last executing test programs:

7m46.930066125s ago: executing program 3 (id=199):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r3)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00')
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r4, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, 0x0, 0x0}, 0x94)
rt_sigaction(0xd, &(0x7f00000002c0)={0x0, 0x8000000, &(0x7f0000000180)="c4c1fa6f6355dbccf30faeccc483c17c780601c4c105d4b5feeffffff0420fab4a6ec4a2a93a5a05420f18b10b00000067f342c200803e36f20f2c4e00", {[0x7]}}, 0x0, 0x8, &(0x7f0000000500))
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
getrlimit(0x2, &(0x7f0000000540))
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x11, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)

7m45.753233224s ago: executing program 3 (id=202):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000300)=0x3e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
r3 = socket(0x10, 0x2, 0x81)
r4 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000140), &(0x7f0000000180), 0x3fffffbb, r5, 0xeeeeeeee})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x280, 0x0)
fcntl$lock(r6, 0x25, &(0x7f0000000000)={0x0, 0x0, 0x7f})
r7 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r7, 0xc0205648, &(0x7f00000001c0)={0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f041, 0x0, '\x00', @p_u8=0x0}})
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none, 0x2}, 0xa)
connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
r8 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_buf(r9, 0x6, 0x21, 0x0, 0x0)

7m43.765936909s ago: executing program 3 (id=204):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f0000000280), 0x0, 0x4008891, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0)={0x9, 0x4, 0xfe, 0x2, 0x3, 0x0, 0x5, 0x0, 0x0, 0xfc, 0x3, 0x0, 0x0, 0x5}, 0xe)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000000000)=0xf66, 0x4)
shutdown(r1, 0x1)
recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)

7m41.533254626s ago: executing program 3 (id=208):
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3f5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0x2, 0x232, &(0x7f0000000500)="$eJzslbFrFEEUxr+Z3du7BA1YaGFzKQJGMHu7G5U0FrEXhETU8jCTcLrJhcsVSUBIsBHEWvwD7KwtUlnYaWVtoYJgYUobBUdmdvZ2Nrt78bhgk/eDm/vmzbyZN7Nv34IgiFPL1y8/Pz+/ubB8BcAZzKBu7N+dbA635n966dSMfLcx9fjAGmqohgGQMjO6x+zvAXi76AB7ybJSZt6vzb9acxkcM6Z/BxyXjb4LBj+NVWbeAgz3jfnhphycpjthRCzYg268stqJRaCaUDXRaudVLRefiv9wn2HFHFDtwKzxrZ3dR+0Y6CUiFqmoyXSfwlAqkpMBJUM5Mez+dHyLHDesK1DP697TJ/uq7xt7YN1fCI7Q6HkwLBm9gDp832+argit8190s/Wd5LEl7FXHXRSNUSaPL87N5SzTUEJl+HD3iVio055YGH/kkDn1kRdkJqu8XAqOEeGz8U+q4hjdizeLXl5xnYY5qLaIY16Sf9idHbUwOyUuHB68L3p9+29Je/IC5gLtoRfqoj5OxvGtUq/zOct0xSvj4awuCZUpkdQP5gKXrPrkWl+FVn99s7W1szvXWW+viTWxEUXz14OrQXAtaunanLR2uTtS/xq6Pk1a69cqaqXHPGy3+/1euA30e+GgHyWtlUxLb7o/tA/X9Y9j9reU6edFv3jph5Ll92Dmx/W/UrNObgKvCI4gCIIgCIIgCIIgCIIgCKKUX5ZuguHD1KAry3Gj23r4bwAAAP//c8NPrw==")
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], &(0x7f0000007d40)=[{}, {}, {}, {}, {}], &(0x7f00000000c0), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x3c3c3c3c3c3c49c, 0x0, 0x1, 0x0, r4})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0xffffffffffffffda}, 0x10)

7m30.418843837s ago: executing program 3 (id=229):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x2, &(0x7f0000000340)=[@op={0x18}], 0x18}], 0x1, 0x20040804)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

7m30.05675633s ago: executing program 3 (id=231):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
capset(0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
r5 = dup(0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, 0x0, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r6, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)}, 0x4048043)
dup(0xffffffffffffffff)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'comedi_bond\x00', [0x2f, 0x80, 0x10006, 0x4, 0x1, 0xcc7, 0x8, 0x17, 0xa, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x4, 0x105, 0x8, 0x2, 0x2009, 0x1, 0x89, 0x6, 0x0, 0x20001e5a, 0x1000b, 0x7, 0x9, 0x8, 0x6, 0x401, 0xfffffffd]})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000000000)={0x2, 0x1000, 0x2, 0x0, 0x0, 0x0})

7m14.587966614s ago: executing program 32 (id=231):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0\x00', 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
capset(0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000000)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020011b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ffd000/0x2000)=nil)
r5 = dup(0xffffffffffffffff)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, 0x0, 0x0)
r6 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$vim2m_VIDIOC_QUERYBUF(r6, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000000)={0xa, 0x4e24, 0x8, @ipv4={'\x00', '\xff\xff', @local}, 0x2}, 0x1c, &(0x7f0000000380)}, 0x4048043)
dup(0xffffffffffffffff)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'comedi_bond\x00', [0x2f, 0x80, 0x10006, 0x4, 0x1, 0xcc7, 0x8, 0x17, 0xa, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x4, 0x105, 0x8, 0x2, 0x2009, 0x1, 0x89, 0x6, 0x0, 0x20001e5a, 0x1000b, 0x7, 0x9, 0x8, 0x6, 0x401, 0xfffffffd]})
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET_DEF(r7, 0x4b72, &(0x7f0000000000)={0x2, 0x1000, 0x2, 0x0, 0x0, 0x0})

6m42.461308731s ago: executing program 1 (id=307):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@dioread_nolock}, {@nogrpid}, {@quota}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r5, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r3}, 0x20)
recvmmsg(r3, &(0x7f0000000b80)=[{{0x0, 0xffffffffffffff6c, 0x0, 0x0, 0x0, 0x52}, 0xa}], 0x360, 0x120, 0x0)

6m40.800043653s ago: executing program 1 (id=310):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f00000001c0)=ANY=[], 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000000, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000001200)={0x1000, ""/4096})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x529ae000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000100000027bf00000005"], 0x48)

6m39.157585335s ago: executing program 1 (id=313):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a", 0x27}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000340)=[@op={0x18}], 0x18}], 0x1, 0x20040804)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

6m38.656018239s ago: executing program 1 (id=316):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000300)=0x3e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
r3 = socket(0x10, 0x2, 0x81)
r4 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000140), &(0x7f0000000180), 0x3fffffbb, 0x0, 0xeeeeeeee})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', 0x0})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x280, 0x0)
r6 = getpid()
fcntl$lock(r5, 0x25, &(0x7f0000000000)={0x0, 0x0, 0x7f, 0x0, r6})
r7 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r7, 0xc0205648, &(0x7f00000001c0)={0x0, 0x7, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xf0f041, 0x0, '\x00', @p_u8=0x0}})
connect$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000040)={0x1f, @none, 0x2}, 0xa)
connect$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
r8 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_buf(r9, 0x6, 0x21, 0x0, 0x0)

6m36.865372343s ago: executing program 1 (id=321):
syz_read_part_table(0x5f2, &(0x7f0000000600)="$eJzs0k1rXGUUAOBzp5ncTp06gxRc6EJoKQjRaosrM9BShqGbthSVgq4LXegi0EUXQ0qSdYx/wBASIWSTPxAQISaBECFZhSxDNi4TBBmCXLnzGcWNOJIGnmfxft3z3nNm7gkutEJUyp1VlkbEH6V/iKlGRNrf/fhGRNI9+XylnsZ7j+89+Sw+SeKriKi/W77SD80K/WWap8qTFPNdEg9Ksbuwff9kpbpzfW/zxmI3MunFf324VBnUcimi1H1LjI526o6I28P8J7iIZmsbEVlbGo3m0Z1nScTv7UfjSRqvnnYbay2fL7eX+fjlsPKv1vKenGjMvqw932808/794Zfs0fH3Vz8sbu62bm9FRDHeHDT2oI5kWDVwfu5eioiZ/vc/mr82dTDVenhz+cWtsZFYn5y724n7rfu1P22P1Sj22wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA4VmsbrZiZaMy+rD3fbzSP7jz7oP7Ot/VvvivG+OQXb48/LeRRSWSnvRuls9eLQ8hfmZ7pvaZ5pbs4jqsT+dzbx1gScbm7HomR/5qW18T7xYjpM/03f+2jj6daD28uv7g19tbB+uRc0onL/n7x161zqBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAjq8SrL7j0pRCTxczI4z9L2VMiHM8fxKO08eJAkycL2/ZOV6s71vc0bi4/TOP0pItbKUW4HHC5V/ppp9P//MfxrfwYAAP//SyVwtQ==")
socket$packet(0x11, 0x3, 0x300)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/partitions\x00', 0x0, 0x0)
preadv(r0, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/4083, 0xff3}], 0x1, 0x206, 0x0)
socket(0x11, 0x3, 0x8000)

6m32.962994221s ago: executing program 1 (id=329):
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3f5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0x2, 0x232, &(0x7f0000000500)="$eJzslbFrFEEUxr+Z3du7BA1YaGFzKQJGMHu7G5U0FrEXhETU8jCTcLrJhcsVSUBIsBHEWvwD7KwtUlnYaWVtoYJgYUobBUdmdvZ2Nrt78bhgk/eDm/vmzbyZN7Nv34IgiFPL1y8/Pz+/ubB8BcAZzKBu7N+dbA635n966dSMfLcx9fjAGmqohgGQMjO6x+zvAXi76AB7ybJSZt6vzb9acxkcM6Z/BxyXjb4LBj+NVWbeAgz3jfnhphycpjthRCzYg268stqJRaCaUDXRaudVLRefiv9wn2HFHFDtwKzxrZ3dR+0Y6CUiFqmoyXSfwlAqkpMBJUM5Mez+dHyLHDesK1DP697TJ/uq7xt7YN1fCI7Q6HkwLBm9gDp832+argit8190s/Wd5LEl7FXHXRSNUSaPL87N5SzTUEJl+HD3iVio055YGH/kkDn1kRdkJqu8XAqOEeGz8U+q4hjdizeLXl5xnYY5qLaIY16Sf9idHbUwOyUuHB68L3p9+29Je/IC5gLtoRfqoj5OxvGtUq/zOct0xSvj4awuCZUpkdQP5gKXrPrkWl+FVn99s7W1szvXWW+viTWxEUXz14OrQXAtaunanLR2uTtS/xq6Pk1a69cqaqXHPGy3+/1euA30e+GgHyWtlUxLb7o/tA/X9Y9j9reU6edFv3jph5Ll92Dmx/W/UrNObgKvCI4gCIIgCIIgCIIgCIIgCKKUX5ZuguHD1KAry3Gj23r4bwAAAP//c8NPrw==")
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], &(0x7f0000007d40)=[{}, {}, {}, {}, {}], &(0x7f00000000c0), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x3c3c3c3c3c3c49c, 0x0, 0x1, 0x0, r4})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0xffffffffffffffda}, 0x10)

6m17.012717809s ago: executing program 33 (id=329):
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x3f5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000020b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r2}, 0x18)
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file0\x00', 0x1000801, &(0x7f0000000140)=ANY=[], 0x2, 0x232, &(0x7f0000000500)="$eJzslbFrFEEUxr+Z3du7BA1YaGFzKQJGMHu7G5U0FrEXhETU8jCTcLrJhcsVSUBIsBHEWvwD7KwtUlnYaWVtoYJgYUobBUdmdvZ2Nrt78bhgk/eDm/vmzbyZN7Nv34IgiFPL1y8/Pz+/ubB8BcAZzKBu7N+dbA635n966dSMfLcx9fjAGmqohgGQMjO6x+zvAXi76AB7ybJSZt6vzb9acxkcM6Z/BxyXjb4LBj+NVWbeAgz3jfnhphycpjthRCzYg268stqJRaCaUDXRaudVLRefiv9wn2HFHFDtwKzxrZ3dR+0Y6CUiFqmoyXSfwlAqkpMBJUM5Mez+dHyLHDesK1DP697TJ/uq7xt7YN1fCI7Q6HkwLBm9gDp832+argit8190s/Wd5LEl7FXHXRSNUSaPL87N5SzTUEJl+HD3iVio055YGH/kkDn1kRdkJqu8XAqOEeGz8U+q4hjdizeLXl5xnYY5qLaIY16Sf9idHbUwOyUuHB68L3p9+29Je/IC5gLtoRfqoj5OxvGtUq/zOct0xSvj4awuCZUpkdQP5gKXrPrkWl+FVn99s7W1szvXWW+viTWxEUXz14OrQXAtaunanLR2uTtS/xq6Pk1a69cqaqXHPGy3+/1euA30e+GgHyWtlUxLb7o/tA/X9Y9j9reU6edFv3jph5Ll92Dmx/W/UrNObgKvCI4gCIIgCIIgCIIgCIIgCKKUX5ZuguHD1KAry3Gj23r4bwAAAP//c8NPrw==")
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000059c0)=[0x0], &(0x7f0000007d40)=[{}, {}, {}, {}, {}], &(0x7f00000000c0), &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x3c3c3c3c3c3c49c, 0x0, 0x1, 0x0, r4})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002280)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000200)={0x10, 0xffffffffffffffda}, 0x10)

