop4: detected capacity change from 0 to 128
[  319.748760][ T6579] F2FS-fs (loop0): invalid crc value
[  319.768975][ T6593] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  319.793625][ T6579] F2FS-fs (loop0): Found nat_bits in checkpoint
[  319.799381][ T6593] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  319.841787][ T6579] F2FS-fs (loop0): Start checkpoint disabled!
[  319.861889][ T6579] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  319.888280][ T6588] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback.
[  319.990516][ T6588] ext4 filesystem being mounted at /116/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  321.153368][ T6609] loop4: detected capacity change from 0 to 256
[  321.178875][ T1272] attempt to access beyond end of device
[  321.178875][ T1272] loop0: rw=2049, want=40976, limit=40427
[  321.236706][ T6609] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  321.344111][ T6591] input input21: cannot allocate more than FF_MAX_EFFECTS effects
[  322.446529][ T6619] loop3: detected capacity change from 0 to 2048
[  322.558282][ T6620] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  323.443698][ T6632] netlink: 20 bytes leftover after parsing attributes in process `syz.3.615'.
[  323.518687][ T6638] loop4: detected capacity change from 0 to 128
[  323.565700][ T6632] device veth0_macvtap left promiscuous mode
[  323.582422][ T6638] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  323.623284][ T6638] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  323.883083][ T6632] device veth0_macvtap entered promiscuous mode
[  323.899246][ T6632] device macvtap0 entered promiscuous mode
[  324.200202][ T6633] loop0: detected capacity change from 0 to 32768
[  324.318972][ T6633] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  324.332548][ T6633] BTRFS info (device loop0): turning on sync discard
[  324.341975][ T6633] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  324.423976][ T6633] BTRFS info (device loop0): use zstd compression, level 3
[  324.505659][ T6633] BTRFS info (device loop0): turning on async discard
[  324.512514][ T6633] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  324.686563][ T6633] BTRFS info (device loop0): trying to use backup root at mount time
[  324.736677][ T6656] loop3: detected capacity change from 0 to 512
[  324.752780][ T6633] BTRFS info (device loop0): enabling auto defrag
[  324.805058][ T6633] BTRFS info (device loop0): using free space tree
[  324.841012][ T6656] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  324.905724][ T6633] BTRFS info (device loop0): has skinny extents
[  324.962850][ T6656] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  325.079439][ T6656] EXT4-fs (loop3): 1 truncate cleaned up
[  325.117460][ T6656] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000001,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,journal_dev=0x00000000000001ff,acl,data=journal,,errors=continue. Quota mode: none.
[  325.203953][  T241] BTRFS warning (device loop0): checksum verify failed on 5337088 wanted 0xe63dbdda found 0xc926492d level 0
[  325.247157][ T6633] BTRFS warning (device loop0): failed to read root (objectid=2): -5
[  325.278072][ T6652] loop1: detected capacity change from 0 to 131072
[  325.294398][  T154] BTRFS warning (device loop0): checksum verify failed on 5324800 wanted 0x9f73850b found 0x80379423 level 0
[  325.316745][ T6633] BTRFS warning (device loop0): couldn't read tree root
[  325.327467][ T6633] BTRFS error (device loop0): parent transid verify failed on 5255168 wanted 5 found 7
[  325.337827][ T6633] BTRFS warning (device loop0): couldn't read tree root
[  325.380852][ T6652] F2FS-fs (loop1): invalid crc value
[  325.425302][ T6652] F2FS-fs (loop1): Found nat_bits in checkpoint
[  325.466999][ T6652] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  325.482851][ T6633] BTRFS info (device loop0): enabling ssd optimizations
[  325.503963][ T6633] BTRFS info (device loop0): clearing free space tree
[  325.543203][ T6633] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  325.622636][ T6633] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  325.782644][ T6690] loop3: detected capacity change from 0 to 2048
[  325.851849][ T6692] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  326.959889][ T6633] BTRFS info (device loop0): creating free space tree
[  327.186553][ T6654] input input22: cannot allocate more than FF_MAX_EFFECTS effects
[  327.220669][ T6633] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  327.450795][ T6633] BTRFS info (device loop0): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  330.038572][ T6720] loop3: detected capacity change from 0 to 256
[  330.217533][ T6722] loop3: detected capacity change from 0 to 128
[  330.247095][ T6722] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  330.313179][ T6722] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  331.600390][ T6750] loop0: detected capacity change from 0 to 2048
[  331.696405][ T6753] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  331.802862][ T4865] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  333.008091][ T6759] input input23: cannot allocate more than FF_MAX_EFFECTS effects
[  333.242946][ T4865] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  334.237704][ T4865] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  334.375805][ T4865] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  335.306403][ T4865] usb 5-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  335.392869][ T4865] usb 5-1: string descriptor 0 read error: -71
[  335.409374][ T4865] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  335.429025][ T4865] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  335.462891][ T4865] usb 5-1: can't set config #1, error -71
[  335.490276][ T4865] usb 5-1: USB disconnect, device number 5
[  337.600022][ T6800] loop3: detected capacity change from 0 to 2048
[  337.729808][ T6801] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  338.072801][ T4865] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  339.152992][ T4865] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  339.197396][ T4865] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  339.303181][ T4865] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  339.633550][ T4865] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  339.707836][ T4865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  339.867634][ T4865] usb 1-1: Product: syz
[  339.943515][ T4865] usb 1-1: Manufacturer: syz
[  339.948177][ T4865] usb 1-1: SerialNumber: syz
[  340.040590][ T6814] input input24: cannot allocate more than FF_MAX_EFFECTS effects
[  340.105015][ T6841] loop4: detected capacity change from 0 to 2048
[  340.112511][ T6846] loop1: detected capacity change from 0 to 128
[  340.126906][ T6846] ufs: Invalid option: "ÿ" or missing value
[  340.133384][ T6846] ufs: wrong mount options
[  340.217465][ T6848] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  340.272384][ T4865] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  340.479200][ T4267] usb 1-1: USB disconnect, device number 4
[  340.513328][ T4267] usblp0: removed
[  340.645234][ T4489] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  341.335437][ T4489] usb 2-1: Using ep0 maxpacket: 32
[  341.400877][ T6872] loop2: detected capacity change from 0 to 40427
[  341.473098][ T4489] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  341.502387][ T6872] F2FS-fs (loop2): invalid crc value
[  341.533061][ T6872] F2FS-fs (loop2): Found nat_bits in checkpoint
[  341.572610][ T6872] F2FS-fs (loop2): Start checkpoint disabled!
[  341.592545][ T6872] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  342.285562][ T6885] loop3: detected capacity change from 0 to 131072
[  342.293091][ T4489] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  342.304477][ T4489] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  342.313371][ T4489] usb 2-1: Product: syz
[  342.317682][ T4489] usb 2-1: Manufacturer: syz
[  342.322519][ T4489] usb 2-1: SerialNumber: syz
[  342.336159][ T4489] usb 2-1: config 0 descriptor??
[  342.353066][ T6856] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  342.376536][ T4489] hub 2-1:0.0: bad descriptor, ignoring hub
[  342.404917][ T6885] F2FS-fs (loop3): Invalid log sectorsize (67108873)
[  342.411787][ T6885] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  342.430295][ T6885] F2FS-fs (loop3): invalid crc value
[  342.466527][ T4489] hub: probe of 2-1:0.0 failed with error -5
[  342.533490][ T6885] F2FS-fs (loop3): Found nat_bits in checkpoint
[  342.676097][ T6885] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  342.683474][ T6885] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  342.766681][ T6856] udc-core: couldn't find an available UDC or it's busy
[  342.822778][ T6856] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  343.001784][   T26] audit: type=1800 audit(1778643976.582:22): pid=6885 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.669" name="file1" dev="loop3" ino=7 res=0 errno=0
[  343.143265][ T6903] netlink: 80 bytes leftover after parsing attributes in process `syz.3.669'.
[  343.216682][ T5820] attempt to access beyond end of device
[  343.216682][ T5820] loop2: rw=2049, want=40976, limit=40427
[  343.303077][ T4267] usb 2-1: USB disconnect, device number 4
[  343.576838][ T6910] input input25: cannot allocate more than FF_MAX_EFFECTS effects
[  343.845332][ T6917] loop4: detected capacity change from 0 to 2048
[  344.103693][ T6919] loop1: detected capacity change from 0 to 40427
[  344.991085][   T26] audit: type=1107 audit(1778643978.082:23): pid=6915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  345.049798][ T6919] F2FS-fs (loop1): invalid crc value
[  345.069117][ T6925] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  345.079047][ T6919] F2FS-fs (loop1): Found nat_bits in checkpoint
[  345.112519][ T6919] F2FS-fs (loop1): Start checkpoint disabled!
[  345.135548][ T6919] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  346.439476][ T6941] loop2: detected capacity change from 0 to 2048
[  346.881374][ T6941] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[  347.696038][ T6946] input: syz1 as /devices/virtual/input/input26
[  348.689312][ T4360] attempt to access beyond end of device
[  348.689312][ T4360] loop1: rw=2049, want=40976, limit=40427
[  349.883297][ T6957] loop1: detected capacity change from 0 to 128
[  349.974195][ T6950] loop4: detected capacity change from 0 to 32768
[  350.238169][ T6957] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  350.674162][ T6957] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  350.966389][ T6964] loop0: detected capacity change from 0 to 4096
[  351.003035][ T6967] input input27: cannot allocate more than FF_MAX_EFFECTS effects
[  351.197416][ T6969] autofs4:pid:6969:autofs_fill_super: called with bogus options
[  351.870808][ T4493] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by udevd (4493)
[  351.957217][ T6972] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  351.982247][   T26] audit: type=1800 audit(1778643985.562:24): pid=6964 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.687" name="file1" dev="loop0" ino=15 res=0 errno=0
[  352.814718][ T6986] loop1: detected capacity change from 0 to 40427
[  353.426113][ T6990] loop3: detected capacity change from 0 to 128
[  353.552752][ T6990] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  353.569134][ T6990] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.588957][ T6993] netlink: 8 bytes leftover after parsing attributes in process `syz.0.695'.
[  353.623178][ T6986] F2FS-fs (loop1): invalid crc value
[  353.633789][ T6986] F2FS-fs (loop1): Found nat_bits in checkpoint
[  353.688562][ T6986] F2FS-fs (loop1): Start checkpoint disabled!
