last executing test programs:

28m0.372460144s ago: executing program 32 (id=65):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000002c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0xd)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x5)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)

25m32.580703206s ago: executing program 33 (id=459):
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000440), 0x10)
listen(r1, 0xf)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r3 = accept4$unix(r1, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000240)=""/70, 0x46}], 0x1}, 0x4c2003a0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f00000000c0)={0x0, @in={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x0)

23m23.17705879s ago: executing program 6 (id=878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000c00000009"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000305b704000000000000850000000300000095"], 0x0, 0x3, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r2, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r3, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000540)='inet_sock_set_state\x00', r4}, 0x18)
listen(r3, 0x0)
listen(r2, 0x0)

23m22.120008573s ago: executing program 6 (id=882):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
quotactl$Q_QUOTAON(0xffffffff80000202, &(0x7f0000000380)=@filename='./file0\x00', 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000001080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x7, 0x13, [@dev={0xac, 0x14, 0x14, 0x20}]}, @ssrr={0x89, 0x3, 0x1}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)

23m19.67311716s ago: executing program 6 (id=886):
syz_mount_image$squashfs(&(0x7f00000002c0), &(0x7f00000000c0)='./file1\x00', 0x5, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESDEC=0x0, @ANYBLOB="73325bb9629cd81d63ae646d452628", @ANYBLOB="3cbed6e52efe7e5218c0f9829b50d40a4da4d0accda131734cbe6c66d4eb9ac85f5cb845dd4a8185d66e14c9511af49b481c0a86d034e702e2df26bc8d2020116977c6008d4a10ec2ff5b5a2c73d099f1d28", @ANYRES32=0x0], 0x9f, 0x19e, &(0x7f0000000840)="$eJzskb+LE0EUxz9vZpLNHhjNaXUWt2BgXVGyiT8Kq2B1B1mwFQm6HPFyXE70ksI7FGMlyOn9DVZaimAn4oG1WAgWGhHsxBTBQiziym42f4Xzgd33vjO8n9Pt3+47wHRyd40mGYYyHxzBAMvCQnqm1OxOBB4APyST5X3AAy7NNHtCKbXPc70wFD3zvIteaeaxGfd6nW0PPfnlUflGf2d3M+6labOosdBEPk30WizXI0Hy2nDqMbrtEjxhyRzi2DU0ib/HqkoS8VtwuDbYulXr7+ye2di6ut5Z79xsNM5eCM+F4flG7cZGrxO+QoJHokw2JjgRbnCPQhs3mxIh6KqRFheKbfbf65MnTo9RwU8ShLf+GOeL6ZbnDVVghaPCU3REtYWrMMn9tNAKclm9lLr5aH4XFKVhvgauKP2n6MwTFPw68SoQwhKL0wMejqiOOKJ5NjLfv7Isr3H5m+T7NMP0/yJXx9O3KXInHgy260VK78SPaKRfJR1mkQNU1Ky20j7f5DG54fPcsVgsFovFYrFYLBbLf8C/AAAA//9AwFVN")
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
getsockopt$sock_buf(r1, 0x1, 0x37, &(0x7f0000002f80)=""/217, &(0x7f0000000000)=0xd9)
ppoll(&(0x7f00000027c0)=[{r0}, {r0}], 0x2, 0x0, 0x0, 0x0)
getpid()
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x3, 0x1c, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
socket$key(0xf, 0x3, 0x2)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, 0x0)

23m16.116275612s ago: executing program 6 (id=899):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0}, 0x94)
pipe(0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}, {0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "ac"}]}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x0)

23m15.418275967s ago: executing program 6 (id=902):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000001800)=ANY=[@ANYBLOB="7240082b0102020681055a03997713fa06070202267a"], 0x16)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
truncate(&(0x7f0000000040)='./file0\x00', 0x10)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x2800000, &(0x7f0000002080)=ANY=[], 0xfd, 0x5a7a, &(0x7f0000006680)="$eJzs3WuQXNV9IPBzu3s0Lz1GAgcZzGiQ0Ybg2BrxKj9SsZJN7BQQSi5SDmJlw4BGRLYkVHoEECSILHhRAS6cIpXg5ANxYXYxiosq2BiFMuGxEmtjq9h4qS1MrZ3F/uAtwqIKoKVcXs/W9NzT032779yenh4hid+vYG7fM6f/99xzT9++/9NX0wEAAID3hEN37Dx62em/+90/G3/71t/7h623hcFytbwvVhhKlze+Wy3kWOqtLK8us+PiV2/+xk9Hrv3t7zw68PV3Dm48a9MPf+eUa5/8wsUH7v/rZ95a9PgvXy2KG8fTudPryetJCH3fPvIXXzr4wmmTZcniyZ+lvSEsTZY9szQJ4fb6EKM/DyFsTFeWZ+I/9vb5myaXt93V21C+JFPPeH9vmzzOSQhhz9EbPhR+9Fvrb//+im/+Xc/+1/ZOV0n66sZTCIuvrn9+TwihP/1/UhxtcTwm6XJdCGGg7nkfLWjXB9to96TVmfK4fka6XJAuBwvixd+vzKyXMvWy61FPZjlQsL25ymtHp/WKLMysJ12KG+W1M5YvTZffSpfnzjJ+Od2HchJKSajUmr8lmR4joe64JSGpHsu+2nqpdmxDuv+Z9SSzXsqsl3sy+1XdbjrQyknSWB7rZcrj6biSlp9Vf65u4fK6x/X13h/L0hfqO9k6maCDTQ9q+1UV23VkhrYcC6W6c1Cr8tqBTw/GYFo2mCxres5EC/F3B9ffvaq84dlDQzntSB5N0vhJR/H3fG/pws8/sm939n29Fv/qUhq/1FH8H19y+I0r933tq7nx743xyx3FP++pgdcvee6Olbn9cyT2T6Wj+GOvPn/PilOv2Z/b/gdi/L6O4q89cLh30dGnns5t/2jsn/6O4r/yiU/95OGXnngtN36I8Qc6ir/hwPYv9w4fPSc3/tOxfwY7Gz9v7r/o5eHhn43kxX8xxl/UUfyH9vZ+/MEld12ce3zXxf4Z6ij+pWc/efvCo0+cmXfuTB7o1jsnwHvTKek11p3peqd55lzV5Qt/NVKZuuZbmP6/qJsbylx8ZvMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiG933ov376f3126PVKut6bPnilNLWM5QtCSPpDCDt3je3YtXnbdSNfuH73jm1jW0bGdo2Mb9u146aRC359ZMf49i1jN03+dvTD5089b1lIppbJmU3b7p2YmCgNNZbF7f3bs/f/aNVH//e/hDD6vh8MV3Lbv/r+rQ+e2uJnRrJ24pNbd1/2gwv/Nt2vobRdQy3aNTExMRFy2vV/rvjFg39+5KfnhDD6KzO16/lXfvMfGxpULZiOkyr1hqkG9SYDLdtRa3XanthflU2bt4yPzty/k88v5+zHv7v5tZ9vuvErv5jq377c/Wizf/vXTmwp/eX6S//fX94yVVDUrnfruE/2dzkn5mS74l7E9sX+60v7e3G6X4tz9quSs193fP/pl759+r639obRypsrmo910X71pAOgJ3l/W9uNWxhIljaU96X14xGPz1u9a+v21Ttv2vPhzVvHrhu/bnzbx9ZcsOai0QsvunB1dc9Xd3n/4/b/TZv7f2zG05I/3vut+LO98dTYrgWz7o/JdhX3R32L8l5/A5d/6b6P3f/cZVMFReeVWLt2PkmXA5PHeU2oG2/NfdVqv4qOTwhhpFU/vPHWxeG0/7H59qLzUP2Rqf+ZkaydeGHlv/7tR/9m+W9MFRyT83x9gzo8z9daPd2ean/1pcdj4jjt3970bNqbDLZs15oXnuu5+9C//EmtfQsWhBvHdu3asWbq58K0pQuTM1q2K1sa92tF9Wc5pN0SasO0xXid1BOm2pc9f8bq2V4dTH83mCxruV9Z8XcH19+9qrzh2UN5PZ08OrXF/rBoapl8IKfmlswTy7UGt9r+8fr6Kxofw5/+m8c/+/jfX9A0Ps6b+lm0X0nOfn3zpYfu+/pX/sPfd2+/Pv2bh4f+9X/+0aqpgmNwXglzOq+UpxpSa3XanqT+vHJeCEWvvxWh9X7kvv5Krfen6PWX3c50/dbxRjLrg6Hc0ev1vKcGXr/kuTtW5r5ej8z0eq3f2VsanlcueL0eL+9L2ddXUmlsx/y9vhoGSrJ24jt3nrL3mVvXnT5VUPR+Wavdalyf30b+kbNf/3jly8PXj/z7/96988Y3fv2xq344tvZPpwo6P+6xLd057n1p//bl9G+t1THvrO/fj1x7/ZaNU+VF/fzuXf+my4L8J55Kdt6054tjW7aM79jZ3n61+34at5Pt5U7fT+PZbVnBfpWa9mv+HrTTX+2+3mL7N3bcX42vt8GQdPS+sOd7Sxd+/pF9u4eanpVu6OpSGr/UUfwfX3L4jSv3fe2rufHvjfErHcUfe/X5e1aces3+3PgPJGn8vuL4i0NT/LUHDvcuOvrU07nxR2P7+ztq/yuf+NRPHn7piddy44cYf7Cz/n9z/0UvDw//LDf+i0m6nclrpBAee/v8TVPrSehJX2+xHT0N7QrZ9SSzXsqsl+vXS3EWId1AOUkay2O9tPysura08oc55fEqrG/51PKduB6yD2YuP96U6s79rcqLrlMBAE528fP/eA0aP/8fTy+U8mcaYNpc87DlOXFjHjY9n9P4GevyNH58fpwHHP5IGJ1c3jYydaE/288R4ushO88Zt3POBxtjtJyfOFC/ker2m+Y5i+bfV2bWY7um5ssrdXloqjmvqYQ25t+btzPz/Htm94s/zxq5s6lZI3XzVtnj15POmLW63yHT3spkhLzxkZ0Xi/dzDC8O66rba3N8ZO+jicchex9N3M7pmRNnp/fR5I2PoeZ+aGhXHB+x3gzjo9rk4s8jm49fmKF/p49f62jZ4zeL4903WX++P5/twrxhy1PasZs3nN/Pw46LeckW8Y/xvOTCpvjpC+x4nzeM5bGfKm3OJ342p7xb84nxdBHbdWSGthwL5hOBk1XM/+N7xGT+P3kB/n8z9YrylOxVY4yXe59Qzk3YRXlH8316Ax29j284sP3LvcNHz8m9znm63fv0tjesDRTc91PUj6sy64X9mDNBU5TvZbdT1O/Z+zIGw6KO+v2hvfd//MEld12c2+/rpt5Ii/v9voa1RQX9fgLkC63jyxdOpnyhOX6X7mMomj/Lz0fKtXbMSz6S3vg0X/nIH+SUzzYfGWh6UNuvquM3H5l+I23IR3qObbsAgBNHzP9rn5+l+f8/xwuL9DqiKG89N7Me4+XmrTnXJ3l56++nyxsz9QfTf1Ex2+vmS89+8vaFR584MzdveaDdPPQ/NawNFeahc8ubc/OIdd25Xzw3j6jlWXPLE3PbX8sT55an53xMW5enzy2Pzu2fWh7dOA9w3+HpTGOm+HEeIDd+bR6gi3nuL6crHbs8t2C+LrOxuNrufN2xzqMnS3oWN+5nY1480J08Ov3ns/OVR1+eUz7bPHqw6UFtv6qO3zy6sVweDQCcrGL+Hy/jqvl/bwjPxQr98cHcPmfPzQu6dN2e/XsgtfgvzkteOR2/S5//Fud98523zndeP9/zEif657/zPS80VP0DnvM1T/au3e86L3nxP9cetZ0XpxuVFwMAcDyL+X9M8+Pn/89l6s01P2nK33qmLiGn85MTLz+vr3cC5+dXhGOVn/eeyPn5iT7/Nb/3yZxc+f+0Dj8Xf2fiJM7/q22W/wMAnJBi/h//2WP8+3//JV3P/t36NvP0B7K38/oc3efoQZ7eRp7e5Xm2GL/+PoATeB6gPPd5gP5jfn98/3T9k2keoKonmAwAADgB9FQzpeZ/Z/+5dJn9d/Z5/y7/ypz67aqkl8fX7NoxPn7V7u0bx3aNX7Xt+o3jO6+6YcfmXbvGa9fOc8sbc/OWNG/sCZW0P1rXy+ZtS9K/h7Ak5+8hZOvHsGdUHzT/PYTsZvsL/o7A9PFrr715x680Q/1W4yPveOfF/8Oc+lHt+F/7R+ddtWnnVZu3bd61eWzL5j3jjfWGqv+Suv3vzYyfU87q+1IzP5qUZv/9nfHwzK0dpaZ29KT9kff97EmmHUvTlizN+/6DnHZ/97/9+R+fPfGLh0MYfV/5A3Pqv2TtxH++Yvz3dx36wfbJ9pdmbH+tZtquou8rzdaP+1PZcv3OXR/adP3ubdlvlOxMnM8o1dbn6b6G9OVfbnN+YkNO+Wz//X656cHxqe35CQAAGsTP/+P1bPz88CvpBVQsL8zTt03Vm+vnx7l5+mh7eXr2e8mK8vRs/bi/7ebpfXPM07PbL8rTW9Vvlafn5d158f8gp/5stT9OOrjPo5L2wyP7dueOk6vbGyfZ7zMoGifZ+rMdJ8kcx0l2+0XjpFX9VuMk77jnxf9MTv08ReOhUhsPc7svJ3c83NveePi1zHrReMjWn+14KM1xPGS3XzQeWtVvNR7yjm9z/MYJgu7M/04OjOq4GL/qhut3fLGu3nx//0VoviWjnfYtmH7u/H7/R6fa79/5ve9r7u0PYW21JK/98fOBBbNqf7v3lc29/UX9P4v7yhaHpvvKctv/4txmwtpv/6zuS7wt/q7d73fJyKve/PxjNV+bDrui+8+K5nHX55TPdh53QdOD45N5XHj3xPw/Xs3F/P+udNntj4FO/O9J6+D++3gO9j1m+f3f5nXMe+79PPuRu/dzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJNCb2V5dXnojp1HLzv9d7/7Z+Nv3/p7/7D1tl+9+Rs/Hbn2t7/z6MDX3zm48axNP/ydU6598gsXH7j/r595a9Hjv3y1MPBQ9Wfl3HS1L4Tk9SSEvm8f+YsvHXzhtMmyJIRQTob2hrA0WfbM0iQTYfTnIYSNtXY2/vKxt8/fNLm87a7ehvIlmSDZ/QqD5die+naGcGPhHnEC6kvH2Z6jN3wo/Oi31t/+/RXf/Lue/a/tna6S9NWNpxAWX13//J4QQn/6/6Q42pbHJ6fLdSGEgbrnfbSgXR9ss/2rc9bPSJcL0uVgQZz4+5WZ9VKmXnY96sks6/a1v2DTHclrR6f1iizMrGdPRnOV185YvjRdfitdnjvL+OX4fxJKSajUmr8lmR4joe64JSGpHsu+2nqpdmxDuv+Z9SSzXsqsl3sy+1XdbjrQyknSWB7rZcrj6biSlp9Vf65u4fKc8veny770hfpOXA/ZB1MGmx7U9qsqtuvIDG1J/cfWxZXiZ7ahVHcOalVeO/DpwRhMywaTZU3PmWgh/u7g+rtXlTc8e2gopx3Jo0kaP+ko/p7vLV34+Uf27V6eF//qUhq/1FH8H19y+I0r933tq7nx743xyx3FP++pgdcvee6Olbn9cyT2T6Wj+GOvPn/PilOv2Z/b/gdi/L6O4q89cLh30dGnns5t/2jsn/6O4r/yiU/95OGXnngtN36I8Qc6ir/hwPYv9w4fPSc3/tOxfwY7Gz9v7r/o5eHhn43kxX8xxl/UUfyH9t7/8QeX3HVx7vFdF/tnqKP4l5795O0Ljz5xZt65M3mgW++cAO9Np6TXWHem653mmXNVly/81Uhl6ppvYfr/om5uKGNyO4vnMT4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACenf7rlgs9d8cnPrK8kISQ5dSZaiL8rL1i7dqSD7Y69+vw9K069Zn992fIO4gAAAADFYh5eqpX0heXhhqQ/nNGyfpwjOCOuJY3l2TmEGCc7R9BpnFKLOKUO4pS71J5Kl+L0dCnOgi7F6e1SnL6COH2hvTj9M8SpTI6ANtszMGN72o8z2KU4C7sUZ1EmRKdxFnepPUu6FGdoxjjtj8OlXYqzrEtxTulSnFO7FOd9XYrzK12Kc1qX4mTnlGc7DhelNU/Pi1N9UC6MU0nKtV+0mk8/Ld3OmXPczmDBdhYVvR+3uZ3+NrfzwczzSrPcTl+b27lgjttJ2tzOr81xO6WC7cRxe2O2fXE7ca3N8X9Tl+Ls6VKcm7sU55YuxfmTLsX50y7FuTU0XpzONg5Au2L+P53vDYXeym+EgfSMk50FiPnuiurP5ve7vBNSjPeBTPmConjZRD0Tb8Vs25edQMjEW5kp72mIV6nlIzPE66uPtyrzy5n29xNrW7etPt65mfLeGeI17AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAP/dMsFn7vik59ZH5Iw+V9LEy3E35UXrF070sF2D66/e1V5w7OH6st6Kx0EAgAAAArFPLynVtIXeitrQm+yoKFeXzoP0Jeul4emlsOLw7rJZTJSqq4PJEtnfF4lfd7qXVu3r955054Pb946dt34dePbPrbmgjUXjV540YWrN23eMj469TOE3oJ4IYTq9MPOm/Z8cWzLlvEdO6cKs+1fnj5vebqepM8b/kgYnVzelrZ/WcH2Sk3bm78HxUcPAAAAAAAAAAAAAAAAAAAAAAD+P7v2GyJpXQcA/PvMzM6Mq5cb/hsP7xzOU6ys9FpDS9wHggT/HC5CzFqbHHmStHqH3onZpAepKUWgHBwXvujCJE1645+UyD8cGGYJ7XWESvmiXhRahoovQpnY3Xnm38442yS35/X5vJjnme/v+/t9f7+H4+D7zAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxa8/XJ2drU9Mx4EpEMyGn0kY3li2laHaHuV57c/oPS+nfO7IyVCiMsBAAAAAyV9eFjrUg5SoV85OPkxW8bomMg2n0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/2e+Pjlbm5qeOTqJSAbkNPrIxvLFNK2OUPfVtx7+7Evr1/+tM1YZYR0AAABguKwPz7Ui5ajEaTGWnLzQ+bei2buBtT3zl/LasnXWrTCv993BoLzTVph3xgrzPjYkb3PzenMAAADAh1/W/xdakYkoFdYs64ez/n9YX5/lndqTl29eq51J76u4kiQAAABgBbL+v9SKVKJUqLT69ZX2+xvaocWfzrP5w363z+af3pOXzR/2e/5lzavf6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgw2O+Pjlbm5qeyScRyYCcRh/ZWL6YptUR6m56avwfl+y/Y0NnrFQYYSEAAABgqKwPb7fe5SgVxmMsjl7s+9dfdN+jX3r08cmIWGrzi8W4ecuOHTdsWviMTVneOS/sH/v+c69/e1neOUufq3ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgAzNfn5ytTU3PHJVEJANyGn1kY/limlZHqPvK57/4lwcPPvFaZ6wywjoAAADAcFkf3u79y1GJYhTjxMVvnb3+glzP/EHvDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAjx43fvOUbW+bmtt7gZnVuGvmIw2Ab/+NN9s/pcNnPh/+mvNrbWN3/lwAAgA/eqZFE47900uWrvWsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBwMF+fnK1NTc+Uk4hkQE4jU2oHsrF8MU2rI9RNn3yxtOadp57pjFVGWAcAAAAYLuvD271/OSoxFmNxwuK3fu8EGgv9/8Qh3CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWJmvT87WpqZn1iQRyYCcRh/ZWL6YptUR6j6wa+/n7j/2exd3xkqFERYCAAAAhsr68GIrUo5S4eNRilOa3+e6JyT55rX/e4H2vO1d08ZXPK/eNS//fvOSQkRr3l09Jys0T7M0r5ytN7F0bdWrtuflmvOqHfMq0Spfbc1bfFi7u6qtGXK+5U8eAAAADp2s/y+1IhNRKpQ6+v+fNq9HNa+D+tzcod04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDYma9PztampmeSJCIZkNPoIxvLF9O0OkLdW3770WO++rO7d3bGKiOsAwAAAAyX9eHt3r8clVgXH4l1i31/THTnZ3n/rL17/73/+uuZEWefeGB9oXfZH2U3v37lwqd7PyJy3dm5iGOb9ZIB9X7z+3tv2th498GIs0/In7KsXrx/ve4l08Zjta2X7XjuwPYhDwcAAACOEFn/P9aKTESpcP3A/j/rvIf0/y2LDfixN+36xfHNz2ZH3jMjN9GslxtQ7wsbH/7z6ef9/fWF/n95vU+27j6997r7j+8quBTpkaSNqet2bj5w7r5cduql+vme+tlz+fK3Xvv3NTff8+5S/XKUm/G1PVtZqrb8s6d8pI253J6ZS9/bU++uXxhw/jt+98zBX629++2F+m+dOt6qf0b0q7908sLA+nFU2hi/4s7d5+/dv7m7fkRU+9V/4+2L46Q/Xnt77/nH42DXwp1PvvOz9wGkjRc2vLnvvPsqF3TXT3rqZ8//5wcf2P2Te777eFY/+1uRM0+LFdbP9dR//q7jdj172+Vru+vnBpz/6StfWr+t+p0/9J7/6q5VCwN3sfz8D531yFUvb0lv7R0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4sszXJ2drU9MzuSQiGZDT6CMbyxfTtDpC3VcvefGNK+/+8Q87Y5UR1gEAAACGy/rwdu9fjkoUoxjji33/Y7Wtl+147sD2mFgaTZrXwty2G3d84pptO6+/epV2DgAAAKzUq5cki/1/oRWZiFJhY4w1+/+p63ZuPnDuvlzW/+cWrklEXHPt3Nazo5X3/F3H7Xr2tsvXtt4TRCz+WUB5Ie8z7byLLnxx4s0/ff30vnmb2nkvbHhz33n3VS7I8qIz75xovZ946KxHrnp5S3pra3+deZ/62ra55uuJbN3xK+7cff7e/Ztz2XuM5nW8uW6WN5fbM3Ppe3vquYkoLYznm3nl5rkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOXm65OztanpmchHJANyGp2agWwsX0zT6gh1L934y9uPeeeJdZ2xUmGEhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+wAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhf36CY2j7OMA/jy7yZtNNmmT9gWjYppWRamHFgURvaioSCtS8FQpUm3tQRQEEaUeTKUVS1W8CFYvRVRQoxQq2FgsrZKK/4oXDyooVA9CKQY0S/Ggks0zm81kpxs3KiifDyxPnmdmvvObmWefzQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL9KT9dwvT2x56Ha7Rfc/MkT904/fut7D+y67LE3fhjdduPHB/tePTu5ffWOr29aue3IfRsm9r90/JeBd3471Tb40dlmbepWQohnYgiV96eef3Ly0/NmxmIIoRwHx0IYiiuOD8VcwvpfQwjbG3XO33ho+qodM+2ufT3zxpfnQvLXFarlrJ5Zg/Pr5b+lkubZztojV4Rvb9i8+/NVb7/VPX56bG6XOLNPOc2nEJZtbT6+O4TQmz4zstk2nB2c2k0hhL6m465pU9fFi6x/XQi1XL/uwtT+L7XVNjnZ9jW5fim3X76f6c61fW3Ot1RFdbTdr7ez8/Xn+vnFaKkada5rPT6U2ndTu/ZP5pezTwylGLoa5d8f5+ZIaHpuMcT6s6w0+qXGsw3p+nP9mOuXcv1yd+666udNE60c4/zxbL/ceLYcd6Xx1c1rdQt3FIyfn9pK+qKezfoh/8es6oI/GtdVl9U1dY5a/gmlpjWo1XjjwaeHUU1j1bhiwTG/t5Btm9z89KXlLR+cGCyoIx6MKT92lL/zs6H+u97c+/BwUf7WUsovdZT/3caTP9259+UXC/Ofy/LLHeVfebTvzMYP96wpvD9TcyvIYvJj6mfb7j710TOr/n/PeKtnXc88kN3/Skf1Xz9xsmegdvRYYf3rs/vT21H+N9fd8v3rXx4+XZgfsvy+jvK3TDz4bM9I7fLC/GOzX4VqfYZ2MH9+Hr/6q5GRH0eL8r/I7v9Ai/zYNv+1sf3XvrJ834bC+bkpuz+DKX/hD9u58m+75Mju/trhi4rWznhgsb+wALSyMv2P9VTqt3vPPDRdavmeuVRN7wsvjHbN/gL1p8/AX3minJnzLPsb8wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YgQMSAAAAAEH/X7cjUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgqAAD//0wFDK4=")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000680)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000580)={0x10800, 0x0, 0x87})

23m11.48202844s ago: executing program 6 (id=911):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect(0x3, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120150026360dd20"], 0x0)
socket$igmp(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_secret(0x80000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
syz_usb_connect$printer(0x1, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x3, 0x60, 0x1e, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x7, 0x1, 0x2, 0x4, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x9, 0x40, 0x1f}}}}}]}}]}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x5, 0x1})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

22m55.996152933s ago: executing program 34 (id=911):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_connect(0x3, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="120150026360dd20"], 0x0)
socket$igmp(0x2, 0x3, 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_secret(0x80000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
syz_usb_connect$printer(0x1, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x3, 0x60, 0x1e, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x7, 0x1, 0x2, 0x4, "", {{{0x9, 0x5, 0x1, 0x2, 0x200, 0x9, 0x40, 0x1f}}}}}]}}]}}, 0x0)
socket(0x400000000010, 0x3, 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x5, 0x1})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

16m52.149077319s ago: executing program 7 (id=2342):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f00000000c0)=0x2)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000040))
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r2, 0x4112, 0x0)
ioctl$SNDCTL_DSP_POST(r1, 0x5008, 0x0)

16m51.335122591s ago: executing program 7 (id=2345):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r0, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r1, 0x1)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r2, &(0x7f0000000080), 0x8)

16m50.635851622s ago: executing program 7 (id=2347):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
dup3(r1, r0, 0x80000)
r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000280)={0x0, &(0x7f0000000040)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000300)={0x0, 0x0, r3, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB(r1, 0xc01c64ad, &(0x7f0000000040)={r4})