13.365711911s ago: executing program 5 (id=1085):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000080), 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000008c0)='.\x00', 0x40000, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000200)='./bus\x00', 0x28600, 0x0, 0xbc, 0x0, &(0x7f0000000300))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')
chroot(0x0)
fdatasync(r0)

13.137463603s ago: executing program 2 (id=1086):
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_uring_enter(0xffffffffffffffff, 0x207a98, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(0x0, 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, 0x0)
socket(0x840000000002, 0x3, 0xff)
r5 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$apparmor_exec(r5, &(0x7f0000000140)=ANY=[@ANYBLOB='stack :'], 0x7)

10.167403465s ago: executing program 5 (id=1093):
syz_mount_image$xfs(&(0x7f0000000400), &(0x7f0000009640)='./file0\x00', 0x0, &(0x7f0000000240)={[{@lazytime}, {@grpquota}, {@quota}, {@qnoenforce}, {@uqnoenforce}, {@nolazytime}, {@dax_never}, {@usrquota}]}, 0x14, 0x968d, &(0x7f0000009680)="$eJzs3Am4pnMBuP/3DGOXMVRSaiqiRdYsUWYGMxSSJdqRJWUpqdCmRUoqItqzb9nKEsrWSrK3UEKoZIm02Ib5X2fmDGPcpF+//+VX931f1znv+z7v8zzn+34/z3KO5mrzSRtPHAzmGkxv3GDWzr1m8pQxV21w+5FbLXjMcqfcvf8jV1x8/MjjhJHHiYPBYNTI20PTl40dnHraqMHs05Y/3LxzzzM0/2Cw/MjLkf0MVp7+MP/lM9abOkuzDnTo4W/7TP+a1gLDP2L4yWH773X4YDAYM9P2Q4PB0J6P+qDSNp8wedLDVg+5DVuNHnk+89cc07/mv2gwmP+MAR8fM6879CR8pOGfueeLzhm9wZPws//r2nzC5HVn8R8+F2cbWbby8Dk+6zlobNbj/NYltlh1ZAqnHW+DwfAl7hHnyn9Fm0+YtN7gsa/zgyNXu2CfqdOvm3MOpt8o5h4MBvOMXF/ne7Jd6j9rwsQVpt2zZ7weYZ9xLO9Jx8XxbznpweGb9GAwWGgwGLvOjHtBVVVV/Xc0YeIKa8L9f67Hu/+ffPKiZ3T/r6qq+u9t3QkTVxi+189y/5/v8e7/uyx64cem/7f/8StP3+rBJ/dDVFVV1b/VpHXx/j/m8e7/K6956Xrd/6uqqv5722j9aff/+Wa5/y/8ePf/N5602mIj6834veGBmXY5NNP/nnD/TMtnm2n5fTMtHz3TfmZef46Zlt8z0/I5h9+D9ccNBmNn/HvBKQ8vHjtu+L2R5ffOtHz8w/9OZ/G1Zlo+Yablk2ZaPnFkrMPLJ8+0fPJM66/zOFNdVVX1/0wbrTBpzcFM/85+ZPEiM96n+//5Z1679JM13qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqvrv7MHbzzpnMBgMDQaDUYPBlMHI85kfB1OnTp06/Prk8y677Ekb6P8bDZ17zeQpY67a4PYjt1rwmOVOuXv/h2fpv7b//k9Q/0nD/nMdN24w2GnTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHrz9rHNGjoFRg8GUwcjzPWc8nrnfG940suqqm51y50EPb7n4+O1Hnp17zeQp2z8JY38SGhr+rGOu2uD2I7da8JjlTrl7//+Bs+e//xPUf9I0/+2HBoOR83vM8Lm8wYSNNllqMBgcdOcpm600eOi9VYbfW23sbIPZpm261LTvay/OO95znemP44e/LfzQPk6etv91px4629Asg5ipV5x7w5Fv3/zuFWd9XPKxP8eoGU8Ov+70u6ZOnTr1EQtHmusxNp6x/xmfZdbzfGTsSw2PfZldd3zXMu/ZfY+lt99xy+222W6bnZZbYZUVV1p+uZVWfdky226/wzbLTv/+GHM2btr3NZ/InM0365zdPmHmOZv1sz3WnI17/DmbtscpewxtMmPOZv8352zNx5+zcduP/KDFx48ebDFtaoYGg8XXGj3YbfjFcnMOBouvPbLuIsPrrj521GCw38MfdPjZnA8dg0N7Dq+z+aSNJz48skd/wkddpx+x4uLjRx4njDxOnD7EcYOHD8Wxg1NPGzU8F4+Y5nnnnmdo/sFg+ZGXI/sZrDry7iEz1ps6S7MOdOjhb/tM/5rWAsM7GX7yjmXPunr4XJxl+/8/+j+6/j/Ka5WhhyZqaORrZJ3pXhMmr/vwz5o2DcNzN9vIspWHTWads/+bPWq842YfjHmc8U5ad+IKw4tnmf8Zm+DxdccSF3xg+rE1fuXpWz34f4xC453vcca77gQc73yPN97jPnjJadN39X9tvLNc69ab9n38E7nWDR7/Wjcb7WCbixeb9Vr36sce4iPO4xlzNOcsKz3WtW63g5ffc3j/4x//Wrfe8NhHP+JaN2owWHzNGde64QvfpNGD/YZfLD/8YvLowTHDL1aY9mLuwXnDL176tp132Hp4wToz5mTZ4f2OHzs0zf2ClW9ZcuoBU6euNTKW8WMfOdaR42PczPfzCWOnT+aMbWfsd3jVGfu9+enT35s0st8J/8Z+Z2xL471zgenvTR7Z78RZ9jv6cfY7Y9tHnQ9LDT104XqM682kWa43I3/jzPhxj/iaY/rX/BcNBvOfQb6zrPsvr5l0/s71OOOdMHGFNYfHN8v5+9DhSOfvJZOvGr5XzD8YDBYaDMauM2Ps/2ZDjzXe2R9/vBNhvLM/3nivOHbH9f8vjHcw03gfcZxtvtH0Y2WdkeNs8r9x/M7Ydtbr2Ohp706/7K/zRK5j4x51HfvobKNmmeyZeqzf2baG9ac/X+Th33OvOfHoGXM/epb9/qvf2Wb6LENwHRszy9/zo9a5fjBEc77ncatfOnTg48/56MEj/7aYMecztn28OZ/8ROb8WY8/50/09+Slnj/9/dGzjH/mOd9w32d+ZsaczzHLfv/VnE9+/HvHo+d8/GA0zfmy902ft8e7nj7WnM/YdsacD3/E1cbOPlh7+J41MueTnsicL/J/5zifB9af/nybhxadfeQpr5sx57PO8b+a80n/7pyPe+g4X3zae88bNZhjjsFuW+666y7LTf8+4+Xy07/zteiea6bP8+PdSx/LaMa2j3derPVEjMY8IaOhf2W06OyPZfTwqXXEzrs87f/0WrTWv2s04GvRVUdPn7fH+73oseZ8xrZ0H1x4pu1n/Tt0o/Wn/d493yz3wRmb4H3w7DPX23vGLkc2e2CWYc64r94/0/LZZlp+30zLR8+0n5nXn2Om5ffMtHz4I8wx0/ozWMcN/807snzKw6uPHf7ladzI8ntnWj7+4W0XX2um5RNmWj5ppuUTHz40Fp880/LJM62/zuDfbMZ/k95+1ot8PdH677/u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFPXj7WeeMHAOjBoMpg+nPh0YeB3sObXjbGsOPg8Fg9MonTN3wyR7vk9zQuddMnjLmqg1uP3KrBY9Z7pS79/8fOHv++z9B/SdN899+aDAYOb/HbD8YDDaYsNEmSw0Ggw2nnrDyqMFD7y0y/N7qY0cNBvsNPWIHcz60ztCew+tsPmnjiYPBXCNrjHvUD33UefSIFRcfP/I4YeRx4vTr07jBw8fr2MGpp40azD5t+cPNO/c8Q/MPBsuPvBzZz2Dl6Q/zXz5jvamzNOtAhx7+ts/0r2ktMPwjhp/stt3kZw/P1Szb/z/TjGv19qP+5aqd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93/55/R8v/Wom6y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u3/ff+7/X8ZRT06d/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3IO3n3XOyDEwajCYMpj+fGjPkcfB0EmnvnDkEBm9+5VHHfpkj/dJbujcayZPGXPVBrcfudWCxyx3yt37/w+cPf/9n6D+k6b5bz80GIyc32O2HwwGG0zYaJOlBoPBoUddufuowUPvLTL83upjRw0G+w09YgdzPrTO0J7D62w+aeOJg8FcI2uMe9QPfdR59IgVFx8/8jhh5HHi9OvTuMHDx+vYwamnjRrMPm35w8079zxD8w8Gy4+8HNnPYOXpD/NfPmO9qbM060CHHv62z/SvaS0w/COGn+w13zUnDc/VLNv/P9OMa/X2o/7lqp3/7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+7B2886Z+QYGDUYTBlMfz5q5HFoz5tu/PAmw4/DrxdcZ+9rnuzxPskNnXvN5Cljrtrg9iO3WvCY5U65e///gbPnv/8T1H/SsP9cx40bDHba9MkeSj0Jdf67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uAdvP+uckaejHl46as+OC2zo3GsmTxlz1Qa3H7nVgscsd8rd+z/ZA/pPewz/j+aPWfw/lj9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/p/JH7P475s/ZvH/bP6Yxf9z+WMW/8/nj1n898sfs/jvnz9m8f9C/pjF/4D8MYv/gfljFv8v5o9Z/A/KH7P4H5w/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6Yxf/r+WMW/2/kj1n8v5k/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi/+38scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/2/ljFv/v5I9Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/7v5Yxb/M/LHLP5n5o9Z/M/KH7P4fy9/zOL//fwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bx/0H+mMX/h/ljFv8f5Y9Z/H+cP2bx/0n+mMX/p/ljFv8L8scs/hfmj1n8f5Y/ZvG/KH/M4v/z/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/xf5Yxb/X+aPWfx/lT9m8f91/pjF/6r8MYv/1fljFv/f5I9Z/H+bP2bxvyZ/zOL/u/wxi/+1+WMW/+vyxyz+1+ePWfx/nz9m8b8hf8zif2P+mMX/pvwxi/8f8scs/n/MH7P4/yl/zOJ/c/6Yxf/P+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bx/0v+mMX/jvwxi/+d+WMW/7/mj1n878ofs/j/LX/M4v/3/DGL/z/yxyz+/8wfs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/yn5Yxb/B/LHLP4P5o9Z/Kfmj0n8Zxvkj1n8h/LHLP6j8scs/rPlj1n8Z88fs/iPzh+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP7z5Y9Z/OfPH7P4PyV/zOK/QP6YxX9M/pjFf8H8MYv/2Pwxi/9C+WMW/4Xzxyz+T80fs/g/LX/M4v/0/DGL/yL5Yxb/Z+SPWfwXzR+z+D8zf8zi/6z8MYv/YvljFv9n549Z/J+TP2bxH5c/ZvF/bv6Yxf95+T+q2UceDf7Pzx+znP+L549Z/JfIH7P4vyB/zOK/ZP6YxX+p/DGL/wvzxyz+L8ofs/i/OH/M4v+S/DGL/9L5Yxb/l+aPWfyXyR+z+C+bP2bxXy5/zOK/fP6YxX+F/DGL/4r5Yxb/l+WPWfxXyh+z+K+cP2bxXyV/zOK/av6Yxf/l+WMW/9Xyxyz+q+ePWfxfkT9m8X9l/pjFf438MYv/+Pwxi/+E/DGL/8T8MYv/mvljFv+18scs/mvnj1n8J+WPWfwnq/xne8JrWvzXUfk/8Sz+6+aPWfxflT9m8X91/pjFf738MYv/+vljFv8N8scs/q/JH7P4b5g/ZvF/bf6YxX+j/DGL/8b5Yxb/TfLHLP6b5o9Z/F+XP2bx3yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyf/aR042yNfW/zPzR+z+J+XP2bxPz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/9P88cs/hfkj1n8L8wfs/j/LH/M4n9R/pjF/+f5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/L/LHLP6/zB+z+P8qf8zi/+v8MYv/VfljFv+r88cs/r/JH7P4/zZ/zOJ/Tf6Yxf93+WMW/2vzxyz+1+WPWfyvzx+z+P8+f8zif0P+mMX/xvwxi/9N+WMW/z/kj1n8/5g/ZvH/U/6Yxf/m/DGL/5/zxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOL/l/wxi/8d+WMW/zvzxyz+f80fs/jflT9m8f9b/pjF/+/5Yxb/f+SPWfz/mT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+U/LHLP4P5I9Z/B/MH7P4T80fk/jPPsgfs/gP5Y9Z/Eflj1n8Z8sfs/jPnj9m8R+dP2bxnyN/zOI/Z/6YxX+u/DGL/9z5Yxb/efLHLP7z5o9Z/OfLH7P4z58/ZvF/Sv6YxX+B/DGL/5j8MYv/gvljFv+x+WMW/4Xyxyz+C+ePWfyfmj9m8X9a/pjF/+n5Yxb/RfLHLP7PyB+z+C+aP2bxf2b+mMX/WfljFv/F8scs/s/OH7P4Pyd/zOI/Ln/M4v/c/DGL//Pyxyz+z88fs/gvnj9m8V8if8zi/4L8MYv/kvljFv+l8scs/i/MH7P4vyh/zOL/4vwxi/9L8scs/kvnj1n8X5o/ZvFfJn/M4r9s/pjFf7n8MYv/8vljFv8V8scs/ivmj1n8X5Y/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv+X549Z/FfLH7P4r54/ZvF/Rf6Yxf+V+WMW/zXyxyz+4/PHLP4T8scs/hPzxyz+a+aPWfzXyh+z+K+dP2bxn5Q/ZvGfnD9m8V8nf8ziv27+mMX/VfljFv9X549Z/NcT+q/xBNax+K8v9H8iWfw3yB+z+L8mf8ziv2H+mMX/tYPL8ocs/ht1/mMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/6EH+mMV/KH/M4j8qf8ziP1v+mMV/9vwxi//o/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/U/LHLP4L5I9Z/Mfkj1n8F8wfs/iPzR+z+C+UP2bxXzh/zOL/1Pwxi//T8scs/k/PH7P4L5I/ZvF/Rv6YxX/R/DGL/zPzxyz+z8ofs/gvlj9m8X92/pjF/zn5Yxb/cfljFv/n5o9Z/J+XP2bxf37+mMV/8fwxi/8S+WMW/xfkj1n8l8wfs/gvlT9m8X9h/pjF/0X5Yxb/F+ePWfxfkj9m8V86f8zi/9L8MYv/MvljFv9l88cs/svlj1n8l88fs/ivkD9m8V8xf8zi/7L8MYv/SvljFv+V88cs/qvkj1n8V80fs/i/PH/M4r9a/pjFf/X8MYv/K/LHLP6vzB+z+K+RP2bxH58/ZvGfkD9m8Z+YP2bxXzN/zOK/Vv6YxX/t/DGL/6T8MYv/5Pwxi/86+WMW/3Xzxyz+r8ofs/i/On/M4r9e/pjFf/38MYv/BvljFv/X5I9Z/DfMH7P4vzZ/zOK/Uf6YxX/j/DGL/yb5Yxb/TfPHLP6vyx+z+G+WP2bx3zx/zOL/+vwxi/8b8scs/m/MH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4b5E/ZvHfMn/M4r9V/pjF/235Yxb/rfPHLP7b5I9Z/LfNH7P4b5c/ZvF/e/6YxX/7/DGL/zvyxyz+78wfs/jvkD9m8d8xf8ziv1P+mMV/5/wxi/+78scs/u/OH7P475I/ZvF/T/6YxX/X/DGL/3vzxyz+78sfs/i/P3/M4r9b/pjFf/f8MYv/HvljFv8P5I9Z/D+YP2bx/1D+mMX/w/ljFv+P5I9Z/PfMH7P4fzR/zOL/sfwxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8f9M/pjFf9/8MYv/Z/PHLP6fyx+z+H8+f8ziv1/+mMV///wxi/8X8scs/gfkj1n8D8wfs/h/MX/M4n9Q/pjF/+D8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zi/838MYv/IfljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfy/lT9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+384fs/h/J3/M4n9K/pjF/9T8MYv/afljFv/T88cs/t/NH7P4n5E/ZvE/M3/M4n9W/pjF/3v5Yxb/7+ePWfzPzh+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+P80fs/hfkD9m8b8wf8zi/7P8MYv/RfljFv+f549Z/C/OH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/r/IH7P4/zJ/zOL/q/wxi/+v88cs/lflj1n8r84fs/j/Jn/M4v/b/DGL/zX5Yxb/3+WPWfyvzR+z+F+XP2bxvz5/zOL/+/wxi/8N+WMW/xvzxyz+N+WPWfz/kD9m8f9j/pjF/0/5Yxb/m/PHLP5/zh+z+N+SP2bxvzV/zOJ/W/6Yxf/2/DGL/1/yxyz+d+SPWfzvzB+z+P81f8zif1f+mMX/b/ljFv+/549Z/P+RP2bx/2f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+E/JH7P4P5A/ZvF/MH/M4j81f0ziP8cgf8ziP5Q/ZvEflT9m8Z8tf8ziP3v+mMV/dP6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjF/yn5Yxb/BfLHLP5j8scs/gvmj1n8x+aPWfwXyh+z+C+cP2bxf2r+mMX/afljFv+n549Z/BfJH7P4PyN/zOK/aP6Yxf+Z+WMW/2flj1n8F8sfs/g/O3/M4v+c/DGL/7j8MYv/c/PHLP7Pyx+z+D8/f8ziv3j+mMV/ifwxi/8L8scs/kvmj1n8l8ofs/i/MH/M4v+i/DGL/4vzxyz+L8kfs/gvnT9m8X9p/pjFf5n8MYv/svljFv/l8scs/svnj1n8V8gfs/ivmD9m8X9Z/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8X54/ZvFfLX/M4r96/pjF/xX5Yxb/V+aPWfzXyB+z+I/PH7P4T8gfs/hPzB+z+K+ZP2bxXyt/zOK/dv6YxX9S/pjFf3L+mMV/nfwxi/+6+WMW/1flj1n8X50/ZvFfL3/M4r9+/pjFf4P8MYv/a/LHLP4b5o9Z/F+bP2bx3yh/zOK/cf6YxX+T/DGL/6b5Yxb/1+WPWfw3yx+z+G+eP2bxf33+mMX/DfljFv835o9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/LfIH7P4b5k/ZvHfKn/M4v+2/DGL/9b5Yxb/bfLHLP7b5o9Z/LfLH7P4vz1/zOK/ff6Yxf8d+WMW/3fmj1n8d8gfs/jvmD9m8d8pf8ziv3P+mMX/XfljFv93549Z/HfJH7P4vyd/zOK/a/6Yxf+9+WMW//flj1n8358/ZvHfLX/M4r97/pjFf4/8MYv/B/LHLP4fzB+z+H8of8zi/+H8MYv/R/LHLP575o9Z/D+aP2bx/1j+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/h/Jn/M4r9v/pjF/7P5Yxb/z+WPWfw/nz9m8d8vf8ziv3/+mMX/C/ljFv8D8scs/gfmj1n8v5g/ZvE/KH/M4n9w/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8f9m/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+38ofs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/2/nj1n8v5M/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv/v5o9Z/M/IH7P4n5k/ZvE/K3/M4v+9/DGL//fzxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/5/mj1n8L8gfs/hfmD9m8f9Z/pjF/6L8MYv/z/PHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv9f5I9Z/H+ZP2bx/1X+mMX/1/ljFv+r8scs/lfnj1n8f5M/ZvH/bf6Yxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d1r95378ty3+f7X6/4ss/nflj1n8/5Y/ZvH/e/6Yxf8f+WMW/3/mj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/+U/DGL/wP5Yxb/B/PHLP5T88ck/nMO8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMV/jfwxi//4/DGL/4T8MYv/xPwxi/+a+WMW/7Xyxyz+a+ePWfwn5Y9Z/Cfnj1n818kfs/ivmz9m8X9V/pjF/9X5Yxb/9fLHLP7r549Z/DfIH7P4vyZ/zOK/Yf6Yxf+1+WMW/43yxyz+G+ePWfw3yR+z+G+aP2bxf13+mMV/s/wxi//m+WMW/9fnj1n835A/ZvF/Y/6Yxf9N+WMW/zfnj1n835I/ZvF/a/6YxX+L/DGL/5b5Yxb/rfLHLP5vyx+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/9vzxyz+2+ePWfzfkT9m8X9n/pjFf4f8MYv/jvljFv+d8scs/jvnj1n835U/ZvF/d/6YxX+X/DGL/3vyxyz+u+aPWfzfmz9m8X9f/pjF//35Yxb/3fLHLP67549Z/PfIH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOK/Z/6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/Z/LHLP775o9Z/D+bP2bx/1z+mMX/8/ljFv/98scs/vvnj1n8v5A/ZvE/IH/M4n9g/pjF/4v5Yxb/g/LHLP4H549Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv9v5o9Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zi/638MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8f92/pjF/zv5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvH/bv6Yxf+M/DGL/5n5Yxb/s/LHLP7fyx+z+H8/f8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfx/kD9m8f9h/pjF/0f5Yxb/H+ePWfx/kj9m8f9p/pjF/4L8MYv/hfljFv+f5Y9Z/C/KH7P4/zx/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvH/Rf6Yxf+X+WMW/1/lj1n8f50/ZvG/Kn/M4n91/pjF/zf5Yxb/3+aPWfyvyR+z+P8uf8zif23+mMX/uvwxi//1+WMW/9/nj1n8b8gfs/jfmD9m8b8pf8zi/4f8MYv/H/PHLP5/yh+z+N+cP2bx/3P+mMX/lvwxi/+t+WMW/9vyxyz+t+ePWfz/kj9m8b8jf8zif2f+mMX/r/ljFv+78scs/n/LH7P4/z1/zOL/j/wxi/8/88cs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMV/Sv6Yxf+B/DGL/4P5Yxb/qfljEv+5BvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/3IP8MYv/UP6YxX9U/pjFf7b8MYv/7PljFv/R+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/p+SPWfwXyB+z+I/JH7P4L5g/ZvEfmz9m8V8of8ziv3D+mMX/qfljFv+n5Y9Z/J+eP2bxXyR/zOL/jPwxi/+i+WMW/2fmj1n8n5U/ZvFfLH/M4v/s/DGL/3Pyxyz+4/LHLP7PzR+z+D8vf8zi//z8MYv/4vljFv8l8scs/i/IH7P4L5k/ZvFfKn/M4v/C/DGL/4vyxyz+L84fs/i/JH/M4r90/pjF/6X5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvFfIX/M4r9i/pjF/2X5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvF/ef6YxX+1/DGL/+r5Yxb/V+SPWfxfmT9m8V8jf8ziPz5/zOI/IX/M4j8xf8ziv2b+mMV/rfwxi//a+WMW/0n5Yxb/yfljFv918scs/uvmj1n8X5U/ZvF/df6YxX+9/DGL//r5Yxb/DfLHLP6vyR+z+G+YP2bxf23+mMV/o/wxi//G+WMW/03yxyz+m+aPWfxflz9m8d8sf8ziv3n+mMX/9fljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bx3yJ/zOK/Zf6YxX+r/DGL/9vyxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/9vwxi//2+WMW/3fkj1n835k/ZvHfIX/M4r9j/pjFf6f8MYv/zvljFv935Y9Z/N+dP2bx3yV/zOL/nvwxi/+u+WMW//fmj1n835c/ZvF/f/6YxX+3/DGL/+75Yxb/PfLHLP4fyB+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+O+ZP2bx/2j+mMX/Y/ljFv+P549Z/D+RP2bx3yt/zOL/yfwxi//e+WMW/0/lj1n8P50/ZvHfJ3/M4v+Z/DGL/775Yxb/z+aPWfw/lz9m8f98/pjFf7/8MYv//vljFv8v5I9Z/A/IH7P4H5g/ZvH/Yv6Yxf+g/DGL/8H5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/r+WPWfy/nj9m8f9G/pjF/5v5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/h/K3/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8v50/ZvH/Tv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/L+bP2bxPyN/zOJ/Zv6Yxf+s/DGL//fyxyz+388fs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/x/kj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8f5o/ZvG/IH/M4n9h/pjF/2f5Yxb/i/LHLP4/zx+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/H+RP2bx/2X+mMX/V/ljFv9f549Z/K/KH7P4X50/ZvH/Tf6Yxf+3+WMW/2vyxyz+v8sfe6T/6Cd7OP95j+F/bf6Y5fy/Ln/M4n99/pjF//f5Yxb/G/LHLP435o9Z/G/KH7P4/yF/zOL/x/wxi/+f8scs/jfnj1n8/5w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv+/5I9Z/O/IH7P435k/ZvH/a/6Yxf+u/DGL/9/yxyz+f88fs/j/I3/M4v/P/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvGfkj9m8X8gf8zi/2D+mMV/av6YxH+eQf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz/2v+8/10Nv5f/o/vf9pzXPfPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/isp/ad+5F+tYfFfWen/r7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9a+WMW/7Xzxyz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+bmf2HOhhmZPH/beSYxf+a/DGL/+/yxyz+1+aPWfyvyx+z+F+fP2bx/33+mMX/hvwxi/+N+WMW/5vyxyz+f8gfs/j/MX/M4v+n/DGL/835Yxb/P+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf8v+WMW/zvyxyz+d+aPWfz/mj9m8b8rf8zi/7f8MYv/3/PHLP7/yB+z+P8zf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfyn5I9Z/B/IH7P4P5g/ZvGfmj8m8Z93kD9m8e//8o2z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/yx/2X/qR95aOm8r8sf+1/2n/n83yx/zOK/ef6Yxf/1+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvHfIn/M4r9l/pjFf6v8MYv/2/LHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/2/DGL//b5Yxb/d+SPWfzfmT9m8d8hf8ziv2P+mMV/p/wxi//O+WMW/3flj1n8350/ZvHfJX/M4v+e/DGL/675Yxb/9+aPWfzflz9m8X9//pjFf7f8MYv/7vljFv898scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P475k/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvHfK3/M4v/J/DGL/975Yxb/T+WPWfw/nT9m8d8nf8zi/5n8MYv/vvljFv/P5o9Z/D+XP2bx/3z+mMV/v/wxi//++WMW/y/kj1n8D8gfs/gfmD9m8f9i/pjF/6D8MYv/wfljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/m/ljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+H8rf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfy/nT9m8f9O/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8v5s/ZvE/I3/M4n9m/pjF/6z8MYv/9/LHLP7fzx+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfx/mj9m8b8gf8zif2H+mMX/Z/ljFv+L8scs/j/PH7P4X5w/ZvG/JH/M4n9p/pjF/zKf/9xPZCWL/+U+/yeUxf+K/DGL/5X5Yxb/X+SPWfx/mT9m8f9V/pjF/9f5Yxb/q/LHLP5X549Z/H+TP2bx/23+mMX/mvwxi//v8scs/tfmj1n8r8sfs/hfnz9m8f99/pjF/4b8MYv/jfljFv+b8scs/n/IH7P4/zF/zOL/p/wxi//N+WMW/z/nj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/L/ljFv878scs/nfmj1n8/5o/ZvG/K3/M4v+3/DGL/9/zxyz+/8gfs/j/M3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8p+SPWfwfyB+z+D+YP2bxn5o/JvGfb5A/ZvEfyh+z+I/KH7P4z5Y/ZvGfPX/M4j86f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOL/lPwxi/8C+WMW/zH5Yxb/BfPHLP5j88cs/gvlj1n8F84fs/g/NX/M4v+0/DGL/9Pzxyz+i+SPWfyfkT9m8V80f8zi/8z8MYv/s/LHLP6L5Y9Z/J+dP2bxf07+mMV/XP6Yxf+5+WMW/+flj1n8n58/ZvFfPH/M4r9E/pjF/wX5Yxb/JfPHLP5L5Y9Z/F+YP2bxf1H+mMX/xfljFv+X5I9Z/JfOH7P4vzR/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4vyx/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP4vzx+z+K+WP2bxXz1/zOL/ivwxi/8r88cs/mvkj1n8x+ePWfwn5I9Z/Cfmj1n818wfs/ivlT9m8V87f8ziPyl/zOI/OX/M4r9O/pjFf938MYv/q/LHLP6vzh+z+K+XP2bxXz9/zOK/Qf6Yxf81+WMW/w3zxyz+r80fs/hvlD9m8d84f8ziv0n+mMV/0/wxi//r8scs/pvlj1n8N88fs/i/Pn/M4v+G/DGL/xvzxyz+b8ofs/i/OX/M4v+W/DGL/1vzxyz+W+SPWfy3zB+z+G+VP2bxf1v+mMV/6/wxi