[  353.732568][ T6986] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  354.026749][ T4489] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  354.132006][ T6732] attempt to access beyond end of device
[  354.132006][ T6732] loop1: rw=2049, want=40976, limit=40427
[  354.186366][ T6982] loop4: detected capacity change from 0 to 32768
[  354.235638][ T6982] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  354.245481][ T6982] BTRFS info (device loop4): turning on sync discard
[  354.252230][ T6982] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  354.262485][ T6982] BTRFS info (device loop4): use zstd compression, level 3
[  354.270725][ T6982] BTRFS info (device loop4): turning on async discard
[  354.278124][ T6982] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  354.291492][ T6982] BTRFS info (device loop4): trying to use backup root at mount time
[  354.302496][ T6982] BTRFS info (device loop4): enabling auto defrag
[  354.313802][ T6982] BTRFS info (device loop4): using free space tree
[  354.320560][ T6982] BTRFS info (device loop4): has skinny extents
[  354.618194][ T4489] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  354.632769][ T4489] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.641041][ T4489] usb 1-1: Product: syz
[  354.649739][ T6729] BTRFS warning (device loop4): checksum verify failed on 5337088 wanted 0xe63dbdda found 0xc926492d level 0
[  354.670581][ T7027] input input28: cannot allocate more than FF_MAX_EFFECTS effects
[  354.675396][ T4489] usb 1-1: Manufacturer: syz
[  354.698445][ T6982] BTRFS warning (device loop4): failed to read root (objectid=2): -5
[  354.707284][ T4489] usb 1-1: SerialNumber: syz
[  354.712364][ T4322] BTRFS warning (device loop4): checksum verify failed on 5324800 wanted 0x9f73850b found 0x80379423 level 0
[  354.730424][ T6982] BTRFS warning (device loop4): couldn't read tree root
[  354.743387][ T4489] usb 1-1: config 0 descriptor??
[  354.748714][ T6982] BTRFS error (device loop4): parent transid verify failed on 5255168 wanted 5 found 7
[  354.759228][ T6982] BTRFS warning (device loop4): couldn't read tree root
[  354.804534][ T6982] BTRFS info (device loop4): enabling ssd optimizations
[  354.817547][ T6982] BTRFS info (device loop4): clearing free space tree
[  354.825844][ T4489] usb 1-1: selecting invalid altsetting 3
[  354.838707][ T4489] comedi comedi5: could not set alternate setting 3 in high speed
[  354.847433][ T6982] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  354.878928][ T4489] usbdux 1-1:0.0: driver 'usbdux' failed to auto-configure device.
[  354.893140][ T6982] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  354.971261][ T6982] BTRFS info (device loop4): creating free space tree
[  354.982126][ T4489] usbdux: probe of 1-1:0.0 failed with error -22
[  355.006924][ T7037] loop2: detected capacity change from 0 to 128
[  355.035049][ T4489] usb 1-1: USB disconnect, device number 5
[  355.059753][ T6982] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  355.069407][ T6982] BTRFS info (device loop4): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  355.093689][ T7037] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  355.128852][ T7037] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  355.750231][ T7045] loop1: detected capacity change from 0 to 2048
[  355.805099][ T7047] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  355.931853][ T4490] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  355.955675][ T4492] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 10 /dev/loop4 scanned by udevd (4492)
[  356.210396][ T4489] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  356.281199][ T7056] loop1: detected capacity change from 0 to 256
[  356.433355][ T4490] usb 4-1: unable to get BOS descriptor or descriptor too short
[  356.512828][ T4489] usb 1-1: Using ep0 maxpacket: 8
[  356.627394][ T7056] FAT-fs (loop1): Directory bread(block 64) failed
[  356.639289][ T4490] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[  356.833889][ T7056] FAT-fs (loop1): Directory bread(block 65) failed
[  356.987412][ T7056] FAT-fs (loop1): Directory bread(block 66) failed
[  357.062829][ T7056] FAT-fs (loop1): Directory bread(block 67) failed
[  357.073057][ T4489] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  357.086024][ T4490] usb 4-1: New USB device found, idVendor=0582, idProduct=004c, bcdDevice= 0.40
[  357.148474][ T4489] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.157229][ T4490] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.163658][ T7056] FAT-fs (loop1): Directory bread(block 68) failed
[  357.184018][ T7056] FAT-fs (loop1): Directory bread(block 69) failed
[  357.190649][ T7056] FAT-fs (loop1): Directory bread(block 70) failed
[  357.209433][ T4489] usb 1-1: Product: syz
[  357.214776][ T4490] usb 4-1: Product: syz
[  357.248434][ T7056] FAT-fs (loop1): Directory bread(block 71) failed
[  357.265661][ T7056] FAT-fs (loop1): Directory bread(block 72) failed
[  357.281613][ T7056] FAT-fs (loop1): Directory bread(block 73) failed
[  357.403564][ T4490] usb 4-1: Manufacturer: syz
[  357.408231][ T4490] usb 4-1: SerialNumber: syz
[  357.414996][ T4489] usb 1-1: config 0 descriptor??
[  357.433205][ T4489] usb 1-1: can't set config #0, error -71
[  357.440613][ T4489] usb 1-1: USB disconnect, device number 6
[  358.223913][ T7067] loop2: detected capacity change from 0 to 128
[  358.237902][ T4490] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  358.369854][ T7067] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  358.437422][ T7067] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.462988][ T4490] usb 4-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  358.492845][ T4490] usb 4-1: found format II with max.bitrate = 4, frame size=7372
[  358.934759][ T7082] input input29: cannot allocate more than FF_MAX_EFFECTS effects
[  359.283845][ T4490] usb 4-1: 2:1 : unknown format tag 0x4 is detected.  processed as MPEG.
[  359.313780][ T4490] usb 4-1: found format II with max.bitrate = 4, frame size=7372
[  359.585125][ T4490] usb 4-1: parse_audio_format_rates_v2v3(): unable to retrieve number of sample rates (clock 0)
[  359.690564][ T7094] loop4: detected capacity change from 0 to 2048
[  359.707896][ T4490] usb 4-1: USB disconnect, device number 3
[  360.544795][ T7091] syz.2.712 uses obsolete (PF_INET,SOCK_PACKET)
[  360.617746][ T7099] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  360.672813][ T7101] loop3: detected capacity change from 0 to 1024
[  360.733192][ T7101] EXT4-fs (loop3): Ignoring removed bh option
[  360.739673][ T7101] EXT4-fs (loop3): inline encryption not supported
[  360.763822][ T7101] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  360.790928][ T7104] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.798602][ T7104] bridge0: port 1(bridge_slave_0) entered disabled state
[  360.855234][ T4492] udevd[4492]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  360.867219][ T7101] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,dioread_lock,min_batch_time=0x0000000000000001,auto_da_alloc,nolazytime,nodioread_nolock,errors=remount-ro,dioread_nolock,bh,inlinecrypt,. Quota mode: none.
[  361.017759][ T7110] loop4: detected capacity change from 0 to 2048
[  361.099195][ T7110] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  361.132867][ T7110] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  361.426385][ T7112] loop3: detected capacity change from 0 to 32768
[  363.847625][   T26] audit: type=1800 audit(1778643997.432:25): pid=7113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.718" name="file1" dev="loop4" ino=1346 res=0 errno=0
[  363.911580][ T7112] XFS (loop3): Mounting V5 Filesystem
[  364.027419][ T7136] netlink: 24 bytes leftover after parsing attributes in process `syz.1.722'.
[  364.058783][ T7112] XFS (loop3): Ending clean mount
[  364.069361][ T7112] XFS (loop3): Quotacheck needed: Please wait.
[  364.331235][ T7112] XFS (loop3): Quotacheck: Done.
[  364.361306][ T4197] XFS (loop3): Unmounting Filesystem
[  364.922722][ T7160] loop3: detected capacity change from 0 to 2048
[  364.975158][ T7163] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  366.654481][ T7185] loop1: detected capacity change from 0 to 64
[  366.725465][ T7157] loop4: detected capacity change from 0 to 32768
[  366.738856][ T7187] loop3: detected capacity change from 0 to 512
[  366.823153][ T7157] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.729 (7157)
[  366.823392][ T7187] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  366.865035][ T7187] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  366.909563][ T7187] System zones: 1-12
[  366.936832][ T7187] EXT4-fs (loop3): 1 truncate cleaned up
[  366.945954][ T7187] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,mb_optimize_scan=0x0000000000000001,debug,data=journal,,errors=continue. Quota mode: none.
[  366.978081][ T7157] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  367.044566][ T7157] BTRFS info (device loop4): enabling disk space caching
[  367.106620][ T7157] BTRFS info (device loop4): force clearing of disk cache
[  367.127857][ T7157] BTRFS info (device loop4): disk space caching is enabled
[  367.150007][ T7157] BTRFS info (device loop4): has skinny extents
[  367.908437][ T7212] loop0: detected capacity change from 0 to 2048
[  368.153686][ T7157] BTRFS error (device loop4): open_ctree failed: -12
[  368.154136][ T7212] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x000000000000002d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none.
[  368.180809][ T4493] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by udevd (4493)
[  368.606333][ T7223] tipc: Started in network mode
[  368.611468][ T7223] tipc: Node identity 84e, cluster identity 4711
[  368.617907][ T7223] tipc: Node number set to 2126
[  369.414216][ T7190] loop1: detected capacity change from 0 to 32768
[  369.471701][ T7190] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.739 (7190)
[  369.687000][ T7190] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  369.742465][ T7190] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  369.780001][ T7190] BTRFS info (device loop1): use zstd compression, level 3
[  369.812492][ T7190] BTRFS info (device loop1): using free space tree
[  369.913497][ T7190] BTRFS info (device loop1): has skinny extents
[  370.308827][ T7246] input input30: cannot allocate more than FF_MAX_EFFECTS effects
[  371.084822][ T7249] netlink: 'syz.3.748': attribute type 10 has an invalid length.
[  371.345287][ T7218] loop4: detected capacity change from 0 to 32768
[  372.012180][ T7249] team0: Port device netdevsim0 added
[  372.462786][ T7249] syz.3.748 (7249) used greatest stack depth: 19216 bytes left
[  372.599463][ T7190] BTRFS error (device loop1): open_ctree failed: -12
[  372.606468][ T4493] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop4 scanned by udevd (4493)
[  373.071039][ T7274] loop0: detected capacity change from 0 to 4096
[  373.102265][ T7274] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  373.148673][ T7274] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  373.170912][ T7274] ntfs3: loop0: Failed to load $MFT.
[  373.370803][ T7285] loop0: detected capacity change from 0 to 1024
[  373.417218][ T7285] EXT4-fs (loop0): unsupported inode size: 143
[  373.446902][ T7285] EXT4-fs (loop0): blocksize: 1024
[  373.677626][ T7289] netlink: 4 bytes leftover after parsing attributes in process `syz.3.759'.
[  374.558795][ T7299] loop0: detected capacity change from 0 to 512
[  374.676048][ T7299] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback.