16m50.010826996s ago: executing program 7 (id=2350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8, &(0x7f0000000580)={[{@jqfmt_vfsv1}, {@discard_unit_segment}, {@nolazytime}, {@noinline_dentry}, {@nogc_merge}, {@noextent_cache}, {@discard}, {@fastboot}, {@compress_cache}, {@alloc_mode_def}, {@noinline_xattr}, {@two_active_logs}, {@disable_ext_identify}]}, 0x1, 0x5512, &(0x7f0000005a80)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwCU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG/CSmamuvUDhabNdvv7weSZ982bZ543LAvPTEkA59Zc8uvPpbgelyNiOiKuRWTnpeLIrOXhhYi4ERFTjx2lYv6PiQsRcSUiro+S5zlLxVuf3xreXP3prV+++e7izNUvvv5+crsGJu3FiOhu5+d73TymrTw+KOZrw3YWuyvDIuZvdB8W4zSPe83NLMNe7XBdLYvLrXx9ur3bH8WtTq0+iq32Vja/3csv2B+2DvNkH3hQ28nGjeZmFtv9NIutg7yu/YP8/7aD/iDP0yjyfZSlj8HgMObzzf1mvp/th1ms9wbFfJ43bTT3R3FYxOJyUU87jayOzeN800+2t9u93f1k2Nzpt9NeslqpvlSp3i5Xd9JGc9BcKde6jdsryXyrM1pWHjRr3bVWmrY6zUo97S4k8616vVytJvN3mpvtWi+pVivLlcXy6kJxdit5/d57SaeRzI/iq+3e7qDd6Sdb6U6Sf2IhWaosv7yQ3Kwm76xvJBv3795d33j3gzvv33tl/c3XikV/KyuZX1pcWipXF8tL1YVztP9PiqLHuH84ltKkCwA4e/T/wCScXP+/cz/i5Pv/0P+PxZnqf897/38C+4dj0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJxbP8x++UZ2MpePrxbzzxRTzxXjUkRMRcSjfzAdF47knC7yzP7L+tm/1PBtKbIMo2tcLI4rEbFWHL89e9LfAgAAADy9vvr4xmd5t56/zE26IE5TftNm6tqHY8pXiojZuR/HlG1q9PL8mJJl/75nYn9M2bIbWJfGlCy/5TYzrmz/y/SRcOmxUMrD1KmWAwAAnIqjncDpdiEAAACcpk8nXQCTUYrDR5mHz4Kzv7z/84Hg5SMjAAAA4AwqTboAAAAA4Hge/feSrP/3+38AAADwdMt//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB3du7nNnEgigPws8EL+0+LVnvfVvYGZWwJe9xjRAFpggJyIC2kAWogt5QQQYTHIRBxiOSxrUTfJzmTscyPNwgOMyMNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqv1ovbq9/XbXN2+3byjAYAAAC4ZFutF/U/s9T/2tz/3tz62fSLiCgj4tLcfRSfzjJHTU718vzN6fPVqxruIuqEw3tMmutLRPxprscfXX8KAAAA8HFtlqt5mq2nP7OhC6JPadGm/PY3U14REdXsIVNaecj7lSms/n6P43+mtHoBa5opLC25jXOlvUn9cz+u2k1PmiI15cWXHYvMNnYAAKBHo7Om31kIAAAAffo3dAEMo4jnrczjVuAkNc323uezHgAAAPAOFUMXAAAAAHSunv/3dP7f3vl/AAAAMIx0/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lbrxWa5mrfN2e3byTMaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAJ/bnHQVCIAzCYO/6zmTuf1hp0NTUpAqEj78xGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDe/+8v/ialxJpl7bSw9jyRrp8bWqbF3bhz9YXz9GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42J+XFAiBIIiCOeN/J33/w0qCnkGECGh4VFGLBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgi373y/+JqXEmmTttLB2PJGtXja2rxt6DxtGD8fZvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC42Ll/3zaqOADg7+58Li0gTEAeghBIDLBQ1y0t3RADKGLgT0CKUqeYuvxoM7RVhcjChjJ3QTAihAQKW3bGDkyt1KVsHTwUiRl0v5JrG6mG0Dsn+Xykd+/r08Xv+85SpO+9ZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACV6bs7cZIdekUcl+du3b++kvW3H+ozWxt3FrOWxVGTSe8PL9dfRP32EgEAAODwSKr6PoRwN91cyvq4l9f/aXVNVvN/92wRV/X8w3V/1Ve1f9Z+/eXei9sD9YpxsjddHU9GJx5NpfPkZjnfnnvsFZ38zufPXpL8A4k/WH9hmub3M/rm5s33unl4pIlsAYD/4njVl8Hq71eKYDwZDVvLCoDDpFMrvKv6P+m1mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAE6br4ekqjkIIi52dOHP7/vWV3fqtjTuLVTtz48ZG+Co7m+Z/0ymj1fFkdKLxGc2vy1evXVieTEaXmg9eCSG0Nfo75fQvfDTDxSG0cn8E/1MQlx/2vOSzP4IW/ykBAHAgpWXL6vq76eZSdi5aCOHv7x+s/1+vxWHG+v/ex2du1ceq1//DxmY4/wZrFz8fXL567c3xxeXzo/OjT986OXx7eOrs6dNnB/mzkoEnJgAAAOxNt2z1+j9eeHT9/1gtDjPW/198O/yyPlai/t/VzqJf25kAAAAcbs+/+tef0S7no243XFleW7s0LI7br08WxxZS/deOlK1e/ycLbWcFAAAANGG6Hj2w/n+uFocZ1/+f+eGln+rvmYQQjpbr/8dXPpuca246c+3x3wfe+m2vXydue44AAAC062jZ6uv/ab7/P97e8hCHEN54rYjLnwGcqf5P3v/6x/pY9f3/p5qb4lyK+8X9yPt+CJ1+2xkBAABwkD1VtqzY/yPdXPrk52Mfdu3/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjaPwEAAP//m6w/ug==")
dup(0xffffffffffffffff)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000740)='./bus\x00', 0x283016, 0x0, 0x11, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

16m48.113929608s ago: executing program 7 (id=2356):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x1ff, 0x1, 0x0, 0x1000, &(0x7f0000001000/0x1000)=nil})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000001000)={{0x2, 0x10, 0x1, 0xfff3}, 'syz1\x00', 0xe})
ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, 0x0)
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
mkdir(&(0x7f0000001080)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000200)={0x80, 0x0, 0xffffffff})
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000040)=0x4)
syz_io_uring_setup(0x676, 0x0, 0x0, &(0x7f0000000200))
syz_open_procfs(0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f0000000440)={"db4c1421593cb4d3f8fe6094dc821bbbe06520701fc6de7b0349f34b0f8c556a9e9aff1355aab8d6da26d74608530f150f127f9e3f0a2f1fff0be9774c95d6c007c91903f78616596487bf50017c56b15385ab264cba5b168c62d971e67e6f3e73d60b5a8adbaaf2af8610c6a91c0a116f619adce4aa91d5a68faf8ee98693d32d8d8244381b5720ef596600e39491d216c22d0725904bab7d90fa8afb8fa04b707410aa300ef098609b4fa6dd77b1b7c321b1fc6356564ce3f90826be3a9a5be186ffc48eb13824e9dae77ed212a0f802074ff4f1725c4ad88cf5bbd36e3406bc59d96e82047631d8be9462ee7e54e5b2897c3fff38eabf67e1e160c2b5e18be06457844d89c9a606b7d25fbde713f4759da0bee1fabe3f71dcca63540f113a2b5edc4b327d1f9610377b97265d4aa875b4bc3c44bf8110d5df1beb1fe54794a0aa52dfc80df1caf7d812b4f1cdba1a6836b45ea2180d08439d411ce8e0755868cc839eaeac73e5d28f9f1990584038cf5fa6bee0c4095a27cc8c7b59519bf2a9bf1fedf54cc2dc6aea6c42c32de40c291e5f422f5c7792a08926af160fb379576dd81bac746232fb246817fc3248097914b75e83cc5eb518ce8fb643b34ca69c3b61f0d94e7db62dd480198d41e0862f1ec4429ab637569884a5ba446a0b09edfd986a2b3e15ee35bbd18610dad6271681ed240b0ffab9199b541013c0aadc36484da57511896c14776a41602aa1426edfbb828897d9c218b7936a0572840ebbc796e888a439b24e640324b511deb6ed0b2ce2f7567447826944b4f34101e492e8d20a2deda950e96e78f86d6d4c976f0c99041c94944309e6ce08d84a7c96677d570d9a57ec0506a4321d9e049b55be883ca3648c27772fc5dbaea5e6c2ded2ce72fb68989ae381fe1394cf6966ab04285d5ff8256bc2e85462b8d89aeeebd5432157c945b5dc1960d9282c6cc007fe029325d6078aef94d4954f956c71bcdf846f41392ebe0d3b289438d24ec4bc073617459a6b232445dd636a9f21140e14b162fd5ef1d626b0ff84884fd63d22cc1b05befb77ea937f3045cc15b125479b262c1e32fca75a5468423288c5776efee744b1fccb5e6d661d9d287cfa8582c96ea34a33c1bbc29c0035657da66a87150bbb885be5ee123e431fd793ea179a0fc77aaee66d874c0616cb32324826b36d0e27d14217ad1131cace3bae4ef82dfbc790e78de53a9bfbdb468bf0eb3ff134073b380858965de2d108862daf3fc6b49ad46f20832238aeaa5d010cf08e37938f0bb7bbeaa970c39ce9327a16fe07565708266ce9ef639bfa08538693b456228aa1c370d64ef9795b7cc208a2c528d381a042d149ed5c7f34ed26a7d5a4401b86434f054389e5dac7a4ee896e406d7b27240d925d478e0eb2202797832d3e2c74f4925ad58377b0d6ae9b97034f94"})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x4, {{@in6=@private0={0xfc, 0x0, '\x00', 0x2}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x2, 0x10, 0x9, 0x9, 0xa, 0x0, 0x70bd2a, 0x25dfdbfb, [@sadb_x_policy={0x8, 0x12, 0x4, 0x3, 0x0, 0x0, 0x8, {0x6, 0x32, 0x3, 0x8, 0x0, 0x0, 0x0, @in=@rand_addr=0x5, @in6=@ipv4={'\x00', '\xff\xff', @broadcast}}}]}, 0x50}}, 0x40010)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x9, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)

16m45.5852875s ago: executing program 7 (id=2364):
open_by_handle_at(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="101303"], 0x0)
r0 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1a"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x82d3a, 0x0, 0x0, 0x0, 0x0)

16m42.269792518s ago: executing program 35 (id=2364):
open_by_handle_at(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB="101303"], 0x0)
r0 = syz_io_uring_setup(0x16d2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1a"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x82d3a, 0x0, 0x0, 0x0, 0x0)

15m49.776639131s ago: executing program 8 (id=2548):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001200)={0x60000010})
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa000000d})
r3 = socket$netlink(0x10, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000000))

15m48.938201125s ago: executing program 8 (id=2554):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, 0x0)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, 0x0)
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f00000003c0)={0x18, r1})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, 0x0)
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, 0x0)
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000940)={0x8, r2})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, <r3=>0x0, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000ac0)={0x48, 0x8, r3, 0x0, 0x0, 0x10, &(0x7f0000000b40)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL'})
ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000b80)={0x48, 0x6, r3})
close(r3)

15m48.191743226s ago: executing program 8 (id=2557):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
listen(r2, 0x1ff)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

15m47.539864069s ago: executing program 8 (id=2561):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000440)=0x7)
syz_mount_image$f2fs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x8, &(0x7f0000000bc0)=ANY=[@ANYBLOB="6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c6d6f64653d61646170746976652c616c6c6f635f6d6f64653d64656661756c742c636865636b706f696e743d656e61626c652c6163746976655f6c6f67733d362c6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6e6f61636c2c6d6f64653d61646170746976652c6e6f696e6c696e655f78617474722c6e6f657874656e745f63616368652c6e6f757365725f78617474722c6a71666d743d7666736f6c642c66617374626f6f742c67727071756f74613d2f6465762f75686964002c61636c2c0032f4ee2f6560cdca2b9483944e9645733866c506b49c56b50344a658491dfe1afc3bb0de511c48132c86a775315723c53de2957513b9e639dfab8b7e4f4097c16f12b630a63e3ee7aa89cfa87acb9e9436e3d4feae3c1c3fedb8759e620dca36a63aa96a078aaf2019ece82c31d9fe60c2e3300afffbbda9aa8515e815ffc77756449aee7d4dc8354a136775201fe90e0663c422eb5a7e10e72601606e640c6714946801fccf68f802ff1c466e968c229e988c70dbe2c74169c0e96f9117a800ef78cef7bea512401010266195fc419fabbb4304582cd727de0f01694c0e22f6bca0650e3f3e4c4aefef27a417b89a0ce12bce1898cc08bbacc339f2655241746a085213fe4d6edc276928e230d4663583ccad22e450718285ed6a84bad0c7d117de297a02d83173a5a3d62192e8b6882f1a34b2200fdb7de25a9c0657778fdf670dfbd28483194c7b288bd257fa84f4a9564651ee61761f4a364803b5aea822e4c5b52b5676bdba4d9bdcbf1b7ddda716f223a1bc6d1c5a150fa64e72f580f7bf672ce6c6d30f8bcf091186a89ff219d2272ff5f2c0b4f63cb92f4708d6d81bc1935a791bd1c3670ba93b4a4db772e29f150122528cbe24284f0d1064ba237debaa65d481756e427ad570171d1e9445fe5c06dd6335167686a2cf8f226eb57ebe530d4e7229938a70bd2ada49d92a535f80d7f1a418c9cf0710e2e6e832f69fadd9dbb9d867f4ddb8687018f3b5972b418c934cd9bcbb7e884646f2d9d85e7374"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})

15m45.193330633s ago: executing program 8 (id=2568):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'netdevsim0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)

15m40.049134918s ago: executing program 8 (id=2580):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000280)=0x20, 0x4)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x0, r2}, 0x2a)

15m38.4616318s ago: executing program 36 (id=2580):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f00000000c0)=0x40, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000280)=0x20, 0x4)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x0, r2}, 0x2a)

14m50.489694455s ago: executing program 1 (id=2774):
syz_open_dev$media(0x0, 0x103, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

14m49.909199582s ago: executing program 1 (id=2778):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x7, 0x9dc5, 0x0, 0x0, 0xf})
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x3cfa, 0x0, 0x3, 0x69}, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

14m49.440824324s ago: executing program 1 (id=2780):
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file1\x00', 0x3000046, &(0x7f0000000840)={[{@delalloc}, {@grpid}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@bsdgroups}, {@nouid32}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@abort}, {@nodelalloc}, {@nobh}, {@user_xattr}, {@dioread_lock}, {@dioread_nolock}]}, 0x1, 0x567, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTX/sp66DMVRECntwMpeurT8m+DAfRYcDfZ+hvSuj6TKadKx14PbgXnyRIYg4EN/13cfhP+BfMdDBkFH0wZfKTW+6dE3atMuaznw+cMM590fOPbn3nHxPTkIC6Fuj2UMh4uWI+CaJOBIRSb5tMPKNo6v7LT+6MZUtSaysfPpXUt8vyzeeq3HcoTzzUkT89lXEqcLGcquLS7Olcjmdz/NjtbmrY9XFpdOX50oz6Ux6ZWJy8uzbkxPvvftO1+r6xoV/vv/k3odnvz6x/N0vD47eSeJcHM63NddjZ4azh5vNa0ZjNH9NhuLcE3uPP11he07S6xNgRwbydj4UWR9wJAbyVg/8/30ZEStAn0rat/9IdvVMgN3ViAMaY/vNx8EvrqWaj32ePfxgdQC0sf6Dq5+NxP762OjgcrJuZJSNd0e6UH5Wxq9/3r2TLdGVzyEAOnPzVkScGRzc2P8lef+3c2dar97fnHmyDP0f7J57WfzzZqv4p7AW/0SL+OdQi7a7E1u3/8KDLhTTVhb/vd8y/l2btBoZyHMv1GO+oeTS5XJ6Jo+GT8bQviy/2XzO2eX7bWPl5vgvW7LyG7Fgfh4PBvetP2a6VCvVP7jrgoe3Il5pGf8ma9c/aXH9s9fjQodlHE/vvtZu29b1f7ZWfop4veX1fzyjlWw+PzlWvx/GGnfFRn/fPv57u/J7Xf/s+h/cvP4jSfN8bXX7Zfy4/9+03bZ19Y/O7//h5LN6ejhfd71Uq82PRwwnH29cP/H42Ea+sX9W/5MnNu//Wt3/ByLi8w7rf/vYz692VP8eXf/pbV3/7Sfuf/TFD+3K76z/e6ueOpmvqfd/W+j0BJ/mtQMAAAAAAIC9phARhyMpFNfShUKxuPr9jmNxsFCuVGunLlUWrkxH/beyIzFUaMx0H2n6PsR4/n3YRn7iifxkRByNiG8HDtTzxalKebrXlQcAAAAAAAAAAAAAAAAAAIA94lCb3/9n/hjo9dkBz5y//Ib+tWX778Y/PQF7kvd/6F/aP/Qv7R/6l/YP/Uv7h/61rv2b9Ie+4v0f+pf2DwAAAAAAAAAAAAAAAAAAAAAAAAAAAF114fz5bFlZfnRjKstPX1tcmK1cOz2dVmeLcwtTxanK/NXiTKUyU06LU5W5rZ6vXKlcHZ+IhetjtbRaG6suLl2cqyxcqV28PFeaSS+mQ7tSKwAAAAAAAAAAAAAAAAAAAHi+VBeXZkvlcjovIbGjxODeOA2JLid63TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGP/BQAA///oaTpO")
chdir(&(0x7f0000000140)='./file0\x00')
symlink(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
rename(&(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

14m48.456361736s ago: executing program 1 (id=2785):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file2\x00', 0xa00010, &(0x7f00000001c0), 0x21, 0x4bf, &(0x7f00000009c0)="$eJzs3U9vVF0ZAPDn3nbon7fv26Is1KggomgIM+0AlbDCjcYQEiNx5QJqOzRNZzpNZ4q0sijfwUQSV7rwA7gwcWHCyr073bnBhQkq0VATF2PmzhQKnSlF2s6b3t8vObn33DOd5zyd3HPaM+2cAHLrXERsRcSpiLgXEZPd60m3xM1OaT/u5YtH89svHs0n0Wrd+UeStbevxa6vafuo+5yjEfGD70b8ONkbt7GxuTxXrVbWuvVSs7ZaamxsXl6qzS1WFisr5fLszOz09SvXyoeW69nab55/Z+nWD3//uy89++PWN3/a7tZEt213Hoepk3rhVZy24Yi4dRTBBmCom8+pQXeE/0saEZ+JiPPZ/T8ZQ9mrCQCcZK3WZLQmd9cBgJMuzdbAkrQYUeicp2mx2FnDOxPjabXeaF66X19fWeislU1FIb2/VK1Md9cKp6KQtOsz2fnrevmt+pWIOB0RPxsZy+rF+Xp1YZA/+ABAjn30ev7P3gv490hn/gcATrjRQXcAADh25n8AyB/zPwDkj/kfAPLH/A8A+WP+B4D8Mf8DQK58//btdmltdz//euHBxvpy/cHlhUpjuVhbny/O19dWi4v1+mL2mT21dz1ftV5fnbka6w9LzUqjWWpsbN6t1ddXmnezz/W+WykcS1YAwH5On3365yQitm6MZSV27eVgroaTLR10B4CBGRp0B4CBsdsX5Jff8YEeW/S+ofMnQmN7G54cTX+Ao3fx89b/Ia+s/0N+Wf+H/LL+D/nVaiX2/AeAnLHGDxzs/f8evP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAjk1kJUmL3b3AJyJNi8WIjyNiKgrJ/aVqZToiPomIP40URtr1mUF3GgD4QOnfku7+XxcnL0y83Xoq+c9IdoyIn/zizs8fzjWbazPt6//sXP/WWMST7vXyIPoPAHk09F6P3pmnd+bxHS9fPJrfKYffx/6ef7uzuWg77na3dFqGYzg7jkYhIsb/lXTrHcl7Z97b1uOI+Fyv/JNsbWSqu/Pp2/HbsT8+1vjpG/HTrK1zbH8vPnsIfYG8edoef272uv/SOJcde9//o9kI9eF2xr/tPeNf+mr8G+oz/p07SICxX0dc/cP3+sZ/HPGF4V7xk1fxkz7xLxwwx7988cvn+7W1fhlxMXrH3x2r1Kytlhobm5eXanOLlcXKSrk8OzM7ff3KtXIpW6Mu7axU7/X3G5c+2S//8T7xR9+R/9cOmP+v/nvvR1/ZJ/43vtr79T+zT/z2nPj1A8afG/9t3+272/EX+uT/rtf/0gHjP/vr5sIBHwoAHIPGxubyXLVaWRv0yU6HPi39ceIk1yeDHZeAo/f6ph90TwAAAAAAAAAAAAAAgH6O49+JBp0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ9f/AgAA//9gOtV4")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000380), 0x101bf)
creat(&(0x7f0000000140)='./bus\x00', 0xa6)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000480)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000300)={0x0, r1, 0x0, 0x2, 0x0, 0x9})

14m46.357370396s ago: executing program 1 (id=2791):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_mount_image$f2fs(&(0x7f0000000380), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="6167655f657874656e745f63616368652c6e6f6c617a7974696d652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c61636c2c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6261636b67726f756e645f67633d6f6666000000006172726965722c636f6d70726573735f63616368652c6d6f64653d6c66732c00a0f136a7b12c237938b84e413b4410176f83a54dc492582695e005d110d725abbe2adec1ac2f6f77d172f0a20b3c1a8f19a6b28a8e0ba53dc3bf8ebe1ba50407cd64781927026076251050bd3ce7", @ANYRES32, @ANYBLOB="3266a455710a3dfc809334437f2cd39fcf66979aeb5e011385feeeac3cee9c75c06448cdbd71a69d64", @ANYRES64, @ANYRESDEC, @ANYRES8, @ANYRES8], 0x1, 0x551f, &(0x7f0000004a00)="$eJzs3EtrY+UbAPAnvcz9P/8iLtzNgUFoYRKaXgbdVZ3BC3Yooy5caZqkITNJTmnStHblwqW48JuIgiuXfgYXrt2JC8WdoOScU516AaFpYqe/H5w8533z5snzhlJ4zmkTwIW1kPz8YyluxtWImI2IGxHZeak4Mht5eC4ibkXEzBNHqZj/feJSRFyLiJuj5HnOUvHUp3eGt9d/eOOnr765PHf9sy+/nd6ugWl7PiK6u/n5QTePaSuPj4r52rCdxe7asIj5E93HxTjN40FzO8twUDteV8viaitfn+7u90dxp1Orj2KrvZPN7/byN+wPW8d5shc8qu1l40ZzO4vtfprF1lFe1+FR/rvtqD/I8zSKfB9k6WMwOI75fPOwme9n93EW671BMZ/nTRvNw1EcFrF4u6innUZWx/ZpPun/tjfbvf3DZNjc67fTXrJeqb5Qqd4tV/fSRnPQXCvXuo27a8liqzNaVh40a92NVpq2Os1KPe0uJYuter1crSaL95rb7VovqVYrq5Xl8vpScXYnefXBO0mnkSyO4svt3v6g3eknO+lekr9iKVmprL64lNyuJm9tbiVbD+/f39x6+7177z54afP1V4pFfykrWVxZXlkpV5fLK9WlC7T/j4qix7h/OJXStAsAOH/0/8A0nF3/v/cw4uz7/9D/j8W56n8vev9/BvuHU9H/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcWN/Nf/5adrKQj68X8/8rpp4pxqWImImIX//GbFw6kXO2yDP/D+vn/1TD16XIMoze43JxXIuIjeL45f9n/SkAAADA0+uLD299knfr+cPCtAtikvKLNjM33h9TvlJEzC98P6ZsM6OHZ8eULPv5novDMWXLLmBdGVOy/JLb3Liy/SuzJ8KVJ0IpDzMTLQcAAJiIk53AZLsQAAAAJunjaRfAdJTi+Fbm8b3g7C/v/7ghePXECAAAADgfTvyffml6dQAAAAATkvX/vv8PAAAAnm759/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwGzt3k5s2EIYB+DPgQv9UVHXfq3QHx+gRuuyy4gC9BAfIglwhF+AMZJcjRBDhGRGIWCTy2CjoeSQz2LJfZvhZzGc0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXbqvV/Pbfz//t83Z7topMxoAAADgnE29mjdPpmn/cz7+NR/6nveriBhExLm5+zA+nGQOc079fP7N8fn1iz7cRTQJ+9cY5+1TRPzK2+O3rt8FAAAAuF7rxXKWZuvpYXrpDtGnVLQZfPldKK+KiHr6UChtss/7USis+X6P4m+htKaANSkUlkpuo1Jpr9L83A9Vu8lRU6VmcPayQyeLjR0AAOjR8KTpdxYCAABAn/68+Yqqk37Qs+ZjzP/Fz7cCx6nJt/c+nuwBAAAA75AyDgAAAFy/Zv7f0/p/O+v/AQAAwGWk9f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADo0qZezdeL5axtznbXTpnRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBP7844CIRAGYbB3fWcy9z+sNGhqalIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALz53V/+T0yNM8nca2PpeSRZOzW2To29c+PoD+Pr1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX/S7X/5PTI0zydxpY+l4JFm7amxdNfYeNI4ejLd/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcv28bVRwA8Hd3PjcpIExAHoIQSAywUNctLd0QAyhi4E9AilK3hLr8aDPQqgKysKHMXRCMCCGBwtb/oXMrdSlbBw9FYgbd+S6+thF1U3LnxJ+P9O59fbnc+76zFOV772wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABKo/cmcZJtOuM4Lvbdun9tLetvP9RnbmzdWc5aFkd1Jn0wvFJ9EXWbSwQAAID5kZT1fQjhbrq9kvVxJ6//0/KYrOb/8blxXNbzD9f9ZV/W/ln74/d7L+0M1BmPk5303PpwcPzRVFr7N8vZ9vxjj2jlVz6/95Lkb0j84eaLozS/ntH3N2++387DI3VkCwDsxbGyL4Ly/6Gs7zeZGABzo1UpvMv6P+k0mxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAHUab4ZkyjkIIy61JnLl9/9rabv2NrTvLZTt9/fpW+HZyzuwUaQjh3PpwcLzW2cy2y1euXlgdDgeX6g9eDSE8/XkW9vRb7xbTv/DxFAeH0Mj1EfxPQVy82bOSz8EIGvyjBADAoZQWLavr76bbK9m+aCmEf356sP5/oxKHKev/e5+cvlUdq1r/93dPZ2F/ZjnbehsXv+hdvnL1rfWLq+cH5wefvX2i/07/5JlTp8708nslPXdMAAAAeDrtolXr/3jp0fX/o5U4TFn/f/lD/+vqWMnj6/+5NFn0azoTAACA+fbCa3//Fe2yP2q3w1erGxuX+uPtzusT420DqT6xI0Wr1v/JUtNZAQAAAHUYbUYPrP+frcRhyvX/Z39++dfqOZMQwmKx/n9s7fPh2fqm07DF//zpHj4Y/M2Tfpy4tqkCAAAwkxaLVl3/T/Pn/+OdRx7iEMKbr4/j4msAp6r/kw+++6U6VvX5/5P1TXEmxd3x9cj7bgitbtMZAQAAcJgtFC0r9v9Mt1c+/e3oR23P/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADU7d8AAAD//yemPmo=")
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write$qrtrtun(r0, &(0x7f0000000400)="9e", 0x1)