/82+WMW/23zxyz+2+WPWfzfnj9m8d8+f8zi/478MYv/O/PHLP475I9Z/HfMH7P475Q/ZvHfOX/sIf9tT/qf9n9X/pjl/H93/pjFf5f8MYv/e/LHLP675o9Z/N+bP2bxf1/+mMX//fljFv/d8scs/rvnj1n898gfs/h/IH/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4r9n/pjF/6P5Yxb/j+WPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/9n8scs/vvmj1n8P5s/ZvH/XP6Yxf/z+WMW//3yxyz+++ePWfy/kD9m8T8gf8zif2D+mMX/i/ljFv+D8scs/gfnj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/2/mj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOL/rfwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bx/3b+mMX/O/ljFv9T8scs/qfmj1n8T8sfs/ifnj9m8f9u/pjF/4z8MYv/mfljFv+z8scs/t/LH7P4fz9/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bx/2n+mMX/gvwxi/+F+WMW/5/lj1n8L8ofs/j/PH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8f9F/pjF/5f5Yxb/X+WPWfx/nT9m8b8qf8zif3X+mMX/N/ljFv/f5o9Z/K/JH7P4/y5/zOJ/bf6Yxf+6/DGL//X5Yxb/3+ePWfxvyB+z+N+YP2bxvyl/zOL/h/wxi/8f88cs/n/KH7P435w/ZvH/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/P+SP2bxvyN/zOJ/Z/6Yxf+v+WMW/7vyxyz+f8sfs/j/PX/M4v+P/DGL/z/zxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6YxX9K/pjF/4H8MYv/g/ljFv+p+WMS//kH+WMW/6H8MYv/qPwxi/9s+WMW/9nzxyz+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvHfM3/M4v/R/DGL/8fyxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMX/M/ljFv9988cs/p/NH7P4fy5/zOL/+fwxi/9++WMW//3zxyz+X8gfs/gfkD9m8T8wf8zi/8X8MYv/QfljFv+D88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4fz1/zOL/jfwxi/8388cs/ofkj1n8D80fs/gflj9m8T88f8zif0T+mMX/yPwxi/9R+WMW/6Pzxyz+x+SPWfyPzR+z+B+XP2bx/1b+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+H87f8zi/538MYv/KfljFv9T88cs/qflj1n8T88fs/h/N3/M4n9G/pjF/8z8MYv/WfljFv/v5Y9Z/L+fP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4/yB+z+P8wf8zi/6P8MYv/j/PHLP4/yR+z+P80f8zif0H+mMX/wvwxi//P8scs/hflj1n8f54/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/j/In/M4v/L/DGL/6/yxyz+v84fs/hflT9m8b86f8zi/5v8MYv/b/PHLP7X5I9Z/H+XP2bxvzZ/zOJ/Xf6Yxf/6/DGL/+/zxyz+N+SPWfxvzB+z+N+UP2bx/0P+mMX/j/ljFv8/5Y9Z/G/OH7P4/zl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP5/yR+z+N+RP2bxvzN/zOL/1/wxi/9d+WMW/7/lj1n8/54/ZvH/R/6Yxf+f+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOI/JX/M4v9A/pjF/8H8MYv/1Pwxif9TBvljFv+h/DGL/6j8MYv/bPljFv/Z88cs/qPzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/3z5Yxb/+fPHLP5PyR+z+C+QP2bxH5M/ZvFfMH/M4j82f8ziv1D+mMV/4fwxi/9T88cs/k/LH7P4Pz1/zOK/SP6Yxf8Z+WMW/0Xzxyz+z8wfs/g/K3/M4r9Y/pjF/9n5Yxb/5+SPWfzH5Y9Z/J+bP2bxf17+mMX/+fljFv/F88cs/kvkj1n8X5A/ZvFfMn/M4r9U/pjF/4X5Yxb/F+WPWfxfnD9m8X9J/pjFf+n8MYv/S/PHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4r9C/pjFf8X8MYv/y/LHLP4r5Y9Z/FfOH7P4r5I/ZvFfNX/M4v/y/DGL/2r5Yxb/1fPHLP6vyB+z+L8yf8ziv0b+mMV/fP6YxX9C/pjFf2L+mMV/zfwxi/9aIv+5/o11Lf5ri/z/nSz+k/LHLP6T88cs/uvkj1n8180fs/i/Kn/M4v/q/DGL/3r5Yxb/9fPHLP4b5I9Z/F+TP2bx3zB/zOL/2vwxi/9G+WMW/43zxyz+m+SPWfw3zR+z+L8uf8ziv1n+mMV/8/wxi//r88cs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOK/Rf6YxX/L/DGL/1b5Yxb/t+WPWfy3zh+z+G+TP2bx3zZ/zOK/Xf6Yxf/t+WMW/+3zxyz+78gfs/i/M3/M4r9D/pjFf8f8MYv/TvljFv+d88cs/u/KH7P4vzt/zOK/S/6Yxf89+WMW/13zxyz+780fs/i/L3/M4v/+/DGL/275Yxb/3fPHLP575I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx3zN/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjF/zP5Yxb/ffPHLP6fzR+z+H8uf8zi//n8MYv/fvljFv/988cs/l/IH7P4H5A/ZvE/MH/M4v/F/DGL/0H5Yxb/g/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+H89f8zi/438MYv/N/PHLP6H5I9Z/A/NH7P4H5Y/ZvE/PH/M4n9E/pjF/8j8MYv/UfljFv+j88cs/sfkj1n8j80fs/gflz9m8f9W/pjF//j8MYv/CfljFv8T88cs/iflj1n8T84fs/h/O3/M4v+d/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4fzd/zOJ/Rv6Yxf/M/DGL/1n5Yxb/7+WPWfy/nz9m8T87f8zif07+mMX/3Pwxi/95+WMW//Pzxyz+P8gfs/j/MH/M4v+j/DGL/4/zxyz+P8kfs/j/NH/M4n9B/pjF/8L8MYv/z/LHLP4X5Y9Z/H+eP2bxvzh/zOJ/Sf6Yxf/S/DGL/2X5Yxb/y/PHLP5X5I9Z/K/MH7P4/yJ/zOL/y/wxi/+v8scs/r/OH7P4X5U/ZvG/On/M4v+b/DGL/2/zxyz+1+SPWfx/lz9m8b82f8zif13+mMX/+vwxi//v88cs/jfkj1n8b8wfs/jflD9m8f9D/pjF/4/5Yxb/P+WPWfxvzh+z+P85f8zif0v+mMX/1vwxi/9t+WMW/9vzxyz+f8kfs/jfkT9m8b8zf8zi/9f8MYv/XfljFv+/5Y9Z/P+eP2bx/0f+mMX/n/ljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8ziPyV/zOL/QP6Yxf/B/DGL/9T8MYn/AoP8MYv/UP6YxX9U/pjFf7b8MYv/7Pk/otlGHi3+o/PHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOK/Rv6YxX98/pjFf0L+mMV/Yv6YxX/N/DGL/1r5Yxb/tfPHLP6T8scs/pPzxyz+6+SPWfzXzR+z+L8qf8zi/+r8MYv/evljFv/188cs/hvkj1n8X5M/ZvHfMH/M4v/a/DGL/0b5Yxb/jfPHLP6b5I9Z/DfNH7P4vy5/zOK/Wf6YxX/z/DGL/+vzxyz+b8gfs/i/MX/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4r9F/pjFf8v8MYv/VvljFv+35Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/+35Yxb/7fPHLP7vyB+z+L8zf8ziv0P+mMV/x/wxi/9O+WMW/53zxyz+78ofs/i/O3/M4r9L/pjF/z35Yxb/XfPHLP7vzR+z+L8vf8zi//78MYv/bvljFv/d88cs/nvkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj/1/7NGzFiCGAkXRZ79kYtu2bdu2bWdi27Zt27Zt254UqbLW/YLcvbtTn5b/A/2PWv7v5n/U8n93/6OW/3v4H7X839P/qOX/Xv5HLf/39j9q+b+P/1HL/339j1r+7+d/1PJ/f/+jlv8H+B+1/D/Q/6jl/0H+Ry3/D/Y/avl/iP9Ry/9D/Y9a/h/mf9Ty/3D/o5b/R/gftfw/0v+o5f9R/kct/4/2P2r5f4z/Ucv/Y/2PWv4f53/U8v94/6OW/yf4H7X8P9H/qOX/Sf5HLf9P9j9q+X+K/1HL/1P9j1r+n+Z/1PL/dP+jlv9n+B+1/D/T/6jl/1n+Ry3/z/Y/avl/jv9Ry/9z/Y9a/p/nf9Ty/3z/o5b/F/gftfy/0P+o5f9F/kct/y/2P2r5f4n/Ucv/S/2PWv5f5n/U8v9y/6OW/1f4H7X8v9L/qOX/Vf5HLf+v9j9q+X+N/1HL/2v9j1r+X+d/1PL/ev+jlv83+B+1/L/R/6jl/03+Ry3/b/Y/avl/i/9Ry/9b/Y9a/t/mf9Ty/3b/o5b/d/gftfy/0/+o5f9d/kct/+/2P2r5f4//Ucv/e/2PWv7f53/U8v9+/6OW/w/4H7X8f9D/qOX/Q/5HLf8f9j9q+f+I/1HL/0f9j1r+P+Z/1PL/cf+jlv9P+B+1/H/S/6jl/1P+Ry3/n/Y/avn/jP9Ry/9n/Y9a/j/nf9Ty/3n/o5b/L/gftfx/0f+o5f9L/kct/1/2P2r5/4r/Ucv/V/2PWv6/5n/U8v91/6OW/2/4H7X8f9P/qOX/W/5HLf/f9j9q+f+O/1HL/3f9j1r+v+d/1PL/ff+jlv8f+B+1/P/Q/6jl/0f+Ry3/P/Y/avn/if9Ry/9P/Y9a/n/mf9Ty/3P/o5b/X/gftfz/0v+o5f9X/kct/7/2P2r5/43/Ucv/b/2PWv5/53/U8v97/6OW/z/4H7X8/9H/qOX/T/5HLf9/9j9q+f+L/1HL/0H+RyX/B/zJ/6jl/5/9j1r+/8X/qOX/X/2PWv7/zf+o5f/f/Y9a/v/D/6jl/z/9j1r+/8v/qOX/v/2PWv7/x/+o5f9//Y9a/v/P/6jl///9j1r+D+Z/1PJ/cP+jlv8D/I9a/g/hf9Tyf0j/o5b/Q/kftfwf2v+o5f8w/kct/4f1P2r5P5z/Ucv/4f2PWv6P4H/U8n9E/6OW/yP5H7X8H9n/qOX/KP5HLf9H9T9q+T+a/1HL/9H9j1r+j+F/1PJ/TP+jlv9j+R+1/B/b/6jl/zj+Ry3/x/U/avk/nv9Ry//x/Y9a/k/gf9Tyf0L/o5b/E/kftfyf2P+o5f8k/kct/yf1P2r5P5n/Ucv/yf2PWv5P4X/U8n9K/6OW/1P5H7X8n9r/qOX/NP5HLf+n9T9q+T+d/1HL/+n9j1r+z+B/1PJ/Rv+jlv8z+R+1/J/Z/6jl/yz+Ry3/Z/U/avk/m/9Ry//Z/Y9a/s/hf9Tyf07/o5b/c/kftfyf2/+o5f88/kct/+f1P2r5P5//Ucv/+f2PWv4v4H/U8n9B/6OW/wv5H7X8X9j/qOX/Iv5HLf8X9T9q+b+Y/1HL/8X9j1r+L+F/1PJ/Sf+jlv9L+R+1/F/a/6jl/zL+Ry3/l/U/avm/nP9Ry//l/Y9a/q/gf9Tyf0X/o5b/K/kftfxf2f+o5f8q/kct/1f1P2r5v5r/Ucv/1f2PWv6v4X/U8n9N/6OW/2v5H7X8X9v/qOX/Ov5HLf/X9T9q+b+e/1HL//X9j1r+b+B/1PJ/Q/+jlv8b+R+1/N/Y/6jl/yb+/2bQ77Pl/6b+Ry3/N/M/avm/uf9Ry/8t/I9a/m/pf9Tyfyv/o5b/W/sftfzfxv+o5f+2/kct/7fzP2r5v73/Ucv/HfyPWv7v6H/U8n8n/6OW/zv7H7X838X/qOX/rv5HLf8H+h/94f4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/Mq+/cd4XRdwHP8ccIBkGy5mDGuDfFu6pXTHj+EfTkgELvTA34gaAncgeAd0HHacGj/+IJfOH7mRYytXwrCctHnLNZ1dmlmzWLXV7IeapStrkeks2GJd+95977z7dtz6vs/3m5WPxx/3/X4+X14f4LYnnw9TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9dDY0LjoytGXJq7OCDDx9u7n2dfXTFTQd+331B/2v546XDXHLM4IOenp6e2c/O2lE+nFAUReln21k+nlg5Ll1/Z/2XOvqOwvzuFxcfn/zLxiMH1pz2cF3X0ftqe8/WFjeu29DS/IkxRREuqi06Sgd1NUURFtUW95YO6ksHi2uLh0sHs3oPTim+Wzo4b+3mlqbSiSXR3zP4f9HQuLMYO6TYYsifBoP731n/nTv6X0e4ZP/VxhXl/i/v/OGbFZ/1O0H//dcPCyr7r/o3CJxQdf0/P7//dYRL/sf9f9KTK18e7rMT999//fBJ/UM6wzz/D2m08rm/4vl/+jCXHNhfWdN5vNT/Jbc+M6N8atx/8/z/zvXDRZX9jxny/F96jl/Y//w/oSjCxaP8dsB7SkPjriMj3f9H7n/ctIpNzeD+T2/bvL/U/2OLf/B4+VRtlf0vHOH+P2ZJxa8VqE5D41d7Ku7/VfRffGyYSw70/9bjv32o1P+jf7z/jEGfVdP/xZX9z2xv3TJz6/bOcze0rl7fvL55U92sebPn1tfNPX/OzN5Hgr6vo/yuwHvD6O7/xaSKTU1RNA/sr+468FSp/zkPPDC7fGpilf0vGvH+P939H4b1kTHF+PFFx+r29ra6vq/9h/V9X/t+2DD9V/H3/zPPLv+w2vJrTVFMHdjfecZdy0v9v33omd3lU+Or7H/xiP3PH/h5gQijvP83VWyG9H/w0Iu9z/9L7zl4evlUtX//XzJi/6+4/8NoNDRW/A8/77JS/7uKSyM7DQ3++x+kk6P/R9++vjtuHT6lf0gnR/9/+MLRc+LWYan+IZ0c/Y/beP9zcetwif4hnRz9L5syb3ncOlyqf0gnR/9rXznnr3Hr0Kh/SCdH/2d/ZXdH3Dos0z+kk6P/B9tmb4tbh+X6h3Ry9P/zUx98NW4dLtM/pJOj/2PH7r4hbh0u1z+kk6P/rj1n/ShuHa7QP6STo//L1i0Icetwpf4hnRz9T5v658fi1uEq/UM6Ofqf+5d/nhq3DlfrH9LJ0f/tX1y+L24drtE/pJOj/7HXvfxC3Dqs0D+kk6P/JWdtWxC3DtfqH9LJ0X/Tz5p64tZhZbn/CYX+4V2Xo/+Z3/zJhrh1uM79H9LJ0f/hZY/siVuH6/UP6eTof09dMTluHW7QP6STo/9vfP+0Q3Hr8Gn9Qzo5+v/dk0/Mi1uHVfqHdHL0/+yHbvtW3DrcqH9IJ0f/96x54cy4dVitf0gnR/8P7X3uy3HrsEb/kE6O/l9/vfV9ceuwVv+QTo7+J0085bW4dWjSP6STo/8Ft3ytLW4dmvUP6eTov3V314/j1mGd/iGdHP1/9PjUlXHrsF7/kE6O/lfM2fvBuHW4Sf+QTo7+P7D0gl1x67BB/5BOjv4v7P74hXHrsFH/kE6O/tuf/vzX49bhZv1DOjn63zvj1UVx69Cif0gnR/8vrVry07h1aNU/pJOj/zcfuXZT3Dps0j+kk6P/J37x1rG4ddisf0gnR//vP3/h3+PWYYv+IZ0c/S9a/MbauHX4jP4hnRz9b+z610tx69Cmf0gnR/8zDl+1NG4dtuof0snR//fOrdsftw7t+od0cvR/xxX76uPWYZv+IZ0c/e8/eOddcetwi/4hnRz9v/Gr6dPi1uGz+od0cvR/3+RD18StQ4f+IZ0c/f96U+3TceuwXf+QTo7+/7Fvyo64dejUP6STo/+nXuv+U9w63Kp/SCdH/6vG/WZ83Drcpn9IJ0f/Uzq33Bu3DrfrH9LJ0f+8u1efF7cOn9M/pJOj/61/e/7bceuwQ/+QztbtnTevbmlpbvPGG2+8GXhzsv9kAlJ7J/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5WwfRuwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//9O+OOp")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4000, 0xa00}])