[  374.708199][ T7301] loop3: detected capacity change from 0 to 4096
[  374.743995][ T7299] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  374.835615][ T7301] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  375.167410][ T7301] EXT4-fs (loop3): Test dummy encryption mode enabled
[  375.214385][ T7301] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,mblk_io_submit,nodioread_nolock,test_dummy_encryption,inode_readahead_blks=0x0000000000000000,nodelalloc,minixdf,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  376.956944][ T7326] binder: 7325:7326 unknown command 0
[  376.962371][ T7326] binder: 7325:7326 ioctl c0306201 2000000001c0 returned -22
[  377.031787][ T7326] binder: 7325:7326 ioctl c0306201 2000000002c0 returned -14
[  377.120157][ T7324] loop0: detected capacity change from 0 to 4096
[  377.148837][ T7330] lo speed is unknown, defaulting to 1000
[  377.211726][ T7324] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  378.250110][ T7347] binder: 7345:7347 unknown command 0
[  378.255662][ T7347] binder: 7345:7347 ioctl c0306201 2000000001c0 returned -22
[  378.374966][ T7349] loop1: detected capacity change from 0 to 2048
[  378.534935][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  378.541689][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  378.548623][ T7349] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  379.273514][ T7335] loop4: detected capacity change from 0 to 32768
[  379.375689][ T7335] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.770 (7335)
[  379.480416][ T7335] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  379.568175][ T7335] BTRFS info (device loop4): force clearing of disk cache
[  379.602738][ T7335] BTRFS info (device loop4): enabling auto defrag
[  379.700634][ T7335] BTRFS info (device loop4): max_inline at 0
[  379.715137][ T7362] loop1: detected capacity change from 0 to 256
[  379.731149][ T7335] BTRFS info (device loop4): enabling disk space caching
[  379.782680][ T7335] BTRFS info (device loop4): disk space caching is enabled
[  379.845381][ T7335] BTRFS info (device loop4): has skinny extents
[  379.970747][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  379.988912][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.007025][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.023562][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.041370][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.049172][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.067457][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.087859][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.108183][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.116014][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.132777][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.140483][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.148303][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.156927][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.165645][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.173533][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.182349][ T7051] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[  380.214276][ T7051] hid-generic 0006:0004:0009.0001: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0
[  380.467584][ T7354] loop0: detected capacity change from 0 to 32768
[  380.469505][ T7384] fido_id[7384]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  380.735219][ T7393] loop2: detected capacity change from 0 to 16
[  380.773620][ T7393] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  380.796610][ T7393] cramfs: root is not a directory
[  380.809010][ T4493] udevd[4493]: incorrect cramfs checksum on /dev/loop2
[  381.030727][ T7386] loop1: detected capacity change from 0 to 32768
[  381.047660][ T7335] BTRFS error (device loop4): open_ctree failed: -12
[  381.066238][ T4492] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by udevd (4492)
[  381.078295][ T7354] XFS (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  381.087066][ T7354] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  381.110507][ T7354] XFS (loop0): DAX and reflink cannot be used together!
[  381.310870][ T7386] XFS (loop1): Mounting V5 Filesystem
[  381.407103][ T7386] XFS (loop1): Ending clean mount
[  381.864325][ T4189] XFS (loop1): Unmounting Filesystem
[  383.010082][ T7417] loop3: detected capacity change from 0 to 512
[  383.071055][ T7417] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  383.213573][ T7417] EXT4-fs (loop3): 1 truncate cleaned up
[  383.219293][ T7417] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  383.530117][ T7403] loop4: detected capacity change from 0 to 32768
[  384.012304][ T7403] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.783 (7403)
[  384.134925][ T7403] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  384.337128][ T7403] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  384.562210][ T7403] BTRFS info (device loop4): force lzo compression, level 0
[  384.718874][ T7403] BTRFS info (device loop4): using free space tree
[  384.872905][ T7403] BTRFS info (device loop4): has skinny extents
[  384.920014][ T7403] BTRFS error (device loop4): open_ctree failed: -12
[  384.949622][ T4492] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by udevd (4492)
[  385.156707][ T7452] loop2: detected capacity change from 0 to 16
[  385.202082][ T7452] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  387.383040][ T7470] loop3: detected capacity change from 0 to 128
[  387.604534][ T7470] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  387.833258][ T7470] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  390.616363][ T7505] fuse: Bad value for 'fd'
[  391.538852][ T7513] loop3: detected capacity change from 0 to 1024
[  391.814013][ T7522] loop4: detected capacity change from 0 to 16
[  392.622225][ T7522] erofs: (device loop4): mounted with root inode @ nid 36.
[  392.636019][ T6729] hfsplus: b-tree write err: -5, ino 25
[  392.669117][ T6729] hfsplus: b-tree write err: -5, ino 4
[  392.690712][ T6729] hfsplus: b-tree write err: -5, ino 2
[  392.956060][ T7529] loop1: detected capacity change from 0 to 4096
[  393.436962][ T7533] loop3: detected capacity change from 0 to 8
[  393.548466][ T7533] SQUASHFS error: zstd decompression error: 2
[  393.601997][ T7533] SQUASHFS error: zstd decompression failed, data probably corrupt
[  393.677816][ T7533] SQUASHFS error: Failed to read block 0x62b: -5
[  393.818071][ T7533] SQUASHFS error: Unable to read metadata cache entry [629]
[  393.966576][ T7533] SQUASHFS error: Unable to read directory block [629:ff26]
[  394.590670][ T7543] loop0: detected capacity change from 0 to 1024
[  394.657708][ T7549] fuse: Bad value for 'fd'
[  394.709860][ T7543] EXT4-fs (loop0): Ignoring removed bh option
[  394.729008][ T7543] EXT4-fs (loop0): inline encryption not supported
[  394.771581][ T7543] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  396.228537][ T7543] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,dioread_lock,min_batch_time=0x0000000000000001,auto_da_alloc,nolazytime,nodioread_nolock,errors=remount-ro,dioread_nolock,bh,inlinecrypt,. Quota mode: none.
[  396.418069][ T7563] loop1: detected capacity change from 0 to 512
[  396.473727][ T7563] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  396.551001][ T7563] EXT4-fs (loop1): 1 truncate cleaned up
[  396.582768][ T7563] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  399.771714][ T7584] loop4: detected capacity change from 0 to 16
[  400.733833][ T7584] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  400.752869][ T7584] cramfs: root is not a directory
[  401.152038][ T4492] udevd[4492]: incorrect cramfs checksum on /dev/loop4
[  401.206682][ T7583] loop3: detected capacity change from 0 to 32768
[  401.757475][ T7583] JBD2: Ignoring recovery information on journal
[  401.978450][ T4492] udevd[4492]: incorrect cramfs checksum on /dev/loop4
[  401.989552][ T7583] jbd2_journal_bmap: journal block not found at offset 32 on loop3-75
[  402.083213][ T7583] JBD2: bad block at offset 32
[  402.121102][ T7583] JBD2: recovery failed
[  402.141111][ T7583] (syz.3.831,7583,0):ocfs2_journal_load:1105 ERROR: Failed to load journal!
[  402.221575][ T7589] loop0: detected capacity change from 0 to 8192
[  402.232792][ T7583] (syz.3.831,7583,0):ocfs2_check_volume:2437 ERROR: ocfs2 journal load failed! -5
[  402.295453][ T7583] (syz.3.831,7583,0):ocfs2_check_volume:2493 ERROR: status = -5
[  402.318899][ T7583] (syz.3.831,7583,0):ocfs2_mount_volume:1824 ERROR: status = -5
[  402.406195][ T7598] netlink: 348 bytes leftover after parsing attributes in process `syz.1.834'.
[  402.415770][ T7598] netlink: 4 bytes leftover after parsing attributes in process `syz.1.834'.
[  402.635962][ T7589] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  403.121077][ T7589] REISERFS (device loop0): using ordered data mode
[  403.128049][ T7589] reiserfs: using flush barriers
[  403.137115][ T7589] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  403.166755][ T7589] REISERFS (device loop0): checking transaction log (loop0)
[  403.183761][ T7589] REISERFS (device loop0): Using r5 hash to sort names
[  403.200286][ T7589] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  403.252314][ T7583] (syz.3.831,7583,0):ocfs2_fill_super:1177 ERROR: status = -5
[  403.500236][ T7601] loop1: detected capacity change from 0 to 256
[  405.620288][ T7625] loop3: detected capacity change from 0 to 128
[  405.717535][ T7625] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  405.749723][ T7625] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  406.261097][ T7636] loop3: detected capacity change from 0 to 1024
[  406.315174][ T7632] lo speed is unknown, defaulting to 1000
[  406.388290][ T7636] hfsplus: inconsistency in B*Tree (0,1,255,1,0)
[  406.452237][ T7636] hfsplus: xattr searching failed
[  406.903617][ T7632] chnl_net:caif_netlink_parms(): no params data found
[  407.155560][ T7632] bridge0: port 1(bridge_slave_0) entered blocking state
[  407.203212][ T7632] bridge0: port 1(bridge_slave_0) entered disabled state
[  407.223263][ T7646] loop4: detected capacity change from 0 to 16
[  407.263382][ T7646] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  407.284697][ T7632] device bridge_slave_0 entered promiscuous mode
[  407.298196][ T7646] cramfs: root is not a directory
[  407.323914][ T7632] bridge0: port 2(bridge_slave_1) entered blocking state
[  407.351797][ T7632] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.368194][ T4492] udevd[4492]: incorrect cramfs checksum on /dev/loop4
[  407.387462][ T7632] device bridge_slave_1 entered promiscuous mode
[  407.572745][ T6709] Bluetooth: hci1: command 0x0406 tx timeout
[  407.655114][ T7632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  407.660320][ T7655] loop4: detected capacity change from 0 to 2048
[  407.728457][ T7632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  407.785472][ T7655] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  407.824443][ T7655] UDF-fs: error (device loop4): udf_read_inode: (ino 1376) failed !bh
[  407.890197][ T7655] UDF-fs: error (device loop4): udf_fill_super: Error in udf_iget, block=64, partition=0
[  408.010770][ T7632] team0: Port device team_slave_0 added
[  408.095803][ T7632] team0: Port device team_slave_1 added
[  408.278375][ T6714] Bluetooth: hci5: command 0x0409 tx timeout
[  408.289531][ T7667] loop0: detected capacity change from 0 to 128
[  408.401625][ T7632] batman_adv: batadv0: Adding interface: batadv_slave_0
[  408.433813][ T7667] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  408.482769][ T7632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  408.510509][ T7632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  408.521978][ T7667] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  408.525439][ T7632] batman_adv: batadv0: Adding interface: batadv_slave_1
[  408.539988][ T7632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  408.592191][ T7632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  408.698833][ T7632] device hsr_slave_0 entered promiscuous mode
[  408.829735][ T7632] device hsr_slave_1 entered promiscuous mode
[  408.841908][ T7632] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  408.889302][ T7632] Cannot create hsr debugfs directory
[  409.007622][ T7673] loop1: detected capacity change from 0 to 512
[  409.179443][ T7673] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  409.362007][ T7673] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c118, mo2=0002]
[  409.397821][ T7673] System zones: 1-12
[  409.428213][ T7673] EXT4-fs error (device loop1): ext4_iget_extra_inode:4573: inode #15: comm syz.1.856: corrupted in-inode xattr
[  409.533413][ T7673] EXT4-fs error (device loop1): ext4_orphan_get:1411: comm syz.1.856: couldn't read orphan inode 15 (err -117)
[  409.640994][ T7673] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,nolazytime,debug,noload,min_batch_time=0x000000000000d23b,commit=0x0000000000000005,lazytime,acl,,errors=continue. Quota mode: none.
[  409.726356][ T4302] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  409.813391][ T4360] wlan1: Trigger new scan to find an IBSS to join
[  409.925418][ T4302] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.037737][ T4302] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.161526][ T4302] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.350746][ T6714] Bluetooth: hci5: command 0x041b tx timeout
[  411.089858][ T7632] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  411.183236][ T7632] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  411.249665][ T4302] tipc: Left network mode
[  411.255673][ T7632] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  411.471581][ T7632] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  411.520396][ T7691] loop0: detected capacity change from 0 to 40427
[  411.664542][ T7691] F2FS-fs (loop0): invalid crc value
[  411.697531][ T7691] F2FS-fs (loop0): Found nat_bits in checkpoint
[  411.738809][ T7691] F2FS-fs (loop0): Start checkpoint disabled!