14m45.115347796s ago: executing program 1 (id=2800):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000340)={[{@usrquota}, {@nojournal_checksum}]}, 0x21, 0x4bd, &(0x7f00000006c0)="$eJzs3c9vVFsdAPDvvf1JKbQoCzUqiCgawkw7QENY4UZjCImRuHIBtR2apjOdpjNFWlmU/8FEElf6J7gwcWHCyr073bnBhQkq0Udf8hbzcu9MS1+Zgb7QN0M6n09ycu+5p8z3nLm55wxf6JwABtb5iNiOiNGIuB8RU+3rSbvErVbJfu7Vy8cLOy8fLyTRbN79T5K3Z9di35/JnGy/5nhE/PRHEb9I3oxb39xama9UyuvterFRXSvWN7euLFfnl8pL5dVSaW52bubG1eulIxvrueofXvxw+fbP/vynbzz/6/b3f5V1a7Ldtn8cR6k19JG9OJnhiLj9RQTrg6H2eEYPXO9wy/kApRHxpYi4kD//UzGU300A4DhrNqeiObW/DgAcd2meA0vSQjsXMBlpWii0cnhnYyKt1OqNyw9qG6uLrVzZdIykD5Yr5Zl2rnA6RpKsPpufv66XDtSvRsSZiPj12Im8XlioVRb7+cEHAAbYyQPr///HWus/AHDMjfe7AwBAz1n/AWDwWP8BYPBY/wFg8Fj/AWDwWP8BYPBY/wFgoPzkzp2sNHfa33+9+HBzY6X28Mpiub5SqG4sFBZq62uFpVptKf/Onuq7Xq9Sq63NXouNR8VGud4o1je37lVrG6uNe/n3et8rj/RkVADA25w59+zvSURs3zyRl9i3l4O1Go63tN8dAPpmqN8dAPrGbl8wuPwdH3jXfq1d/4vQ06PvC9Abl74q/w+DSv4fBpf8Pwwu+X8YXM1mYs9/ABgwcvyAf/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAz28yL0laaO8FPhlpWihEnIqI6RhJHixXyjMRcToi/jY2MpbVZ/vdaQDgPaX/SuKj9jaAFycPto4mH4/lx4j45W/v/ubRfKOxPptd/+/e9cbT9vVSzzsPABzC7jq9u47vevXy8cJu6WV/XvygtbloFnenXVotwzGcH8cj+3Ay8b+kXW9JImLoCOJvP4mIr3Qaf5LnRqbbO58ejJ/FPtXT+Oln4qd5W+uYvRdfPoK+wKB5ls0/tzo9f2mcz4+dn//xfIZ6f7vz384b81+6N/8NdZn/zh82xrW//Hi0W9uTiK8Nd4qf7MVPusS/eMj4//j6Ny90a2v+LuJSdI6/P1axUV0r1je3rixX55fKS+XVUmludm7mxtXrpWKeoy7uZqrf9O+bl093i5+Nf6JL/PzO35nsOv7vHHL8v//k/s+/9Zb43/t25/t/Nj92fv+zNfG7h4w/P/HHrtt3Z/EXu4z/Xff/8iHjP//n1uIhfxQA6IH65tbKfKVSXnfiZO9k95Peh9Kf7ifNqVZPP5T+HJ+Tfs5KQC+8fuj73RMAAAAAAAAAAAAAAKCbXvw6Ub/HCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1aQAAAP//sHnUnw==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1000009, 0x0, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x20000040)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)

14m44.149598496s ago: executing program 37 (id=2800):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f0000000340)={[{@usrquota}, {@nojournal_checksum}]}, 0x21, 0x4bd, &(0x7f00000006c0)="$eJzs3c9vVFsdAPDvvf1JKbQoCzUqiCgawkw7QENY4UZjCImRuHIBtR2apjOdpjNFWlmU/8FEElf6J7gwcWHCyr073bnBhQkq0Udf8hbzcu9MS1+Zgb7QN0M6n09ycu+5p8z3nLm55wxf6JwABtb5iNiOiNGIuB8RU+3rSbvErVbJfu7Vy8cLOy8fLyTRbN79T5K3Z9di35/JnGy/5nhE/PRHEb9I3oxb39xama9UyuvterFRXSvWN7euLFfnl8pL5dVSaW52bubG1eulIxvrueofXvxw+fbP/vynbzz/6/b3f5V1a7Ldtn8cR6k19JG9OJnhiLj9RQTrg6H2eEYPXO9wy/kApRHxpYi4kD//UzGU300A4DhrNqeiObW/DgAcd2meA0vSQjsXMBlpWii0cnhnYyKt1OqNyw9qG6uLrVzZdIykD5Yr5Zl2rnA6RpKsPpufv66XDtSvRsSZiPj12Im8XlioVRb7+cEHAAbYyQPr///HWus/AHDMjfe7AwBAz1n/AWDwWP8BYPBY/wFg8Fj/AWDwWP8BYPBY/wFgoPzkzp2sNHfa33+9+HBzY6X28Mpiub5SqG4sFBZq62uFpVptKf/Onuq7Xq9Sq63NXouNR8VGud4o1je37lVrG6uNe/n3et8rj/RkVADA25w59+zvSURs3zyRl9i3l4O1Go63tN8dAPpmqN8dAPrGbl8wuPwdH3jXfq1d/4vQ06PvC9Abl74q/w+DSv4fBpf8Pwwu+X8YXM1mYs9/ABgwcvyAf/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAz28yL0laaO8FPhlpWihEnIqI6RhJHixXyjMRcToi/jY2MpbVZ/vdaQDgPaX/SuKj9jaAFycPto4mH4/lx4j45W/v/ubRfKOxPptd/+/e9cbT9vVSzzsPABzC7jq9u47vevXy8cJu6WV/XvygtbloFnenXVotwzGcH8cj+3Ay8b+kXW9JImLoCOJvP4mIr3Qaf5LnRqbbO58ejJ/FPtXT+Oln4qd5W+uYvRdfPoK+wKB5ls0/tzo9f2mcz4+dn//xfIZ6f7vz384b81+6N/8NdZn/zh82xrW//Hi0W9uTiK8Nd4qf7MVPusS/eMj4//j6Ny90a2v+LuJSdI6/P1axUV0r1je3rixX55fKS+XVUmludm7mxtXrpWKeoy7uZqrf9O+bl093i5+Nf6JL/PzO35nsOv7vHHL8v//k/s+/9Zb43/t25/t/Nj92fv+zNfG7h4w/P/HHrtt3Z/EXu4z/Xff/8iHjP//n1uIhfxQA6IH65tbKfKVSXnfiZO9k95Peh9Kf7ifNqVZPP5T+HJ+Tfs5KQC+8fuj73RMAAAAAAAAAAAAAAKCbXvw6Ub/HCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH1aQAAAP//sHnUnw==")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1000009, 0x0, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000280))
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x20000040)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)

8m26.360947207s ago: executing program 9 (id=4251):
syz_mount_image$bfs(&(0x7f0000000140), &(0x7f0000000100)='./bus\x00', 0x80, &(0x7f0000000180)=ANY=[], 0x1, 0xb0, &(0x7f0000000500)="$eJzs1z9KA0EcBeC3i/in0QN4hz2BIB5FrEQ7K0XIiXKVHCFtqhRp00wIky3CErKkWQLfBzPwm1fMFNO8xXb+nMekzJJym73S+/n9+3r/rnsGmuERV6fNZ+6S3Kf+gTbJ+q1mTeq83Px/9CvJzdRvBgAALtOmy+vqaO5y6APnjaoCLw8no/I06hoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACACe0CAAD//73NIaI=")
syz_io_uring_submit(0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e24, @empty}}}, 0x84)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5393, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)
creat(&(0x7f0000000500)='./bus\x00', 0x18c)

8m25.660975638s ago: executing program 9 (id=4255):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000007c0)={[], [{@appraise_type}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@uid_lt}, {@dont_appraise}, {@permit_directio}, {@subj_user={'subj_user', 0x3d, 'discard'}}, {@dont_appraise}], 0x2c}, 0x1, 0x4c2, &(0x7f00000002c0)="$eJzs3M1vG0UbAPBnN02afibtW73QD6ihICIKSZMW6IEDIJB6ASHBoRxDGqrStEVNkGhV0YBQOSL+AuCIhMSJCyeQEAIugLjCHSFVqJcWDsho7d3EbmzHTpqY1r+ftPbM7uzOPrM79nrHdgA9q5Q9JBFbI+LXiBiqZusLlKpPN65dmvrr2qWpJMrll/5MKuWuX7s0VRQt1tuSZ0bSiPS9JPY2qHf2wsXTkzMz0+fz/NjcmTfGZi9cfPTUmcmT0yenz04cPXrk8PgTj0881lYcl5dZnsV1fc/b5/btPvbKh89PlePV7z/L9ndrvrw2jqrhtuptpRSlKOcW5w5UHh9c9db/W7bVpJMNXdwROtIXEdnh6q/0/6Hoi8WDNxTPvbuQ+aZLOwismey9aceSuX35c7rw/gXciRJ9HHpU8Y6fff4tpvW8/ui2q09nj9OV+G/k048vVNsmzT7LDlc/sfc1Wf//DeYNLibLQ8vUvzUijs///VE2RcP7EC0kbZcEAFjwVXb980ij67+07tpmez6GMhwRByNiZ0T8LyJ2RbpQ5q6IuLvD+ks35Zde//y8qcNNdiS7/nsyH9sqpuqSIq5kIbetEn9/8tqpmelDeZuMRP/GLD/eoo6vn/3lg2bLSjXXf9mU1V9cC+b78ceGjfXrnJicm1xFyHWuvhOxZ0Oj+JOFkYCsBXZHxJ4VbD9rs1MPf7ovS2/fsnT58vG3cAvGmcqfRDxUPf7zcVP8haRaU7PxybHBmJk+NFacFUv98NOVF2vz/TXpuvgH24tpcKXBNpAd/80Nz/88/qIbFOO1s53XceW395t+pll6/JM4Pl9bIj//Ny02W3b+DyQvV9ID+by3Jufmzo9HDOQz6uZPLG6tyBfls/hHDjTu/zsj/vk4X29vRGQn8T0RcW9E7M/3/b6IuD8iDrSI/7tnHni9dQut8Py/BbL4T7Q6/hHDSe14/QoSfae//bJZ/e29/h2ppEbyOe28/rW7g6tpOwAAALhdpJUx6CQdLdI1N6d2xeZ05tzs3MFSvHn2RHWsejj60+JO11DN/dDx/N5wkZ+4KX84InZUvmm0qZIfnTo3s62bgQOV3+rU9f9I09HR6rLfm33pBbhzdDSOVvuls8+/uPU7A6wrv9eE3qX/Q+/S/6F36f/Quxr1/8sRN7qwK8A68/4PvUv/h96l/0Pv0v+hJy39SXzxdysr+aX/YmLnsVWtvuaJ8tCabHm+87X61ijSqP3TjqaJJCJWVkWkrcsMtFF71xLpsmWeWq5Z+lf1nxhZYn+e2BgR7a51ed1atXiFSPzLJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFv7NwAA//8Aq+SG")
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x42, &(0x7f0000000080)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

8m24.589579424s ago: executing program 9 (id=4261):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x2808082, &(0x7f0000000580)={[{@barrier}, {@umask={'umask', 0x3d, 0xc5}}, {@nobarrier}, {@uid}, {}, {@nls={'nls', 0x3d, 'iso8859-13'}}, {@nodecompose}]}, 0x1, 0x6e8, &(0x7f0000001f80)="$eJzs3U1sHGcZAOB31uu1N5XcbZq0BSHFakQEDSS2l5IgIREQQj5UKBKXXk3iNFbWbmRvkRMhsgUKRzihHHooQubQE+oBqYgDopyRkLii3CNxjziwaGZn1rtr79qb+CcJzyPNzjcz3887r2dmZ2cTbQD/txbfjslWJLF4/q3NdPnBVr3xYKu+WpQjYioiShHlziyStYjks4gr0Znic+nKvLtk2DhvPvz0w3P3P653lsr5lNUvjWq3rT1ihFY+xWxETOTzMZWH9Xdtl/7ujdV10o07TdjZInFw3No7tMZpvo/zFnja3YuYmNxlfS3iRERM5/cBkV8dSkcc3oEb6yoHAAAAT6eJvSq8+CgexWbMHE04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HxIOr8ZmORTqSjPRlL8/n8lX5eqVI453tG+ssf2D24cUSAAAAAAAAAAcCg+yb+4P/MoHsVmzBTr20n2nf/r2cKp7PWFeC82YjnW40JsxlI0oxnrMR8xOdPTYWVzqdlcn9/Z8jeRtmy32/fylgsRUdvRcuEIdhoAAAAAAAAAnl8/jcWYOe4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgVxIx0Zll06miXItSOSKmI6KS1mtF/LkoP8v+ctwBAAAAwOGr5vOZ5L+dQjvJPvO/kn3un473Yi2asRLNaMRyXM+eBXQ+9Zf+0ao3HmzVV9NpZ8ff/vdYcWQ9RsREvD9k5Lmsxului8X4XvwgzsdsXI31WIkfxVI0Yzlmo5ruRCxFErVq5+lFrYhz93iv9C1dHYztzMDya1kk1bgRK1lsF+JaJTqPTbJ9SMd8rWe0P1YiBkZ8P81O8q3cPnN0vefv9ev8uUyu/eI++xiu/ARta9meT3YzMpfmPs/GS6NzP+ZxMjjSfJS6z6BObY+SLg6OVOT8h+Pk/EQ+T3P9i/6cH7QxH6UNZmIhSvnRF/FKf85vf/H+yf7GX/7nX6/eLK3dunlj4/wh7tKhmiwKg5mo92Ti1dFHX56JRpqJ1v4zMTm4YvoJ9uMAVfJsZJeifV4tv5uVluL1nkPw3bgey3Ep5mI+LsdcfCMWot53hJ3uy2u5vtqfk+xcK+28vlVHBH/2Sz2VfrlH5aOV5uWlnrz2Xulq2bZ8zZVfxVxPlk6OPvrGfhdIx/98Xk7H+Fn3Hedp0JeJ/NpcRPfy6Ez8tp2+bjTWbq3fXLo9pP/Bd6hz+Tw9bT/ovzb/7qD26fGkx8vJbsRZTqrF8ZJue7kbbX++Kvk3Lp12pR3bTne31WImVuL7Q8/USn4Pt7OnzrZXe7f9a/vKWcnvb4ptfXc58W40sruQAbNHk1UA9u3EGycq1YfVv1c/qv68erP61vR3pi5PfaESk38r/2niD6Xfl76ZvBEfxU9i5rgjBQAAAAAAAAAAAAAAAAAAAAAAAAAAAACA58HGnbu3lhqN5fVuIaYH1zxpoTJ0rNGFKO1ZZ+uF/XUYtYjRYyV5oXKw+/4sFqpxSD1/EhEj6lSeeIhk7GNs7EJ6IB9Ih8UPp2Vr2hNjNC8XrXavU46N6WF/wantsyBqt5Ya/2n31alGzykDPOcuNldvX9y4c/erK6tL7yy/s7y2cPnS5Uv1r89/7eKNlcbyXOf1uKMEDsPGnbsTxx0DAAAAAAAAAAAAMJ78X/83H/s/M5T3qFNZ39h95DNHvasAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAM2rx7ZhsRRLzcxfm0uUHW/VGOhXl7ZrliChFRPLjiOSziCvRmaLW010ybJw3H3764bn7H9e3+yoX9Uuj2u1PK59iNiIm8vnepnbpZmd/13r6az1WeEl3D9OEnS0SB8ftfwEAAP//p+75lw==")
open(0x0, 0x210600, 0x8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000ff7000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0x0)

8m21.542053501s ago: executing program 9 (id=4271):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000340)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x3000c085)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.stat\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r1, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0x2ee0}], 0x13, 0x0, 0x0, 0x10000000}, 0x12cd)
setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000140)=r1, 0x4)
sendmsg$kcm(r0, 0x0, 0x8840)