9.794050907s ago: executing program 2 (id=1094):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4840)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x4004, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

8.875407554s ago: executing program 2 (id=1096):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'dummy0\x00', &(0x7f0000000180)=@ethtool_wolinfo={0x5, 0x8, 0x8, "e034b0998d97"}})
lsetxattr$system_posix_acl(&(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="02000000010000000000f400040000000000000020"], 0x1c, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
r2 = syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r2, 0xc00464b4, &(0x7f0000000180))
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r7 = syz_io_uring_setup(0xa0, &(0x7f00000002c0)={0x0, 0x305cc6, 0x1, 0x0, 0x20a}, &(0x7f0000000240)=<r8=>0x0, &(0x7f00000000c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r6, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x12})
io_uring_enter(r7, 0x847ba, 0x0, 0xe, 0x0, 0x0)

7.656277953s ago: executing program 0 (id=1099):
openat(0xffffffffffffff9c, 0x0, 0xc4042, 0x1ff)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001b000)=""/102384, 0x18ff0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
socket(0x40000000015, 0x5, 0x0)
syz_create_resource$binfmt(0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r2, &(0x7f0000000040)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r2, &(0x7f0000000240)={0x24, @none={0x0, 0x1}}, 0x14)
sendmmsg(r2, &(0x7f00000196c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0xd, 0x0}}], 0x4000050, 0x400c010)

6.71744347s ago: executing program 4 (id=1100):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='illinois', 0x8)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a068ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd0714", 0x173, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x0)

6.673140691s ago: executing program 0 (id=1101):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="4800000011140100000000000000000008004a0001000000080003000100000008004a000100000008004b0013000000080001"], 0x48}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

6.571934881s ago: executing program 5 (id=1102):
ioctl$SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
io_uring_enter(0xffffffffffffffff, 0x207a98, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$dri(0x0, 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r3, 0xc05064a7, 0x0)
socket(0x840000000002, 0x3, 0xff)
r4 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$apparmor_exec(r4, &(0x7f0000000140)=ANY=[@ANYBLOB='stack :'], 0x7)

6.543332162s ago: executing program 0 (id=1103):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_io_uring_setup(0x60db, &(0x7f0000000140)={0x0, 0x7cc, 0x40, 0x3, 0x2c0}, &(0x7f00000001c0), &(0x7f0000000200))
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f00000003c0)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2}, 0x4)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
socket$l2tp(0x2, 0x2, 0x73)
r6 = socket(0x15, 0x5, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x48)
r8 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r7, &(0x7f0000000500)="41ffa3e8ef335673da7b7e0212ea1f9dc724e7188e3ba804a2c0d07128ba5c31dc613aa0052f02bdce2a427204121a9773b1ebdbcd1c878d067a2bfb3a61cc", &(0x7f0000000280)=@tcp6=r8, 0x2}, 0x20)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r6, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
close_range(r3, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x13, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x2}, [@printk={@u, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @printk={@u, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0xb0}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r1, 0xc, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x6, @remote, 0xfffffffc}}, 0x0, 0x0, 0x6, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b5047b80e2c3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f099942e6f1c395ddb8160381baadf27900"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x20000000, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8)

5.307014061s ago: executing program 0 (id=1104):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0x8c0, &(0x7f00000002c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c726573765f6c6576656c3d30303030303030303030303030303030303030302c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c646174613d77726974656261636b2c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00149e0cb4c679a55808f10855fc0d9b9d7241cc60c5c0b35a9ce6bd73d50a863d736b7f64cdbf2582b25c868128f5a0c3ca71ea7a85f79743e17bbb3291a3c43eb49fcfcab9a806f939773a5895370494ec438f24b77c23cb13a0c7c11503d4e4a25d5e8142cc163f75ca2557bc5b3dd2856dbf2f4fbffb092b1a8d3f410d0daefab8a2f41a23713a02fa9349bc76bc637fe28f733ee38a6de0e2174f54e7f4ebc705a06c4b7d76bcc94f8985dbf4791afe238c9f24f48c0f98d3898ad1f3597c15fdc241ce161617ca162b1d4a17900f12843677d372e706"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3815011, 0x0, 0x0, 0x0, &(0x7f0000000140))
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, 0x0, 0x0)
close(r0)
r2 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000480)={0xc, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP(r2, 0x3b85, &(0x7f0000000500)={0x28, 0x1, r3, 0x0, &(0x7f0000000780)="506d4f4f4b45392c7d47396d028584b54cf0269a03ea4867d1d0dc92cfcca77c6be4eece96d7ca65016e30209e9fc1d393b3ad773b81bd61f73ff5889f4fc6c4fb94ae2b5ea50b6f0f88", 0x4a, 0x1})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
r4 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$apparmor_exec(r4, &(0x7f0000000440)=ANY=[@ANYBLOB='e`ec :'], 0xb0)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001b00)=[{&(0x7f0000000000)=""/222, 0xde}], 0x1, 0x8, 0xeffffffc)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0x60, 0x30, 0xffff, 0x0, 0x25dfdbfe, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x8, 0xd8e, 0x6, 0x5, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x33fe0)

5.264758051s ago: executing program 5 (id=1105):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448e6, 0x0)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0x2}, 0x6)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@noload}, {@noquota}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r1 = socket(0x2, 0x80805, 0x0)
dup(0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000025c0), 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x545)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_PKTINFO(r3, 0x29, 0x32, 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x181d011, 0x0, 0x0, 0x0, &(0x7f0000000140))
mkdir(&(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x4)

5.212509262s ago: executing program 4 (id=1106):
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000000)="a2b5f55ef6dfc0f1b7f01c08171d7298", 0x10)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, 0xffffffffffffffff, 0x2000)
r1 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
setgroups(0x0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
readv(0xffffffffffffffff, &(0x7f0000000800), 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x40})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x8001, 0xc3e1, 0x0, 0x7, 0x4, 0x10000ccb, 0x8, 0xab, 0x9, 0x20100, 0x0, 0x1, 0x5, 0x400007, 0x6, 0xffffffff, 0x1, 0x1a449, 0xffffffff, 0x40000003, 0x89, 0x2, 0x2, 0x20001e58, 0x115, 0x8, 0x3c, 0xa, 0x4, 0x7, 0x3]})
ioctl$COMEDI_DEVINFO(r1, 0x80b06401, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mount$9p_unix(&(0x7f0000000300)='./cgroup\x00', &(0x7f0000000340)='./cgroup\x00', &(0x7f0000000380), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB])
socket$inet6(0xa, 0x1, 0x0)

4.382433388s ago: executing program 0 (id=1107):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e1d, 0x1, @mcast1, 0x8}, 0x1c)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x400ad80, &(0x7f00000000c0)={0xa, 0x4e23, 0x5b3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8}, 0x1c)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b000100000000090400000101290000090509"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sg(0x0, 0x0, 0x281)
syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201)

3.775517982s ago: executing program 4 (id=1108):
mknodat$loop(0xffffffffffffff9c, 0x0, 0x8, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_crypto(0x10, 0x3, 0x15)
syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000009c0)=@o_path={&(0x7f0000000980)='./file0\x00', 0x0, 0x10, r0}, 0x18)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0400000005000000020000000000050000c5454d0a1f804d48000000"], 0x50)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r1, &(0x7f00000020c0)={0x2020}, 0x2020)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x1, @ANYBLOB="0f00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="01090000000000000000000000275ede00001000eba500"/39], 0x50)
r2 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
bind$ax25(r2, 0x0, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, 0x0, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}}, 0x14}, 0x2, 0x34005}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0x0, 0x4000000}, 0x0)
connect$ax25(r2, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)