[  411.753837][ T7691] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  411.790191][ T7685] loop3: detected capacity change from 0 to 40427
[  412.016490][ T7685] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  412.076720][ T7685] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  412.172459][ T7685] F2FS-fs (loop3): Found nat_bits in checkpoint
[  412.244147][ T4321] attempt to access beyond end of device
[  412.244147][ T4321] loop0: rw=2049, want=40976, limit=40427
[  412.276477][ T7632] 8021q: adding VLAN 0 to HW filter on device bond0
[  412.327526][ T7685] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  412.342667][ T7685] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  412.372830][ T5197] Bluetooth: hci5: command 0x040f tx timeout
[  412.381975][ T7632] 8021q: adding VLAN 0 to HW filter on device team0
[  412.429384][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  412.450128][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  412.488997][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  412.501551][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  412.519674][ T6731] bridge0: port 1(bridge_slave_0) entered blocking state
[  412.526808][ T6731] bridge0: port 1(bridge_slave_0) entered forwarding state
[  412.671104][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  412.679417][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  412.750510][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  412.774079][ T6731] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.781209][ T6731] bridge0: port 2(bridge_slave_1) entered forwarding state
[  412.860123][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  412.879162][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  412.932512][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  412.948836][ T7713] loop0: detected capacity change from 0 to 512
[  412.964438][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  413.001404][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  413.043258][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  413.078439][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  413.100777][ T7713] EXT4-fs error (device loop0): ext4_orphan_get:1406: inode #15: comm syz.0.862: iget: bad i_size value: 38620345925642
[  413.152045][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  413.168676][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  413.189575][ T7713] EXT4-fs error (device loop0): ext4_orphan_get:1411: comm syz.0.862: couldn't read orphan inode 15 (err -117)
[  413.235770][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  413.252490][ T7713] EXT4-fs (loop0): mounted filesystem without journal. Opts: quota,delalloc,acl,journal_dev=0x0000000000000011,usrjquota=,bsdgroups,,errors=continue. Quota mode: writeback.
[  413.322267][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  413.374279][ T7632] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  413.467908][ T7719] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.862: bg 0: block 5: invalid block bitmap
[  413.564563][ T7719] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 376 with error 28
[  413.630165][ T7719] EXT4-fs (loop0): This should not happen!! Data will be lost
[  413.630165][ T7719] 
[  413.677158][ T7719] EXT4-fs (loop0): Total free blocks count 0
[  413.799891][ T7719] EXT4-fs (loop0): Free/Dirty block details
[  413.810719][ T7725] loop1: detected capacity change from 0 to 128
[  413.818043][ T4321] wlan1: Trigger new scan to find an IBSS to join
[  413.915599][ T7719] EXT4-fs (loop0): free_blocks=0
[  413.937553][ T7725] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  413.959468][ T7719] EXT4-fs (loop0): dirty_blocks=376
[  414.019476][ T7719] EXT4-fs (loop0): Block reservation details
[  414.030370][ T7725] ext4 filesystem being mounted at /157/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  414.051445][ T7719] EXT4-fs (loop0): i_reserved_data_blocks=376
[  414.076456][ T7713] EXT4-fs (loop0): shut down requested (0)
[  414.226670][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  414.247478][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  414.462914][ T5197] Bluetooth: hci5: command 0x0419 tx timeout
[  414.712363][ T7632] 8021q: adding VLAN 0 to HW filter on device batadv0
[  414.944332][ T7752] loop1: detected capacity change from 0 to 512
[  415.033861][ T6733] wlan1: Creating new IBSS network, BSSID ae:85:49:6e:77:d1
[  415.249963][ T7752] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2757: inode #11: comm syz.1.868: corrupted xattr block 95
[  415.282595][ T4302] device hsr_slave_0 left promiscuous mode
[  415.320072][ T4302] device hsr_slave_1 left promiscuous mode
[  415.508246][ T7752] EXT4-fs (loop1): Remounting filesystem read-only
[  415.630610][ T4302] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  415.699067][ T4302] batman_adv: batadv0: Removing interface: batadv_slave_0
[  415.776228][ T7752] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.868: bg 0: block 7: invalid block bitmap
[  416.114626][ T7752] EXT4-fs (loop1): Remounting filesystem read-only
[  416.126635][ T4302] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.160955][ T7752] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6191: Corrupt filesystem
[  416.171293][ T7752] EXT4-fs (loop1): Remounting filesystem read-only
[  416.181692][ T7752] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2923: inode #11: comm syz.1.868: corrupted xattr block 95
[  416.192883][ T4302] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.203840][ T7752] EXT4-fs (loop1): Remounting filesystem read-only
[  416.257041][ T7775] loop3: detected capacity change from 0 to 256
[  416.264491][ T7776] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  416.536829][ T4302] device bridge_slave_1 left promiscuous mode
[  416.611724][ T7752] EXT4-fs warning (device loop1): ext4_evict_inode:304: xattr delete (err -117)
[  416.656648][ T7779] loop0: detected capacity change from 0 to 512
[  416.701859][ T7779] EXT4-fs (loop0): Ignoring removed orlov option
[  416.709512][ T7779] EXT4-fs (loop0): Test dummy encryption mode enabled
[  416.716601][ T7779] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  416.759861][ T4302] bridge0: port 2(bridge_slave_1) entered disabled state
[  416.887690][ T7779] EXT4-fs (loop0): 1 truncate cleaned up
[  416.893643][ T7779] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,quota,barrier=0x0000000000000003,orlov,test_dummy_encryption=v1,jqfmt=vfsv1,data_err=ignore,nogrpid,,errors=continue. Quota mode: writeback.
[  417.113698][ T7779] EXT4-fs (loop0): re-mounted. Opts: . Quota mode: writeback.
[  417.498652][ T7752] EXT4-fs (loop1): 1 orphan inode deleted
[  417.705143][ T7752] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,errors=remount-ro,init_itable,block_validity,noquota,lazytime,. Quota mode: none.
[  418.077604][ T4302] device bridge_slave_0 left promiscuous mode
[  418.144329][ T7752] EXT4-fs warning (device loop1): ext4_resize_begin:73: won't resize using backup superblock at 1
[  418.374364][ T4302] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.260913][ T4302] device veth1_macvtap left promiscuous mode
[  419.302236][ T4302] device veth0_macvtap left promiscuous mode
[  419.533181][ T4302] device veth1_vlan left promiscuous mode
[  419.540643][ T4302] device veth0_vlan left promiscuous mode
[  419.726106][ T7794] loop4: detected capacity change from 0 to 128
[  420.174387][ T7794] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  420.273115][ T7794] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.750914][ T4302] team0 (unregistering): Port device team_slave_1 removed
[  420.809602][ T4302] team0 (unregistering): Port device team_slave_0 removed
[  420.999173][ T4302] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  421.111506][ T4302] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.592915][ T7813] loop4: detected capacity change from 0 to 2048
[  421.760145][ T7820] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  422.129182][ T4302] bond0 (unregistering): Released all slaves
[  422.830355][ T7819] loop0: detected capacity change from 0 to 32768
[  423.003777][ T7819] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  423.335768][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  423.361052][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  423.418153][ T7632] device veth0_vlan entered promiscuous mode
[  423.445670][ T4196] ocfs2: Unmounting device (7,0) on (node local)
[  423.462182][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  423.476829][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  423.513830][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  423.552268][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  423.586985][ T7632] device veth1_vlan entered promiscuous mode
[  423.636261][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  423.647580][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  423.704938][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  423.745859][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  423.808910][ T7632] device veth0_macvtap entered promiscuous mode
[  423.901242][ T7632] device veth1_macvtap entered promiscuous mode
[  424.634761][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.757268][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.802718][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.831767][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.882753][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.907454][ T7859] loop3: detected capacity change from 0 to 128
[  424.922653][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  424.955302][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  424.986825][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.063987][ T7632] batman_adv: batadv0: Interface activated: batadv_slave_0
[  425.145879][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.159413][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.193537][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.265505][ T7859] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  425.270305][ T7865] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  425.302759][ T7859] ext4 filesystem being mounted at /189/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  425.318029][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.329624][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.340471][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.350365][ T7632] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  425.360859][ T7632] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  425.374250][ T7632] batman_adv: batadv0: Interface activated: batadv_slave_1
[  425.381945][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  425.425002][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  425.487852][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  425.512846][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  425.536705][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  425.569250][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  425.616443][ T7632] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  425.649812][ T7841] loop4: detected capacity change from 0 to 32768
[  425.659251][ T7632] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  425.693915][ T7632] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  425.750227][ T7632] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  425.824726][ T7841] XFS (loop4): Mounting V5 Filesystem
[  426.050641][ T1232] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.172749][ T1232] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.221604][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  426.253827][ T1272] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  426.280348][ T7841] XFS (loop4): Ending clean mount
[  426.321613][ T1272] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  426.381563][ T7883] loop3: detected capacity change from 0 to 40427
[  426.392135][ T6733] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  426.417335][ T4190] XFS (loop4): Unmounting Filesystem
[  426.445850][ T7883] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  426.453901][ T7883] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  426.467283][ T7883] F2FS-fs (loop3): invalid crc value
[  426.531003][ T7883] F2FS-fs (loop3): Found nat_bits in checkpoint
[  426.625101][ T7883] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  426.632247][ T7883] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  430.069926][ T7911] loop4: detected capacity change from 0 to 2048
[  430.781536][ T7925] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  431.420416][ T7918] loop0: detected capacity change from 0 to 4096
[  432.461169][ T7940] loop5: detected capacity change from 0 to 128
[  432.649884][ T7940] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  432.707396][ T7947] loop4: detected capacity change from 0 to 64
[  432.722797][ T7940] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.162178][ T7937] loop3: detected capacity change from 0 to 32768
[  434.427660][ T7965] loop5: detected capacity change from 0 to 40427
[  434.432041][ T7937] JBD2: Ignoring recovery information on journal
[  434.532765][ T7965] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  434.540705][ T7965] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  434.554566][ T7965] F2FS-fs (loop5): invalid crc value
[  434.624328][ T7965] F2FS-fs (loop5): Found nat_bits in checkpoint
[  434.656965][ T7937] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  434.687516][ T7965] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  434.694731][ T7965] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  435.028758][ T4197] ocfs2: Unmounting device (7,3) on (node local)
[  436.092646][ T7991] loop1: detected capacity change from 0 to 128
[  436.644971][ T7991] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  436.656807][ T7991] hpfs: filesystem error: improperly stopped
[  436.662882][ T7991] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  436.670637][ T7991] hpfs: You really don't want any checks? You are crazy...