8m16.522531132s ago: executing program 9 (id=4285):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000080)='./bus\x00', 0x10042, &(0x7f0000000140)=ANY=[@ANYBLOB='discard=0x00000000000000f4,discard=0x00000000012\x00\x00ff9,errors=continue,nointegrity,iocharset=macroman,discard,uid=', @ANYRESHEX=0x0, @ANYRES8], 0x24, 0x623a, &(0x7f0000002780)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSggTqAXXQ2M/jzE53vXYS76wzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6I7eZ4PiKGSxHV9tv/PBvxekR8fDzi/oM769Xi8/vsx/f//I8//OTYj/7+p+GZ//7lVv+Naevdvv3b//z17qPvLwAAAHRRWZZlkT7mn4yIQfpsDwA8/fLrf5nk5eqFqzcXrD9qtVqtPoJ1XTnZ3XoREZv1bar3DE7HA8ARsxmftN0FWiT/ThtExLG2OwEstKLtDnAo7j+4s16kfIv668HaTnu+FmQs/81i9/6OadNZmteYzOv5tRX9eG5Kf1bm1IdFkvPvNfO/stM+Susddv7zMi3/0c6tT52T8+838294evLvTcy/q3L+gwPl35c/AAAAAAAssPz7/xMtn/9devxd2Ze9zv+uzakPAAAAAAAAAPCkHXT8v0Fj/L9dxv8DAACAhVV9Vq/87vjDZdP+Flu1/HIR8UxjfaBj0s0yq233AwAAAAAAAAAAAAC6ZLBzDe/lImIYEc+srpZlWX3VNeuDetztj7qu7z90Wds/5AEAYMfHxxv38hcRyxFxOf2tv+Hq6mpZLq+slqvlylJ+PztaWi5Xap9r87RatjTaxxviwaisvtlybbu6WZ+XZ7U3v1/1WKOyv4+OzUeLgQNAROy8Gt2f9or0P69XR1NZPhstv8nhiNjj+OeIcvyzH20/TwEAAIDDV5ZlWaQ/530ynfPvtd0pAGAu8ut/87yAWq1Wq9Xqp6+uKye7Wy8iYrO+TfWewXD8AHDEbMYnbXeBFsm/0wYR8ULbnQAWWtF2BzgU9x/cWS9SvkX99SCN756vBRnLf7PY3i5vP2k6S/Mak3k9v7aiH89N6c/zc+rDIsn595r5X9lpH6X1Hj//cuzXhG1dYzQt/2o/T7TQn7bl/PvN/BsO+/ifl63oTcy/q3L+gwPl35c/AAAAAAAssPz7/xMLdf539Ki7M9Ne53/XJm5xeH0BAAAAAAAAgCfl/oM76/m+13z+/wsT1nP/59Mp51/Iv5Ny/r1G/l9trNevzd97+2H+/35wZ/2Pt/71+Tzdb/5LeaZIz6wiPSOK9EjFIE0fZ+8+a2vYH1WPNCx6/UG65qccvhvX4npsxNmxdXvp/+Nh+7mx9qqnw+32sr/Tfn6sfbDbnre/MNY+TFcXlSu5/XSsx8/jeryz3V61Lc3Y/+UZ7eWM9px/3/HfSTn/Qe2ryn81tReNaeXeR73PHPf16aTHeevaF39z9vB3Z6at6O/uW121fy+10J/t/5Njo/jlzY0bp29fvXXrxrlIk7Gl5yNNnrCc/zB97f78f3mnPf/crx+v9z4aHTj/RbEVg6n5v1ybr/b3lTn3rQ05/1H6yvm/k9onH/9HOf/px/+rLfQHAAAAAAAAAAAAAAAA9lKW5fYtom9FxMV0/09b92YCAPOVX//LJC+fV92f8+Op1YdWF8U8Hq9YmP1tof60nPPjD8YXtL3/avWTqOvKyd6sFxHxt/o21XuGX0/6ZgDAIvs0Iv7Zdidojfw7LP+9v2p6qu3OAHN184MPf3r1+vWNGzfb7gkAAAAAAAAA8Kjy+J9rtfGfT5Vlebex3tj4r2/H2uOO/5lvp3k4wOiUgar7B9+nvWz1Rv1ebbjxF2Pa+N/D3bm9xv8ezHi84Yz20Yz2pRntyzPaJ97oUZPzf7E23vmpiDjZGH69C+O/Nse874Kc/0u153OV/1ca69XzL39/lPPvjeV/5tb7vzhz84MPX7v2/tX3Nt7b+NmFc+fOXrh48dKlS2fevXZ94+zOvy32+HDl/PPY164D7Zacf85c/t2S8/9SquXfLTn/L6da/t2S88/v9+TfLTn//NlH/t2S838l1fLvlpz/11It/27J+b+aavl3S87/66mWf7fk/F9Ltfy7Jed/OtXy75ac/5lU7zP/lcPuF/OR889nuBz/3ZLzz1c2yL9bcv7nUy3/bsn5X0i1/Lsl5/96quXfLTn/b6Ra/t2S87+Yavl3S87/m6mWf7fk/C+lWv7dkvP/Vqrl3y05/2+nWv7dkvN/I9Xy75ac/3dSLf9uyfl/N9Xy75ac//dSLf9uyfm/mWr5d8vDv/9vxowZM3mm7Z9MAAAAAAAAAAAAAEDTPC4nbnsfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgp7dxcj11neAfzsp9cOJAZC6qQGNo4JIdlk13biD9oUEz4bvkogFPqB7XrXZsGxjdcugUayaaBEwqioom24aAsItbmp8AUXtAKUC9QKqRK0F/QGUaFyEaGAAlIlWgFbzTnv++7M7Hzs2uP1mXN+P8l+vDNn5n3nzDtn59n1fw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS79bULnxzJsqzxJ/9ra5Y9r/HvzdNb88teda1nCAAAAFypX+Z/P3dDuuDgGm7UtM2/vvTbX1leXl7O3jP2lxOfXV5OV0xn2cSmLMuviy794L0jzdsEj2dTI6NNX4/2GX6sz/Xjfa6f6HP9ZJ/rN/W5fqrP9at2wCqbi5/H5He2M//n1mKXZjdmE/l1Ozvc6vGRTaOj8Wc5uZH8NssTx7LF7ES2kM21bF9sO5Jv/7VbG2O9KYtjjTaNtb2xQn762NE4h5Gwj3e2jLVyn9GPX5NN/+ynjx39+7PP3typ9t0NLfdXzPOOHY15fjxcUsx1JNuU9kmc52jTPLd3eE7GWuY5kt+u8e/2eT63xnmOrUxzQ7U/51PZaP7v7+T7abz5x3ppP20Pl/38tizLLqxMu32bVWNlo9mWlktGV56fqWJFNu6jsZRemI2va53euoZ12qjzO1vXaftrIj7/t4bbjXeZQ/PT9OOPTTY9779Yvpx1GjUedbfXSvsaHPRrpSxrMK6L7+QP+omOa3BnePyP3d59DXZcOx3WYHrcTWtwR781ODo5ls85PQkj+W1W1uCulu3H8pFG8vrM7b3X4OzZR07PLn3ko3cvPnLk+MLxhZN7du2a27N37/79+2ePLZ5YmCv+vsy9XX5bstH0GtgR9l18Dbyibdvmpbr8hclVx9/LfR1O9Xgdbm3bdtCvw/H2BzeyMS/I1Wu6eG28q7HTpy6OZl1eY/nzc+eVvw7T4256HY43vQ47fk/p8DocX8PrsLHN6TvX9p5lvOlPpzl0/15wZWtwa9MabH8/0r4GB/1+pCxrcCqsi+/d2f17wfYw3ydm1vt+ZGzVGkwPNxx7Gpek9/tT+/PSaV3e0rjiusns3NLCmXsePXL27JldWSgb4kVNa6V9vW5pekzZqvU6uu71enDxpU/c0uHyrWFfTd3d+Guq63PV2Obee3o/V/l3t877s+XS3VkoA7bR+7PTd/PG/pzMss9982MPff2xz7226/5s9Jsfn73y9+KpL206/k50Of7Gvv9XxXjprh4fmxgvXr9jae9MtByPW5+q8fzYNZKP/dzs2o7HE+HPRh+Pb+xxPN7Wtu2gj8cT7Q8uHo9H+v2048q0P59TYZ2cmOt9PG5ss233etfkeM/j8W2hjoT9/8rQKaS+qGntdFu3aazx8YnwuMbjCK3rdE/L9hOhN2uM9dTu8KYwzXJt6/SO24rtx5puF23UOp1u23bQ6zT97KvbOh3p99O3y9P+fE6FdXHjnt7rtLHN0/de+bFzc/xn07Fzst8anBibbMx5Ii3C/HifLW+Oa/Ce7Gh2KjuRzefXTubraSQfa+a+tR0rJ8OfjT5WbuuxBu9o23bQazB9H+u29kbGVz/4AWh/PqfCunjyvt5rsLHN6/YN9r3rHeGStE3Te9f2n691+5nXLW276WqtlfEwz2/u6/2z2cY2J/avt8/svZ/uCpdc12E/tb9+u72m5rON2U/bwjyf3d99PzXm09jmswfWuJ4OZll2/kMP5D/vDb9fOX/uu19p+b1Lp9/pnP/QAz95/rF/Wc/8ARh+vyrKluJ7XdNvptby+38AAABgKMS+fzTURP8PAAAAlRH7/vi/whP9PwAAAFRG7PvHQ02q0P//af9Ntr3u2cVfnc9SMn85iNen3fBgsV3MuM6Fr6eXVzQuf+BLC//zz+fXNr3RLMt+8eCfdNx+24NxXoXpMM9Lr2+9fJWv3L2msQ8/fD6N25xf/3y4//h41roMOkVw57Is+9oNn87HmX7vxbw+/eDhvD504YnHG9s8d6D4Ot7+mRcV2/9NCP8ePHak5fbPhP3ww1Dn3tx5f8TbffniK7fve/fKePF2Izuuzx/2k+8r7jd+Ts5nHi+2j/u52/y//qmnvtzY/tGXd57/+dHO838q3O+XQv3flxTbNz8Hja/j7T4R5h/Hi7e754vf6Dj/S58stj/9hmK7w6HG8e8IX+98w7OLzfvr0ZEjLY8re2OxXRx/7rt/nl8f7y/ef/v8pw5dbNkf7evj6f8o7me2bft4eRwn+qe28Rv307w+4/hP/dnhlv3cb/xLDz3zksb9to9/V9t2pz90Zz7+yv21fmLT337i0x3Hi/M5+I+nWx7PwXeE13EY/8n3hfUYrv+/S8X9tX+6wuF3tB5/4vaf33q+5fFEb/pZMf6lVx/P66apzVuue97zr7/wssa+y7LvbCrur9/4x//uVMv8v3BTsT/i9TGj3z5+N3H8Mx+eOXlq6dzifNqrj92Qf3bOW4r5xPneEI6t7V8fOnX2/Qtnpuem57JsurofoXfZvhjqT4pyoffWy6uOoHc+HJ7PW/76a1tu//dPxcv/813F5RffXHzfekXY7jPh8q3h+Vvf+Ks9eetN+et75Okww+XVnxd8Jbbv/NH+NW0YHn/7+4K43k+/+P35fmhcl3/fiK/rK5z/9+eL+/lq2K/L4ZOZd9y0Ml7z9vGzES6+s3i9X/H+C4e5+Lz+Q3i+3/rD4v7jvOLj/X54H/ONba3Hu7g+vnp+tP3+80/xuBCOJ9mF4vq4VdzfF5+7qeP04ueQZBduzr/+i3Q/N6/rYXaz9JGl2ROLJ889Ont2Yens7NJHPnrokVPnTp49lH+W56EP9Lv9yvFpS358ml/Ye2+WH61OFeUqu9bzP/3w0fl9c7fPLxw7cu7Y2YdPL5w5fnRp6ejC/NLtR44dW/hwv9svzt+/a/eBPft2zxxfnL9//4EDew7MLJ481ZhGMak+9s59cObkmUP5TZbuv/fArvvuu3du5pFT8wv375ubmznX7/b596aZxq3/eObMwokjZxcfWZhZWvzowv27Duzdu7vvpwE+cvrY0vTsmXMnZ88tLZyZLR7L9Nn84sb3vn63p5qW/qt4P9tupPggvuztd+1Nn8/a8KWPdb2rYpO2DxB9NnwWzbdecHr/Wr6Off9EqEkV+n8AAAAgF/v+yVAT/T8AAABURuz7N4Wa6P8BAACgMmLfPxVq+i8BNen/K5f/33Z+TePL/8v/N+8v+f+a5f/fWbb8f3G8kP8fjCvN38v/B/L/8v/y//L/8v8MQNny/7Hv35xlfv8PAAAAFRX7/i2hJvp/AAAAqIzY918XaqL/BwAAgMqIff/zQk1q0v/L/8v/y//L/8v/dx5f/n84yf/3Jv/fTfGJ0PL/S7NZvfL/FwY5/2uQ/9/c/IX8P2VUtvx/7PufH2pSk/4fAAAA6iD2/deHmuj/AQAAoDJi339DqIn+HwAAACoj9v1bQ01q0v/L/19R/j9lruT/W+cv/99K/j+sB/l/+f8NIP/fm/x/H/L/zv8/XPn/FvL/lFHZ8v+x739BqElN+n8AAACorImVf8a+/4WhJvp/AAAAKJ/xy7tZ7PtfFGqyqv+/zAEAAACAay72/TdmbUHwmvz+X/7f+f/l/+X/5f87j7/2/P9YJv9fHvL/vcn/9yH/L/9f3/z/VCb/z1VQtvx/3vdnU9mLQ01q0v8DAABAHcS+/6ZQE/0/AAAAVEbs+38t1ET/DwAAAJUR+/5toSY16f/l/yuT//9581Mn/y//32t8+X/n/68y+f/e5P/7kP+X/69v/t/5/7kqypb/j33/zaEmNen/AQAAoA5i339LqIn+HwAAACoj9v2/Hmqi/wcAAIDKiH3/9lCTmvT/8v8lz//H5Kjz/8v/y/+XMv8/Jf9fOvL/vcn/9yH/L/8v/y//z0CVLf8f+/6XhJrUpP8HAACAOoh9/0tDTfT/AAAAUBmx739ZqIn+HwAAACoj9v3ToSY16f/Xk/8fuSD/381VPv//5BrO/99C/l/+v9f48v/O/19l8v+9yf/3If8v/y//L//PQJUt/x/7/ltDTWrS/wMAAEAdxL5/R6iJ/h8AAAAqI/b9t4Wa6P8BAACgMmLfvzPUpCb9v/P/D0X+P5P/l/+X/5f/l/9fG/n/3uT/+5D/l/+X/5f/Z6AGnP8fbb9wvfn/2Pe/PNSkJv0/AAAA1EHs+28PNdH/AwAAQGXEvv8VoSb6fwAAAKiM2PffEWpSk/5f/l/+X/5f/l/+v/P48v/DSf6/N/n/PuT/5f/l/+X/Gaiynf8/9v2vDDWpSf8PAAAAdRD7/jtDTfT/AAAAUBmx778r1ET/DwAAAJUR+/6ZUJOa9P/y//L/8v/y//L/nceX/x9O8v+9yf/3If8v/y//L//PQJUt/x/7/rtDTWrS/wMAAEAdxL7/nlAT/T8AAABURuz7Z0NN9P8AAABQGbHvnws1qUn/L/8v/y//L/+/rvz/y1buV/6/IP9fLvL/vcn/9yH/L/9/zfP/E/L/VErZ8v+x798ValKT/h8AAADqIPb9u0NN9P8AAABQGbHv3xNqov8HAACAyoh9/72hJjXp/+X/5f/l/+X/nf+/8/jy/8NJ/r+3wef/40OU/5f/l/93/n/5f1YrW/4/9v33hZrUpP8HAACAOoh9/95QE/0/AAAAVEbs+/eFmuj/AQAAoDJi378/1KQm/b/8v/y//L/8v/x/5/Hl/4eT/H9vzv/fh/y//P8Q5/8ba0v+n7IpW/4/9v0HQk1q0v8DAABAHcS+/1WhJvp/AAAAqIzY9/9GqIn+HwAAACoj9v2/GWpSk/5f/l/+X/5f/r/s+f9J+X/5/3WQ/+9N/r8P+X/5/yHO/zv/P2VUtvx/7PvvDzWpSf8PAAAAdRD7/t8KNdH/AwAAQGXEvv/VoSb6fwAAAKiM2PcfDDWpSf8v/79B+f94ofy//L/8v/P/y/9fVfL/vcn/9yH/L/8v/y//z0CVLf8f+/7XhJrUpP8HAACAOoh9/wOhJvp/AAAAqIzY97821ET/DwAAAJUR+/7XhZrUpP+X/3f+/2uf/59ombv8/8rt5P8L8v/y/+sh/9+b/H8f8v/y//L/8v8MVNny/7Hvf32oSU36fwAAAKiD2Pe/IdRE/w8AAACVEfv+N4aa6P8BAACgMmLf/6ZQk5r0//L/8v/XPv/v/P/y/wX5f/n/QZD/72048/+N3Sj/n8n/l37+8v/y/6xWtvx/7Pt/O9SkJv0/AAAA1EHs+x8MNdH/AwAAQGXEvv/NoSb6fwAAAKiM2Pe/JdSkJv2//L/8v/y//L/8f+fx5f+Hk/x/b0OW///l9eFy5/8vyP+Xe/7rzf+Pt319VfL/P+iW/1/e1H57+X+uhrLl/2Pf/9ZQk5r0/wAAAFAHse9/W6iJ/h8AAAAqI/b9bw810f8DAABAZcS+/3dCTWrS/8v/N+axkl6W/5f/zy+Q/5f/l/8fWvL/vQ1Z/j+c/1/+P5L/L/f8nf9f/p/Vypb/j33/O0JNatL/AwAAQB3Evv+hUBP9PwAAAFRG7PvfGWqi/wcAAIDKiH3/u0JNatL/y/87/7/8v/y//H/n8eX/h9Ng8v9j8v/y//L/8v/lyP//t/w/w61s+f/Y9z8calKT/h8AAADqIPb97w410f8DAABAZcS+/3dDTfT/AAAAUBmx739PqElN+n/5/2HJ/0/L/68z/z8ZLpP/l/+X/68X5//vbfvOH3VPVjaT/5f/l/8vR/7f+f8ZcmXL/8e+/72hJmvv/6fWvCUAAABwTcS+//dCTWry+38AAACog9j3/36oif4fAAAAKiP2/X8QalKT/l/+f1jy/87/nzn/v/x/2+OR/5f/72Tj8v/xyDN0+X/n/+9F/l/+X/6/a/5/tM/t5f/ppGz5/9j3/2GoSU36fwAAAKiD2Pe/L9RE/w8AAABDodP/yW4X+/5DoSb6fwAAAKiM2PcfDjWpSf8v/y//L/9f0vz/X+34t+99+22Hd8n/y//L/6/Lhp7/v/HiH77z/8v/9yL/L/8v/+/8/wxU2fL/se8/Emqy0vi9xQn+AQAAYLjFvv+PQk1q8vt/AAAAqIPY9x8NNdH/AwAAQGXEvn8+1KQm/b/8v/y//H9J8/9DfP7/uD+GKf8/s2mI8v/xoCv/39GG5v/fvZITl/9fb/5/suOl7fn/Efn/FvL/657/t7Isk/+X/+caKlv+P/b9C6EmNen/AQAAoA5C3z96rKgrV+j/AQAAoDJi33881ET/DwAAAJUR+/73h5rUpP+X/5f/l/+X/3f+/87jlzb/7/z/Pcn/91ae/H9nzv8v/z/M85f/l/9ntbLl/2PfvxhqUpP+HwAAAOog9v0fCDXR/wMAAEBlxL7/g6Em+n8AAACojNj3nwg1qUn/L/8v/y//L/8v/995fPn/4ST/35v8fx/y//L/8v/y/wxU2fL//8/efTxZVpd/HL/NrylmivpVuXPhAvf+CSxkrX+ACzYutMqySlAxJwZzxJwDKgYMGEARE+YEJhSzqJiziBm1xprp53lmuvv0ud0z9/Y99/t9vRY+TENzL9oFfuh5z8nd/7C4pZP9DwAAAD3I3X9J3GL/AwAAQDNy918at9j/AAAA0Izc/Q+PW9Zy/2/cedBKUP+v/2+2/7+v/n+v19f/6/9bpv8fp/+fQ/+v/9f/6/9ZqKn1/7n7HxG3rOX+BwAAAIbk7n9k3GL/AwAAQDNy918Wt9j/AAAA0Izc/Y+KWzrZ/zv6/41Zn/1/Zrz6/5b6f8//3/P19f/6/5Ydbv9/xYm/8+n/9f/6/6D/1//r/9lpav1/7v5Hxy2d7H8AAADoQe7+x8Qt9j8AAAA0I3f/Y+MW+x8AAACakbv/cXFLJ/t/gs//P/k/guf/b/1Y/6//1//r//X/B+P5/+N66v8vu+38S+664V43HuT19f/6f/2//p/Fmlr/n7v/8XFLJ/sfAAAAepC7/wlxi/0PAAAAzcjd/8S4xf4HAACANXR08KO5+58Ut3Sy/yfY/2+9L/3/Sfr/Q+z/j+j/9f/6/xbo/8f11P+fyevr//X/J9//1TP9v/6fBZla/5+7/8lxSyf7HwAAAHqQu/8pcYv9DwAAANM19BOxR+Tuvzxusf8BAACgGbn7j8Utnex//f/y+///6v/Xo//3/H/9v/6/Cfr/cfr/OfT/+n/P/9f/s1BT6/9z918Rt3Sy/wEAAKAHufufGrfY/wAAANCM3P1Pi1vsfwAAAGhG7v6nxy2d7H/9v+f/6//1//r/4dfX/68n/f84/f8c+v+z7efP1f/r//X/nO6A/f/dI3/bXkj/n7v/GXFLJ/sfAAAAepC7/5lxi/0PAAAAzcjd/6y4xf4HAACAZuTuf3bc0sn+1//r//X/+v8z7v93f+mdpP8fpv8/HPr/cZPp/zc2Bz+s/1/7/t/z//X/+n+2mdrz/3P3Pydu6WT/AwAAQA9y9z83bhnZ/wf+l/kAAADASuXuf17c4vv/AAAAsPayOsvd//y4pZP9r//X/+v/9f+e/z/8+mP9/42nvT/9/7To/8dNpv/fg/5f/7/O71//r/9nt6n1/7n7XxC3dLL/AQAAoAe5+6+MW+x/AAAAaEbu/hfGLfY/AAAANCN3/4vilk72/3D/f+r36//3R/+//f3r/4e/PhbV/+efUf8/2v9f5Pn/fdL/j9P/z6H/1//r//fq/4/O+3z9P0Om1v/n7n9x3NLJ/gcAAIAe5O5/Sdxi/wMAAEAzcve/NG6x/wEAAKAZuftfFrd0sv89/1//r/9fv/7f8/+3rPL5/7ND7/839f/7pP8fp/+fQ/+v/9f/jz//f+RXAdD/M2Rq/X/u/pfHLZ3sfwAAAOhB7v5XxC32PwAAAKyH03/uwM6fUBpy978ybrH/AQAAoBm5+18Vt7Sz/0ef1an/1//r//X/+v/h159W/+/5//ul/x+n/59D/7+Mfn6zsf7/qr0+fwr9/+XL7v9H6P8Zsq3/v+nUx1fV/+fuf3Xc0s7+BwAAgO7l7n9N3GL/AwAAQDNy9782brH/AQAAoBm5+18Xt3Sy/5fe/4/86gP6f/2//l//r//X/y+a/n+c/n8O/b/n/3v+v/6fhdrW/59mVf1/7v7Xxy2d7H8AAADoQe7+N8Qt9j8AAAA0I3f/VXGL/Q8AAADNyN3/xrilk/3v+f/6f/2//l//P/z6+v/1dFb9/Tn6/6L/1//r//X/+n8WYGr9f+7+N8Utnex/AAAA6EHu/jfHLfY/AAAANCN3/9Vxi/0PAAAAzcjd/5a4pZP9r/9fbv+fH9f/6/9n+n/9v/7/UHT7/P+NoX8S7bZH/3/LQ47df/tH9P/6f/2//l//zz7dY+T3TaL/P37q/13m7n9r3NLJ/gcAAIAe5O5/W9xi/wMAAEAzcve/PW6x/wEAAKAZufuviVsOuP/Hmodhd15w4E9ZAv2/5//r//X/+v/h19f/r6du+/998vz/OfT/+n/9v/6fhZpE/3/aj3P3vyNu8f1/AAAAaEbu/nfGLfY/AAAANCN3/7viFvsfAAAAmpG7/91xSyf7X/+v/9f/6//1/8Ovr/9fT/r/cfr/Odap/7/mLPr/zeEPr7qfP1urfv/6f/0/u02t/8/df23c0sn+BwAAgB7k7n9P3GL/AwAAQDNy9783brH/AQAAoBm5+98Xt3Sy//X/+n/9v/5f/z/8+vr/9aT/H6f/n81m1428gaH+//h50+z/Pf9/cu9f/6//Z7ep9f+5+98ft3Sy/wEAAKAHufuvi1vsfwAAAGhG7v7r4xb7HwAAAJqRu/8DcUsn+1//r//X/+v/F9D/b+tr9f/D9P+HQ/8/Tv8/xzo9/1//P7n3r//X/7Pb1Pr/3P0fjFs62f8AAADQg9z9N8Qt9j8AAAA0I3f/h+IW+x8AAACakbv/xrilk/2v/9f/6//1/57/P/z6+v/1tLz+f6b/1//r/+fQ/+v/9f/sNLX+P3f/h+OWTvY/AAAA9CB3/0fiFvsfAAAAmpG7/6Nxi/0PAAAAzcjd/7G4pZP9r//X/+v/9f/6/+HX1/+vJ8//H6f/n0P/r//X/+v/Wajh/v/ylfX/ufs/Hrd0sv8BAACgB7n7b4pb7H8AAABoRu7+T8Qt9j8AAAA0I3f/J+OWTva//l//v73/n830//p//f+WQ+j/j8z0/wun/x+n/59D/99m/3/OrKH+/+ien6//Z4qm9vz/3P2fils62f8AAADQg9z9n45b7H8AAABoRu7+z8Qt9j8AAAA0I3f/Z+OWTva//l//7/n/+n/9//Dre/7/etL/j9P/z6H/b7P/9/x//T8rM7X+P3f/5+KWTvY/AAAA9CB3/+fjFvsfAAAAmpG7/wtxi/0PAAAAzcjd/8W4pZP9r//X/+v/9f/6/+HX1/+vJ/3/OP3/HPp//b/+X//PQk2t/8/d/6W4pZP9DwAAAD3I3X9z3GL/AwAAQDNy998St9j/AAAA0Izc/V+OWzrZ//p//b/+fz37/yP6f/2//n/QVPr/Cy+83636f/2//l//r//X//duav1/7v6vxC2d7H8AAADoQe7+r8Yt9j8AAAA0I3f/1+IW+x8AAACakbv/63FLJ/t/d/9/7myrUN0y1P9Ho6b/P43+f/v71/8Pf314/r/+X/+/fFPp/z3//8zev/5f/7/O7/9A/f+9d3++/p8WTa3/z91/a9zSyf4HAACAHuTu/0bcYv8DAABAM3L3fzNusf8BAACgGbn7b4tbOtn/nv+v/9f/6//1/8Ovr/9fT/r/cfr/OfT/+n/P/7/0Qf+n/2dxptb/5+7/VtzSyf4HAACAHuTu/3bcYv8DAABAM3L3fydusf8BAACgGbn7vxu3dLL/9f/6f/3/Evr/zeGvD/2//l//v3z6/3H6/7LzL21LP/3/kaEPrrqfP1urfv/N9P+e/88CTa3/z93/vbilk/0PAAAAPcjd//24xf4HAACAZuTu/0HcYv8DAABAM3L3/zBu6WT/6/8b7/9P/KD7/v+Bnv+/4/X1//r/lun/85/ow/T/c/TT/w9adT+/7u9f/6//Z7ep9f+5+2+PWzrZ/wAAANCD3P0/ilvsfwAAAGhG7v4fxy32PwAAADQjd/9P4pZO9r/+v/H+f8fz/zdmPfb/K3j+/x5fH/p//b/+f/n0/+P0/3Po//X/+n/9Pws1tf4/d/8dG5td7n8AAABYVw+4z0Nv3+8fe8fJ/zwy+2ncctHs+D6/jQ0AAABM3Indv7E5m/3s5I98/x8AAABalLv/53FLJ/tf/99X/9/n8/+X2P+feGH9v/5f/z8p+v9x+v859P/6f/2//p+Fmlr/n7v/F3HLacNv88B/lQAAAMCU5O7/ZdzSyff/AQAAoAe5+38Vt+za/345QAAAAFhXuft/Hbd08v1//f/E+//Zkvr/+OP0/1s8/1//P/T6+v/1pP8fd5b9//EN/b/+f4T+X/+v/2enqfX/uft/E7d0sv8BAACgUdv+jULu/t/GLfY/AAAANCN3/+/iFvsfAAAAmpG7//dxSyf7X/9/6P1/pupLfP7/0fotz//vvP+/8sjg6+v/9f8t0/+P8/z/OfT/rfT/5+n/9f9Mw9T6/9z9f4hbOtn/AAAA0IPc/X+MW+x/AAAAaEbu/j/FLfY/AAAANCN3/50nzv/3t/9X0v/Hn6TT/v9gz/8/o/5/H8//1//30f/v8frt9P/3PP/YzRc/+Ppr9f+ccpj9f34t6P/1//r/LRPq/z3/X//PRCy+/9/c9sGD9v8nd//syOzPcUsn+x8AAAB6kLv/rrjF/gcAAIBm5O7/S9xi/wMAAEAzcvf/NW7pZP97/r/+fyr9f/53vYL+/9gZ9/9HZ7PZSvr/bIp77/89/1//v5vn/4/T/8+h/9f/6//1/yzU4vv/7R88aP+fu/9vcUsn+x8AAAB6kLv/73FL7v+NA/+rewAAAGBicvf/I27x/X8AAABoRu7+f8Ytnex//b/+fyr9f/L8/1Of19bz/y+uOLXP/v+C+i39/3Lp/8fp/+fQ/+v/9f/6fxZqav1/7v5/xS2d7H8AAADoQe7+u+MW+x8AAACakbv/33GL/Q8AAADNyN3/n7ilk/2v/2+1/88iXv+v/59K/+/5/57/fzj0/+P0/3Po//X/+n/9Pws1tf4/d///AgAA//8kcHQC")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000100)='./file0\x00')
syz_io_uring_setup(0x234, 0x0, 0x0, 0x0)
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB='o'], 0x0, 0x0, 0x0)

8m14.959556781s ago: executing program 9 (id=4287):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
write$tun(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="034886dd01000000000014"], 0xfdef)

7m58.21003319s ago: executing program 38 (id=4287):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
write$tun(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="034886dd01000000000014"], 0xfdef)

8.575542315s ago: executing program 2 (id=6192):
add_key(&(0x7f0000000200)='dns_resolver\x00', &(0x7f0000000180)={'syz', 0x1, 0x48}, &(0x7f0000000240)="48ab0500", 0x1001, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[], 0x3)
sendto$packet(0xffffffffffffffff, &(0x7f0000000200)="0b031200e0ff64000200475400f6", 0xe, 0x0, &(0x7f0000000180)={0x11, 0x8100}, 0x14)
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, 0x0)
pipe2(0x0, 0x80000)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r3, 0xc0884113, &(0x7f0000000240)={0x1, 0x0, 0x200, 0x10001, 0xffffffffffffffff, 0x8, 0x2, 0x200, 0x4, 0x2c, 0x80000005, 0x1})
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r3, 0xc0984124, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ad0b19196c79eb5})

7.556894737s ago: executing program 2 (id=6197):
sendmsg(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="817bb97cdac2f8f819447aa4a50c293af36b43cab2641b7753df26944b52221c709e644460", 0x25}], 0x1}, 0x24040050)
io_submit(0x0, 0x1, &(0x7f0000000100)=[&(0x7f00000000c0)={0x400000, 0xff0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}])
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {}, {0x8, 0x11, 0x111}}}, 0x24}, 0x1, 0x0, 0x0, 0x8100}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.800092015s ago: executing program 2 (id=6200):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = dup(r0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000340))
r4 = dup(r3)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000000)={0x1, r4})
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f00000003c0)={0x1, r1})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)={0x14, 0x3d, 0x107, 0x0, 0x0, {0x4, 0x7c}}, 0x14}}, 0xc000)

6.732546811s ago: executing program 3 (id=6201):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r2, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f00000006c0)={0x2020}, 0x2020)

6.268857278s ago: executing program 2 (id=6204):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000600)=ANY=[@ANYBLOB="12010000a3b370086d04ae08581101020301090212000d000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000040)={0x84, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)

6.179058778s ago: executing program 3 (id=6205):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000001c0)=0x100, 0x4)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100), 0x10)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x1, r2, 0xfffffc, r3}, 0x10)

5.888421018s ago: executing program 4 (id=6208):
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
close(0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa8480, 0xa0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2000000, 0x132}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000002300)=<r2=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x8, 0x0, 0x0, 0x0, {0x3}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB="0e"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x10, 0x2007, @fd, 0x8, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

5.432631037s ago: executing program 0 (id=6209):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r2, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r1, &(0x7f0000000180)='./file1\x00', 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000000280)='./file1\x00')

5.372703765s ago: executing program 4 (id=6210):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x6, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
landlock_create_ruleset(&(0x7f0000000080)={0x9008, 0x0, 0x2}, 0x18, 0x0)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r2}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff]})

4.847301718s ago: executing program 4 (id=6212):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f00000001c0)}, 0x20)
r0 = syz_io_uring_setup(0x121d, &(0x7f0000000500)={0x0, 0x7d10, 0x80, 0x3, 0x1000034e}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
syz_clone(0x202180, &(0x7f00000002c0)="dbeea36ed61ec96b368fa2a0b33cef8c88f8e91548759ec95243d9d3b6ec5adfa6f3adbaffa9ba6397cc36d6745ee06f15bcea8d771104c5b07fa34db656c202f383a5a3fe462827d20eb8f9752a2374e36555d651e729d48f281bfa8e12fb1bebb99441050553fe5b45abe2782a699ed51f", 0x72, &(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)="59e1fe8bf067c3e2d06e4fd5bdc70b3ed04f477f8fa53605afb004d00b2cf6ee50a3a215c41a8e464f0d9fd4d81f85001ee33bc2354192eaa09dcc4038ec7cf20cc2cfdb328ecc9d232118f97628e44cb8de9a8210374d18b998f0e58f0f1e1d739aab55384fa215a8e13c")
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r3 = socket(0x2a, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x23457})
io_uring_enter(r0, 0x46bc, 0x3, 0x20, 0x0, 0x0)

4.74450222s ago: executing program 0 (id=6213):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x7, &(0x7f00000000c0)="ffffffff", 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0xa, 0x7, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000000)={r2, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r3, 0x4c80, 0xffffffffffffffb6)

4.569126231s ago: executing program 5 (id=6214):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file1\x00', 0x11, &(0x7f0000000040)={[{@norecovery}, {@grpquota}, {@debug}, {@discard}]}, 0xee, 0x4a0, &(0x7f0000000a00)="$eJzs3EtsG0UYAOB/HefVBw2lPFpaCJRHBTRp0gc9cAGBxAEkJDgUcQpuWpWmDWqCRKsICodyRJW4I45I3JE4wQUBB1SJK9xRpQrl0paT0dq7ruPYebpxg79Psj2zO/bM7Ox4xzO2A+haw+ldErEtIv6MiB3V6MIEw9WHW/Nzpdvzc6UkyuW3/0kq6W7Oz5XypPnztlYj5XJEfxrsb5LvlfciJqamJi9k8dHZcx+Ozly8dPDMuYnTk6cnz48fP37k8L6+Y+NH09dK1lq/QvaY1uvmnk+m9+5+/d2rb5ZOXH3/1+/SF92W7a+vx5qktW0wXD26jR5P755eV2b3lN/Tu+11G5Ji68QjG1AgVq4nItLm6q3EkuiJwdq+HfHa5x0sGnCXlcvlcrPrc9Rdt8vA/1Sif0OXyq/16eff/LYxI497w42XI+JgFpmfK92q1b9Ymzvobfh8207DEXHi8r9fp7doxzwEAMAyfkzHPy80G/8V4qG6dPdlayhDEXF/ROyMiAciYldEPBhRSftwxLlHVpl/4wrJ4vFP4fqaKrZC6fjvpWxt69aC8V8++ouhniy2vVL/3uTUmanJQ9m2A9Hbn8bHlsjjp1f/+DIPDzTsqx//pbc0/3wsmJXjerFhgu7kxOxEJVAulz9dX/XjxmcRe4rN6p9EMaIU2bre7ojYs8Y8zjz37d5W+5av/xKWWGdaqfI3Ec9W2//ywvH/naZK6tcnByOitj459uKx8aOjAzE1eWg0PysW++3albda5b+u+rdB2v5bmp7/tSXXoWQgYubipbOV9dqZ1edx5a8v6vr0wqXc4YjC9xGrPv/7kncq4b5s28cTs7MXxiL6kjcWbx+/89w8nqdP639gf/P+v7OuxI9GRHoS74uIx7JF3LTtnoiIJyNi/xL1/+WVpz5ota91+7ealW+vG9mBWrL9o779Vx/oOfvzD63yH87WICM7Ds3b/0gldCDbUnv/W8JKC7imgwYAAACbTKHyHfikMFILFwojI9Xv8O+KLYWp6ZnZ509Nf3T+ZPW78kPRW8hnunbUzYeOZXPDeXy8IX44mzf+qmewEh8pTU+d7HTlocttbdH/U3/3dLp0wF3XhnU0YJPS/6F7Lez/1253rCDAhnP9h+6l/0P3atb/1/vDAmBzcP2H7lXp/89c7nQxgA5w/Yfupf9DV2r52/jCun7y3zKQtPsFmwby/07YiLyWD+T/RbHhuQ+u+ekDyx+6KHT2qHZNoLioLaLY1iz6m+7q4JsSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAG/0XAAD//5gQ080=")
socket$packet(0x11, 0x2, 0x300)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x4)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20044000)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)={0x14, r4, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)

4.488194498s ago: executing program 3 (id=6215):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@delneigh={0x44, 0x1a, 0x1, 0x70bd2b, 0x0, {0xa, 0x0, 0x0, 0x0, 0x4, 0x0, 0x4}, [@NDA_CACHEINFO={0x14, 0x3, {0x7, 0x0, 0x0, 0x6}}, @NDA_DST_IPV6={0x14, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x44}}, 0x0)
r0 = syz_usb_connect(0x2, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000544fb2f00090582eb1000000001020009050276"], 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000000000)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000007c0)=""/104, &(0x7f0000000740)=""/76, 0xdddd0000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000c40))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f00000000c0)=ANY=[])

3.037079728s ago: executing program 5 (id=6216):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd2(0x6, 0x80800)
r4 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r4, 0x0, 0x0)
syz_open_procfs(r4, &(0x7f0000000140)='net/ip_mr_vif\x00')
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f00000002c0)={0x400002, r3})
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r5, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r6, 0x40047438, &(0x7f0000000040)=0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.70033847s ago: executing program 5 (id=6217):
chdir(0x0)
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
write$tcp_congestion(r1, &(0x7f0000000180)='westwood\x00', 0x9)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f0000006300)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000777a078afbd825c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000023000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000db2100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cc2351270000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x5}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
dup2(r5, r3)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0)

2.699773429s ago: executing program 3 (id=6218):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2169802, 0x0, 0x0, 0x0, &(0x7f00000003c0))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0xa}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000280)={0xa0, 0x0, 0x0, {{0x23, 0x1, 0x5, 0x6, 0x1000, 0x6, {0x1, 0xdc3f, 0x65cd, 0x0, 0xffffffffffff15ef, 0x9, 0x1, 0x7fff, 0x7, 0x4000, 0xe, r3, 0x0, 0x4, 0x10000}}, {0x0, 0x1}}}, 0xa0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3])
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
lremovexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000500)=ANY=[@ANYBLOB='user./d'])

2.668008748s ago: executing program 4 (id=6219):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x82000)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000000300)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}, @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@can={0xc, {{0x3}, 0x8, 0x3, 0x0, 0x0, "fa2b25fc66189827"}}}}, 0x0)