3.707988183s ago: executing program 5 (id=1109):
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r4 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r4, 0x105, 0x5000003a, r3, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x0)
ioctl$SNDRV_PCM_IOCTL_HWSYNC(r5, 0x4122, 0x0)
readv(r4, 0x0, 0x0)
r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$romfs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="00f3000000be5500200800000000c19e57fc847c52a19b0b247df0690ca7d757194d0335d8e8a065e069e1294e9f28bcee7085d4988309e751e0eec20f77d6c68ae8"], 0x1, 0x14a, &(0x7f0000000080)="$eJzs2j9Lw0AYBvBXEJSOjk6FShQ0/7WuOoqbu0OouTR4MSURpP0C4iQonINfQvAT+Akko5suRfwSkWsPTaNCFk2E57f0gbe93r0HN716Ekc2S3WijcHVwXgpiaN2193uMZt5NLVHRG0Zsjy/MeiL5496lpPxzRfqtfI2/eysBWL/goXcd+reEgAAAAAAAAAAAAAAAAAAAAAAVKS1VGj1RXTOQu7bhWo6HB17nPtJSrRY0w7rpbXVDBcxwW9lf9yZVqzLvCNTKHYTWbdmf3+twmpf8Jdyf83TaGCmw5EeRl7gB/6J47hda9OythxzspZZXlG7U3uiLL+3CuNkxuOhK+uFebOnKvNm6v7nl0NxeVb+t8/7R2hCmKPfWfm1KQdE+Ceh+gvacJP3b0xEC27nQb5/Ri/mR6r4F+2s9/gA8JP3AAAA///ltzsl")
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f00000004c0)=""/55, 0x37)
getdents64(r7, 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000040)={0x2020}, 0x2020)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000027951840240401c04099010203010902240001000400010904"], 0x0)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)

2.450672022s ago: executing program 4 (id=1110):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x58, 0x0, 0x9, 0x101, 0x0, 0x0, {}, [@NFCTH_POLICY={0x10, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}, @NFCTH_TUPLE={0x4, 0x2, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x2, 0x0, 0x1, @ipv4={{0x8, 0x1, @private}, {0x8, 0x2, @dev}}}]}, @NFCTH_PRIV_DATA_LEN={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x58}}, 0x0)

2.198882854s ago: executing program 2 (id=1111):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x200000000000005e)
sendto$inet(r0, &(0x7f0000000380)="1ca30a11b8e7ab3c719397f23bf04d1ac9720f3c277b742cdb", 0x19, 0x48015, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

2.028564585s ago: executing program 4 (id=1112):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})
ioctl$VIDIOC_G_OUTPUT(r0, 0x8004562e, &(0x7f0000000040))
ioctl$VIDIOC_QUERYMENU(r0, 0xc008561c, &(0x7f0000000000)={0x980900, 0x7, @value=0x2})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="030000201e0001082cbd7000fcdbb72d9d050000"], 0x14}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
preadv2(r5, &(0x7f0000000440)=[{&(0x7f0000000700)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$uinput_user_dev(r6, &(0x7f0000001700)={'syz0\x00', {0x54f, 0x1, 0x5, 0xfff}, 0x1b, [0x7, 0x4, 0x7ff, 0x1000004, 0x8, 0x3, 0x1, 0x3, 0x19d2, 0xaa, 0x123, 0x7, 0x3, 0x65f, 0x6, 0xa, 0x3, 0x5, 0x6, 0xe, 0x7fff, 0x800, 0x0, 0xc, 0x2, 0x3, 0xae, 0x2, 0xf0, 0x9, 0x40055c, 0x7, 0xc, 0x4, 0x6, 0xc, 0x0, 0x9, 0x80000001, 0x1200000, 0x2, 0xfffff8e4, 0x0, 0xcb0, 0x4, 0x9, 0x8, 0x4, 0x0, 0x3, 0xfff, 0x3ff, 0x1, 0x5b, 0xffffe9ab, 0x9, 0x7, 0x2169, 0xffff8000, 0x5, 0xee, 0x9, 0xd7a, 0x7fffffff], [0x36, 0x200, 0x6, 0x10ff, 0x6, 0x2, 0xe00, 0x6, 0x10, 0xfffffff8, 0x1c, 0x3, 0xd1, 0xa, 0x800, 0x4, 0xf8b, 0x3, 0x9, 0x1, 0x6, 0x6, 0x627e, 0x10000, 0x784, 0x7dd, 0x8, 0x1000, 0x5, 0x9, 0xa, 0xfffffffa, 0xa80, 0x7, 0x3, 0x3, 0xb, 0x80000001, 0x7f, 0x6, 0xfff, 0x591b999d, 0x80000000, 0xa7c1, 0x4, 0x101, 0xffff7fff, 0x4, 0x7, 0x3, 0x401, 0x8000, 0x1, 0x0, 0x2, 0xd, 0x5, 0x4, 0x3, 0x9, 0x8001, 0x68a3, 0x100, 0x8], [0x400, 0x5, 0x2, 0x9e4, 0x1, 0x100, 0x6d, 0x7, 0x8854, 0x4, 0x6, 0x2f, 0xe7, 0x9, 0x1, 0x2, 0xd3, 0x6, 0x0, 0xffff, 0xfffffffe, 0x3, 0xffffffff, 0x1, 0x1500, 0x0, 0xb8, 0x5, 0x80, 0x572, 0x9, 0x4, 0xe, 0x0, 0x0, 0x8, 0xe, 0x76, 0x60, 0x6, 0xf6b2, 0x5, 0x80000000, 0x0, 0x0, 0x4, 0xa20, 0x7, 0x97, 0x5, 0x18c9, 0x0, 0x0, 0x1, 0x6c, 0x0, 0x1, 0xfffffffb, 0x9264, 0x3, 0x9f, 0x2, 0x60e, 0x10000], [0x7, 0x1, 0x1, 0x1, 0x80000000, 0x9, 0x9, 0x4, 0x5, 0x6, 0x3, 0x4, 0x6, 0x242, 0x3800, 0x1, 0x0, 0x5e, 0xfff, 0xffffffff, 0x0, 0x6, 0x1, 0x5, 0x6, 0x80000000, 0x9, 0x6, 0x0, 0x100, 0x9, 0x4, 0xb98c, 0x2, 0xae341edd, 0xac4d, 0x9, 0x5, 0x5375, 0x8000, 0x800, 0x5, 0x6, 0xffffff15, 0x8, 0x3, 0x3a1, 0x0, 0x7, 0x7, 0x1, 0x5, 0x7, 0x7fff, 0x0, 0x7, 0x8, 0x6, 0x1000, 0x9, 0xe42, 0x1e, 0x94, 0x9]}, 0x45c)
inotify_init1(0x800)
r7 = socket(0x80000000000000a, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
close(r7)
r8 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0xfe, @remote}}}, 0x108)
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)

1.30514897s ago: executing program 2 (id=1113):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x48c00, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0xc3)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x55)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000000)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x50, 0x0, "3f114438efdaca16d374b49a365be44d5e860ea3ba676c0b507fffffff3535d5bd9db3c8572560f4d1be5cd41f7716082ee3589f040042e6f1c395ddb8160381baadf279000000000000008000"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x0, 0x0, @remote}}, 0x0, 0x0, 0x0, 0x0, "ddfd3b7ed7c6a1c172a987ae5ce3cafd64c9a736831a5912d606798fb75c9981c4b3ac0e06891ff18bc5543ed57215a3c45f9154dfa319e52a15a2b9acf80c07fb1a854dad742eef6187f2304844c296"}, 0xd8)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x14, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x46, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$IEEE802154_ASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000740)={&(0x7f00000005c0)={0x14, 0x0, 0x121, 0x1, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_collapse_huge_page_isolate\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000300ffff00000000ffffffff9500000000000000adaef0784dbacfaaef785776d3fd738a693e049a249ac0e62b141654c92ef9fc0f86cf10b7193a3c37e6f1ec995fb15baa00123e875ffd4f3cf36da5aa44abd13515e3f272ea67afa217632c108db026bce1ec3feebbae0e73c3dd1aa59538a787b16c1e4d7eb9976d1fd9d7"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000001140)=""/4086, &(0x7f0000000180)=0xff6)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f0000000300)=0x80, 0x4)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000000)={'veth0\x00', &(0x7f0000000200)=@ethtool_gstrings={0x1b, 0x4}})
r5 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000400)={0xf0f021})
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xfffffffe, 0x0, 0x0, 0x41000, 0x2a}, 0x94)

479.562376ms ago: executing program 4 (id=1114):
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x28, r1, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}]}, 0x28}}, 0x2)
syz_emit_ethernet(0x46, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x10, 0x11, 0x0, @remote, @local, {[], {0x3, 0xe22, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}}}}}}}}, 0x0)

61.2635ms ago: executing program 5 (id=1115):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, 0x0, 0x0)
init_module(&(0x7f0000001640)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x9, 0x5, 0x9, 0x3, 0x3, 0x5, 0x5, 0x40, 0x3d0, 0x335, 0x9, 0x38, 0x2, 0x1, 0x9, 0x7}, [{0xa47a827ceef33b9c, 0x3, 0x5, 0x80000001, 0x9, 0x4, 0xfffffffffffffff7, 0x8}, {0x6474e551, 0x4e5, 0x0, 0x7, 0xdcb, 0x8, 0x401, 0x1ff}], "249e68bcafa60248143d224cb3d6da97d0e8c26d6a537e06fc2e95e0ddfcd790a96ce6edd7a29eca2afbc978af637042446a876c60291c114dd4420f04bbb0a7516d7366dffee1384f11e014ec5e43616702779cf590e5a04a456edd39afab6adad3ec67d91fef6509eb34298656baf75793dad805e72f7e2cfb323782dcfbe9063046c29ac21ed263fb82a8cda25dc5eca5254aa8364f945f7fd523", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x94c, &(0x7f0000000000)='wfdno')
r2 = socket$igmp(0x2, 0x3, 0x2)
ioctl$SIOCGETMIFCNT_IN6(r2, 0x89e0, &(0x7f0000000600)={0x1})
setsockopt$inet_mreqsrc(r1, 0x0, 0x28, &(0x7f0000000440)={@multicast2, @loopback, @dev={0xac, 0x14, 0x14, 0x27}}, 0x7)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8943, &(0x7f0000000100)={'macvtap0\x00', @random="b40007350060"})
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r4, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000000)=@newqdisc={0x60, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}, @qdisc_kind_options=@q_plug={{0x9}, {0x4}}]}, 0x60}}, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000300), 0x404, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r9}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[{@version_9p2000}, {@access_uid}]}})
getsockname$packet(r5, &(0x7f0000000480)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000540)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x7ff, 0x3, 0x6, 0x400, r3, 0x400, '\x00', r11, r5, 0x5, 0x4, 0x0, 0x2}, 0x50)

25.55679ms ago: executing program 0 (id=1116):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

0s ago: executing program 2 (id=1117):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r3, &(0x7f0000001e80)={0x0, 0x0, &(0x7f0000001e40)={&(0x7f0000001e00)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
accept$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000440)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