[  436.678443][ T7991] hpfs: hpfs_map_sector(): read error
[  436.683873][ T7991] hpfs: code page support is disabled
[  436.690937][ T7991] hpfs: hpfs_map_4sectors(): unaligned read
[  436.696959][ T7991] hpfs: hpfs_map_4sectors(): unaligned read
[  436.702913][ T7991] hpfs: filesystem error: unable to find root dir
[  437.122221][ T8005] loop1: detected capacity change from 0 to 2048
[  437.208857][ T8006] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  439.914093][ T8024] loop3: detected capacity change from 0 to 128
[  439.985627][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  439.992023][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.020916][ T8024] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  440.043415][ T8024] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  440.253433][ T4196] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  440.262151][ T4196] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  441.170149][ T8046] loop1: detected capacity change from 0 to 512
[  441.304219][ T8046] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  441.316527][ T8046] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  444.212353][ T8074] netlink: 104 bytes leftover after parsing attributes in process `syz.1.923'.
[  444.338396][ T8073] loop0: detected capacity change from 0 to 2048
[  444.525283][ T8083] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  444.777912][ T8085] loop1: detected capacity change from 0 to 512
[  444.825908][ T8085] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  444.843662][ T8085] EXT4-fs (loop1): 1 truncate cleaned up
[  444.849487][ T8085] EXT4-fs (loop1): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,block_validity,errors=remount-ro,nombcache,. Quota mode: none.
[  445.063632][ T6729] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  446.919123][ T8106] loop4: detected capacity change from 0 to 1764
[  448.031949][ T8121] loop1: detected capacity change from 0 to 1024
[  448.259485][ T8100] loop5: detected capacity change from 0 to 32768
[  448.423739][ T8100] JBD2: Ignoring recovery information on journal
[  448.510994][ T8100] jbd2_journal_bmap: journal block not found at offset 32 on loop5-75
[  448.580589][ T8100] JBD2: bad block at offset 32
[  448.593928][ T8125] loop4: detected capacity change from 0 to 40427
[  448.661016][ T8129] loop0: detected capacity change from 0 to 2048
[  448.700311][ T8133] loop3: detected capacity change from 0 to 1024
[  448.709942][ T8125] F2FS-fs (loop4): build fault injection attr: rate: 14, type: 0x1ffff
[  448.740863][ T8125] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0xe4
[  448.751058][ T8100] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  448.762419][ T8133] EXT4-fs (loop3): Ignoring removed bh option
[  448.814820][ T8125] F2FS-fs (loop4): invalid crc value
[  448.857366][ T8129] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  448.870025][ T8125] F2FS-fs (loop4): Found nat_bits in checkpoint
[  448.881921][ T8133] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c028, mo2=0002]
[  448.906980][ T8133] System zones: 0-1, 3-12
[  448.912834][ T8129] ext4 filesystem being mounted at /194/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  448.984804][ T8133] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,dioread_lock,barrier=0x0000000000000004,user_xattr,stripe=0x0000000000005dee,debug,errors=remount-ro,user_xattr,bh,init_itable,. Quota mode: none.
[  449.059580][ T7632] ocfs2: Unmounting device (7,5) on (node local)
[  449.198179][ T8146] loop1: detected capacity change from 0 to 2048
[  449.269841][ T8148] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  449.437760][ T8125] F2FS-fs (loop4) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x43c/0xaa0
[  449.722104][ T8133] EXT4-fs error (device loop3): ext4_check_all_de:667: inode #12: block 7: comm syz.3.935: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  449.809330][ T8133] EXT4-fs (loop3): Remounting filesystem read-only
[  449.920031][ T8150] netlink: 28 bytes leftover after parsing attributes in process `syz.5.937'.
[  449.970270][ T8125] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  450.063084][ T8125] F2FS-fs (loop4) : inject no more block in inc_valid_node_count of f2fs_new_node_page+0x185/0x8f0
[  450.093156][ T8156] loop1: detected capacity change from 0 to 1024
[  450.161074][ T8125] F2FS-fs (loop4) : inject page alloc in f2fs_grab_cache_page of f2fs_get_read_data_page+0xf7/0x580
[  450.166686][ T8156] hfsplus: unable to parse mount options
[  450.243315][ T8164] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 36
[  450.389948][ T4190] attempt to access beyond end of device
[  450.389948][ T4190] loop4: rw=2049, want=45112, limit=40427
[  451.271302][ T8156] loop1: detected capacity change from 0 to 32768
[  451.336688][ T8156] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 scanned by syz.1.938 (8156)
[  451.495265][ T8156] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  451.546727][ T8156] BTRFS info (device loop1): force zlib compression, level 3
[  451.555347][ T8187] xt_NFQUEUE: number of queues (8) out of range (got 65537)
[  451.623037][ T8156] BTRFS info (device loop1): turning on flush-on-commit
[  451.630100][ T8156] BTRFS info (device loop1): max_inline at 4096
[  451.717834][ T8156] BTRFS info (device loop1): using free space tree
[  451.758320][ T8156] BTRFS info (device loop1): has skinny extents
[  452.640052][ T8156] BTRFS info (device loop1): enabling ssd optimizations
[  452.655315][ T8220] loop4: detected capacity change from 0 to 2048
[  453.143895][ T8225] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  453.724792][ T4492] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 9 /dev/loop1 scanned by udevd (4492)
[  455.140873][ T8249] loop3: detected capacity change from 0 to 8192
[  455.257742][ T8249] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  455.316065][ T8249] REISERFS (device loop3): using ordered data mode
[  455.367452][ T8249] reiserfs: using flush barriers
[  455.412810][ T8249] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  455.444351][ T8249] REISERFS (device loop3): checking transaction log (loop3)
[  455.466286][ T8249] REISERFS (device loop3): Using r5 hash to sort names
[  455.483367][ T8249] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  456.198997][ T8259] loop5: detected capacity change from 0 to 4096
[  456.338492][ T8270] loop1: detected capacity change from 0 to 2048
[  456.785865][ T8259] ntfs: (device loop5): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  457.531227][ T8259] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  458.235161][ T8282] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  458.491917][ T8259] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  458.506253][ T8259] ntfs: volume version 3.1.
[  458.829144][ T7632] ntfs: (device loop5): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  458.844595][ T8285] overlayfs: failed to resolve './file0': -2
[  458.895741][ T8287] loop3: detected capacity change from 0 to 1024
[  458.962257][ T8287] hfsplus: unable to parse mount options
[  460.732333][ T8315] loop5: detected capacity change from 0 to 256
[  460.778372][ T8315] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  460.803291][ T8315] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  460.856024][ T8315] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  462.022260][   T26] audit: type=1800 audit(1778644095.442:26): pid=8330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.970" name="file1" dev="loop5" ino=1048618 res=0 errno=0
[  462.380278][ T8345] loop3: detected capacity change from 0 to 64
[  462.457446][ T8335] loop4: detected capacity change from 0 to 40427
[  462.570818][ T8335] F2FS-fs (loop4): invalid crc value
[  462.605752][ T8335] F2FS-fs (loop4): Found nat_bits in checkpoint
[  462.655046][ T8345] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  462.688138][ T8335] F2FS-fs (loop4): Start checkpoint disabled!
[  463.084869][ T8335] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  463.954297][ T8366] loop1: detected capacity change from 0 to 40427
[  464.152887][ T8366] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  464.160774][ T8366] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  464.173336][ T8366] F2FS-fs (loop1): invalid crc value
[  464.536952][ T8366] F2FS-fs (loop1): Found nat_bits in checkpoint
[  464.609339][ T8366] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  464.616651][ T8366] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  464.652941][ T8383] loop5: detected capacity change from 0 to 2048
[  464.735297][ T6732] attempt to access beyond end of device
[  464.735297][ T6732] loop4: rw=2049, want=40976, limit=40427
[  464.780943][ T8383] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  464.849735][ T8383] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  464.939051][ T8383] EXT4-fs (loop5): shut down requested (1)
[  465.799059][ T8398] loop5: detected capacity change from 0 to 128
[  465.950385][ T8398] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  465.989540][ T8398] hpfs: filesystem error: improperly stopped
[  466.021197][ T8398] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  466.048418][ T8398] hpfs: You really don't want any checks? You are crazy...
[  466.061048][ T8398] hpfs: hpfs_map_sector(): read error
[  466.097169][ T8398] hpfs: code page support is disabled
[  466.117452][ T8398] hpfs: hpfs_map_4sectors(): unaligned read
[  466.142797][ T8398] hpfs: hpfs_map_4sectors(): unaligned read
[  466.167932][ T8398] hpfs: filesystem error: unable to find root dir
[  466.218410][ T8372] loop3: detected capacity change from 0 to 32768
[  466.289828][ T8372] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.982 (8372)
[  466.525744][ T8372] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  466.564941][ T8372] BTRFS info (device loop3): enabling disk space caching
[  466.635614][ T8372] BTRFS info (device loop3): force clearing of disk cache
[  466.672758][ T8372] BTRFS info (device loop3): disk space caching is enabled
[  466.692737][ T8372] BTRFS info (device loop3): has skinny extents
[  468.242819][ T8372] BTRFS error (device loop3): open_ctree failed: -12
[  468.944947][ T4492] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by udevd (4492)
[  469.226352][ T8469] loop4: detected capacity change from 0 to 64
[  469.650637][ T4190] BFS-fs: bfs_iget(): Bad inode number loop4:0000fe02
[  469.694721][ T4190] BFS-fs: bfs_iget(): Bad inode number loop4:0000fe02
[  470.139149][ T8485] loop5: detected capacity change from 0 to 512
[  470.287572][ T8485] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  470.383289][ T8475] loop3: detected capacity change from 0 to 32768
[  471.233069][ T8475] XFS (loop3): Mounting V5 Filesystem
[  471.503486][ T8475] XFS (loop3): Ending clean mount
[  472.038824][ T4197] XFS (loop3): Unmounting Filesystem
[  472.968808][ T8523] lo speed is unknown, defaulting to 1000
[  473.391384][ T8523] chnl_net:caif_netlink_parms(): no params data found
[  474.200439][ T8523] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.274420][ T8523] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.317142][ T8551] loop5: detected capacity change from 0 to 40427
[  474.371274][ T8523] device bridge_slave_0 entered promiscuous mode
[  474.382145][ T8551] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  474.390807][ T8551] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  474.414584][ T8551] F2FS-fs (loop5): invalid crc value
[  474.486916][ T8523] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.502862][ T8523] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.520042][ T8523] device bridge_slave_1 entered promiscuous mode
[  475.350725][ T4866] Bluetooth: hci0: command 0x0409 tx timeout
[  475.410093][ T8523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  475.425414][ T8523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  475.491258][ T8551] F2FS-fs (loop5): Found nat_bits in checkpoint
[  475.543835][ T8551] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  475.551483][ T8551] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  475.827056][ T8523] team0: Port device team_slave_0 added
[  475.848945][ T8523] team0: Port device team_slave_1 added
[  476.024407][ T8523] batman_adv: batadv0: Adding interface: batadv_slave_0
[  476.043975][ T8523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.145502][ T8523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  476.186865][ T8523] batman_adv: batadv0: Adding interface: batadv_slave_1
[  476.200945][ T8523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.258975][ T8523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  476.378726][ T8523] device hsr_slave_0 entered promiscuous mode
[  476.396099][ T8523] device hsr_slave_1 entered promiscuous mode
[  476.411877][ T8523] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  476.428437][ T8523] Cannot create hsr debugfs directory
[  476.738806][ T1232] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  476.793109][ T8601] loop3: detected capacity change from 0 to 256
[  476.901796][ T8601] FAT-fs (loop3): Directory bread(block 64) failed
[  476.934434][ T8601] FAT-fs (loop3): Directory bread(block 65) failed
[  476.941081][ T8601] FAT-fs (loop3): Directory bread(block 66) failed
[  476.952877][ T8523] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  477.001778][ T8523] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  477.018875][ T8601] FAT-fs (loop3): Directory bread(block 67) failed
[  477.052604][ T8601] FAT-fs (loop3): Directory bread(block 68) failed
[  477.072587][ T8523] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  477.083111][ T8601] FAT-fs (loop3): Directory bread(block 69) failed
[  477.089844][ T8601] FAT-fs (loop3): Directory bread(block 70) failed
[  477.148433][ T8523] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  477.186756][ T8601] FAT-fs (loop3): Directory bread(block 71) failed
[  477.254170][ T8601] FAT-fs (loop3): Directory bread(block 72) failed
[  477.295384][ T8601] FAT-fs (loop3): Directory bread(block 73) failed
[  477.514336][ T4866] Bluetooth: hci0: command 0x041b tx timeout
[  477.647459][ T8523] 8021q: adding VLAN 0 to HW filter on device bond0
[  477.708506][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  477.731394][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  477.834550][ T8523] 8021q: adding VLAN 0 to HW filter on device team0
[  477.917583][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  477.937133][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  477.957373][ T6732] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.964541][ T6732] bridge0: port 1(bridge_slave_0) entered forwarding state
[  478.045262][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  478.086308][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  478.126758][ T6732] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.133943][ T6732] bridge0: port 2(bridge_slave_1) entered forwarding state
[  478.195993][ T8619] loop1: detected capacity change from 0 to 40427
[  478.222826][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  478.263752][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  478.281555][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  478.308915][ T8619] F2FS-fs (loop1): invalid crc value
[  478.325063][ T8619] F2FS-fs (loop1): Found nat_bits in checkpoint
[  478.348761][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  478.382299][ T8619] F2FS-fs (loop1): Start checkpoint disabled!