2.511088554s ago: executing program 0 (id=6220):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, <r2=>0x0}, 0x2058)
write$FUSE_LSEEK(r0, &(0x7f00000021c0)={0x18, 0x0, r2, {0x7}}, 0x18)
read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_IOCTL(r0, &(0x7f0000002140)={0x20, 0x0, r3, {0x0, 0x0, 0x80003ff}}, 0x20)
read$FUSE(r0, &(0x7f000000ce00)={0x2020, 0x0, <r4=>0x0}, 0x2020)
getdents64(r1, 0x0, 0x300)
getdents64(r1, 0x0, 0x0)
write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10, 0x0, r4}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)

2.34103305s ago: executing program 5 (id=6221):
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0xc208ae62, 0x0)
close(0x3)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(0xffffffffffffffff, 0x4068aea3, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000100)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f000000040b0000000095f5758483"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x1, 0x2f, "ced691591e5d04fddec994ec2d493badd9fc18e1c05515f7574104a3facc0cd1c80ed48ee41a186abfb4dc5fc5ebba"}, &(0x7f00000003c0)={0x20, 0x3, 0x1, 0x3}})
epoll_create1(0x0)

2.03807665s ago: executing program 0 (id=6222):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x800448d2, 0x0)
r2 = accept4(r1, &(0x7f00000002c0)=@phonet, &(0x7f0000000480)=0x80, 0x0)
sendmsg$nl_netfilter(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x14, 0x0, 0x1}, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x400448ca, 0x0)

2.015173762s ago: executing program 4 (id=6223):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f00)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendto$packet(r5, &(0x7f0000000280)="0f30", 0x2, 0x0, 0x0, 0x0)
getsockname$packet(r5, &(0x7f0000000080)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {0xfff1, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000800}, 0x88)
sendmsg$nl_route_sched(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000940)=@delchain={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x6}, {0x0, 0xffff}}}, 0x24}}, 0x20000000)

1.836674486s ago: executing program 3 (id=6224):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000004c0)='kfree\x00', r0, 0x0, 0x1}, 0x18)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
socket$inet6(0x10, 0x2, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r3, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4040940}, 0x0)

1.454445989s ago: executing program 0 (id=6225):
r0 = socket$xdp(0x2c, 0x3, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000001c0)=0x100, 0x4)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100), 0x10)
bind$xdp(r0, &(0x7f0000000240)={0x2c, 0x1, r2, 0xfffffc, r3}, 0x10)

1.322050421s ago: executing program 2 (id=6226):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="5766b1b827f600333b09d3748ee7d700", 0x10)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f0000000240)=0x3, 0x4)
listen(r2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
shutdown(r2, 0x0)
r3 = dup(r1)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
epoll_create1(0x0)
pselect6(0x40, &(0x7f0000000180)={0x0, 0x40000000002, 0x8000000000000000, 0x8000f, 0x7fff, 0xfffffffffffffffe, 0x100, 0x10001000}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0x9, 0x4, 0x2, 0x0, 0x2, 0x7}, 0x0, 0x0)
close(r0)

1.316262498s ago: executing program 5 (id=6227):
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[], 0xa, 0x234, &(0x7f0000000900)="$eJzs279rE2Ecx/HPXS7pNdpWrDqIQlGsLjb+mBxE3Tr1H+hU2qjFE6tVsEWwWdRB6OTm4iQIDo4idRMn/wAHwU0pdgg4OfTkzvvR5JLmB5ecpO/X0ueez/Pkee7oJd82iQDsWVc1IUOGCt7BMfvA+riR9ZYA9Ikb/Ny23JgZhgAG282RrHcAIBtb16SXp6Rf1UfzyhXCssCrAL5tStqYfKo1Bbk5JOn1F8mK6oetinTUCnLD1nB9ffFKOh3ON4q14UNbqkjFKN+3IxyWKq7/+GdOhuvv14hGNZb38oMaD9ZfiOYfaVnvWJ2XSAAADBxDU63yXQeYur7olM81zfN+fr5pXvDzCy3yi9HxUNSafTHz4IN7edvLp+bvOAu7bRNAA2YX9//X43E71+L+t5rc//V/JwDov+WV1VtzjuM+lvxG+V7QEzTC/wjEPbnEmFQa4XsObQwO36FMRN5j7OjJJaevTybPPb2zMOONjUnqzYX6jxtqEH2f/ndNoh6zF1e+pnHi558nS8/fvW9n8NsOlzCj37rZjXK1boxMqYfnNZG4C+Ycu73pxprrdrhow6eL+MMBdtrPRAD6rXT/9lJpeWX17GJO0o1yPnzBn/6x6Vf2pZr6Pp/dTgGkLX7Rb5RWEj1u7eHMp8+/q5fePOti5SuSPha7mAgAAAAAAAAAAAAAAOoc0uGstwAAAACgT5Lf/rk7mvZXl7I+RwAAAAAAAAAAAAAAAAAABs3fAAAA///PtQqI")
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$btrfs_control(0xffffffffffffff9c, 0x0, 0x3, 0x0)
openat(r0, 0x0, 0x8000, 0x2)
r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x90)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
getdents64(r1, 0x0, 0x0)
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x10}, 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, 0x0)

740.979508ms ago: executing program 3 (id=6228):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040), 0x6)
r1 = openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r1, 0xc0305602, &(0x7f0000000140)={0x0, 0x7, 0x2018})
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
openat$cgroup_devices(r2, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
r3 = fsopen(&(0x7f0000000240)='hugetlbfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x2, 0x28001001, 0xffffffffffffffff, 0x0)
r4 = fsmount(r3, 0x1, 0x0)
fchdir(r4)
io_uring_enter(r4, 0x49bb, 0x3b8f, 0x13, &(0x7f0000000080)={[0x8]}, 0x8)
openat$cgroup_ro(r2, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x0, 0x0)
ioctl$sock_bt_hci(r0, 0x400448e6, &(0x7f0000000500)="d7")

632.873715ms ago: executing program 4 (id=6229):
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x3200400, &(0x7f0000000c00)=ANY=[], 0x1, 0xa76, &(0x7f00000000c0)="$eJzs3U2MG1cBAOA33vUmmwTilIQuSWgTftry091ms4SfCJqquRA1FbdKEZcoTUtEGhCpBK0qkeTEjVZVuPIjTuVQAUJqLyjqiUslGolLxaFw4EAUpEocoJC4iv2e136xNfb+2V5/n/T89s0bz3szOx6PZ+a9F4CJVWm8Li3NFSFcffPV4/984B+zd6Y82pqj1nidbktVQwhFTE9ny3tvqhnfev+lM93iIiw2XlM6PHmz9d7tIYRL4UC4Fmph79Xrr7y9+MTJyyeuHHzntaM31mftAQBgsnzr2tGlPX/7875dH7x+37GwpTU9nZ/XYnpHPO8/Fk/80/l/JXSmi7bQbiabbzqGSjbfVJf52supZvNN9yh/JltutZW/r2O+LSXlT7VN67beMM7SflwLRWW+I12pzM83f5OHxu/6mWL+wrnzz1wcUkWBNffv+0MIB4RBQ71e/3FjA45AXdY/3KgPvw7CeoT6zmEfgQCa8vuFd7mUX1lYndbSpvsr/+Zjle7vhzWw0fu/8ser/F9fjuWf+uu61oPJsFm/v9J6pc/RjpjO7yPkzy8N+vlPy5uKL9PZ8sv0uo8wLvcXetVzaoPrsVK96p/vF5vV12OctsM3svz2z0/+Px2X/zHQ3X8m7Pr/gRGow6YO1RGog9B3qA/7AASMrOXn5prqUcrPn+vL87eU5G8tyZ8tyd9Wkr+9JB8m2e+f/2l4uVj+nZ//ph/0eli6zvaRGH90wPrk1yMHLT9/7ndQqy0/f54YRtkbp586+5WnT11vPv9ftPb/23F/PxDTtfjZuhZnSNcL8+vqrWf/a53lVHrMd09Wn3TcqGxJ89ebJe7unK/Yvbyc0Hacuasec53v29lrvv2d89Wy+WZj2JrVNz8/2Za9L51/pONq2l7T2fpWs/WYyeqRjiu7YpzXA1Yi7Y+9nv9P++dcqBbPnDt/9pGYTvvpn6aqW+5MP9S+0N9sTN2B1em3/c9c6Gz/s6M1vVppPy7sXJ5etB8Xatn0xWaydZs8TT8c0+l77jtTs43p82e+d/7ptV55mHAXX3jxu6fPnz/7A3+kP2ZtFn/4Y9hHJmC9LTz/3PcXLr7w4sPnnjv97Nlnz144fOTI4cXFI189vLTQOK9faD+7BzaT5S/9YdcEAAAAAAAAAAAA6NcPTxy//pe3vvxus/3/cvu/1P4/Pfmb2v//JGv/n7eTT+3gUzvAXV3yG+PuvdFZj5lsvmoMH8vquzsrZ0/2vo/HuDWOX2z/n9rb5/26pvrcm03P++9N82XdCdzVX8pM1gdJPl7gp2J8Jca/CjBExWz3yTHu6N863N2/ddrXU/8U+qUYT+n/lvaG1I9Jav/dq1+ndPzftQF1ZO1tRHPCYa8j0N2/Rr7/77Yz8aHXZQKC7TxRoV43igcwGoY9/me67pniC3/85tY7Ic1287HO42XefymsxqiPP6n8URj/s1izSrTGv+vr+Neld/WOfp77H13hvz+/8W5bsWFvv8ffy9mqp36gd5eX2e6DWH5a/wdDf+XXf5mVn98Q6tP/svK39Vn+Xeu/f2Xl/z+WnzbbQ5/ut/xmjYtKZz3y68bp/l9+3Ti5la1/6ttz4PVf4UCNt2P5MMl6jzPb7wi2o2ko4/92uT+6UvlzGF+K6XQgTM855N/Ig9Y/PV+Rvgf2ZMsvSr7fxmWc4l4mffzfr8W47POQxv9N+2OtS7rSlq522bbjvq/AZvPeyN//G7NwaQTqIIxomB2BOnSGer2+vhe0Sgy1cIa+/Yd993nY5Q97+5fJx//Nz+Hz8X8r2Q+IfPzf/P35+L95fj6+Xp6fj/+bb898/N88/95sufkV7LmS/E+U5O8tyd+3nD/bLX9/yfs/WZJ/MMRzkh7595W8//6S/HtK8qdK8j9Tkv/ZkvwHSvIfKsn/XEn+Zpfao0zq+sMky9vn+fzD5Ej3f3p9/neX5APj62evH3r81O++XWu2/59p/V5L9/GOxXQ1/nb+UUzn971DW/pO3lsx/fcsf9Svd8AkyfvPyL/fHyzJB8ZXes7L5xsmUNG9x55++63qdZ7PePl8jL8Q4y/G+OEYz8d4IcaHYry4QfVjfTz+2z8cfblY/r2/M8vv93nyvD1Q3k/U4T7rk18fGPR59rwfv0GttvwVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmkrjdWlprgjh6puvHn/q5LmFO1Mebc1Ra7xOt6WqrfeF8EiMp2L8i/jHrfdfOtMe345xERZDEYrW9PDkzVZJ20MIl8KBcC3Uwt6r1195e/GJk5dPXDn4zmtHb6zfFgAAAIDN78MAAAD//+bcHCE=")
open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x46342, 0x0)
ftruncate(r0, 0x2008000)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x64942, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0x1000200201005)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
setns(0xffffffffffffffff, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)

259.620573ms ago: executing program 0 (id=6230):
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_procfs$namespace(0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
setns(r0, 0x2000000)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0x2000, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000080)={'rti800\x00', [0x401, 0x13, 0x401, 0xa, 0x14000000, 0xfffffffc, 0x9, 0x2, 0xffd, 0xa, 0x3, 0x723, 0x8000, 0x2, 0x13, 0x100, 0xffffffa7, 0x9, 0x34d, 0x1, 0x3ff, 0x9, 0x0, 0xe2e2, 0xaa14, 0x1, 0x4, 0x0, 0x7, 0xf58, 0x6]})
ioctl$COMEDI_INSN(r1, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x92, 0x0, 0x0, 0x80000000})

135.482109ms ago: executing program 5 (id=6231):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x6, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
r1 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r3}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff]})

0s ago: executing program 2 (id=6232):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
mlock2(&(0x7f0000735000/0x3000)=nil, 0x3000, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3f1f}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [], {{0x6, 0x1, 0x6, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