ing 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  305.307833][ T6477] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice=20.41
[  305.320161][ T6477] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  305.331644][ T6477] usb 5-1: Product: syz
[  305.346703][ T6477] usb 5-1: Manufacturer: syz
[  305.351604][ T6477] usb 5-1: SerialNumber: syz
[  305.435227][ T8224] loop2: detected capacity change from 0 to 512
[  305.534581][ T8224] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  305.589208][ T6477] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  305.637690][ T8224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.700423][ T8224] ext4 filesystem being mounted at /129/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  305.831813][  T788] usb 5-1: USB disconnect, device number 2
[  305.846328][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.873600][  T788] usblp0: removed
[  306.200348][ T8229] loop5: detected capacity change from 0 to 32768
[  306.216509][ T8229] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.448 (8229)
[  306.904998][ T8229] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  306.960610][ T8229] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  306.982787][   T51] Bluetooth: hci0: command tx timeout
[  307.062883][ T8229] BTRFS info (device loop5): using free space tree
[  307.807494][ T8269] loop2: detected capacity change from 0 to 4096
[  307.814968][ T8269] ntfs3: Unknown parameter ''
[  308.310880][ T7483] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  308.351583][ T8229] BTRFS info (device loop5): enabling ssd optimizations
[  308.391934][ T8229] BTRFS info (device loop5): auto enabling async discard
[  308.745493][ T8277] loop4: detected capacity change from 0 to 40427
[  308.758283][ T8277] F2FS-fs (loop4): invalid crc value
[  308.798301][ T8277] F2FS-fs (loop4): Found nat_bits in checkpoint
[  308.853639][ T8277] F2FS-fs (loop4): Start checkpoint disabled!
[  308.866442][ T8277] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  309.291209][ T7700] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  309.466908][ T3465] kworker/u4:8: attempt to access beyond end of device
[  309.466908][ T3465] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  309.526649][ T3465] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  309.573422][ T3465] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  313.405358][ T8337] Invalid ELF header type: 3 != 1
[  313.421342][ T8337] netlink: 8 bytes leftover after parsing attributes in process `syz.4.462'.
[  314.107093][ T8312] loop0: detected capacity change from 0 to 32768
[  314.244510][ T8343] netlink: 8 bytes leftover after parsing attributes in process `syz.5.463'.
[  314.564430][ T8346] loop2: detected capacity change from 0 to 40427
[  314.576550][ T8347] loop4: detected capacity change from 0 to 64
[  314.779775][ T8312] read_mapping_page failed!
[  314.785964][ T8346] F2FS-fs (loop2): invalid crc value
[  314.957051][ T8312] diRead: read_metapage failed
[  314.979085][ T8346] F2FS-fs (loop2): Found nat_bits in checkpoint
[  315.068034][ T8346] F2FS-fs (loop2): Start checkpoint disabled!
[  315.079020][ T8350] netlink: 4 bytes leftover after parsing attributes in process `syz.5.463'.
[  315.122158][ T8346] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  315.569429][ T3422] kworker/u4:6: attempt to access beyond end of device
[  315.569429][ T3422] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  315.602869][ T3422] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  315.613172][ T3422] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  316.303584][ T8368] loop4: detected capacity change from 0 to 4096
[  316.371436][ T8368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  316.604698][   T51] Bluetooth: hci4: unexpected event 0x03 length: 1 < 11
[  316.772427][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.166957][ T8385] loop4: detected capacity change from 0 to 32768
[  317.283260][ T8385] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  317.367731][   T28] audit: type=1400 audit(1761698212.655:15): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8383 comm="syz.4.472"
[  317.397185][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  317.404681][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  318.409316][ T8393] loop2: detected capacity change from 0 to 4096
[  318.420772][ T8393] ntfs3: Unknown parameter ''
[  318.602556][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  318.801532][ T7483] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  319.147328][ T8399] loop2: detected capacity change from 0 to 512
[  319.185180][ T8401] loop5: detected capacity change from 0 to 512
[  319.242747][ T8401] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  319.257047][ T8399] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  319.321701][ T8401] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.380713][ T8399] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  319.412906][ T8401] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  319.425690][ T8399] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  319.463000][ T5794] Bluetooth: hci4: command 0x0406 tx timeout
[  319.680044][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.226406][ T8424] loop5: detected capacity change from 0 to 64
[  321.020289][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.192996][ T8430] loop0: detected capacity change from 0 to 4096
[  321.518332][ T8438] loop4: detected capacity change from 0 to 32768
[  321.625453][ T8430] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.714430][ T8438] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  322.191250][   T28] audit: type=1400 audit(1761698217.475:16): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8437 comm="syz.4.482"
[  322.582796][   T51] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  322.767116][ T8456] netlink: 4 bytes leftover after parsing attributes in process `syz.5.483'.
[  323.487397][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.562105][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  324.519554][ T8470] loop0: detected capacity change from 0 to 512
[  324.657237][ T8470] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  324.810769][ T8470] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.983259][ T8470] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  325.076881][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.457619][ T8484] loop5: detected capacity change from 0 to 64
[  326.286030][ T8490] Invalid ELF header type: 3 != 1
[  326.305440][ T8490] netlink: 8 bytes leftover after parsing attributes in process `syz.0.491'.
[  327.916619][ T8501] loop5: detected capacity change from 0 to 4096
[  328.004771][ T8501] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.261092][   T51] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  328.474984][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.480873][ T8515] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'.
[  328.769563][ T8521] loop0: detected capacity change from 0 to 512
[  328.783107][ T8518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'.
[  328.793443][ T8518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'.
[  328.929884][ T8521] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  328.953840][ T8518] netlink: 8 bytes leftover after parsing attributes in process `syz.2.495'.
[  328.978525][ T8521] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.758423][ T8521] ext4 filesystem being mounted at /139/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  330.344060][ T8537] loop5: detected capacity change from 0 to 4096
[  330.351457][ T8537] ntfs3: Unknown parameter ''
[  330.463563][ T7483] I/O error, dev loop5, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  330.736471][ T8543] loop4: detected capacity change from 0 to 64
[  331.609944][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.724344][ T8547] loop4: detected capacity change from 0 to 512
[  331.788273][ T8547] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  332.116863][ T8552] loop5: detected capacity change from 0 to 32768
[  332.166598][ T8552] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  332.190816][ T8547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.283460][ T8547] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  332.748584][   T28] audit: type=1400 audit(1761698227.595:17): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8551 comm="syz.5.502"
[  333.902336][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  334.361626][ T8576] loop0: detected capacity change from 0 to 32768
[  334.431504][ T8572] loop5: detected capacity change from 0 to 4096
[  334.487425][ T8576] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  334.531326][   T28] audit: type=1400 audit(1761698229.805:18): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8573 comm="syz.0.505"
[  334.565188][ T8572] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  334.634996][   T51] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  334.645394][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.661557][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  334.690599][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.695221][   T28] audit: type=1326 audit(1761698229.985:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8580 comm="syz.2.506" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33a5f8efc9 code=0x0
[  334.721043][    C1] vkms_vblank_simulate: vblank timer overrun
[  334.997890][ T8583] loop0: detected capacity change from 0 to 40427
[  335.017351][ T8583] F2FS-fs (loop0): invalid crc value
[  335.219808][ T8583] F2FS-fs (loop0): Found nat_bits in checkpoint
[  335.278794][ T8583] F2FS-fs (loop0): Start checkpoint disabled!
[  335.307081][ T8583] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  336.428883][ T8603] loop2: detected capacity change from 0 to 64
[  336.715786][   T42] kworker/u4:2: attempt to access beyond end of device
[  336.715786][   T42] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  336.814728][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  336.843701][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  337.003298][ T8614] loop4: detected capacity change from 0 to 32768
[  337.054630][ T8614] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  337.181042][   T28] audit: type=1400 audit(1761698232.435:20): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8612 comm="syz.4.512"
[  337.900989][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  338.260794][ T8622] loop5: detected capacity change from 0 to 32768
[  338.373583][ T8622] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  338.394235][   T28] audit: type=1400 audit(1761698233.685:21): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8621 comm="syz.5.515"
[  338.567896][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  338.759666][ T8633] loop5: detected capacity change from 0 to 512
[  338.814574][ T8633] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  338.861760][ T8633] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.938347][ T8633] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  341.085310][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.326124][ T8660] loop5: detected capacity change from 0 to 40427
[  342.419391][ T8660] F2FS-fs (loop5): invalid crc value
[  342.439854][ T8660] F2FS-fs (loop5): Found nat_bits in checkpoint
[  342.487495][ T8660] F2FS-fs (loop5): Start checkpoint disabled!
[  342.500367][ T8660] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  342.971311][ T3422] kworker/u4:6: attempt to access beyond end of device
[  342.971311][ T3422] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  343.021009][ T3422] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  343.028491][ T3422] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  343.429926][ T8678] loop0: detected capacity change from 0 to 32768
[  343.475115][ T8678] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  343.556320][   T28] audit: type=1400 audit(1761698238.845:22): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8677 comm="syz.0.522"
[  343.616784][ T8679] loop4: detected capacity change from 0 to 512
[  343.876103][ T8679] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  344.180305][ T8679] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.287753][ T8693] Invalid ELF header type: 3 != 1
[  344.305540][ T8693] netlink: 8 bytes leftover after parsing attributes in process `syz.5.521'.
[  344.443085][ T8679] ext4 filesystem being mounted at /69/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  345.456047][ T8699] loop2: detected capacity change from 0 to 512
[  345.608690][ T8699] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  345.647912][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  345.815984][ T8699] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.882976][ T8699] ext4 filesystem being mounted at /145/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  345.929163][ T8707] loop0: detected capacity change from 0 to 512
[  346.065584][ T8707] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  346.340863][ T8707] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  346.737980][ T8707] ext4 filesystem being mounted at /146/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  347.274188][ T8715] loop5: detected capacity change from 0 to 40427
[  347.297903][ T8715] F2FS-fs (loop5): invalid crc value
[  347.347740][ T8715] F2FS-fs (loop5): Found nat_bits in checkpoint
[  347.405114][ T8715] F2FS-fs (loop5): Start checkpoint disabled!
[  347.429938][ T8715] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  347.837687][ T3489] kworker/u4:9: attempt to access beyond end of device
[  347.837687][ T3489] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  347.851883][ T3489] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  347.859462][ T3489] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  348.927925][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.015398][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.098370][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.335262][ T8742] loop4: detected capacity change from 0 to 32768
[  349.380253][ T8742] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  349.508391][   T28] audit: type=1400 audit(1761698244.785:23): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8741 comm="syz.4.531"
[  349.764839][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  349.976903][ T8754] loop5: detected capacity change from 0 to 32768
[  350.048666][ T8754] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  350.117581][   T28] audit: type=1400 audit(1761698245.405:24): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8753 comm="syz.5.534"
[  351.014079][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  351.782888][ T5794] Bluetooth: hci0: command tx timeout
[  353.056819][ T8796] loop2: detected capacity change from 0 to 512
[  353.151705][ T8796] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  353.427034][ T8796] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.491640][ T8796] ext4 filesystem being mounted at /150/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  353.532754][ T8800] loop5: detected capacity change from 0 to 40427
[  353.556221][ T8800] F2FS-fs (loop5): invalid crc value
[  353.569275][ T8800] F2FS-fs (loop5): Found nat_bits in checkpoint
[  353.624128][ T8800] F2FS-fs (loop5): Start checkpoint disabled!
[  353.812770][ T8800] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  354.181451][ T8814] loop4: detected capacity change from 0 to 512
[  354.217926][   T11] kworker/u4:0: attempt to access beyond end of device
[  354.217926][   T11] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  354.233762][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  354.241233][   T11] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  354.282811][ T8814] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  354.368632][ T8814] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.457710][ T8814] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  354.538366][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.758288][ T8827] loop0: detected capacity change from 0 to 512
[  355.266349][ T8827] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  355.640737][ T8827] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  355.944238][ T8827] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  356.298916][ T8840] loop5: detected capacity change from 0 to 32768
[  356.308672][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.333674][ T8840] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  356.445922][   T28] audit: type=1400 audit(1761698251.715:25): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=8839 comm="syz.5.547"
[  357.146330][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  357.400801][ T8854] Invalid ELF header type: 3 != 1
[  357.416953][ T8854] netlink: 8 bytes leftover after parsing attributes in process `syz.5.550'.
[  358.443688][ T8859] loop4: detected capacity change from 0 to 40427
[  358.513216][ T8859] F2FS-fs (loop4): invalid crc value
[  358.537705][ T8859] F2FS-fs (loop4): Found nat_bits in checkpoint
[  358.594430][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.604672][ T8859] F2FS-fs (loop4): Start checkpoint disabled!
[  358.624234][ T8859] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  359.486241][ T8868] loop0: detected capacity change from 0 to 40427
[  359.526219][ T8868] F2FS-fs (loop0): invalid crc value
[  359.540235][ T8868] F2FS-fs (loop0): Found nat_bits in checkpoint
[  359.586365][ T8868] F2FS-fs (loop0): Start checkpoint disabled!
[  359.588934][   T78] kworker/u4:4: attempt to access beyond end of device
[  359.588934][   T78] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  359.611461][ T8868] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  359.696377][   T78] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  359.783052][   T78] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  360.333577][ T3422] kworker/u4:6: attempt to access beyond end of device
[  360.333577][ T3422] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  360.383604][ T3422] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  360.406671][ T3422] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  361.130614][ T8894] loop5: detected capacity change from 0 to 512
[  361.149687][ T8894] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  361.217942][ T8894] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.278644][ T8894] ext4 filesystem being mounted at /37/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  361.801217][ T8905] loop0: detected capacity change from 0 to 4096
[  361.809715][ T8905] ntfs3: Unknown parameter ''
[  362.310660][ T7489] I/O error, dev loop0, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  363.960254][ T8925] loop0: detected capacity change from 0 to 512
[  363.982483][ T8925] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  364.456933][ T8925] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.558982][ T8925] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  364.907200][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.063961][ T8943] loop5: detected capacity change from 0 to 40427
[  366.080562][ T8943] F2FS-fs (loop5): invalid crc value
[  366.118368][ T8943] F2FS-fs (loop5): Found nat_bits in checkpoint
[  366.167169][ T8943] F2FS-fs (loop5): Start checkpoint disabled!
[  366.190431][ T8943] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  366.816661][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.951951][ T3489] kworker/u4:9: attempt to access beyond end of device