[  478.409318][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  478.417446][ T8619] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  478.430152][ T6732] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  478.453634][ T8621] lo speed is unknown, defaulting to 1000
[  478.570447][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  478.682428][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  478.791171][  T241] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  478.818211][  T241] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  478.858503][  T241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  478.903509][  T241] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  478.914825][ T8523] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  478.995289][ T4360] attempt to access beyond end of device
[  478.995289][ T4360] loop1: rw=2049, want=40976, limit=40427
[  479.235730][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  479.243789][ T4351] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  479.276248][ T8523] 8021q: adding VLAN 0 to HW filter on device batadv0
[  479.602761][ T4233] Bluetooth: hci0: command 0x040f tx timeout
[  480.982437][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  481.004954][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  481.126327][ T8653] netlink: 'syz.1.1031': attribute type 10 has an invalid length.
[  481.163751][ T8653] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  481.198436][ T8654] netlink: 'syz.1.1031': attribute type 10 has an invalid length.
[  481.244479][ T8654] bond0: (slave netdevsim0): Releasing backup interface
[  481.292368][ T8654] team0: Port device netdevsim0 added
[  481.309008][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  481.327993][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  481.359124][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  481.397708][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  481.564502][ T8523] device veth0_vlan entered promiscuous mode
[  481.635312][ T8523] device veth1_vlan entered promiscuous mode
[  481.659154][ T8661] loop5: detected capacity change from 0 to 1024
[  481.854322][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  481.864245][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  481.892538][ T1232] hfsplus: b-tree write err: -5, ino 25
[  481.901110][ T1232] hfsplus: b-tree write err: -5, ino 4
[  481.927286][ T1232] hfsplus: b-tree write err: -5, ino 2
[  481.939229][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  481.986667][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  482.033519][ T7050] Bluetooth: hci0: command 0x0419 tx timeout
[  482.060517][ T8523] device veth0_macvtap entered promiscuous mode
[  482.116204][ T8523] device veth1_macvtap entered promiscuous mode
[  482.189694][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.215207][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.269712][ T8666] loop5: detected capacity change from 0 to 512
[  482.276238][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.312651][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.364861][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.395018][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.412684][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.432693][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.452555][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  482.466303][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.484991][ T8523] batman_adv: batadv0: Interface activated: batadv_slave_0
[  482.498268][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  482.511481][ T6731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  482.527071][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.540303][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.556586][ T8666] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  482.568926][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.613866][ T8666] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  482.627568][ T8666] System zones: 1-12
[  482.631637][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.800163][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  483.814316][ T8666] EXT4-fs (loop5): 1 truncate cleaned up
[  483.819999][ T8666] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,mb_optimize_scan=0x0000000000000001,debug,data=journal,,errors=continue. Quota mode: none.
[  483.906178][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  483.972698][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.066585][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  484.721440][ T8523] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  484.965469][ T8523] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  485.023331][ T8523] batman_adv: batadv0: Interface activated: batadv_slave_1
[  485.170685][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  485.210441][ T6729] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  485.263735][ T8523] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  485.295075][ T8523] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  485.339679][ T8523] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  485.390474][ T8523] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  485.484230][ T8684] loop1: detected capacity change from 0 to 40427
[  485.536668][ T8684] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  485.545525][ T8684] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  485.584554][ T8684] F2FS-fs (loop1): invalid crc value
[  485.645867][ T8684] F2FS-fs (loop1): Found nat_bits in checkpoint
[  485.764480][ T8684] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  485.771604][ T8684] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  485.790135][ T4321] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.819038][ T4321] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.907294][ T1232] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  485.958503][ T8693] loop5: detected capacity change from 0 to 64
[  485.970140][ T1232] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.014681][ T1232] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  486.040743][ T8695] overlayfs: failed to resolve './file2': -2
[  486.077809][ T4321] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  487.274897][ T8703] loop6: detected capacity change from 0 to 256
[  487.292384][ T8704] loop5: detected capacity change from 0 to 512
[  487.571327][ T8704] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  487.657856][ T8704] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  487.699162][ T8704] System zones: 1-12
[  487.734348][ T8704] EXT4-fs (loop5): 1 truncate cleaned up
[  487.740061][ T8704] EXT4-fs (loop5): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,mb_optimize_scan=0x0000000000000001,debug,data=journal,,errors=continue. Quota mode: none.
[  488.824929][ T8728] loop1: detected capacity change from 0 to 64
[  491.234723][ T8740] tipc: Started in network mode
[  491.239908][ T8740] tipc: Node identity 84e, cluster identity 4711
[  491.246468][ T8740] tipc: Node number set to 2126
[  495.261667][ T8753] loop5: detected capacity change from 0 to 512
[  495.471378][ T8753] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  495.693786][ T8753] EXT4-fs (loop5): 1 truncate cleaned up
[  495.764697][ T8753] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  496.394919][ T8753] EXT4-fs error (device loop5): __ext4_get_inode_loc:4334: comm syz.5.1059: Invalid inode table block 4265287789 in block_group 0
[  496.457352][ T8753] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  496.683711][ T8776] loop6: detected capacity change from 0 to 1024
[  496.732890][ T8776] EXT4-fs (loop6): Ignoring removed nobh option
[  496.739294][ T8776] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  496.867269][ T8776] EXT4-fs (loop6): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  497.513859][ T8761] loop3: detected capacity change from 0 to 32768
[  497.681775][ T8761] XFS (loop3): Mounting V5 Filesystem
[  497.933035][ T8761] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  499.273182][ T8761] XFS (loop3): Starting recovery (logdev: internal)
[  499.318384][ T8761] XFS (loop3): Ending recovery (logdev: internal)
[  499.346046][ T8785] loop5: detected capacity change from 0 to 32768
[  499.653925][ T8808] netlink: 'syz.0.1070': attribute type 2 has an invalid length.
[  500.327702][ T4197] XFS (loop3): Unmounting Filesystem
[  500.434498][ T8785] XFS (loop5): Mounting V5 Filesystem
[  500.553377][ T8785] XFS (loop5): Ending clean mount
[  500.753186][ T7632] XFS (loop5): Unmounting Filesystem
[  502.258123][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  502.264615][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  504.176611][ T8838] loop1: detected capacity change from 0 to 1024
[  504.246356][ T8838] EXT4-fs (loop1): Ignoring removed nobh option
[  504.252906][ T8838] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  504.433220][ T8838] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  505.046023][ T8844] loop6: detected capacity change from 0 to 512
[  505.062263][ T8844] EXT4-fs (loop6): Ignoring removed orlov option
[  505.156208][ T8844] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpquota,nogrpid,orlov,,errors=continue. Quota mode: writeback.
[  505.294618][ T8844] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.335661][ T8844] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1081'.
[  506.376168][ T8860] autofs4:pid:8860:autofs_fill_super: called with bogus options
[  507.310884][ T4231] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  507.645339][ T4231] usb 4-1: device descriptor read/64, error -71
[  508.785964][ T4248] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  508.822757][ T4231] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  509.769218][ T8886] loop1: detected capacity change from 0 to 2048
[  509.823841][ T5820] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  509.922404][ T8886] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  510.789736][ T8896] loop5: detected capacity change from 0 to 2048
[  510.909086][ T8899] loop3: detected capacity change from 0 to 1024
[  513.250522][ T8899] EXT4-fs (loop3): Ignoring removed nobh option
[  513.257298][ T8899] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  513.397601][ T8899] EXT4-fs (loop3): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  513.463942][ T8896] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  514.699660][ T1232] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  514.773076][ T1232] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  514.812681][ T1232] EXT4-fs (loop5): This should not happen!! Data will be lost
[  514.812681][ T1232] 
[  514.831337][ T1232] EXT4-fs (loop5): Total free blocks count 0
[  514.863234][ T1232] EXT4-fs (loop5): Free/Dirty block details
[  514.869239][ T1232] EXT4-fs (loop5): free_blocks=4096
[  514.892684][ T1232] EXT4-fs (loop5): dirty_blocks=32
[  514.913075][ T1232] EXT4-fs (loop5): Block reservation details
[  514.919113][ T1232] EXT4-fs (loop5): i_reserved_data_blocks=2
[  514.963598][ T4360] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  514.990441][ T4360] EXT4-fs (loop5): This should not happen!! Data will be lost
[  514.990441][ T4360] 
[  516.270581][ T8929] loop6: detected capacity change from 0 to 4096
[  516.414573][ T8915] loop3: detected capacity change from 0 to 32768
[  516.489976][ T8915] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1098 (8915)
[  517.387574][ T8915] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  517.476871][ T8915] BTRFS info (device loop3): setting nodatacow, compression disabled
[  517.522693][ T8915] BTRFS info (device loop3): force clearing of disk cache
[  517.548359][ T8928] loop5: detected capacity change from 0 to 32768
[  517.554958][ T8915] BTRFS info (device loop3): turning off barriers
[  517.561400][ T8915] BTRFS info (device loop3): use no compression
[  517.568867][ T8915] BTRFS info (device loop3): disabling free space tree
[  517.576034][ T8915] BTRFS info (device loop3): enabling ssd optimizations
[  517.583399][ T8915] BTRFS info (device loop3): using spread ssd allocation scheme
[  517.591081][ T8915] BTRFS info (device loop3): not using ssd optimizations
[  517.600838][ T8915] BTRFS info (device loop3): not using spread ssd allocation scheme
[  517.611940][ T8915] BTRFS info (device loop3): has skinny extents
[  517.779314][ T8928] XFS (loop5): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  517.848102][ T8954] autofs4:pid:8954:autofs_fill_super: called with bogus options
[  518.615984][ T8928] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  518.654111][ T8928] XFS (loop5): DAX and reflink cannot be used together!