058f, idProduct=6610, bcdDevice=48.05
[ 1313.551595][T10151] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[ 1313.640264][T10151] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[ 1313.694524][T10151] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1313.706732][T10151] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[ 1313.714621][T10151] usb 3-1: media controller created
[ 1313.802592][T10151] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1313.937972][T17914] usb 3-1: dvb_usb_au6610: wlen=0, aborting
[ 1314.128317][T10151] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1314.627124][T10151] usb 3-1: USB disconnect, device number 21
[ 1314.935992][T17938] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3829'.
[ 1315.623096][T16379] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[ 1315.885786][T17940] loop2: detected capacity change from 0 to 32768
[ 1315.933216][T16379] usb 10-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1315.943241][T16379] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1315.951680][T16379] usb 10-1: Product: syz
[ 1315.956439][T16379] usb 10-1: Manufacturer: syz
[ 1315.961390][T16379] usb 10-1: SerialNumber: syz
[ 1316.149833][T16379] usb 10-1: config 0 descriptor??
[ 1316.743114][T16379] usb 10-1: Firmware: major: 130, minor: 102, hardware type: HULUSB (4)
[ 1316.949937][T16379] usb 10-1: failed to fetch extended address, random address set
[ 1317.053555][T16379] usb 10-1: USB disconnect, device number 17
[ 1317.418294][T10151] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1317.636066][T10151] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1317.647972][T10151] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1317.658544][T10151] usb 3-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 1317.668082][T10151] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1317.745026][T10151] usb 3-1: config 0 descriptor??
[ 1318.227062][T10151] hid_parser_main: 156 callbacks suppressed
[ 1318.227180][T10151] playstation 0003:054C:0DF2.0014: unknown main item tag 0x0
[ 1318.241759][T10151] playstation 0003:054C:0DF2.0014: unknown main item tag 0x0
[ 1318.250176][T10151] playstation 0003:054C:0DF2.0014: unknown main item tag 0x0
[ 1318.258312][T10151] playstation 0003:054C:0DF2.0014: unknown main item tag 0x0
[ 1318.266392][T10151] playstation 0003:054C:0DF2.0014: unknown main item tag 0x0
[ 1318.402082][T10151] playstation 0003:054C:0DF2.0014: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.2-1/input0
[ 1318.687989][T10151] playstation 0003:054C:0DF2.0014: Failed to retrieve feature with reportID 32: -71
[ 1318.698490][T10151] playstation 0003:054C:0DF2.0014: Failed to retrieve DualSense firmware info: -71
[ 1318.708874][T10151] playstation 0003:054C:0DF2.0014: Failed to get firmware info from DualSense
[ 1318.718344][T10151] playstation 0003:054C:0DF2.0014: Failed to create dualsense.
[ 1318.805094][T10151] playstation 0003:054C:0DF2.0014: probe with driver playstation failed with error -71
[ 1318.875317][T10151] usb 3-1: USB disconnect, device number 22
[ 1319.843386][T17994] loop2: detected capacity change from 0 to 512
[ 1320.959583][T18005] loop2: detected capacity change from 0 to 4096
[ 1321.857694][T18012] loop9: detected capacity change from 0 to 40427
[ 1321.867752][T18012] F2FS-fs: heap/no_heap options were deprecated
[ 1321.876508][T18012] f2fs: Unexpected value for 'prjquota'
[ 1323.071109][T18027] loop2: detected capacity change from 0 to 256
[ 1325.120665][T16379] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1325.333113][T16379] usb 3-1: Using ep0 maxpacket: 16
[ 1325.403238][T16379] usb 3-1: config 0 has an invalid descriptor of length 253, skipping remainder of the config
[ 1325.414603][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1325.428219][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1325.438514][T16379] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1325.448577][T16379] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1325.696179][T16379] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1325.706066][T16379] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1325.714809][T16379] usb 3-1: Manufacturer: syz
[ 1325.741321][T16379] usb 3-1: config 0 descriptor??
[ 1326.096232][T18054] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3878'.
[ 1326.433197][T16379] rc_core: IR keymap rc-hauppauge not found
[ 1326.439408][T16379] Registered IR keymap rc-empty
[ 1326.446989][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.481171][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.507285][T16379] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1326.532148][T16379] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input19
[ 1326.571393][T18058] overlayfs: upper fs does not support tmpfile.
[ 1326.598925][    C1] mceusb 3-1:0.0: short-range (0x2) receiver active
[ 1326.606497][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.726439][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.753379][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.793160][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.813637][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.849596][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.879372][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.911313][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.933161][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1326.954444][T16379] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1327.013511][T16379] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1327.023814][T16379] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x2 active)
[ 1327.119467][T16379] usb 3-1: USB disconnect, device number 23
[ 1330.047024][T18094] vivid-000: disconnect
[ 1330.088471][T18091] vivid-000: reconnect
[ 1330.483133][T18102] loop9: detected capacity change from 0 to 128
[ 1334.567032][T18132] netlink: 112 bytes leftover after parsing attributes in process `syz.4.3914'.
[ 1334.868170][T18128] loop9: detected capacity change from 0 to 65536
[ 1334.937433][T18128] XFS (loop9): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1335.219265][T18128] XFS (loop9): Ending clean mount
[ 1335.342619][T14286] XFS (loop9): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1335.509198][T18146] tipc: MTU too low for tipc bearer
[ 1337.341087][T18150] loop2: detected capacity change from 0 to 8192
[ 1338.822171][T18167] loop9: detected capacity change from 0 to 512
[ 1338.933338][T18167] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.3918: casefold flag without casefold feature
[ 1338.951010][T18167] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.3918: couldn't read orphan inode 15 (err -117)
[ 1338.970695][T18167] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1339.840208][T18171] loop2: detected capacity change from 0 to 32768
[ 1339.850783][T18171] BTRFS warning: excessive commit interval 2147483647, use with care
[ 1339.948141][T18171] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3927 (18171)
[ 1339.963652][T18171] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1340.751800][T14286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1340.909439][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1340.916867][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1341.710033][T18188] loop2: detected capacity change from 0 to 1024
[ 1344.299558][T18213] loop9: detected capacity change from 0 to 2048
[ 1344.316066][T18219] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3944'.
[ 1344.409269][T18213] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1344.723240][T18224] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 408: padding at end of block bitmap is not set
[ 1344.763038][T18224] EXT4-fs (loop9): Remounting filesystem read-only
[ 1345.181366][T14286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1345.494247][T18232] overlayfs: failed to resolve './file0': -2
[ 1345.732952][T10151] usb 10-1: new full-speed USB device number 18 using dummy_hcd
[ 1345.956973][T10151] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1345.967954][T10151] usb 10-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1345.977946][T10151] usb 10-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1345.987538][T10151] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1346.041501][T18240] loop2: detected capacity change from 0 to 64
[ 1346.051182][T10151] usb 10-1: config 0 descriptor??
[ 1346.106613][T10151] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1346.114877][T10151] dvb-usb: bulk message failed: -22 (3/0)
[ 1346.230466][T10151] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1346.311625][T10151] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1346.319508][T10151] usb 10-1: media controller created
[ 1346.435065][T10151] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1346.602849][T10151] dvb-usb: bulk message failed: -22 (6/0)
[ 1346.609607][T10151] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1346.734066][T10151] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.9/usb10/10-1/input/input20
[ 1346.873754][T10151] dvb-usb: schedule remote query interval to 150 msecs.
[ 1346.881127][T10151] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1347.041982][T10151] dvb-usb: bulk message failed: -22 (1/0)
[ 1347.048286][T10151] dvb-usb: error while querying for an remote control event.
[ 1347.126809][ T5860] usb 10-1: USB disconnect, device number 18
[ 1347.328509][ T5860] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1347.848108][T18248] loop9: detected capacity change from 0 to 512
[ 1348.652036][T18252] loop2: detected capacity change from 0 to 32768
[ 1348.663778][T18252] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1348.674119][T18252] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1348.849039][T18248] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[ 1349.425154][T18259] loop2: detected capacity change from 0 to 64
[ 1349.494795][T18259] minix: Unknown parameter '/dev/ptmx'
[ 1349.588503][T18248] EXT4-fs (loop9): 1 truncate cleaned up
[ 1349.597452][T18248] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1350.269613][T14286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1354.269747][T18305] loop9: detected capacity change from 0 to 2048
[ 1354.425331][T18305] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1354.439411][T18305] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1356.129155][T14286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1358.167284][T18329] loop9: detected capacity change from 0 to 32768
[ 1358.335820][   T30] audit: type=1800 audit(1755168330.921:387): pid=18329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3987" name="file2" dev="loop9" ino=5 res=0 errno=0
[ 1359.801207][T18341] loop2: detected capacity change from 0 to 1024
[ 1360.380321][T18339] Can't find ip_set type bitmap:ip
[ 1361.281939][T18353] loop2: detected capacity change from 0 to 16
[ 1361.445416][T16733] Bluetooth: hci1: unexpected event for opcode 0x200c
[ 1363.693007][T18357] loop2: detected capacity change from 0 to 32768
[ 1363.704486][T18357] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1363.714813][T18357] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1364.327373][T18369] loop9: detected capacity change from 0 to 7
[ 1364.335475][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.343893][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.352094][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.360489][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.368992][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.377488][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.385849][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.393986][T18369] ldm_validate_partition_table(): Disk read failed.
[ 1364.401626][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.409909][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.418478][T18369] Buffer I/O error on dev loop9, logical block 0, async page read
[ 1364.426978][T18369] Dev loop9: unable to read RDB block 0
[ 1364.433205][T18369]  loop9: unable to read partition table
[ 1364.439912][T18369] loop9: partition table beyond EOD, truncated
[ 1364.446455][T18369] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[ 1364.446455][T18369] 
) failed (rc=-5)
[ 1364.467729][T18370] loop2: detected capacity change from 0 to 64
[ 1364.575584][T18370] minix: Unknown parameter '/dev/ptmx'
[ 1366.192106][   T30] audit: type=1800 audit(1755168338.781:388): pid=18386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4010" name="nullb0" dev="tmpfs" ino=4802 res=0 errno=0
[ 1366.793820][T18391] loop2: detected capacity change from 0 to 2048
[ 1367.881945][T18391] loop2: detected capacity change from 0 to 32768
[ 1369.762466][T18406] loop2: detected capacity change from 0 to 32768
[ 1369.774474][T18406] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1369.785033][T18406] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1370.421912][T18415] loop2: detected capacity change from 0 to 64
[ 1370.458676][T18415] minix: Unknown parameter '/dev/ptmx'
[ 1372.107583][T18422] loop2: detected capacity change from 0 to 40427
[ 1372.117577][T18422] F2FS-fs: heap/no_heap options were deprecated
[ 1373.554432][T18428] loop9: detected capacity change from 0 to 32768
[ 1373.601450][T18428] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1377.831872][T18428] XFS (loop9): Ending clean mount
[ 1377.886529][T18428] XFS (loop9): Quotacheck needed: Please wait.
[ 1378.319098][T18428] XFS (loop9): Quotacheck: Done.
[ 1378.545803][T14286] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1380.911795][T18466] loop2: detected capacity change from 0 to 32768
[ 1384.469557][T18502] loop9: detected capacity change from 0 to 512
[ 1384.586301][T18502] EXT4-fs error (device loop9): ext4_orphan_get:1392: inode #15: comm syz.9.4055: casefold flag without casefold feature
[ 1384.639065][T18502] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.4055: couldn't read orphan inode 15 (err -117)
[ 1384.674030][T18508] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4058'.
[ 1384.685788][T18502] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1385.762520][T14286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1386.447394][T18525] loop2: detected capacity change from 0 to 7
[ 1386.558794][T18527] loop9: detected capacity change from 0 to 1024
[ 1386.568283][T18525] Dev loop2: unable to read RDB block 7
[ 1386.574719][T18525]  loop2: AHDI p2 p3
[ 1386.578873][T18525] loop2: partition table partially beyond EOD, truncated
[ 1386.591021][T18525] loop2: p2 size 150995456 extends beyond EOD, truncated
[ 1386.817673][T18527] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1386.831659][T18527] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1387.185126][T18527] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1387.304687][T18527] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 319 with max blocks 1 with error 28
[ 1387.318195][T18527] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1387.318195][T18527] 
[ 1387.328589][T18527] EXT4-fs (loop9): Total free blocks count 0
[ 1387.335712][T18527] EXT4-fs (loop9): Free/Dirty block details
[ 1387.341829][T18527] EXT4-fs (loop9): free_blocks=4293918720
[ 1387.348159][T18527] EXT4-fs (loop9): dirty_blocks=16
[ 1387.353749][T18527] EXT4-fs (loop9): Block reservation details
[ 1387.360037][T18527] EXT4-fs (loop9): i_reserved_data_blocks=1
[ 1388.000836][ T4157] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 131587 with max blocks 1 with error 28
[ 1388.405423][T18551] loop9: detected capacity change from 0 to 128
[ 1388.559384][T18551] FAT-fs (loop9): error, invalid access to FAT (entry 0x0fff0000)
[ 1388.569083][T18551] FAT-fs (loop9): Filesystem has been set read-only
[ 1389.321896][T18566] loop2: detected capacity change from 0 to 1024
[ 1390.114326][T18565] loop9: detected capacity change from 0 to 32768
[ 1391.252465][T18586] loop2: detected capacity change from 0 to 256
[ 1391.961015][T18598] loop9: detected capacity change from 0 to 128
[ 1392.897686][T18601] loop2: detected capacity change from 0 to 32768
[ 1392.981598][T18601] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1392.990353][T18601] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1393.049789][T18601] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1393.101694][T16379] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1393.109605][T16379] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1393.298811][   T58] kworker/u8:4: attempt to access beyond end of device
[ 1393.298811][   T58] loop9: rw=1, sector=145, nr_sectors = 16 limit=128
[ 1393.486436][T16379] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 376ms
[ 1393.495845][T16379] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1393.503022][T18601] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1396.258220][T18636] loop9: detected capacity change from 0 to 32768
[ 1397.002574][T18636] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1397.002755][T18636]   allowing incompatible features above 0.0: (unknown version)
[ 1397.002841][T18636]   features: 
[ 1397.037548][T18636] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0
[ 1397.046215][T18636] bcachefs (loop9): initializing new filesystem
[ 1397.068901][T18636] bcachefs (loop9): going read-write
[ 1397.467326][T18636] bcachefs (loop9): marking superblocks
[ 1397.533986][T18636] bcachefs (loop9): initializing freespace
[ 1397.565530][T18636] bcachefs (loop9): done initializing freespace
[ 1397.588299][T18636] bcachefs (loop9): reading snapshots table
[ 1397.595013][T18636] bcachefs (loop9): reading snapshots done
[ 1397.757301][T18636] bcachefs (loop9): done starting filesystem
[ 1398.161353][T14286] bcachefs (loop9): shutting down
[ 1398.166877][T14286] bcachefs (loop9): going read-only
[ 1398.175446][T14286] bcachefs (loop9): finished waiting for writes to stop
[ 1398.195709][T14286] bcachefs (loop9): flushing journal and stopping allocators, journal seq 3
[ 1398.374146][ T5860] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1398.384885][T14286] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 3
[ 1398.413132][T14286] bcachefs (loop9): clean shutdown complete, journal seq 4
[ 1398.437090][T14286] bcachefs (loop9): marking filesystem clean
[ 1398.566767][T14286] bcachefs (loop9): shutdown complete
[ 1398.600970][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1398.613943][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1398.625302][ T5860] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1398.640098][ T5860] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1398.650134][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1398.714943][ T5860] usb 3-1: config 0 descriptor??
[ 1399.233860][ T5860] plantronics 0003:047F:FFFF.0015: reserved main item tag 0xd
[ 1399.370914][ T5860] plantronics 0003:047F:FFFF.0015: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1399.491688][ T5860] usb 3-1: USB disconnect, device number 24
[ 1400.760933][T18692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4130'.
[ 1400.804799][T18692] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1402.341694][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1402.348922][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1403.260938][T18711] loop2: detected capacity change from 0 to 32768
[ 1403.275822][T18711] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4137 (18711)
[ 1403.298912][T18711] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1405.083519][T18725] loop2: detected capacity change from 0 to 4096
[ 1405.789026][T18732] loop9: detected capacity change from 0 to 32768
[ 1405.804154][T18732] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4146 (18732)
[ 1405.849362][T18732] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1405.860435][T18732] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[ 1405.869676][T18732] BTRFS info (device loop9): using free-space-tree
[ 1406.416179][T14286] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1406.848072][T18769] loop2: detected capacity change from 0 to 1024
[ 1406.903100][T18769] EXT4-fs: Ignoring removed orlov option
[ 1407.302595][ T5860] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1407.515901][ T5860] usb 3-1: Using ep0 maxpacket: 8
[ 1407.576351][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1407.587793][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1407.598303][ T5860] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1407.612018][ T5860] usb 3-1: New USB device found, idVendor=045e, idProduct=008e, bcdDevice= 0.00
[ 1407.621424][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1407.759256][ T5860] usb 3-1: config 0 descriptor??
[ 1408.192680][ T5860] hid-generic 0003:045E:008E.0016: unbalanced collection at end of report description
[ 1408.217379][T18788] binder: 18787:18788 ioctl c0306201 2000000003c0 returned -14
[ 1408.253072][ T5860] hid-generic 0003:045E:008E.0016: probe with driver hid-generic failed with error -22
[ 1408.419316][ T5860] usb 3-1: USB disconnect, device number 25
[ 1409.111892][T18797] 9pnet_fd: Insufficient options for proto=fd
[ 1410.521299][   T58] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1410.564698][T18814] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[ 1411.472717][ T5860] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1411.653555][ T5860] usb 3-1: Using ep0 maxpacket: 32
[ 1411.703333][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1411.714927][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1411.725300][ T5860] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1411.734805][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.753052][ T5860] usb 3-1: config 0 descriptor??
[ 1411.877172][T18836] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4181'.
[ 1412.200003][ T5860] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0
[ 1412.207988][ T5860] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0
[ 1412.215748][ T5860] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0
[ 1412.224558][ T5860] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0
[ 1412.232514][ T5860] koneplus 0003:1E7D:2D51.0017: unknown main item tag 0x0
[ 1412.463846][T18827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1412.473524][T18827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1412.533314][ T5819] Bluetooth: hci6: command 0x1003 tx timeout
[ 1412.574133][T16733] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1413.253470][ T5860] koneplus 0003:1E7D:2D51.0017: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.2-1/input0
[ 1414.947341][ T5860] koneplus 0003:1E7D:2D51.0017: couldn't init struct koneplus_device
[ 1414.956307][ T5860] koneplus 0003:1E7D:2D51.0017: couldn't install mouse
[ 1414.968124][ T5860] koneplus 0003:1E7D:2D51.0017: probe with driver koneplus failed with error -71
[ 1415.063231][ T5860] usb 3-1: USB disconnect, device number 26
[ 1415.287732][T18853] loop2: detected capacity change from 0 to 1024
[ 1415.298602][T18853] EXT4-fs: Ignoring removed orlov option
[ 1415.305552][T18853] EXT4-fs: Ignoring removed nobh option
[ 1415.311761][T18853] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1415.541618][T18856] overlayfs: failed to clone upperpath
[ 1415.740684][T18861] loop9: detected capacity change from 0 to 128
[ 1415.873247][T18861] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1415.929885][T18861] ext4 filesystem being mounted at /217/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1416.103330][T18861] syz.9.4192 (pid 18861) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[ 1416.415965][T18869] loop2: detected capacity change from 0 to 4096
[ 1416.531565][T18861] fscrypt (loop9, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[ 1416.548481][T18861] fscrypt (loop9, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[ 1417.015687][T14286] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1417.373613][T18888] overlayfs: failed to clone upperpath
[ 1417.922979][T18901] ALSA: mixer_oss: invalid OSS volume ''
[ 1420.210224][ T5860] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1420.297388][T18910] loop2: detected capacity change from 0 to 65536
[ 1420.482010][ T5860] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1420.496680][ T5860] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1420.507253][ T5860] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1420.516964][ T5860] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1420.668248][T18905] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1420.730675][ T5860] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1421.190878][ T5860] usb 10-1: USB disconnect, device number 19
[ 1428.683360][T16379] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1428.877365][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1428.889098][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1428.899620][T16379] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 1428.909690][T16379] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1428.931958][T16379] usb 3-1: config 0 descriptor??
[ 1429.450302][T16379] cm6533_jd 0003:0D8C:0022.0018: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[ 1431.541272][T10151] usb 3-1: USB disconnect, device number 27
[ 1432.117299][T19008] loop9: detected capacity change from 0 to 64
[ 1432.192022][T19008] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing
[ 1432.967862][T19018] loop9: detected capacity change from 0 to 512
[ 1433.016566][T19018] ext4: Unknown parameter 'appraise_type'
[ 1433.182700][T19018] loop9: detected capacity change from 0 to 128
[ 1433.224112][T19018] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1433.301421][T19018] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1433.370609][T19018] ext4 filesystem being mounted at /230/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1433.698133][T14286] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1434.485962][T19031] loop2: detected capacity change from 0 to 32768
[ 1434.499264][T19031] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1435.688164][T19039] loop9: detected capacity change from 0 to 1024
[ 1436.945654][T19053] binder: 19052:19053 ioctl c0306201 2000000002c0 returned -14
[ 1437.245236][T19058] overlayfs: failed to clone upperpath
[ 1437.609498][ T3595] hfsplus: b-tree write err: -5, ino 4
[ 1438.943222][T19074] IPVS: Error connecting to the multicast addr
[ 1438.959524][T19075] overlayfs: failed to clone upperpath
[ 1443.132432][T19089] loop9: detected capacity change from 0 to 32768
[ 1443.350577][T14286] non-latin1 character 0x3ff found in JFS file name
[ 1443.357692][T14286] mount with iocharset=utf8 to access
[ 1444.983674][T19103] overlayfs: failed to clone upperpath
[ 1449.787271][T14286] read_mapping_page failed!
[ 1449.792012][T14286] ERROR: (device loop9): txAbort: 
[ 1449.792012][T14286] 
[ 1450.192322][    C1] sched: DL replenish lagged too much
[ 1450.263222][T14286] ERROR: (device loop9): remounting filesystem as read-only
[ 1450.782127][T10151] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1451.103341][T10151] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1451.114111][T10151] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[ 1451.282448][T10151] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1451.292706][T10151] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1451.301159][T10151] usb 3-1: Product: syz
[ 1451.305911][T10151] usb 3-1: Manufacturer: syz
[ 1451.310768][T10151] usb 3-1: SerialNumber: syz
[ 1452.798013][T10151] cdc_ncm 3-1:1.0: bind() failure
[ 1452.817938][T10151] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 1452.825391][T10151] cdc_ncm 3-1:1.1: bind() failure
[ 1453.097222][T10151] usb 3-1: USB disconnect, device number 28
[ 1460.718764][ T5819] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1460.728898][ T5819] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1460.750275][ T5819] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1460.766659][ T5819] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1460.779021][ T5819] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1462.852857][ T5819] Bluetooth: hci2: command tx timeout
[ 1463.760968][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1463.767976][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1464.914035][   T14] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1464.924857][   T14] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1464.969832][ T5819] Bluetooth: hci2: command tx timeout
[ 1465.273484][   T14] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1465.286652][   T14] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1465.399165][   T14] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1465.410145][   T14] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1465.797471][   T14] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1465.808765][   T14] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1466.896204][   T14] bridge_slave_1: left allmulticast mode
[ 1466.910415][   T14] bridge_slave_1: left promiscuous mode
[ 1466.917806][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1467.013999][ T5819] Bluetooth: hci2: command tx timeout
[ 1467.044524][   T14] bridge_slave_0: left allmulticast mode
[ 1467.050433][   T14] bridge_slave_0: left promiscuous mode
[ 1467.057546][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1467.368355][   T14] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1467.554724][   T14] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1467.844856][   T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1467.911320][   T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1467.950707][   T14] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1467.999006][   T14] bond0 (unregistering): Released all slaves
[ 1468.026167][   T14] bond1 (unregistering): Released all slaves
[ 1468.353151][T19173] chnl_net:caif_netlink_parms(): no params data found
[ 1468.376970][   T14] tipc: Left network mode
[ 1469.092849][ T5819] Bluetooth: hci2: command tx timeout
[ 1469.770393][   T14] hsr_slave_0: left promiscuous mode
[ 1469.852118][   T14] hsr_slave_1: left promiscuous mode
[ 1469.861392][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1469.869847][   T14] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1470.015661][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1470.023776][   T14] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1470.115599][   T14] veth1_macvtap: left promiscuous mode
[ 1470.121391][   T14] veth0_macvtap: left promiscuous mode
[ 1470.127646][   T14] veth1_vlan: left promiscuous mode
[ 1470.133381][   T14] veth0_vlan: left promiscuous mode
[ 1471.386618][T19241] loop2: detected capacity change from 0 to 1024
[ 1472.017452][   T14] team0 (unregistering): Port device team_slave_1 removed
[ 1472.051768][   T14] team0 (unregistering): Port device team_slave_0 removed
[ 1473.167203][T19256] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4341'.
[ 1473.542084][T19173] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1473.549941][T19173] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1473.558530][T19173] bridge_slave_0: entered allmulticast mode
[ 1473.569168][T19173] bridge_slave_0: entered promiscuous mode
[ 1473.706897][T19173] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1473.715121][T19173] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1473.723242][T19173] bridge_slave_1: entered allmulticast mode
[ 1473.734702][T19173] bridge_slave_1: entered promiscuous mode
[ 1473.964134][T19173] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1473.994076][T19173] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1474.197811][T19173] team0: Port device team_slave_0 added
[ 1474.244664][T19173] team0: Port device team_slave_1 added
[ 1474.555672][T19173] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1474.563005][T19173] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1474.589898][T19173] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1474.701029][T19173] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1474.709684][T19173] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1474.737182][T19173] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1475.252889][T19173] hsr_slave_0: entered promiscuous mode
[ 1475.264031][T19173] hsr_slave_1: entered promiscuous mode
[ 1475.273659][T19173] debugfs: 'hsr0' already exists in 'hsr'
[ 1475.279784][T19173] Cannot create hsr debugfs directory
[ 1475.832850][T19285] loop2: detected capacity change from 0 to 32768
[ 1477.033794][T10151] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[ 1477.283682][T10151] usb 3-1: config 0 has an invalid interface number: 29 but max is 0
[ 1477.292789][T10151] usb 3-1: config 0 has no interface number 0
[ 1477.299282][T10151] usb 3-1: config 0 interface 29 has no altsetting 0
[ 1477.395496][T10151] usb 3-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[ 1477.405286][T10151] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1477.414515][T10151] usb 3-1: Product: syz
[ 1477.419292][T10151] usb 3-1: Manufacturer: syz
[ 1477.424263][T10151] usb 3-1: SerialNumber: syz
[ 1477.500944][T10151] usb 3-1: config 0 descriptor??
[ 1478.769515][T19173] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1478.845078][T19173] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1478.916823][T19173] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1479.026527][T19173] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1479.883099][T19336] overlayfs: failed to clone upperpath
[ 1480.002469][T10151] peak_usb 3-1:0.29 can0: unable to request usb[type=0 value=1] err=-71
[ 1480.011436][T10151] peak_usb 3-1:0.29: unable to read PCAN-USB X6 firmware info (err -71)
[ 1480.196995][T10151] peak_usb 3-1:0.29: probe with driver peak_usb failed with error -71
[ 1480.287073][T10151] usb 3-1: USB disconnect, device number 29
[ 1480.598097][T19173] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1480.827918][T19173] 8021q: adding VLAN 0 to HW filter on device team0
[ 1480.944935][T19211] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1480.952719][T19211] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1481.058577][T19211] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1481.066331][T19211] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1481.969925][T19358] loop2: detected capacity change from 0 to 2048
[ 1483.552931][T19173] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1484.075909][T19173] veth0_vlan: entered promiscuous mode
[ 1484.192799][T19173] veth1_vlan: entered promiscuous mode
[ 1484.346393][T16379] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1484.503306][T16379] usb 3-1: Using ep0 maxpacket: 32
[ 1484.537199][T19173] veth0_macvtap: entered promiscuous mode
[ 1484.560166][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1484.572406][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1484.583287][T16379] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1484.593048][T16379] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1484.622117][T19173] veth1_macvtap: entered promiscuous mode
[ 1484.675216][T16379] usb 3-1: config 0 descriptor??
[ 1484.705376][T16379] hub 3-1:0.0: USB hub found
[ 1484.863799][T19173] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1484.934531][T19173] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1484.959816][T16379] hub 3-1:0.0: 1 port detected
[ 1484.999708][ T3651] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1485.069525][ T3651] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1485.178084][ T3651] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1485.285980][ T3595] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1485.589365][T16379] hub 3-1:0.0: activate --> -90
[ 1485.847789][T16379] hub 3-1:0.0: hub_ext_port_status failed (err = -71)
[ 1485.858393][T16378] usb 3-1: USB disconnect, device number 30
[ 1487.085198][T19435] overlayfs: failed to clone upperpath
[ 1488.737770][T19453] infiniband syz!: set down
[ 1488.742754][T19453] infiniband syz!: added team_slave_0
[ 1488.865496][T19449] loop2: detected capacity change from 0 to 32768
[ 1488.875536][T19449] btrfs: Deprecated parameter 'usebackuproot'
[ 1488.881874][T19449] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1488.908503][T19449] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1489.416407][T19453] RDS/IB: syz!: added
[ 1489.420716][T19453] smc: adding ib device syz! with port count 1
[ 1489.428242][T19453] smc:    ib device syz! port 1 has pnetid 
[ 1493.999338][T19499] loop2: detected capacity change from 0 to 40427
[ 1494.926726][ T3651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1494.935377][ T3651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1495.152655][T19524] input: syz1 as /devices/virtual/input/input22
[ 1495.267504][   T14] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1495.276186][   T14] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1498.496281][T19558] smc: net device bond0 applied user defined pnetid SYZ2
[ 1498.648399][T19564] smc: net device bond0 erased user defined pnetid SYZ2
[ 1499.424889][ T5860] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1499.627660][ T5860] usb 3-1: Using ep0 maxpacket: 32
[ 1499.697125][ T5860] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1499.707422][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1499.716199][ T5860] usb 3-1: Product: syz
[ 1499.720588][ T5860] usb 3-1: Manufacturer: syz
[ 1499.725590][ T5860] usb 3-1: SerialNumber: syz
[ 1499.774505][ T5860] usb 3-1: config 0 descriptor??
[ 1499.834668][ T5860] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1501.279829][ T5860] gspca_ov534_9: reg_r err -71
[ 1501.556292][T19603] loop0: detected capacity change from 0 to 1024
[ 1501.580025][ T5860] gspca_ov534_9: Unknown sensor 0000
[ 1501.580464][ T5860] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22
[ 1501.677987][ T5860] usb 3-1: USB disconnect, device number 31
[ 1501.767570][T19603] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1502.231509][   T30] audit: type=1800 audit(1755168474.811:389): pid=19603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4445" name="file0" dev="fuse" ino=2 res=0 errno=0
[ 1502.685094][T19173] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1503.993390][T19650] overlayfs: failed to clone lowerpath
[ 1504.061117][T19650] overlayfs: failed to clone upperpath
[ 1504.222887][ T5860] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1504.437384][ T5860] usb 3-1: Using ep0 maxpacket: 32
[ 1504.683218][ T5860] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 1504.693270][ T5860] usb 3-1: config 0 has no interface number 0
[ 1504.699636][ T5860] usb 3-1: config 0 interface 89 has no altsetting 0
[ 1504.884073][ T5860] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 1504.894751][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1504.903640][ T5860] usb 3-1: Product: syz
[ 1504.908048][ T5860] usb 3-1: Manufacturer: syz
[ 1504.913115][ T5860] usb 3-1: SerialNumber: syz
[ 1505.011623][ T5860] usb 3-1: config 0 descriptor??
[ 1505.056041][ T5860] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1505.066105][ T5860] em28xx 3-1:0.89: Video interface 89 found: bulk
[ 1507.988767][ T5860] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[ 1509.007078][T19689] batadv_slave_0: entered promiscuous mode
[ 1509.013650][T19689] batadv_slave_0: left allmulticast mode
[ 1509.329637][ T5860] em28xx 3-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 1509.338268][ T5860] em28xx 3-1:0.89: board has no eeprom
[ 1509.442585][ T5860] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 1509.450158][ T5860] em28xx 3-1:0.89: analog set to bulk mode.
[ 1509.458259][T10151] em28xx 3-1:0.89: Registering V4L2 extension
[ 1509.499514][ T5860] usb 3-1: USB disconnect, device number 32
[ 1509.507898][ T5860] em28xx 3-1:0.89: Disconnecting em28xx
[ 1509.821057][T10151] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[ 1509.828473][T10151] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[ 1509.836176][T10151] em28xx 3-1:0.89: No AC97 audio processor
[ 1509.940799][T10151] usb 3-1: Decoder not found
[ 1509.946099][T10151] em28xx 3-1:0.89: failed to create media graph
[ 1509.956452][T10151] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 1510.026933][T10151] em28xx 3-1:0.89: Registering snapshot button...
[ 1510.036356][T10151] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input23
[ 1510.142939][T10151] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 1510.201780][ T5860] em28xx 3-1:0.89: Closing input extension
[ 1510.208459][ T5860] em28xx 3-1:0.89: Deregistering snapshot button
[ 1510.280101][T19703] overlayfs: failed to clone upperpath
[ 1510.383737][ T5860] em28xx 3-1:0.89: Freeing device
[ 1510.826947][ T5860] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1510.976627][T19701] loop0: detected capacity change from 0 to 32768
[ 1511.082748][ T5860] usb 3-1: Using ep0 maxpacket: 32
[ 1511.129972][ T5860] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1511.144264][ T5860] usb 3-1: config 0 has no interfaces?
[ 1511.150093][ T5860] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1511.151708][T19701] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[ 1511.160382][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1511.176492][T19701]   allowing incompatible features above 0.0: (unknown version)
[ 1511.176601][T19701]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1511.176808][T19701] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1511.218502][T19701] bcachefs (loop0): initializing new filesystem
[ 1511.243152][T19701] bcachefs (loop0): going read-write
[ 1511.337986][T19701] bcachefs (loop0): marking superblocks
[ 1511.400788][T19701] bcachefs (loop0): initializing freespace
[ 1511.432439][T19701] bcachefs (loop0): done initializing freespace
[ 1511.447351][ T5860] usb 3-1: config 0 descriptor??
[ 1511.457943][T19701] bcachefs (loop0): reading snapshots table
[ 1511.464646][T19701] bcachefs (loop0): reading snapshots done
[ 1511.571203][T19701] bcachefs (loop0): done starting filesystem
[ 1511.862535][ T5860] usb 3-1: can't set config #0, error -71
[ 1511.894818][ T5860] usb 3-1: USB disconnect, device number 33
[ 1512.584438][T19727] loop2: detected capacity change from 0 to 1024
[ 1512.866965][T19173] bcachefs (loop0): shutting down
[ 1512.872754][T19173] bcachefs (loop0): going read-only
[ 1512.879270][T19173] bcachefs (loop0): finished waiting for writes to stop
[ 1512.961911][T19173] bcachefs (loop0): flushing journal and stopping allocators, journal seq 5
[ 1513.115276][T19173] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 5
[ 1513.257810][T19173] bcachefs (loop0): clean shutdown complete, journal seq 6
[ 1513.269455][T19173] bcachefs (loop0): marking filesystem clean
[ 1513.431285][T19173] bcachefs (loop0): shutdown complete
[ 1516.816737][T19765] loop2: detected capacity change from 0 to 32768
[ 1516.828158][T19765] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1516.838702][T19765] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1517.523121][T19765] loop2: detected capacity change from 0 to 64
[ 1517.532433][T19765] minix: Unknown parameter '/dev/ptmx'
[ 1518.380793][T19781] vivid-000: disconnect
[ 1518.850285][   T30] audit: type=1326 audit(1755168491.421:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19774 comm="syz.3.4497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f430798ebe9 code=0x7fc00000
[ 1519.020681][T19773] vivid-000: reconnect
[ 1519.958213][T10151] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1520.165050][T10151] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1520.175879][T10151] usb 3-1: config 0 has no interfaces?
[ 1520.181764][T10151] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1520.191457][T10151] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1520.288425][T10151] usb 3-1: config 0 descriptor??
[ 1520.587165][T19797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1520.597610][T19797] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1520.729168][T19797] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1520.739523][T19797] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1520.859225][T10151] usb 3-1: USB disconnect, device number 34
[ 1521.464438][T10151] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1521.686773][T10151] usb 3-1: Using ep0 maxpacket: 16
[ 1521.743248][T10151] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1521.755224][T10151] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice= 0.00
[ 1521.764855][T10151] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1522.003570][T10151] usb 3-1: config 0 descriptor??
[ 1522.078419][T10151] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[ 1522.525227][T19827] loop0: detected capacity change from 0 to 1024
[ 1522.698209][T19827] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1522.862108][T10151] input: gspca_pac7302 as /devices/platform/dummy_hcd.2/usb3/3-1/input/input24
[ 1522.945081][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1522.957171][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1522.966207][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1522.973860][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1522.981153][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1522.988764][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1522.996162][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.003649][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.010941][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.019111][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.026813][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.034146][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.038010][T19827] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[ 1523.041425][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.063238][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.070538][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.077990][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.092128][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.100520][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.108177][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.115475][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.124142][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.131985][    C0] gspca_pac7302 3-1:0.0: URB error -71, resubmitting
[ 1523.136778][T16379] usb 3-1: USB disconnect, device number 35
[ 1523.138847][    C0] gspca_main: Resubmit URB failed with error -19
[ 1523.861997][T19173] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1524.553543][T19860] loop8: detected capacity change from 40427 to 0
[ 1525.201546][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1525.208631][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1525.975471][T16379] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1526.191076][T16379] usb 3-1: Using ep0 maxpacket: 32
[ 1526.258012][T16379] usb 3-1: config 0 has an invalid interface number: 89 but max is 0
[ 1526.268200][T16379] usb 3-1: config 0 has no interface number 0
[ 1526.274802][T16379] usb 3-1: config 0 interface 89 has no altsetting 0
[ 1526.519565][T16379] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 1526.529875][T16379] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1526.538499][T16379] usb 3-1: Product: syz
[ 1526.543323][T16379] usb 3-1: Manufacturer: syz
[ 1526.548155][T16379] usb 3-1: SerialNumber: syz
[ 1526.769273][T16379] usb 3-1: config 0 descriptor??
[ 1526.840497][T16379] em28xx 3-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 1526.850590][T16379] em28xx 3-1:0.89: Video interface 89 found: bulk
[ 1528.469446][T16379] em28xx 3-1:0.89: unknown em28xx chip ID (0)
[ 1529.303085][T16379] em28xx 3-1:0.89: write to i2c device at 0xa0 failed with unknown error (status=1)
[ 1529.312993][T16379] em28xx 3-1:0.89: failed to read eeprom (err=-5)
[ 1529.319758][T16379] em28xx 3-1:0.89: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5]
[ 1529.576474][T16379] em28xx 3-1:0.89: Identified as Terratec Grabby (card=67)
[ 1529.584279][T16379] em28xx 3-1:0.89: analog set to bulk mode.
[ 1529.595545][T16378] em28xx 3-1:0.89: Registering V4L2 extension
[ 1529.741074][T16379] usb 3-1: USB disconnect, device number 36
[ 1529.749800][T16379] em28xx 3-1:0.89: Disconnecting em28xx
[ 1530.891820][T16378] em28xx 3-1:0.89: Config register raw data: 0xffffffed
[ 1530.899166][T16378] em28xx 3-1:0.89: AC97 chip type couldn't be determined
[ 1530.908312][T16378] em28xx 3-1:0.89: No AC97 audio processor
[ 1530.917779][T16378] usb 3-1: Decoder not found
[ 1530.924360][T16378] em28xx 3-1:0.89: failed to create media graph
[ 1530.930862][T16378] em28xx 3-1:0.89: V4L2 device video103 deregistered
[ 1531.408763][T19926] loop0: detected capacity change from 0 to 32768
[ 1531.477849][T19926] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4538 (19926)
[ 1531.544129][T19926] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1531.545857][T16378] em28xx 3-1:0.89: Registering snapshot button...
[ 1531.555890][T19926] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[ 1531.564358][T16378] input: em28xx snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.89/input/input25
[ 1531.570442][T19926] BTRFS info (device loop0): using free-space-tree
[ 1531.583946][T16378] em28xx 3-1:0.89: Remote control support is not available for this card.
[ 1531.598422][T16379] em28xx 3-1:0.89: Closing input extension
[ 1531.604761][T16379] em28xx 3-1:0.89: Deregistering snapshot button
[ 1531.659312][T16379] em28xx 3-1:0.89: Freeing device
[ 1531.979292][T19173] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1532.525108][T19953] netlink: 'syz.3.4543': attribute type 4 has an invalid length.
[ 1533.371295][T19963] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4548'.
[ 1533.381192][T19963] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4548'.
[ 1533.391798][T19963] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check.
[ 1535.286707][T19985] loop2: detected capacity change from 0 to 32768
[ 1536.807903][T19985] loop2: detected capacity change from 0 to 32768
[ 1540.017815][T20043] overlayfs: failed to clone upperpath
[ 1547.788127][T20042] Set syz1 is full, maxelem 65536 reached
[ 1548.121773][T20098] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4587'.
[ 1548.654939][T20104] syzkaller0: entered promiscuous mode
[ 1548.660683][T20104] syzkaller0: entered allmulticast mode
[ 1549.501904][T20116] syz_tun: entered allmulticast mode
[ 1549.640308][T20114] syz_tun: left allmulticast mode
[ 1549.821788][T20123] loop0: detected capacity change from 0 to 512
[ 1549.927381][T20123] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[ 1554.852496][T20174] loop2: detected capacity change from 0 to 32768
[ 1554.865390][T20174] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4613 (20174)
[ 1554.879741][T20174] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1557.061230][T20217] loop2: detected capacity change from 0 to 256
[ 1557.871896][T20230] loop2: detected capacity change from 0 to 764
[ 1561.042554][T20276] overlayfs: failed to clone upperpath
[ 1561.181471][T20279] loop2: detected capacity change from 0 to 512
[ 1561.224760][T20279] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1561.279165][T20279] EXT4-fs (loop2): invalid journal inode
[ 1561.285503][T20279] EXT4-fs (loop2): can't get journal size
[ 1561.336972][T20279] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[ 1561.359874][T20279] System zones: 1-12, 13-13
[ 1561.366191][T20279] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[ 1561.377187][T20279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1562.118710][T14920] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1562.990012][T20299] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4651'.
[ 1566.915501][T20341] loop2: detected capacity change from 0 to 40427
[ 1567.125137][T20346] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4663'.
[ 1567.191561][T20346] macvlan0 (unregistering): left allmulticast mode
[ 1567.918226][T20356] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1568.010840][T20357] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1569.941578][T20377] overlayfs: failed to clone upperpath
[ 1570.638752][T20391] netlink: 'syz.3.4677': attribute type 39 has an invalid length.
[ 1570.687248][T20391] syz_tun (unregistering): left allmulticast mode
[ 1571.650859][   T30] audit: type=1326 audit(1755168544.231:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20394 comm="syz.5.4679" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f813618ebe9 code=0x7fc00000
[ 1572.160792][T20402] loop2: detected capacity change from 0 to 40427
[ 1572.758642][T20402] loop2: detected capacity change from 0 to 512
[ 1575.597210][T20445] loop0: detected capacity change from 0 to 64
[ 1575.632409][T20445] hfs: Unknown parameter '00000000000000000000000'
[ 1575.706748][T20445] netlink: 'syz.0.4694': attribute type 7 has an invalid length.
[ 1575.715182][T20445] netlink: 'syz.0.4694': attribute type 8 has an invalid length.
[ 1576.399629][T20457] bond_slave_0: entered promiscuous mode
[ 1576.406046][T20457] bond_slave_1: entered promiscuous mode
[ 1576.413066][T20457] vlan2: entered promiscuous mode
[ 1576.418851][T20457] bond0: entered promiscuous mode
[ 1577.100380][T20472] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1577.822594][ T5819] Bluetooth: hci2: command tx timeout
[ 1579.068178][T20505] overlayfs: failed to clone upperpath
[ 1580.261360][T20526] netlink: 'syz.2.4718': attribute type 1 has an invalid length.
[ 1580.486855][T20526] loop2: detected capacity change from 0 to 1024
[ 1582.036256][T20542] loop2: detected capacity change from 0 to 2048
[ 1582.831822][T20553] loop2: detected capacity change from 0 to 2048
[ 1582.916652][T20553] udf: Unknown parameter 'iochars�
[ 1582.916652][T20553] ��scii'
[ 1583.576849][ T5860] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1583.593693][T20543] Bluetooth: hci2: command 0x0406 tx timeout
[ 1583.777076][ T5860] usb 1-1: Using ep0 maxpacket: 8
[ 1583.844132][ T5860] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=44.b2
[ 1583.853987][ T5860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1583.862592][ T5860] usb 1-1: Product: syz
[ 1583.866999][ T5860] usb 1-1: Manufacturer: syz
[ 1583.871841][ T5860] usb 1-1: SerialNumber: syz
[ 1583.957668][ T5860] usb 1-1: config 0 descriptor??
[ 1584.188135][ T5860] gspca_main: sunplus-2.14.0 probing 04a5:3003
[ 1584.588200][T20583] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[ 1584.653517][T20583] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1585.440197][ T5860] gspca_sunplus: reg_w_riv err -71
[ 1585.446405][ T5860] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[ 1585.523190][ T5860] usb 1-1: USB disconnect, device number 3
[ 1586.334501][T16378] Process accounting resumed
[ 1586.433399][T20607] loop2: detected capacity change from 0 to 512
[ 1586.508654][T20607] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1586.518505][T20607] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[ 1586.577167][T20607] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[ 1586.600479][T20607] System zones: 0-2, 18-18, 34-35
[ 1586.727744][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1586.735027][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1586.795367][T20607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1587.341908][T20615] netlink: 'syz.3.4745': attribute type 14 has an invalid length.
[ 1587.550477][T14920] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1589.295205][T20643] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1590.249392][T20655] kvm: pic: non byte write
[ 1590.919867][T20673] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[ 1591.807004][T20683] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1592.374693][T20687] tipc: Started in network mode
[ 1592.379913][T20687] tipc: Node identity 080211, cluster identity 4711
[ 1592.387899][T20687] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1594.378762][T16378] tipc: Node number set to 134353152
[ 1598.131787][ T5819] Bluetooth: hci1: unexpected event 0x2f length: 1017 > 260
[ 1599.934519][T20715] binder: Unknown parameter 'staobal��v��0�^"��o'
[ 1600.952402][T16378] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1601.028188][T20739] 9pnet_fd: p9_fd_create_unix (20739): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 1601.140494][T16378] usb 3-1: Using ep0 maxpacket: 8
[ 1601.300574][T16378] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1601.310422][T16378] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1601.321783][T16378] usb 3-1: Product: syz
[ 1601.328073][T16378] usb 3-1: Manufacturer: syz
[ 1601.333761][T16378] usb 3-1: SerialNumber: syz
[ 1601.365007][T16378] usb 3-1: config 0 descriptor??
[ 1601.645589][T16378] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1603.240323][T16378] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1603.309641][T16378] usb 3-1: USB disconnect, device number 37
[ 1605.524209][ T5819] Bluetooth: hci2: unexpected event for opcode 0x202a
[ 1606.033283][T20821] loop2: detected capacity change from 0 to 8
[ 1607.600574][T16379] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1607.798636][T16379] usb 1-1: Using ep0 maxpacket: 8
[ 1607.877653][T16379] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1607.900739][T16379] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1607.911889][T16379] usb 1-1: can't read configurations, error -71
[ 1608.286235][T20864] loop2: detected capacity change from 0 to 512
[ 1608.368047][T20864] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[ 1608.380720][T20864] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1608.610520][T20864] EXT4-fs error (device loop2): ext4_lookup:1791: inode #2: comm syz.2.4830: deleted inode referenced: 12
[ 1608.955693][T14920] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1609.699556][T20890] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4836'.
[ 1610.667571][T20905] loop2: detected capacity change from 0 to 256
[ 1610.733468][T20907] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4844'.
[ 1610.744183][T20907] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4844'.
[ 1610.753750][T20907] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4844'.
[ 1611.312446][T20920] loop2: detected capacity change from 0 to 8
[ 1611.474155][T20920] SQUASHFS error: Unable to read directory block [629:26]
[ 1618.299459][T21033] loop2: detected capacity change from 0 to 256
[ 1619.377249][T21047] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4890'.
[ 1619.387313][T21047] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4890'.
[ 1619.523542][T21051] tmpfs: Unknown parameter '�'
[ 1619.661978][   T30] audit: type=1326 audit(1755168592.241:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21053 comm="syz.2.4893" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x0
[ 1620.213424][ T5819] Bluetooth: hci1: unexpected event for opcode 0x0c03
[ 1621.560672][T21077] loop2: detected capacity change from 0 to 1764
[ 1622.399867][T21097] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4910'.
[ 1624.554410][T21127] loop2: detected capacity change from 0 to 2048
[ 1625.202586][T21139] netlink: 'syz.0.4925': attribute type 6 has an invalid length.
[ 1625.782845][T16379] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1625.963301][T16379] usb 3-1: Using ep0 maxpacket: 8
[ 1626.015374][T16379] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1626.025200][T16379] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1626.098208][T16379] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1626.105677][T16379] pvrusb2: **********
[ 1626.109826][T16379] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1626.120441][T16379] pvrusb2: Important functionality might not be entirely working.
[ 1626.128884][T16379] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1626.142652][T16379] pvrusb2: **********
[ 1626.340575][ T2332] pvrusb2: Invalid write control endpoint
[ 1626.351247][T16379] usb 3-1: USB disconnect, device number 38
[ 1626.422824][T16378] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[ 1626.621719][T16378] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1626.632601][T16378] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1626.645083][T16378] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1626.658836][T16378] usb 1-1: New USB device found, idVendor=1e71, idProduct=2019, bcdDevice= 0.00
[ 1626.669247][T16378] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1626.793204][ T2332] pvrusb2: Invalid write control endpoint
[ 1626.799358][ T2332] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1626.809447][ T2332] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1626.817663][ T2332] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1626.828087][ T2332] pvrusb2: Device being rendered inoperable
[ 1626.834443][ T2332] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[ 1626.841915][ T2332] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1626.853291][ T2332] pvrusb2: Attached sub-driver cx25840
[ 1626.859051][ T2332] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1626.869625][ T2332] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1626.999242][T16378] usb 1-1: config 0 descriptor??
[ 1627.661320][T16378] nzxt-smart2 0003:1E71:2019.0019: hidraw0: USB HID v0.07 Device [HID 1e71:2019] on usb-dummy_hcd.0-1/input0
[ 1627.899718][T16378] usb 1-1: USB disconnect, device number 6
[ 1628.065162][T21163] loop2: detected capacity change from 0 to 164
[ 1628.417325][T21169] 9pnet_fd: Insufficient options for proto=fd
[ 1630.487948][T21211] /dev/nullb0: Can't lookup blockdev
[ 1630.590130][T21212] loop2: detected capacity change from 0 to 1024
[ 1630.682535][ T5860] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 1630.691526][T21212] hfsplus: bad catalog entry type
[ 1630.872878][ T5860] usb 1-1: Using ep0 maxpacket: 8
[ 1630.917270][ T5860] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1630.973474][ T5860] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1630.983533][ T5860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1630.991798][ T5860] usb 1-1: Product: syz
[ 1630.996552][ T5860] usb 1-1: Manufacturer: syz
[ 1631.001378][ T5860] usb 1-1: SerialNumber: syz
[ 1631.019146][ T5860] usb 1-1: config 0 descriptor??
[ 1631.045830][ T5860] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1631.644629][T21222] overlayfs: failed to clone lowerpath
[ 1632.387084][T21230] loop2: detected capacity change from 0 to 1024
[ 1633.774042][ T5860] gspca_zc3xx: reg_r err -32
[ 1633.887797][T21248] loop2: detected capacity change from 0 to 512
[ 1633.916509][T21248] EXT4-fs: Ignoring removed i_version option
[ 1634.373101][ T5860] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1634.380046][ T5860] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1635.181377][T21255] loop2: detected capacity change from 0 to 32768
[ 1635.194054][T21255] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1635.204555][T21255] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1635.229812][ T5860] usb 1-1: USB disconnect, device number 7
[ 1647.642853][T21343] loop2: detected capacity change from 0 to 512
[ 1648.136879][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1648.144362][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1650.932866][T20543] Bluetooth: hci6: command 0x1003 tx timeout
[ 1650.939258][ T5819] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1652.175163][T21420] 9pnet_fd: Insufficient options for proto=fd
[ 1652.465440][ T5860] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1652.699892][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1652.712452][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1652.723606][ T5860] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1652.733068][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1652.805738][ T5860] usb 3-1: config 0 descriptor??
[ 1653.300646][ T5860] hid-steam 0003:28DE:1142.001A: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[ 1653.375182][ T5860] hid-steam 0003:28DE:1142.001A: Steam wireless receiver connected
[ 1653.463417][ T5860] hid-steam 0003:28DE:1142.001B: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[ 1653.507398][ T5860] usb 3-1: USB disconnect, device number 39
[ 1653.548246][ T5860] hid-steam 0003:28DE:1142.001A: Steam wireless receiver disconnected
[ 1653.643245][T21442] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5065'.
[ 1657.654901][ T5860] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[ 1657.789403][T21495] netlink: 'syz.4.5087': attribute type 11 has an invalid length.
[ 1657.797995][T21495] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5087'.
[ 1657.942860][ T5860] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 1657.954359][ T5860] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1657.966345][ T5860] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[ 1658.103172][ T5860] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1658.113024][ T5860] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1658.121293][ T5860] usb 1-1: Product: syz
[ 1658.126102][ T5860] usb 1-1: Manufacturer: syz
[ 1658.130929][ T5860] usb 1-1: SerialNumber: syz
[ 1658.160162][ T5860] usb 1-1: config 0 descriptor??
[ 1658.172543][T21491] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1658.186181][T21491] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1658.200676][ T5860] usb 1-1: ucan: probing device on interface #0
[ 1658.964282][ T5860] ucan 1-1:0.0 can0: registered device
[ 1659.193654][ T5860] ucan 1-1:0.0 can0: firmware string: unknown
[ 1659.266278][ T5860] usb 1-1: USB disconnect, device number 8
[ 1660.072645][ T5860] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1660.291334][ T5860] usb 3-1: Using ep0 maxpacket: 8
[ 1660.352532][ T5860] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1660.431298][ T5860] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1660.446199][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1660.455657][ T5860] usb 3-1: Product: syz
[ 1660.460068][ T5860] usb 3-1: Manufacturer: syz
[ 1660.465042][ T5860] usb 3-1: SerialNumber: syz
[ 1660.625959][ T5860] usb 3-1: config 0 descriptor??
[ 1660.684705][ T5860] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1663.436351][ T5860] gspca_zc3xx: reg_r err -32
[ 1664.034944][ T5860] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1664.042223][ T5860] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1665.119857][T16378] usb 3-1: USB disconnect, device number 40
[ 1667.124806][T21614] loop2: detected capacity change from 0 to 4096
[ 1667.858957][T21633] netlink: 40 bytes leftover after parsing attributes in process `syz.3.5151'.
[ 1670.879671][T21665] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5166'.
[ 1673.520009][T16378] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1673.696474][T21698] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1673.704133][T21698] block nbd0: shutting down sockets
[ 1674.824998][T16378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1674.837372][T16378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1674.850577][T16378] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1674.867302][T16378] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1674.877806][T16378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1675.060155][T16378] usb 3-1: config 0 descriptor??
[ 1675.354127][ T5860] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1675.546986][ T5860] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1675.558835][ T5860] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1675.558886][T16378] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[ 1675.559015][ T5860] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1675.588402][ T5860] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1675.621393][ T5860] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1675.631354][ T5860] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1675.639897][ T5860] usb 1-1: Manufacturer: syz
[ 1675.650491][ T5860] usb 1-1: config 0 descriptor??
[ 1675.650980][T16378] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1676.142764][ T5860] appleir 0003:05AC:8243.001D: unknown main item tag 0x0
[ 1676.181973][ T5860] appleir 0003:05AC:8243.001D: hiddev1,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[ 1677.945360][T10151] usb 1-1: USB disconnect, device number 9
[ 1678.160582][ T5860] usb 3-1: reset high-speed USB device number 41 using dummy_hcd
[ 1678.354491][ T5860] usb 3-1: device descriptor read/64, error -32
[ 1679.274523][T16383] usb 3-1: USB disconnect, device number 41
[ 1681.030218][T21761] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5210'.
[ 1682.332833][T21775] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[ 1682.339642][T21775] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1682.348146][T21775] vhci_hcd vhci_hcd.0: Device attached
[ 1682.603705][T16383] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1682.643133][T16378] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[ 1682.832939][T16383] usb 1-1: Using ep0 maxpacket: 16
[ 1682.878173][T16383] usb 1-1: config 0 has no interfaces?
[ 1682.884766][T16383] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 1682.894554][T16383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1682.961331][T16383] usb 1-1: config 0 descriptor??
[ 1683.155178][T21789] loop2: detected capacity change from 0 to 4096
[ 1683.194141][T16379] usb 1-1: USB disconnect, device number 10
[ 1683.210664][T21777] vhci_hcd: connection closed
[ 1683.220892][ T4537] vhci_hcd: stop threads
[ 1683.230491][ T4537] vhci_hcd: release socket
[ 1683.235602][ T4537] vhci_hcd: disconnect device
[ 1683.276464][T16378] vhci_hcd: vhci_device speed not set
[ 1684.498431][T21804] loop2: detected capacity change from 0 to 32768
[ 1684.552326][T21804] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5225 (21804)
[ 1684.567678][T21804] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1685.546879][T21812] loop2: detected capacity change from 0 to 128
[ 1686.652825][T16383] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1686.866912][T16383] usb 1-1: Using ep0 maxpacket: 32
[ 1686.935894][T16383] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1686.944787][T16383] usb 1-1: config 0 has no interface number 0
[ 1686.951140][T16383] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1686.963610][T16383] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1687.129645][T16383] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1687.139678][T16383] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1687.148495][T16383] usb 1-1: Product: syz
[ 1687.153145][T16383] usb 1-1: Manufacturer: syz
[ 1687.157954][T16383] usb 1-1: SerialNumber: syz
[ 1687.338408][T16383] usb 1-1: config 0 descriptor??
[ 1688.037883][T16383] appletouch 1-1:0.85: Geyser mode initialized.
[ 1688.047650][T16383] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input26
[ 1688.255414][T16378] usb 1-1: USB disconnect, device number 11
[ 1688.304562][T16378] appletouch 1-1:0.85: input: appletouch disconnected
[ 1688.571388][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.580054][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.588006][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.597059][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.605592][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.613743][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.621482][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.629459][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.637712][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.645578][T16378] hid-generic 00A0:0006:0003.001E: unknown main item tag 0x0
[ 1688.832384][T16378] hid-generic 00A0:0006:0003.001E: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[ 1688.942638][T16379] usb 3-1: new full-speed USB device number 42 using dummy_hcd
[ 1689.149493][T16379] usb 3-1: config 0 has no interfaces?
[ 1689.155958][T16379] usb 3-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[ 1689.165566][T16379] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1689.230172][T16379] usb 3-1: config 0 descriptor??
[ 1689.467924][T16383] usb 3-1: USB disconnect, device number 42
[ 1691.245358][T21875] overlayfs: failed to resolve './bus': -2
[ 1693.191934][T21906] loop2: detected capacity change from 0 to 764
[ 1694.688530][T21927] netlink: 'syz.4.5277': attribute type 64 has an invalid length.
[ 1695.526225][T21920] loop2: detected capacity change from 0 to 65536
[ 1700.013933][T21986] syzkaller1: entered promiscuous mode
[ 1700.019976][T21986] syzkaller1: entered allmulticast mode
[ 1700.426884][T21978] loop2: detected capacity change from 0 to 32768
[ 1700.464886][T21978] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5295 (21978)
[ 1700.482259][T21978] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1700.659904][T21989] overlayfs: failed to clone upperpath
[ 1701.472498][T16379] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 1701.818779][T22004] overlayfs: failed to resolve './file0': -2
[ 1702.955664][T16379] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1702.967106][T16379] usb 3-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[ 1702.976634][T16379] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1703.161423][T16379] usb 3-1: config 0 descriptor??
[ 1703.693124][T16379] input: HID 28bd:0933 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:28BD:0933.001F/input/input27
[ 1703.845262][T16379] uclogic 0003:28BD:0933.001F: input,hidraw0: USB HID v0.00 Mouse [HID 28bd:0933] on usb-dummy_hcd.2-1/input0
[ 1703.908428][T16379] usb 3-1: USB disconnect, device number 43
[ 1705.807151][T16378] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1705.994939][T16378] usb 1-1: Using ep0 maxpacket: 8
[ 1706.045866][T16378] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1706.125507][T16378] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1706.135264][T16378] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1706.143699][T16378] usb 1-1: Product: syz
[ 1706.148064][T16378] usb 1-1: Manufacturer: syz
[ 1706.153203][T16378] usb 1-1: SerialNumber: syz
[ 1706.364682][T16378] usb 1-1: config 0 descriptor??
[ 1706.430387][T16378] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1707.183934][T22036] loop2: detected capacity change from 0 to 40427
[ 1707.884217][   T30] audit: type=1800 audit(1755168680.461:393): pid=22042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.5321" name="nullb0" dev="tmpfs" ino=3385 res=0 errno=0
[ 1708.722991][T16383] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1708.882408][T16383] usb 3-1: Using ep0 maxpacket: 32
[ 1708.910336][T16383] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1708.920294][T16383] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1708.958622][T16383] usb 3-1: config 0 descriptor??
[ 1709.188027][T16378] gspca_zc3xx: reg_r err -32
[ 1709.274023][T16383] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1709.309341][T16383] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1709.333709][T16383] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1709.341249][T16383] usb 3-1: media controller created
[ 1709.428796][T16383] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1709.518965][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1709.526116][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1709.551787][T16383] az6027: usb out operation failed. (-71)
[ 1709.565370][T16383] az6027: usb out operation failed. (-71)
[ 1709.571460][T16383] stb0899_attach: Driver disabled by Kconfig
[ 1709.578079][T16383] az6027: no front-end attached
[ 1709.578079][T16383] 
[ 1709.591210][T16383] az6027: usb out operation failed. (-71)
[ 1709.598440][T16383] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1709.608939][T16383] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input28
[ 1709.631481][T16383] dvb-usb: schedule remote query interval to 400 msecs.
[ 1709.639028][T16383] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1709.654166][T16383] usb 3-1: USB disconnect, device number 44
[ 1709.797873][T16378] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1709.805004][T16378] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1709.886627][T16383] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1711.496583][T22067] loop2: detected capacity change from 0 to 32768
[ 1712.272685][T16383] usb 1-1: USB disconnect, device number 12
[ 1712.395641][T22069] loop2: detected capacity change from 0 to 1024
[ 1714.943446][T22093] 9pnet_fd: Insufficient options for proto=fd
[ 1716.049201][T22106] loop2: detected capacity change from 0 to 512
[ 1716.058358][T22108] netlink: 140 bytes leftover after parsing attributes in process `syz.5.5349'.
[ 1716.187372][T22106] EXT4-fs (loop2): write access unavailable, skipping orphan cleanup
[ 1716.198922][T22106] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1716.369821][T22106] EXT4-fs (loop2): Couldn't remount RDWR because of unprocessed orphan inode list.  Please umount/remount instead
[ 1716.967665][T14920] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1717.456320][T22120] loop2: detected capacity change from 0 to 512
[ 1719.512708][T22143] loop2: detected capacity change from 0 to 256
[ 1719.721398][T22148] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[ 1721.081968][T22167] syz.2.5372 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1726.435711][T22214] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5393'.
[ 1726.445798][T22214] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5393'.
[ 1728.083563][T22229] loop2: detected capacity change from 0 to 32768