[  518.756166][ T8966] loop1: detected capacity change from 0 to 2048
[  518.847584][ T8966] EXT4-fs (loop1): can't mount with journal_checksum, fs mounted w/o journal
[  518.987551][ T8915] BTRFS error (device loop3): open_ctree failed: -12
[  519.380239][ T8973] input: syz1 as /devices/virtual/input/input33
[  521.976256][ T6732] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.039462][ T6732] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.156861][ T6732] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.250083][ T6732] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  522.337610][ T8988] loop6: detected capacity change from 0 to 512
[  522.496482][ T8988] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  522.554730][ T8988] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c018, mo2=0002]
[  522.581230][ T8988] System zones: 1-12
[  522.613333][ T8988] EXT4-fs (loop6): 1 truncate cleaned up
[  522.619168][ T8988] EXT4-fs (loop6): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,max_batch_time=0x0000000000000002,debug_want_extra_isize=0x000000000000006a,mb_optimize_scan=0x0000000000000001,debug,data=journal,,errors=continue. Quota mode: none.
[  524.836214][ T9018] autofs4:pid:9018:autofs_fill_super: called with bogus options
[  526.051345][ T9039] loop6: detected capacity change from 0 to 2048
[  526.302751][ T9039] EXT4-fs (loop6): can't mount with journal_checksum, fs mounted w/o journal
[  526.384692][ T9047] loop5: detected capacity change from 0 to 128
[  526.732421][ T9047] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,barrier=0x0000000000000de2,,errors=continue. Quota mode: none.
[  526.749106][ T9047] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  528.268619][ T9069] loop3: detected capacity change from 0 to 16
[  528.303209][ T9069] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  528.317265][ T9069] cramfs: root is not a directory
[  528.338481][ T9068] loop6: detected capacity change from 0 to 64
[  528.619469][ T6732] device hsr_slave_0 left promiscuous mode
[  528.643328][ T6732] device hsr_slave_1 left promiscuous mode
[  528.829486][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  528.848733][ T6732] batman_adv: batadv0: Removing interface: batadv_slave_0
[  528.857453][ T6732] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  528.915574][ T6732] batman_adv: batadv0: Removing interface: batadv_slave_1
[  529.172878][ T4490] Bluetooth: hci5: command 0x0406 tx timeout
[  529.210268][ T6732] device bridge_slave_1 left promiscuous mode
[  529.232420][ T6732] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.344065][ T6732] device bridge_slave_0 left promiscuous mode
[  529.446106][ T6732] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.608419][ T6732] device veth1_macvtap left promiscuous mode
[  529.625975][ T6732] device veth0_macvtap left promiscuous mode
[  529.826353][ T6732] device veth1_vlan left promiscuous mode
[  529.926943][ T9097] autofs4:pid:9097:autofs_fill_super: called with bogus options
[  530.657854][ T6732] device veth0_vlan left promiscuous mode
[  534.666629][ T6732] team0 (unregistering): Port device team_slave_1 removed
[  534.700964][ T6732] team0 (unregistering): Port device team_slave_0 removed
[  534.717128][ T6732] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  534.735527][ T6732] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  535.065343][ T6732] bond0 (unregistering): Released all slaves
[  535.247395][ T9140] loop6: detected capacity change from 0 to 64
[  535.517595][ T9146] autofs4:pid:9146:autofs_fill_super: called with bogus options
[  536.485533][ T9149] loop5: detected capacity change from 0 to 40427
[  536.733567][ T9149] F2FS-fs (loop5): invalid crc value
[  536.788289][ T9149] F2FS-fs (loop5): Found nat_bits in checkpoint
[  536.821230][ T9149] F2FS-fs (loop5): Start checkpoint disabled!
[  536.859980][ T9149] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  537.579226][ T9161] loop3: detected capacity change from 0 to 2048
[  537.648305][ T9164] loop1: detected capacity change from 0 to 1024
[  537.862293][ T9164] EXT4-fs (loop1): Ignoring removed nobh option
[  537.868680][ T9164] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  537.937309][ T9161] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[  537.954580][ T9164] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  539.544514][ T5820] attempt to access beyond end of device
[  539.544514][ T5820] loop5: rw=2049, want=40976, limit=40427
[  541.944109][ T9212] autofs4:pid:9212:autofs_fill_super: called with bogus options
[  544.920726][ T9235] loop1: detected capacity change from 0 to 1024
[  544.943635][ T9235] EXT4-fs (loop1): Ignoring removed nobh option
[  544.950246][ T9235] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  545.087326][ T9235] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  545.134960][ T9221] loop5: detected capacity change from 0 to 8192
[  545.284703][ T9221] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal
[  545.370516][ T9221] REISERFS (device loop5): using ordered data mode
[  545.805216][ T9221] reiserfs: using flush barriers
[  545.892416][ T9221] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  545.932481][ T9221] REISERFS (device loop5): checking transaction log (loop5)
[  545.949488][ T9221] REISERFS (device loop5): Using r5 hash to sort names
[  546.055490][ T9221] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  547.847331][ T9266] overlayfs: missing 'lowerdir'
[  547.888751][ T9267] loop5: detected capacity change from 0 to 1024
[  549.505085][ T9267] EXT4-fs (loop5): Ignoring removed nobh option
[  549.511385][ T9267] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  549.685900][ T9267] EXT4-fs (loop5): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  550.218063][ T9285] autofs4:pid:9285:autofs_fill_super: called with bogus options
[  553.304455][ T9312] loop1: detected capacity change from 0 to 1024
[  555.760259][ T9312] EXT4-fs (loop1): Ignoring removed nobh option
[  555.792791][ T9312] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  556.060504][ T9312] EXT4-fs (loop1): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  556.662050][ T9330] lo speed is unknown, defaulting to 1000
[  556.782058][ T6732] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.016935][ T9338] loop1: detected capacity change from 0 to 40427
[  557.126874][ T9338] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  557.134844][ T9338] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  557.151110][ T9338] F2FS-fs (loop1): invalid crc value
[  557.197830][ T6732] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.263267][ T9338] F2FS-fs (loop1): Found nat_bits in checkpoint
[  557.302898][ T9353] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  557.423054][ T6732] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  557.437447][ T9338] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  557.444605][ T9338] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  557.663754][ T9355] overlayfs: missing 'lowerdir'
[  557.980776][ T9363] autofs4:pid:9363:autofs_fill_super: called with bogus options
[  558.061438][ T6732] team0: Port device netdevsim0 removed
[  558.256305][ T6732] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  558.612649][ T4490] Bluetooth: hci2: command 0x0409 tx timeout
[  558.648323][ T9330] chnl_net:caif_netlink_parms(): no params data found
[  559.243016][ T9330] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.605195][ T9330] bridge0: port 1(bridge_slave_0) entered disabled state
[  559.953346][ T9330] device bridge_slave_0 entered promiscuous mode
[  560.003908][ T9330] bridge0: port 2(bridge_slave_1) entered blocking state
[  560.011032][ T9330] bridge0: port 2(bridge_slave_1) entered disabled state
[  560.108179][ T9330] device bridge_slave_1 entered promiscuous mode
[  560.271808][ T9330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  560.311132][ T9330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  560.480593][ T9330] team0: Port device team_slave_0 added
[  560.492134][ T9330] team0: Port device team_slave_1 added
[  560.537453][ T6732] tipc: Left network mode
[  560.738995][ T9330] batman_adv: batadv0: Adding interface: batadv_slave_0
[  560.746525][ T9330] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  561.333290][ T4864] Bluetooth: hci2: command 0x041b tx timeout
[  561.339817][ T9330] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  561.353260][ T9330] batman_adv: batadv0: Adding interface: batadv_slave_1
[  561.360249][ T9330] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  561.559112][ T9401] loop6: detected capacity change from 0 to 1024
[  561.576068][ T9330] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  562.403622][ T9401] EXT4-fs (loop6): Ignoring removed nobh option
[  562.420981][ T9401] EXT4-fs (loop6): Ignoring removed nomblk_io_submit option
[  562.433349][ T9330] device hsr_slave_0 entered promiscuous mode
[  562.573659][ T9330] device hsr_slave_1 entered promiscuous mode
[  562.613725][ T9401] EXT4-fs (loop6): mounted filesystem without journal. Opts: minixdf,bsddf,barrier=0x0000000000000009,commit=0x0000000000000005,inode_readahead_blks=0x0000000000040000,nobh,nodelalloc,noblock_validity,nomblk_io_submit,,errors=continue. Quota mode: none.