[ 1728.093481][T22229] XFS: ikeep mount option is deprecated.
[ 1728.920044][T22247] loop2: detected capacity change from 0 to 512
[ 1731.288409][T22254] loop2: detected capacity change from 0 to 40427
[ 1731.343371][T22254] F2FS-fs (loop2): Image doesn't support compression
[ 1731.350340][T22254] F2FS-fs (loop2): build fault injection rate: 690
[ 1731.367176][T22254] F2FS-fs (loop2): invalid crc value
[ 1731.713752][T22254] F2FS-fs (loop2): write access unavailable, skipping recovery
[ 1731.721577][T22254] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[ 1732.846190][T22267] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5416'.
[ 1736.153196][T16383] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1736.357618][T16383] usb 1-1: Using ep0 maxpacket: 16
[ 1736.405715][T16383] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 1736.414512][T16383] usb 1-1: config 0 has no interface number 0
[ 1736.421891][T16383] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1736.433899][T16383] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1736.504738][T16383] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1736.515033][T16383] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1736.524654][T16383] usb 1-1: Product: syz
[ 1736.529054][T16383] usb 1-1: SerialNumber: syz
[ 1736.606141][T16383] usb 1-1: config 0 descriptor??
[ 1736.650884][T16383] cm109 1-1:0.8: invalid payload size 0, expected 4
[ 1736.660934][T16383] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input29
[ 1736.893672][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[ 1737.190817][T22298] loop2: detected capacity change from 0 to 64
[ 1737.323358][T16383] usb 1-1: USB disconnect, device number 13
[ 1737.355563][T16383] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1742.161985][T16383] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1742.336381][   T30] audit: type=1326 audit(1755168714.921:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1742.360457][   T30] audit: type=1326 audit(1755168714.931:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.433094][T16383] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1742.444610][T16383] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1742.454808][T16383] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1742.468756][T16383] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1742.478377][T16383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1742.597597][   T30] audit: type=1326 audit(1755168715.001:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.622864][   T30] audit: type=1326 audit(1755168715.001:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.646309][   T30] audit: type=1326 audit(1755168715.001:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1742.669970][   T30] audit: type=1326 audit(1755168715.081:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.692961][   T30] audit: type=1326 audit(1755168715.081:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.715637][   T30] audit: type=1326 audit(1755168715.081:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.738750][   T30] audit: type=1326 audit(1755168715.091:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1742.761530][   T30] audit: type=1326 audit(1755168715.101:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=22357 comm="syz.2.5455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f625512add9 code=0x7ffc0000
[ 1742.805136][T16383] usb 1-1: config 0 descriptor??
[ 1743.324564][T16383] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1743.592923][T16383] usb 1-1: USB disconnect, device number 14
[ 1746.975760][T22416] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1748.057452][T22428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5486'.
[ 1750.073278][ T5819] block nbd2: Receive control failed (result -32)
[ 1750.090491][T22453] block nbd2: shutting down sockets
[ 1752.268176][T22475] trusted_key: syz.3.5506 sent an empty control message without MSG_MORE.
[ 1752.693518][T16383] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1752.841658][T22487] overlayfs: failed to resolve './file0': -2
[ 1752.912871][T16383] usb 1-1: Using ep0 maxpacket: 8
[ 1752.944196][T16383] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1752.952991][T16383] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1752.963406][T16383] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1752.973567][T16383] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1752.983966][T16383] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1752.997468][T16383] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1753.007916][T16383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1753.224862][T22494] 9pnet_fd: Insufficient options for proto=fd
[ 1754.767122][T16383] usb 1-1: usb_control_msg returned -32
[ 1754.773416][T16383] usbtmc 1-1:16.0: can't read capabilities
[ 1755.459086][T16383] usb 1-1: USB disconnect, device number 15
[ 1758.276088][T22528] loop2: detected capacity change from 0 to 32768
[ 1761.548571][T22551] loop2: detected capacity change from 0 to 32768
[ 1761.560975][T22551] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1761.571512][T22551] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1765.493448][T22572] loop2: detected capacity change from 0 to 32768
[ 1767.359197][T22600] Context (ID=0x1) not attached to queue pair (handle=0x4d7:0x2)
[ 1769.005943][T16378] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[ 1769.273948][T16378] usb 3-1: Using ep0 maxpacket: 16
[ 1769.309950][T16378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1769.321615][T16378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1769.332243][T16378] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[ 1769.341598][T16378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1769.425198][T16378] usb 3-1: config 0 descriptor??
[ 1770.171373][T16378] usb 3-1: language id specifier not provided by device, defaulting to English
[ 1770.581687][T16378] letsketch 0003:6161:4D15.0021: Device info: ఁ
[ 1770.859367][T16378] usb 3-1: Max retries (5) exceeded reading string descriptor 201
[ 1770.868329][T16378] letsketch 0003:6161:4D15.0021: probe with driver letsketch failed with error -71
[ 1770.914794][T16378] usb 3-1: USB disconnect, device number 45
[ 1770.982847][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1770.989710][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1773.477376][T22664] loop2: detected capacity change from 0 to 1024
[ 1774.431417][T22673] loop2: detected capacity change from 0 to 1024
[ 1776.989557][T22686] loop2: detected capacity change from 0 to 32768
[ 1784.012479][T22748] loop2: detected capacity change from 0 to 32768
[ 1784.046560][T22748] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5612 (22748)
[ 1784.060794][T22748] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1785.352651][T16383] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[ 1785.593580][T16383] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1785.605697][T16383] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1785.616328][T16383] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1785.629798][T16383] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1785.639357][T16383] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1785.913854][T16383] usb 3-1: config 0 descriptor??
[ 1786.526469][T16383] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1786.819216][T16383] usb 3-1: USB disconnect, device number 46
[ 1787.013681][T22782] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5625'.
[ 1787.433234][T16383] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1787.635567][T16383] usb 1-1: Using ep0 maxpacket: 8
[ 1787.684204][T16383] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1787.740121][T16383] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1787.750158][T16383] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1787.759010][T16383] usb 1-1: Product: syz
[ 1787.763665][T16383] usb 1-1: Manufacturer: syz
[ 1787.768491][T16383] usb 1-1: SerialNumber: syz
[ 1787.841925][T16383] usb 1-1: config 0 descriptor??
[ 1787.887714][T16383] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1788.310011][T22796] overlayfs: failed to clone upperpath
[ 1790.061636][T16383] gspca_zc3xx: reg_r err -32
[ 1791.393806][T16383] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1791.400612][T16383] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1792.237025][T16383] usb 1-1: USB disconnect, device number 16
[ 1792.921833][T16383] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1793.116179][T16383] usb 1-1: Using ep0 maxpacket: 8
[ 1793.155012][T16383] usb 1-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x11, changing to 0x1
[ 1793.167215][T16383] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 64
[ 1793.214417][T16378] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[ 1793.268337][T16383] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1793.278825][T16383] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1793.287354][T16383] usb 1-1: Product: syz
[ 1793.291737][T16383] usb 1-1: Manufacturer: syz
[ 1793.296812][T16383] usb 1-1: SerialNumber: syz
[ 1793.396698][T22822] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1793.712472][T16378] usb 3-1: Using ep0 maxpacket: 8
[ 1793.781341][T16378] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 1793.790951][T16378] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1793.801372][T16378] usb 3-1: Product: syz
[ 1793.806076][T16378] usb 3-1: Manufacturer: syz
[ 1793.810909][T16378] usb 3-1: SerialNumber: syz
[ 1793.877347][T16378] usb 3-1: config 0 descriptor??
[ 1793.959662][T22832] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5647'.
[ 1794.161856][T16378] usb 3-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[ 1794.523306][T16383] cdc_ncm 1-1:1.0: bind() failure
[ 1794.588367][T16383] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1794.613171][T16383] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1794.648741][T16383] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[ 1794.696783][T16383] usb 1-1: USB disconnect, device number 17
[ 1795.619451][T16378] usb write operation failed. (-71)
[ 1795.656251][T16378] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1795.678476][T16378] dvbdev: DVB: registering new adapter (Terratec H7)
[ 1795.685797][T16378] usb 3-1: media controller created
[ 1795.732831][T16378] usb read operation failed. (-71)
[ 1795.746221][T16378] usb write operation failed. (-71)
[ 1795.785266][T16378] dvb_usb_az6007 3-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[ 1795.874893][T16378] usb 3-1: USB disconnect, device number 47
[ 1797.396140][T22880] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1797.402607][T22880] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1797.441120][T22880] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1797.448958][T22880] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1800.058863][T22923] loop2: detected capacity change from 0 to 128
[ 1801.879446][T22936] loop2: detected capacity change from 0 to 32768
[ 1801.890838][T22936] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1801.901377][T22936] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1802.817115][T22944] overlayfs: failed to clone upperpath
[ 1805.715428][T22963] overlayfs: failed lookup in lower (newroot/205, name='file0', err=-40): overlapping layers
[ 1806.001541][T22979] loop2: detected capacity change from 0 to 16
[ 1811.669392][T16378] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1811.894464][T16378] usb 1-1: Using ep0 maxpacket: 8
[ 1811.942928][T16378] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1812.019081][T16378] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1812.029275][T16378] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1812.037826][T16378] usb 1-1: Product: syz
[ 1812.042360][T16378] usb 1-1: Manufacturer: syz
[ 1812.047178][T16378] usb 1-1: SerialNumber: syz
[ 1812.233837][T16378] usb 1-1: config 0 descriptor??
[ 1812.254216][T16378] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1814.425755][T16378] gspca_zc3xx: reg_r err -32
[ 1815.021865][T16378] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1815.028868][T16378] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1815.326923][T23092] loop2: detected capacity change from 0 to 512
[ 1815.374512][T23092] EXT4-fs: inline encryption not supported
[ 1815.539652][T16378] usb 1-1: USB disconnect, device number 18
[ 1818.917276][T23140] overlayfs: failed to clone upperpath
[ 1820.998061][T16378] libceph: connect (1)[c::]:6789 error -101
[ 1821.005106][T16378] libceph: mon0 (1)[c::]:6789 connect error
[ 1821.344317][T16378] libceph: connect (1)[c::]:6789 error -101
[ 1821.350825][T16378] libceph: mon0 (1)[c::]:6789 connect error
[ 1821.736588][T16378] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1821.747913][T23166] ceph: No mds server is up or the cluster is laggy
[ 1821.942462][T16378] usb 1-1: Using ep0 maxpacket: 8
[ 1821.983243][T16378] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1822.042566][T16378] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1822.052657][T16378] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1822.060935][T16378] usb 1-1: Product: syz
[ 1822.065991][T16378] usb 1-1: Manufacturer: syz
[ 1822.070809][T16378] usb 1-1: SerialNumber: syz
[ 1822.141773][T16378] usb 1-1: config 0 descriptor??
[ 1822.241912][T16378] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1822.609884][T23192] overlayfs: failed to clone upperpath
[ 1822.644214][T23193] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5764'.
[ 1823.850516][T23198] bond0: (slave bond_slave_0): Releasing backup interface
[ 1823.945350][T23198] bond_slave_0: left promiscuous mode
[ 1824.118991][T23198] bond0: (slave bond_slave_1): Releasing backup interface
[ 1824.160414][T23198] bond_slave_1: left promiscuous mode
[ 1824.169423][T23198] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1824.180061][T16378] gspca_zc3xx: reg_w_i err -110
[ 1824.213162][T23198] bond1: (slave geneve2): Releasing active interface
[ 1824.283102][T23198] bond2: (slave macvlan2): Removing an active aggregator
[ 1824.293630][T23198] bond2: (slave macvlan2): Releasing backup interface
[ 1824.338479][T23198] bond6: (slave veth7): Releasing active interface
[ 1824.802387][T16378] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1824.809514][T16378] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -110
[ 1825.224680][T23217] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5771'.
[ 1825.756273][T23226] 9pnet_fd: Insufficient options for proto=fd
[ 1825.847257][T16383] usb 1-1: USB disconnect, device number 19
[ 1826.557988][T23235] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5777'.
[ 1826.880471][T23231] loop2: detected capacity change from 0 to 32768
[ 1826.891891][T23231] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1826.902907][T23231] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1827.695782][T23244] loop2: detected capacity change from 0 to 256
[ 1827.726778][T23244] exfat: Unknown parameter 'ioscard�}�K���T�'
[ 1828.715579][T23251] loop2: detected capacity change from 0 to 1024
[ 1828.750818][T23251] EXT4-fs: Ignoring removed nobh option
[ 1828.757132][T23251] EXT4-fs: inline encryption not supported
[ 1830.754814][T23291] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5795'.
[ 1831.581552][T23295] loop2: detected capacity change from 0 to 32768
[ 1831.595922][T23295] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.5796 (23295)
[ 1831.610375][T23295] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1831.946556][T23305] overlayfs: failed to clone upperpath
[ 1832.406693][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1832.414147][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1832.492951][T23311] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1954005275 (125056337600 ns) > initial count (69329932160 ns). Using initial count to start timer.
[ 1832.563885][T23311] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3503323016 (224212673024 ns) > initial count (219510975936 ns). Using initial count to start timer.
[ 1838.894035][T23357] loop2: detected capacity change from 0 to 1756
[ 1839.457836][T23357] syz.2.5823: attempt to access beyond end of device
[ 1839.457836][T23357] loop2: rw=524288, sector=787556, nr_sectors = 4 limit=1756
[ 1839.472641][T23357] syz.2.5823: attempt to access beyond end of device
[ 1839.472641][T23357] loop2: rw=0, sector=787556, nr_sectors = 4 limit=1756
[ 1839.515822][   T30] kauditd_printk_skb: 41 callbacks suppressed
[ 1839.515910][   T30] audit: type=1800 audit(1755168812.081:445): pid=23357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.5823" name="file1" dev="loop2" ino=17797 res=0 errno=0
[ 1839.676473][T23357] netlink: 'syz.2.5823': attribute type 10 has an invalid length.
[ 1839.685090][T23357] netlink: 40 bytes leftover after parsing attributes in process `syz.2.5823'.
[ 1839.695123][T23357] dummy0: entered promiscuous mode
[ 1839.700457][T23357] dummy0: entered allmulticast mode
[ 1839.713445][T23357] bridge0: port 3(dummy0) entered blocking state
[ 1839.720332][T23357] bridge0: port 3(dummy0) entered disabled state
[ 1841.949674][T23381] loop2: detected capacity change from 0 to 1024
[ 1843.201552][T23409] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5842'.
[ 1844.202543][T23411] loop2: detected capacity change from 0 to 32768
[ 1844.213996][T23411] bcachefs (/dev/loop2): error reading superblock: error opening /dev/loop2: EACCES
[ 1844.224569][T23411] bcachefs: bch2_fs_get_tree() error: EACCES
[ 1844.797623][T23424] loop2: detected capacity change from 0 to 64
[ 1844.825736][T23424] minix: Unknown parameter '/dev/ptmx'
[ 1847.966212][T23466] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1848.859949][T23474] bridge_slave_0: left allmulticast mode
[ 1848.866161][T23474] bridge_slave_0: left promiscuous mode
[ 1848.873373][T23474] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1849.017498][T23474] bridge_slave_1: left allmulticast mode
[ 1849.023679][T23474] bridge_slave_1: left promiscuous mode
[ 1849.030632][T23474] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1849.242866][T23474] bond0: (slave bond_slave_0): Releasing backup interface
[ 1849.283871][T23474] bond_slave_0: left promiscuous mode
[ 1849.425133][T23474] bond0: (slave bond_slave_1): Releasing backup interface
[ 1849.479593][T23474] bond_slave_1: left promiscuous mode
[ 1849.610241][T23474] team0: Port device team_slave_0 removed
[ 1849.885933][T23474] team0: Port device team_slave_1 removed
[ 1849.897981][T23474] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1849.905836][T23474] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1849.996559][T23474] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1850.004545][T23474] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1850.503410][T23484] overlayfs: failed to clone upperpath
[ 1852.523367][   T30] audit: type=1326 audit(1755168825.101:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23505 comm="syz.2.5880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1852.546632][   T30] audit: type=1326 audit(1755168825.101:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23505 comm="syz.2.5880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1852.569986][   T30] audit: type=1326 audit(1755168825.111:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23505 comm="syz.2.5880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1852.592933][   T30] audit: type=1326 audit(1755168825.121:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23505 comm="syz.2.5880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1852.619683][   T30] audit: type=1326 audit(1755168825.141:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23505 comm="syz.2.5880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1852.644613][   T30] audit: type=1326 audit(1755168825.141:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23505 comm="syz.2.5880" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625518ebe9 code=0x7ffc0000
[ 1853.031375][T23515] overlayfs: failed to resolve './file0': -2
[ 1854.160325][T16378] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[ 1855.802285][T16378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1855.813965][T16378] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1855.824375][T16378] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[ 1855.834077][T16378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1855.951697][T16378] usb 3-1: config 0 descriptor??
[ 1856.328663][T16378] usbhid 3-1:0.0: can't add hid device: -71
[ 1856.335747][T16378] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1856.385967][T16378] usb 3-1: USB disconnect, device number 48
[ 1856.902909][T16378] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[ 1857.092539][T16378] usb 3-1: Using ep0 maxpacket: 8
[ 1857.124066][T16378] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1857.166193][T16378] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1857.175707][T16378] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1857.184426][T16378] usb 3-1: Product: syz
[ 1857.188812][T16378] usb 3-1: Manufacturer: syz
[ 1857.195240][T16378] usb 3-1: SerialNumber: syz
[ 1857.247059][T16378] usb 3-1: config 0 descriptor??
[ 1857.278825][T16378] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1859.603684][T16378] gspca_zc3xx: reg_r err -32
[ 1860.024020][T23581] overlayfs: failed to clone lowerpath
[ 1860.192839][T16378] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1860.199945][T16378] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1860.325479][T23585] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5916'.
[ 1861.038672][T16383] usb 3-1: USB disconnect, device number 49
[ 1862.167218][T23603] overlayfs: failed to clone upperpath
[ 1862.179108][T16383] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1862.352600][T16383] usb 1-1: Using ep0 maxpacket: 16
[ 1862.390753][T16383] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1862.403368][T16383] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1862.416843][T16383] usb 1-1: New USB device found, idVendor=0458, idProduct=500f, bcdDevice= 0.00
[ 1862.426367][T16383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1862.434310][T16378] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[ 1862.446348][T16383] usb 1-1: config 0 descriptor??
[ 1862.671651][T16378] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1862.682290][T16378] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1862.695947][T16378] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1862.705443][T16378] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1862.925844][T16383] kye 0003:0458:500F.0023: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[ 1862.977853][T16383] kye 0003:0458:500F.0023: hidraw0: USB HID v0.09 Device [HID 0458:500f] on usb-dummy_hcd.0-1/input0
[ 1862.990029][T16383] kye 0003:0458:500F.0023: tablet-enabling feature report not found
[ 1862.998612][T16383] kye 0003:0458:500F.0023: tablet enabling failed
[ 1863.016402][T16378] usb 3-1: usb_control_msg returned -32
[ 1863.022670][T16378] usbtmc 3-1:16.0: can't read capabilities
[ 1863.150039][T16383] usb 1-1: USB disconnect, device number 20
[ 1865.439395][T23637] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5938'.
[ 1865.499819][T16378] usb 3-1: USB disconnect, device number 50
[ 1866.771654][T23658] overlayfs: failed to clone upperpath
[ 1867.346219][T23669] loop2: detected capacity change from 0 to 512
[ 1869.812816][T23708] overlayfs: failed to clone lowerpath
[ 1869.965699][T23711] overlayfs: failed to clone upperpath
[ 1870.627899][T23720] loop2: detected capacity change from 0 to 128
[ 1870.689510][T23720] EXT4-fs: Ignoring removed oldalloc option
[ 1870.696054][T23720] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1870.950427][T23720] loop2: detected capacity change from 0 to 512
[ 1873.331447][T23765] netlink: 'syz.0.5992': attribute type 83 has an invalid length.
[ 1873.448724][T23765] netlink: 'syz.0.5992': attribute type 83 has an invalid length.
[ 1874.288632][T23777] overlayfs: failed to clone upperpath
[ 1874.600078][T23753] loop2: detected capacity change from 0 to 32768
[ 1875.215206][T23788] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1876.501350][T23807] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6008'.
[ 1877.688870][T23812] loop2: detected capacity change from 0 to 32768
[ 1877.701663][T23812] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.6011 (23812)
[ 1877.716002][T23812] BTRFS error: failed to open device for path /dev/loop2 with flags 0x23: -13
[ 1879.491706][T23824] loop2: detected capacity change from 0 to 40427
[ 1879.609272][T23832] overlayfs: failed to clone upperpath
[ 1882.574824][T16378] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1882.763757][T16378] usb 1-1: config 0 has no interfaces?
[ 1882.769701][T16378] usb 1-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[ 1882.779473][T16378] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1882.827918][T16378] usb 1-1: config 0 descriptor??
[ 1882.986418][T23877] overlayfs: failed to clone upperpath
[ 1883.102652][T23866] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1883.112781][T23866] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1883.208602][T23866] 9pnet_fd: p9_fd_create_unix (23866): problem connecting socket: ./file0: -111
[ 1883.272698][T16383] usb 1-1: USB disconnect, device number 21
[ 1886.026251][T23907] overlayfs: failed to clone upperpath
[ 1887.582420][T23929] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1888.206137][T23934] loop2: detected capacity change from 0 to 256
[ 1890.322456][T16383] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1890.565533][T16383] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1890.575385][T16383] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1890.584258][T16383] usb 3-1: Product: syz
[ 1890.588721][T16383] usb 3-1: Manufacturer: syz
[ 1890.594803][T16383] usb 3-1: SerialNumber: syz
[ 1890.764737][T16383] usb 3-1: config 0 descriptor??
[ 1890.816888][T16383] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1891.182587][T23976] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1893.769973][T16383] usb 3-1: USB disconnect, device number 51
[ 1893.856073][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[ 1893.863196][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[ 1895.860115][T24019] overlayfs: failed to clone upperpath
[ 1896.381720][T24029] overlayfs: failed to clone upperpath
[ 1896.665052][T24035] kvm: pic: single mode not supported
[ 1896.680081][T24035] kvm: pic: single mode not supported
[ 1896.687653][T24035] kvm: pic: level sensitive irq not supported
[ 1903.388162][T24096] loop2: detected capacity change from 0 to 16
[ 1903.533713][T24096] erofs (device loop2): mounted with root inode @ nid 36.
[ 1903.688896][T24098] binder: Unknown parameter 'context'
[ 1903.799057][T24096] erofs (device loop2): readahead error at folio 12 @ nid 36
[ 1903.807736][T24096] erofs (device loop2): readahead error at folio 9 @ nid 36
[ 1903.816203][T24096] erofs (device loop2): readahead error at folio 6 @ nid 36
[ 1903.824004][T24096] erofs (device loop2): readahead error at folio 4 @ nid 36
[ 1903.832568][T24096] syz.2.6117: attempt to access beyond end of device
[ 1903.832568][T24096] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[ 1903.847319][T24096] syz.2.6117: attempt to access beyond end of device
[ 1903.847319][T24096] loop2: rw=524288, sector=376, nr_sectors = 16 limit=16
[ 1903.862258][T24096] syz.2.6117: attempt to access beyond end of device
[ 1903.862258][T24096] loop2: rw=524288, sector=0, nr_sectors = 24 limit=16
[ 1903.876461][T24096] syz.2.6117: attempt to access beyond end of device
[ 1903.876461][T24096] loop2: rw=524288, sector=720, nr_sectors = 16 limit=16
[ 1903.890854][T24096] syz.2.6117: attempt to access beyond end of device
[ 1903.890854][T24096] loop2: rw=524288, sector=525144, nr_sectors = 16 limit=16
[ 1904.213460][T16383] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1904.426102][T16383] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1904.438364][T16383] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1904.449867][T16383] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1904.461873][T16383] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1904.471478][T16383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1904.716363][T24099] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1907.508045][T16383] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[ 1907.518784][T16383] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input31
[ 1907.737609][T16383] usb 1-1: USB disconnect, device number 22
[ 1907.737882][    C0] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1912.792423][T16379] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1912.992486][T16379] usb 1-1: Using ep0 maxpacket: 8
[ 1913.051141][T16379] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1913.117054][T16379] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1913.126683][T16379] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1913.135404][T16379] usb 1-1: Product: syz
[ 1913.139770][T16379] usb 1-1: Manufacturer: syz
[ 1913.145474][T16379] usb 1-1: SerialNumber: syz
[ 1913.255727][T16379] usb 1-1: config 0 descriptor??
[ 1913.286677][T16379] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1917.079075][T16379] gspca_zc3xx: reg_r err -32
[ 1917.689613][T24143] Set syz1 is full, maxelem 65536 reached
[ 1917.836201][T16379] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1917.843604][T16379] gspca_zc3xx 1-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1917.938749][T16379] usb 1-1: USB disconnect, device number 23
[ 1920.413339][T16383] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1920.606583][T16383] usb 3-1: Using ep0 maxpacket: 8
[ 1920.635103][T16383] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1920.676705][T16383] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1920.686565][T16383] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1920.695226][T16383] usb 3-1: Product: syz
[ 1920.699667][T16383] usb 3-1: Manufacturer: syz
[ 1920.704690][T16383] usb 3-1: SerialNumber: syz
[ 1920.755318][T16383] usb 3-1: config 0 descriptor??
[ 1920.777062][T16383] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1923.459156][T16383] gspca_zc3xx: reg_r err -32
[ 1924.632473][T16383] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1924.639527][T16383] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1925.668067][T16383] usb 3-1: USB disconnect, device number 52
[ 1925.972828][T24259] loop2: detected capacity change from 0 to 512
[ 1927.499297][T24271] syzkaller0: entered promiscuous mode
[ 1927.505710][T24271] syzkaller0: entered allmulticast mode
[ 1929.030972][T24292] kvm: pic: single mode not supported
[ 1929.031339][T24292] kvm: pic: non byte read
[ 1929.050667][T24292] kvm: pic: non byte read
[ 1929.059240][T24292] kvm: pic: non byte read
[ 1929.074265][T24292] kvm: pic: non byte read
[ 1929.090806][T24292] kvm: pic: non byte read
[ 1929.107690][T24292] kvm: pic: non byte read
[ 1929.148232][T24292] kvm: pic: non byte read
[ 1929.171686][T24292] kvm: pic: non byte read
[ 1929.220095][T24292] kvm: pic: non byte read
[ 1929.401453][   T30] audit: type=1326 audit(1755168901.991:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24299 comm="syz.5.6190" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f813618ebe9 code=0x0
[ 1930.301237][T24313] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1932.472396][T16379] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1932.652538][T16379] usb 3-1: Using ep0 maxpacket: 8
[ 1932.684106][T16379] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1932.716328][T16379] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1932.726176][T16379] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1932.734578][T16379] usb 3-1: Product: syz
[ 1932.738930][T16379] usb 3-1: Manufacturer: syz
[ 1932.743847][T16379] usb 3-1: SerialNumber: syz
[ 1932.876193][T16379] usb 3-1: config 0 descriptor??
[ 1932.927504][T16379] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1934.082785][T16383] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1934.292121][T16383] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1934.301460][T16383] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1934.375410][T16383] usb 1-1: config 0 descriptor??
[ 1934.406727][T16383] cp210x 1-1:0.0: cp210x converter detected
[ 1934.958999][T16383] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -71
[ 1934.967118][T16383] cp210x 1-1:0.0: querying part number failed
[ 1935.022628][T16383] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1935.094146][T16383] usb 1-1: USB disconnect, device number 24
[ 1935.141884][T16383] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1935.151744][T16383] cp210x 1-1:0.0: device disconnected
[ 1935.643431][T16379] gspca_zc3xx: reg_r err -32
[ 1936.246758][T16379] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1936.255625][T16379] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -32
[ 1936.699842][T24387] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6224'.
[ 1936.741419][T24387] macvtap0: entered promiscuous mode
[ 1936.747308][T24387] ip6gretap0: entered promiscuous mode
[ 1936.756802][T24387] macvtap0: entered allmulticast mode
[ 1936.762688][T24387] ip6gretap0: entered allmulticast mode
[ 1936.883015][T16383] usb 3-1: USB disconnect, device number 53
[ 1936.954359][T24387] ip6gretap0: left allmulticast mode
[ 1936.960078][T24387] ip6gretap0: left promiscuous mode
[ 1938.271185][T24404] =====================================================
[ 1938.279189][T24404] BUG: KMSAN: kernel-infoleak-after-free in _copy_to_user+0xcc/0x120
[ 1938.288062][T24404]  _copy_to_user+0xcc/0x120
[ 1938.293066][T24404]  do_insn_ioctl+0x59c/0x6d0
[ 1938.297848][T24404]  comedi_unlocked_ioctl+0xa5e/0x1f60
[ 1938.303837][T24404]  __se_sys_ioctl+0x23c/0x400
[ 1938.308702][T24404]  __x64_sys_ioctl+0x97/0xe0
[ 1938.313862][T24404]  x64_sys_call+0x1cbc/0x3e20
[ 1938.318788][T24404]  do_syscall_64+0xd9/0x210
[ 1938.323860][T24404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1938.329948][T24404] 
[ 1938.332651][T24404] Uninit was created at:
[ 1938.337210][T24404]  kfree+0x252/0xec0
[ 1938.341315][T24404]  kvfree+0x42/0x60
[ 1938.345901][T24404]  bucket_table_free_rcu+0x153/0x180
[ 1938.351436][T24404]  rcu_core+0xa62/0x2240
[ 1938.356175][T24404]  rcu_core_si+0x12/0x20
[ 1938.360610][T24404]  handle_softirqs+0x166/0x6e0
[ 1938.365820][T24404]  __irq_exit_rcu+0x66/0x180
[ 1938.370609][T24404]  irq_exit_rcu+0x12/0x20
[ 1938.375447][T24404]  sysvec_apic_timer_interrupt+0x84/0x90
[ 1938.381387][T24404]  asm_sysvec_apic_timer_interrupt+0x1f/0x30
[ 1938.387851][T24404] 
[ 1938.390281][T24404] Bytes 4-583 of 584 are uninitialized
[ 1938.396571][T24404] Memory access of size 584 starts at ffff888057b71c00
[ 1938.403823][T24404] 
[ 1938.406294][T24404] CPU: 0 UID: 0 PID: 24404 Comm: syz.0.6230 Tainted: G        W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[ 1938.420457][T24404] Tainted: [W]=WARN
[ 1938.424531][T24404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1938.435214][T24404] =====================================================
[ 1938.442536][T24404] Disabling lock debugging due to kernel taint
[ 1938.448834][T24404] Kernel panic - not syncing: kmsan.panic set ...
[ 1938.455406][T24404] CPU: 0 UID: 0 PID: 24404 Comm: syz.0.6230 Tainted: G    B   W           6.17.0-rc1-syzkaller-00038-g0cc53520e68b #0 PREEMPT(none) 
[ 1938.469287][T24404] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1938.474443][T24404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1938.484661][T24404] Call Trace:
[ 1938.488060][T24404]  <TASK>
[ 1938.491112][T24404]  __dump_stack+0x26/0x30
[ 1938.495741][T24404]  dump_stack_lvl+0x53/0x270
[ 1938.500535][T24404]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1938.506736][T24404]  dump_stack+0x1e/0x25
[ 1938.511086][T24404]  vpanic+0x361/0xc50
[ 1938.515281][T24404]  panic+0x15d/0x160
[ 1938.519402][T24404]  kmsan_report+0x31c/0x320
[ 1938.524080][T24404]  ? kmsan_internal_check_memory+0x1e1/0x230
[ 1938.530332][T24404]  ? kmsan_copy_to_user+0xf1/0x190
[ 1938.535608][T24404]  ? _copy_to_user+0xcc/0x120
[ 1938.540451][T24404]  ? do_insn_ioctl+0x59c/0x6d0
[ 1938.545373][T24404]  ? comedi_unlocked_ioctl+0xa5e/0x1f60
[ 1938.551078][T24404]  ? __se_sys_ioctl+0x23c/0x400
[ 1938.556100][T24404]  ? __x64_sys_ioctl+0x97/0xe0
[ 1938.561070][T24404]  ? x64_sys_call+0x1cbc/0x3e20
[ 1938.566145][T24404]  ? do_syscall_64+0xd9/0x210
[ 1938.571058][T24404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1938.577420][T24404]  ? kmsan_get_metadata+0xfb/0x160
[ 1938.582740][T24404]  ? kmsan_get_metadata+0xfb/0x160
[ 1938.588133][T24404]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1938.594136][T24404]  ? kmsan_get_metadata+0xfb/0x160
[ 1938.599527][T24404]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1938.605565][T24404]  ? subdev_8255_insn+0x526/0x690
[ 1938.610794][T24404]  ? kmsan_get_metadata+0xfb/0x160
[ 1938.616173][T24404]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1938.622171][T24404]  ? kmsan_get_metadata+0xfb/0x160
[ 1938.627470][T24404]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1938.633479][T24404]  kmsan_internal_check_memory+0x1e1/0x230
[ 1938.639514][T24404]  kmsan_copy_to_user+0xf1/0x190
[ 1938.644762][T24404]  _copy_to_user+0xcc/0x120
[ 1938.649456][T24404]  do_insn_ioctl+0x59c/0x6d0
[ 1938.654253][T24404]  comedi_unlocked_ioctl+0xa5e/0x1f60
[ 1938.659856][T24404]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[ 1938.665829][T24404]  __se_sys_ioctl+0x23c/0x400
[ 1938.670682][T24404]  __x64_sys_ioctl+0x97/0xe0
[ 1938.675456][T24404]  x64_sys_call+0x1cbc/0x3e20
[ 1938.680351][T24404]  do_syscall_64+0xd9/0x210
[ 1938.685037][T24404]  ? irqentry_exit+0x16/0x60
[ 1938.689914][T24404]  ? clear_bhb_loop+0x40/0x90
[ 1938.694766][T24404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1938.700841][T24404] RIP: 0033:0x7f127b98ebe9
[ 1938.705419][T24404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1938.725214][T24404] RSP: 002b:00007f127c7aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1938.733823][T24404] RAX: ffffffffffffffda RBX: 00007f127bbb5fa0 RCX: 00007f127b98ebe9
[ 1938.741975][T24404] RDX: 0000200000000000 RSI: 000000008028640c RDI: 0000000000000004
[ 1938.750099][T24404] RBP: 00007f127ba11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1938.758205][T24404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1938.766296][T24404] R13: 00007f127bbb6038 R14: 00007f127bbb5fa0 R15: 00007ffff0f391b8
[ 1938.774444][T24404]  </TASK>
[ 1938.778018][T24404] Kernel Offset: disabled
[ 1938.782417][T24404] Rebooting in 86400 seconds..