[  562.855291][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  562.862280][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  562.925826][ T9430] autofs4:pid:9430:autofs_fill_super: called with bogus options
[  563.633432][ T4866] Bluetooth: hci2: command 0x040f tx timeout
[  563.983153][    C1] ------------[ cut here ]------------
[  563.988859][    C1] WARNING: CPU: 1 PID: 9431 at net/mac80211/tx.c:4859 __ieee80211_beacon_get+0x179f/0x2000
[  563.999096][    C1] Modules linked in:
[  564.003115][    C1] CPU: 1 PID: 9431 Comm: syz.1.1191 Not tainted syzkaller #0
[  564.010628][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  564.020961][    C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000
[  564.027486][    C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 5d 12 2a f8 0f 0b e9 03 ef ff ff e8 51 12 2a f8 <0f> 0b e9 76 f2 ff ff e8 55 a7 6d 00 89 d9 80 e1 07 80 c1 03 38 c1
[  564.047455][    C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246
[  564.053685][    C1] RAX: ffffffff894f223f RBX: ffff88806999e268 RCX: ffff888026898000
[  564.061845][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  564.069989][    C1] RBP: ffffc90000dd0b08 R08: ffff888026898000 R09: 0000000000000003
[  564.078128][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888048e9d600
[  564.086288][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c
[  564.094442][    C1] FS:  00007fdd57d4d6c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  564.103564][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  564.110295][    C1] CR2: 00007fdd57d2cd58 CR3: 0000000063e0f000 CR4: 00000000003506e0
[  564.118444][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  564.126595][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  564.134739][    C1] Call Trace:
[  564.138123][    C1]  <IRQ>
[  564.141068][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[  564.147216][    C1]  ? verify_lock_unused+0x140/0x140
[  564.152543][    C1]  ? ieee80211_get_buffered_bc+0x697/0x8b0
[  564.158545][    C1]  ieee80211_beacon_get_tim+0x48/0x840
[  564.164159][    C1]  mac80211_hwsim_beacon_tx+0xf4/0x920
[  564.169807][    C1]  __iterate_interfaces+0x243/0x500
[  564.175149][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  564.181530][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  564.187944][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  564.195138][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  564.200458][    C1]  ? hw_scan_work+0xed0/0xed0
[  564.205263][    C1]  __hrtimer_run_queues+0x4f2/0xb70
[  564.210607][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  564.215883][    C1]  hrtimer_run_softirq+0x176/0x240
[  564.221121][    C1]  handle_softirqs+0x339/0x830
[  564.226040][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  564.231023][    C1]  ? do_softirq+0x210/0x210
[  564.235649][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  564.241038][    C1]  __irq_exit_rcu+0x13b/0x230
[  564.245885][    C1]  ? irq_exit_rcu+0x20/0x20
[  564.250490][    C1]  irq_exit_rcu+0x5/0x20
[  564.254831][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  564.260528][    C1]  </IRQ>
[  564.263519][    C1]  <TASK>
[  564.266524][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  564.272643][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xbc/0x120
[  564.279226][    C1] Code: c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 41 c6 04 07 f8 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 5f 39 8c f7 65 8b 05 f0 36 3c 76 85 c0 74 3c 48 c7 04 24 0e 36
[  564.299042][    C1] RSP: 0018:ffffc900055075c0 EFLAGS: 00000206
[  564.305189][    C1] RAX: dffffc0000000004 RBX: 0000000000000a06 RCX: b8b7acf71b403100
[  564.313254][    C1] RDX: dffffc0000000000 RSI: ffffffff8a2b2800 RDI: 0000000000000001
[  564.321588][    C1] RBP: ffffc90005507650 R08: ffffffff901d5177 R09: 1ffffffff203aa2e
[  564.329668][    C1] R10: dffffc0000000000 R11: fffffbfff203aa2f R12: dffffc0000000000
[  564.337867][    C1] R13: 0000000000000000 R14: ffff88807f107ec0 R15: 1ffff92000aa0eb8
[  564.345950][    C1]  ? _raw_spin_unlock+0x40/0x40
[  564.350905][    C1]  ? __wake_up_common+0x2a4/0x4e0
[  564.356071][    C1]  __wake_up_sync_key+0x128/0x190
[  564.361220][    C1]  ? __wake_up_locked_key_bookmark+0x20/0x20
[  564.367357][    C1]  ? sock_load_diag_module+0x130/0x130
[  564.372978][    C1]  __unix_dgram_recvmsg+0x4c0/0xd90
[  564.378276][    C1]  ? unix_unhash+0x10/0x10
[  564.382807][    C1]  ? mark_lock+0x94/0x320
[  564.387211][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  564.392329][    C1]  ? unix_dgram_sendmsg+0x18a0/0x18a0
[  564.397799][    C1]  ____sys_recvmsg+0x2cd/0x5e0
[  564.402668][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  564.407799][    C1]  ? import_iovec+0x6f/0xa0
[  564.412353][    C1]  ___sys_recvmsg+0x21a/0x5c0
[  564.417098][    C1]  ? __sys_recvmsg+0x280/0x280
[  564.421933][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  564.427069][    C1]  ? __might_fault+0x1c/0x110
[  564.431825][    C1]  ? __might_fault+0xb3/0x110
[  564.436556][    C1]  do_recvmmsg+0x382/0x850
[  564.441036][    C1]  ? __sys_recvmmsg+0x290/0x290
[  564.445984][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  564.451078][    C1]  __x64_sys_recvmmsg+0x195/0x250
[  564.456194][    C1]  ? do_recvmmsg+0x850/0x850
[  564.460848][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  564.466121][    C1]  do_syscall_64+0x4c/0xa0
[  564.470603][    C1]  ? clear_bhb_loop+0x30/0x80
[  564.475350][    C1]  ? clear_bhb_loop+0x30/0x80
[  564.480079][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  564.486046][    C1] RIP: 0033:0x7fdd59b14e59
[  564.490510][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  564.510316][    C1] RSP: 002b:00007fdd57d4d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  564.518849][    C1] RAX: ffffffffffffffda RBX: 00007fdd59d8e090 RCX: 00007fdd59b14e59
[  564.526891][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[  564.534941][    C1] RBP: 00007fdd59baad6f R08: 0000000000000000 R09: 0000000000000000
[  564.543014][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  564.551062][    C1] R13: 00007fdd59d8e128 R14: 00007fdd59d8e090 R15: 00007ffdb48a0d08
[  564.559135][    C1]  </TASK>
[  564.562193][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  564.569468][    C1] CPU: 1 PID: 9431 Comm: syz.1.1191 Not tainted syzkaller #0
[  564.577102][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  564.587157][    C1] Call Trace:
[  564.590453][    C1]  <IRQ>
[  564.593295][    C1]  dump_stack_lvl+0x188/0x250
[  564.597975][    C1]  ? show_regs_print_info+0x20/0x20
[  564.603169][    C1]  ? load_image+0x400/0x400
[  564.607682][    C1]  panic+0x2e5/0x810
[  564.611586][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  564.616104][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  564.621851][    C1]  __warn+0x248/0x2b0
[  564.625835][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  564.631560][    C1]  report_bug+0x1b7/0x2e0
[  564.635984][    C1]  handle_bug+0x3a/0x70
[  564.640141][    C1]  exc_invalid_op+0x16/0x40
[  564.644638][    C1]  asm_exc_invalid_op+0x16/0x20
[  564.649506][    C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000
[  564.655966][    C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 5d 12 2a f8 0f 0b e9 03 ef ff ff e8 51 12 2a f8 <0f> 0b e9 76 f2 ff ff e8 55 a7 6d 00 89 d9 80 e1 07 80 c1 03 38 c1
[  564.675674][    C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246
[  564.681770][    C1] RAX: ffffffff894f223f RBX: ffff88806999e268 RCX: ffff888026898000
[  564.689747][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  564.697730][    C1] RBP: ffffc90000dd0b08 R08: ffff888026898000 R09: 0000000000000003
[  564.705844][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888048e9d600
[  564.713934][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c
[  564.721921][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  564.727666][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[  564.733654][    C1]  ? verify_lock_unused+0x140/0x140
[  564.738859][    C1]  ? ieee80211_get_buffered_bc+0x697/0x8b0
[  564.745078][    C1]  ieee80211_beacon_get_tim+0x48/0x840
[  564.750566][    C1]  mac80211_hwsim_beacon_tx+0xf4/0x920
[  564.756037][    C1]  __iterate_interfaces+0x243/0x500
[  564.761242][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  564.767495][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  564.773739][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  564.780775][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  564.785978][    C1]  ? hw_scan_work+0xed0/0xed0
[  564.790682][    C1]  __hrtimer_run_queues+0x4f2/0xb70
[  564.795920][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  564.801043][    C1]  hrtimer_run_softirq+0x176/0x240
[  564.806158][    C1]  handle_softirqs+0x339/0x830
[  564.810931][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  564.815785][    C1]  ? do_softirq+0x210/0x210
[  564.820302][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  564.825504][    C1]  __irq_exit_rcu+0x13b/0x230
[  564.830185][    C1]  ? irq_exit_rcu+0x20/0x20
[  564.834699][    C1]  irq_exit_rcu+0x5/0x20
[  564.838951][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  564.844587][    C1]  </IRQ>
[  564.847544][    C1]  <TASK>
[  564.850485][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  564.856470][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xbc/0x120
[  564.862998][    C1] Code: c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f7 44 24 20 00 02 00 00 41 c6 04 07 f8 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 5f 39 8c f7 65 8b 05 f0 36 3c 76 85 c0 74 3c 48 c7 04 24 0e 36
[  564.882620][    C1] RSP: 0018:ffffc900055075c0 EFLAGS: 00000206
[  564.888710][    C1] RAX: dffffc0000000004 RBX: 0000000000000a06 RCX: b8b7acf71b403100
[  564.896682][    C1] RDX: dffffc0000000000 RSI: ffffffff8a2b2800 RDI: 0000000000000001
[  564.904648][    C1] RBP: ffffc90005507650 R08: ffffffff901d5177 R09: 1ffffffff203aa2e
[  564.912646][    C1] R10: dffffc0000000000 R11: fffffbfff203aa2f R12: dffffc0000000000
[  564.920637][    C1] R13: 0000000000000000 R14: ffff88807f107ec0 R15: 1ffff92000aa0eb8
[  564.928748][    C1]  ? _raw_spin_unlock+0x40/0x40
[  564.933605][    C1]  ? __wake_up_common+0x2a4/0x4e0
[  564.938636][    C1]  __wake_up_sync_key+0x128/0x190
[  564.943659][    C1]  ? __wake_up_locked_key_bookmark+0x20/0x20
[  564.949650][    C1]  ? sock_load_diag_module+0x130/0x130
[  564.955113][    C1]  __unix_dgram_recvmsg+0x4c0/0xd90
[  564.960348][    C1]  ? unix_unhash+0x10/0x10
[  564.964768][    C1]  ? mark_lock+0x94/0x320
[  564.969128][    C1]  ? unix_dgram_recvmsg+0xb2/0xd0
[  564.974150][    C1]  ? unix_dgram_sendmsg+0x18a0/0x18a0
[  564.979520][    C1]  ____sys_recvmsg+0x2cd/0x5e0
[  564.984292][    C1]  ? __sys_recvmsg_sock+0x40/0x40
[  564.989321][    C1]  ? import_iovec+0x6f/0xa0
[  564.993828][    C1]  ___sys_recvmsg+0x21a/0x5c0
[  564.998505][    C1]  ? __sys_recvmsg+0x280/0x280
[  565.003275][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  565.008302][    C1]  ? __might_fault+0x1c/0x110
[  565.012991][    C1]  ? __might_fault+0xb3/0x110
[  565.017665][    C1]  do_recvmmsg+0x382/0x850
[  565.022095][    C1]  ? __sys_recvmmsg+0x290/0x290
[  565.026968][    C1]  ? __lock_acquire+0x7d10/0x7d10
[  565.031998][    C1]  __x64_sys_recvmmsg+0x195/0x250
[  565.037023][    C1]  ? do_recvmmsg+0x850/0x850
[  565.041641][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  565.046852][    C1]  do_syscall_64+0x4c/0xa0
[  565.051265][    C1]  ? clear_bhb_loop+0x30/0x80
[  565.055935][    C1]  ? clear_bhb_loop+0x30/0x80
[  565.060621][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  565.066539][    C1] RIP: 0033:0x7fdd59b14e59
[  565.070952][    C1] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  565.090565][    C1] RSP: 002b:00007fdd57d4d028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  565.098976][    C1] RAX: ffffffffffffffda RBX: 00007fdd59d8e090 RCX: 00007fdd59b14e59
[  565.106948][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000004
[  565.114912][    C1] RBP: 00007fdd59baad6f R08: 0000000000000000 R09: 0000000000000000
[  565.122880][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  565.130896][    C1] R13: 00007fdd59d8e128 R14: 00007fdd59d8e090 R15: 00007ffdb48a0d08
[  565.138878][    C1]  </TASK>
[  565.142264][    C1] Kernel Offset: disabled
[  565.146904][    C1] Rebooting in 86400 seconds..