[  366.951951][ T3489] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  366.988825][ T3489] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  366.999561][ T3489] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  369.619324][ T8992] loop4: detected capacity change from 0 to 512
[  369.681232][ T8992] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  369.722499][ T8994] loop5: detected capacity change from 0 to 512
[  369.792783][ T8994] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  369.907481][ T8992] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.925212][ T8994] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.932919][ T8992] ext4 filesystem being mounted at /81/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  369.953519][ T8994] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  371.131648][ T9005] loop0: detected capacity change from 0 to 40427
[  371.149821][ T9005] F2FS-fs (loop0): invalid crc value
[  371.163473][ T9005] F2FS-fs (loop0): Found nat_bits in checkpoint
[  371.219598][ T9005] F2FS-fs (loop0): Start checkpoint disabled!
[  371.236621][ T9005] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  371.824234][   T42] kworker/u4:2: attempt to access beyond end of device
[  371.824234][   T42] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  371.838408][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  371.863945][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  372.567385][ T9018] loop0: detected capacity change from 0 to 512
[  372.594772][ T9018] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  372.672385][ T9018] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.695938][ T9018] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  372.821528][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.172987][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.433060][   T28] audit: type=1326 audit(1761698268.705:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9027 comm="syz.4.578" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2a458efc9 code=0x0
[  373.758476][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.969802][ T9046] loop2: detected capacity change from 0 to 64
[  376.290620][ T9052] loop4: detected capacity change from 0 to 512
[  377.344362][ T9052] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  377.504318][ T9052] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.562414][ T9067] loop5: detected capacity change from 0 to 512
[  377.585921][ T9052] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  377.608476][ T9067] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  377.888557][ T9067] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  377.907357][ T9067] ext4 filesystem being mounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  378.080744][ T9077] loop0: detected capacity change from 0 to 4096
[  378.088661][ T9077] ntfs3: Unknown parameter ''
[  378.828074][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  378.835961][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  379.975250][ T9093] netlink: 8 bytes leftover after parsing attributes in process `syz.2.592'.
[  380.902976][   T51] Bluetooth: hci0: command 0x0406 tx timeout
[  381.000131][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.032191][   T28] audit: type=1326 audit(1761698276.315:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.2.593" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33a5f8efc9 code=0x0
[  381.818627][ T9101] loop5: detected capacity change from 0 to 64
[  382.016867][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.952899][ T9135] loop5: detected capacity change from 0 to 64
[  386.051286][ T9143] loop2: detected capacity change from 0 to 512
[  386.103293][ T9143] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  386.357908][ T9143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.423765][ T9143] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  388.359300][ T9159] loop4: detected capacity change from 0 to 40427
[  388.374506][ T9159] F2FS-fs (loop4): invalid crc value
[  388.402932][ T9159] F2FS-fs (loop4): Found nat_bits in checkpoint
[  388.443161][ T9159] F2FS-fs (loop4): Start checkpoint disabled!
[  388.458686][ T9159] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  388.934258][ T9161] loop0: detected capacity change from 0 to 32768
[  389.036754][ T9161] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  389.156447][   T28] audit: type=1400 audit(1761698284.435:28): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9160 comm="syz.0.611"
[  389.281642][   T42] kworker/u4:2: attempt to access beyond end of device
[  389.281642][   T42] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  389.289954][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  389.343956][   T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  389.372950][   T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  389.519876][ T9171] Invalid ELF header type: 3 != 1
[  389.537182][ T9171] netlink: 8 bytes leftover after parsing attributes in process `syz.0.613'.
[  390.216880][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.801325][ T9176] loop5: detected capacity change from 0 to 64
[  392.201306][   T28] audit: type=1400 audit(1761698287.485:29): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9192 comm="syz.2.619"
[  393.168719][ T5794] Bluetooth: hci0: command 0x0406 tx timeout
[  393.539563][ T9199] loop5: detected capacity change from 0 to 40427
[  393.580133][ T9199] F2FS-fs (loop5): invalid crc value
[  393.605580][ T9199] F2FS-fs (loop5): Found nat_bits in checkpoint
[  393.634386][ T9199] F2FS-fs (loop5): Start checkpoint disabled!
[  393.669209][ T9199] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  394.054674][ T3465] kworker/u4:8: attempt to access beyond end of device
[  394.054674][ T3465] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  394.069255][ T3465] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  394.076605][ T3465] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  396.053893][ T9220] Invalid ELF header type: 3 != 1
[  396.073644][ T9220] netlink: 8 bytes leftover after parsing attributes in process `syz.2.626'.
[  397.912325][ T9236] loop0: detected capacity change from 0 to 40427
[  398.108073][ T9236] F2FS-fs (loop0): invalid crc value
[  398.159449][ T9236] F2FS-fs (loop0): Found nat_bits in checkpoint
[  398.203748][ T9236] F2FS-fs (loop0): Start checkpoint disabled!
[  398.211842][ T9236] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  398.767922][   T42] kworker/u4:2: attempt to access beyond end of device
[  398.767922][   T42] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  398.920475][ T9247] loop4: detected capacity change from 0 to 32768
[  399.018422][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  399.264877][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  399.515441][ T9247] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  399.642703][   T28] audit: type=1400 audit(1761698294.905:30): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9246 comm="syz.4.632"
[  399.824854][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  402.261400][ T9271] loop5: detected capacity change from 0 to 4096
[  402.934099][ T9271] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.444446][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.380732][ T9297] loop0: detected capacity change from 0 to 32768
[  405.423471][ T9297] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  405.616128][   T28] audit: type=1400 audit(1761698300.905:31): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9296 comm="syz.0.645"
[  406.126907][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  407.340823][ T9316] loop2: detected capacity change from 0 to 4096
[  407.348228][ T9316] ntfs3: Unknown parameter ''
[  407.470604][ T7483] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  408.663374][ T9327] loop0: detected capacity change from 0 to 512
[  408.688512][ T9327] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  408.755107][ T9327] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.812869][ T9327] ext4 filesystem being mounted at /180/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  409.496463][ T9334] loop2: detected capacity change from 0 to 512
[  409.666478][ T9334] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  409.739163][ T9334] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  409.958962][ T9334] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  410.776812][   T28] audit: type=1326 audit(1761698306.045:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9347 comm="syz.4.658" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2a458efc9 code=0x0
[  410.798330][    C1] vkms_vblank_simulate: vblank timer overrun
[  410.872190][ T9345] loop5: detected capacity change from 0 to 40427
[  410.891330][ T9345] F2FS-fs (loop5): invalid crc value
[  410.917963][ T9345] F2FS-fs (loop5): Found nat_bits in checkpoint
[  410.953226][ T9345] F2FS-fs (loop5): Start checkpoint disabled!
[  410.996831][ T9345] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  411.728994][ T3422] kworker/u4:6: attempt to access beyond end of device
[  411.728994][ T3422] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  411.743769][ T3422] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  411.750947][ T3422] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  413.190349][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.854795][ T9368] loop5: detected capacity change from 0 to 64
[  413.957347][ T9370] loop0: detected capacity change from 0 to 1764
[  414.080496][ T7483] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  414.570553][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.953355][ T9384] loop0: detected capacity change from 0 to 40427
[  415.964845][ T9384] F2FS-fs (loop0): invalid crc value
[  415.980052][ T9384] F2FS-fs (loop0): Found nat_bits in checkpoint
[  416.018739][   T28] audit: type=1326 audit(1761698311.295:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9385 comm="syz.4.668" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2a458efc9 code=0x0
[  416.023142][ T9384] F2FS-fs (loop0): Start checkpoint disabled!
[  416.048292][ T9384] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  417.035373][ T3508] kworker/u4:10: attempt to access beyond end of device
[  417.035373][ T3508] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  417.079900][ T3508] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  417.092747][ T3508] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  417.121224][ T9394] loop4: detected capacity change from 0 to 512
[  417.189784][ T9394] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  417.231228][ T9394] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.285116][ T9394] ext4 filesystem being mounted at /101/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  418.011976][ T9402] loop5: detected capacity change from 0 to 4096
[  418.024047][ T9402] ntfs3: Unknown parameter ''
[  420.103214][ T9420] ax25_connect(): syz.0.673 uses autobind, please contact jreuter@yaina.de
[  420.561471][   T28] audit: type=1326 audit(1761698315.845:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.2.678" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33a5f8efc9 code=0x0
[  421.352319][   T28] audit: type=1400 audit(1761698315.905:35): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9424 comm="syz.0.677"
[  422.347748][ T9439] loop0: detected capacity change from 0 to 64
[  423.464201][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.811517][ T9474] loop2: detected capacity change from 0 to 32768
[  427.369986][ T9474] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  427.523220][   T28] audit: type=1400 audit(1761698322.805:36): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9471 comm="syz.2.688"
[  427.641951][ T5784] ocfs2: Unmounting device (7,2) on (node local)
[  427.983695][ T9485] loop5: detected capacity change from 0 to 40427
[  428.103298][ T9485] F2FS-fs (loop5): invalid crc value
[  428.165817][ T9485] F2FS-fs (loop5): Found nat_bits in checkpoint
[  428.225159][ T9485] F2FS-fs (loop5): Start checkpoint disabled!
[  428.390963][ T9485] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  429.121872][ T9496] loop4: detected capacity change from 0 to 512
[  429.869224][ T9496] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  430.075002][   T49] kworker/u4:3: attempt to access beyond end of device
[  430.075002][   T49] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  430.118945][   T49] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  430.179133][   T49] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  430.194746][ T9496] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.223421][ T9496] ext4 filesystem being mounted at /105/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  431.620953][ T9522] loop5: detected capacity change from 0 to 512
[  431.773966][ T9520] loop0: detected capacity change from 0 to 32768
[  431.899577][ T9522] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  431.928253][ T9520] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  432.433775][   T28] audit: type=1400 audit(1761698327.725:37): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9519 comm="syz.0.701"
[  432.518759][ T9522] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.555859][ T9522] ext4 filesystem being mounted at /73/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  432.611033][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  432.785205][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.064310][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.496615][ T9562] loop2: detected capacity change from 0 to 4096
[  435.504019][ T9562] ntfs3: Unknown parameter ''
[  435.545433][ T7489] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  437.147213][ T9576] loop0: detected capacity change from 0 to 32768
[  437.370035][ T9576] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  438.117545][   T28] audit: type=1400 audit(1761698333.405:38): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9575 comm="syz.0.712"
[  438.712717][ T9595] loop4: detected capacity change from 0 to 40427
[  438.745698][ T9595] F2FS-fs (loop4): invalid crc value
[  438.759358][ T9595] F2FS-fs (loop4): Found nat_bits in checkpoint
[  438.760092][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  438.820929][ T9595] F2FS-fs (loop4): Start checkpoint disabled!
[  438.842739][ T9595] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  439.589537][ T3465] kworker/u4:8: attempt to access beyond end of device
[  439.589537][ T3465] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  439.640317][ T3465] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  439.682822][ T3465] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  439.913124][ T9607] loop0: detected capacity change from 0 to 4096
[  439.920476][ T9607] ntfs3: Unknown parameter ''
[  440.353702][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  440.360129][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  442.055333][ T9625] Invalid ELF header type: 3 != 1
[  442.096667][ T9625] netlink: 8 bytes leftover after parsing attributes in process `syz.5.724'.
[  442.144111][ T9628] loop4: detected capacity change from 0 to 512
[  442.238660][ T9628] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  443.034454][ T9628] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.073986][ T9628] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  443.269008][ T9643] loop0: detected capacity change from 0 to 1764
[  443.791745][ T7489] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  445.532230][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  445.623225][ T9663] loop5: detected capacity change from 0 to 64
[  446.266987][ T9668] Invalid ELF header type: 3 != 1
[  446.284503][ T9668] netlink: 8 bytes leftover after parsing attributes in process `syz.5.736'.
[  448.644406][ T9687] loop2: detected capacity change from 0 to 40427
[  448.657787][ T9687] F2FS-fs (loop2): invalid crc value
[  448.703390][ T9687] F2FS-fs (loop2): Found nat_bits in checkpoint
[  448.747916][ T9687] F2FS-fs (loop2): Start checkpoint disabled!
[  448.771312][ T9687] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  448.833522][   T28] audit: type=1326 audit(1761698344.105:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9693 comm="syz.0.743" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb6fe18efc9 code=0x0
[  448.855021][    C0] vkms_vblank_simulate: vblank timer overrun
[  449.940982][ T9688] loop5: detected capacity change from 0 to 32768
[  449.955003][ T3452] kworker/u4:7: attempt to access beyond end of device
[  449.955003][ T3452] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  450.018888][ T3452] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  450.040731][ T3452] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  450.107788][ T9702] loop0: detected capacity change from 0 to 64
[  450.207346][ T9688] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  450.269633][ T9688] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  450.453912][ T9688] XFS (loop5): Ending clean mount
[  450.502115][ T9688] XFS (loop5): Quotacheck needed: Please wait.
[  450.724612][ T9688] XFS (loop5): Quotacheck: Done.
[  452.701956][ T7700] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  452.764216][   T28] audit: type=1326 audit(1761698348.025:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9731 comm="syz.2.752" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33a5f8efc9 code=0x0
[  452.785692][    C0] vkms_vblank_simulate: vblank timer overrun
[  453.890639][ T9740] loop2: detected capacity change from 0 to 40427
[  453.934681][ T9740] F2FS-fs (loop2): invalid crc value
[  453.952044][ T9740] F2FS-fs (loop2): Found nat_bits in checkpoint
[  453.979708][ T9740] F2FS-fs (loop2): Start checkpoint disabled!
[  454.003643][ T9740] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  454.564992][ T9723] loop4: detected capacity change from 0 to 32768
[  454.991439][ T3452] kworker/u4:7: attempt to access beyond end of device
[  454.991439][ T3452] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  455.045965][ T3452] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  455.047564][ T9751] lo speed is unknown, defaulting to 1000
[  455.061275][ T9751] lo speed is unknown, defaulting to 1000
[  455.088603][ T9751] lo speed is unknown, defaulting to 1000
[  455.098111][ T3452] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  455.150719][ T9751] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  455.227523][ T9751] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  455.500619][ T9751] lo speed is unknown, defaulting to 1000
[  455.540212][ T9754] loop4: detected capacity change from 0 to 64
[  455.552186][ T9754] hfs: dir_umask requires a value
[  455.557768][ T9754] hfs: unable to parse mount options
[  455.961884][ T9751] lo speed is unknown, defaulting to 1000
[  455.975651][ T9751] lo speed is unknown, defaulting to 1000
[  456.043040][ T9751] lo speed is unknown, defaulting to 1000
[  457.491009][ T9767] block nbd5: not configured, cannot reconfigure
[  458.848208][ T9775] loop5: detected capacity change from 0 to 32768
[  459.034245][ T9775] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  460.000540][   T28] audit: type=1400 audit(1761698355.285:41): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9774 comm="syz.5.763"
[  460.342156][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  461.277871][ T9798] loop4: detected capacity change from 0 to 32768
[  461.330778][ T9798] gfs2: fsid=meta: Trying to join cluster "lock_nolock", "meta"
[  461.339688][ T9798] gfs2: fsid=meta: Now mounting FS (format 1802)...
[  461.407601][ T9798] gfs2: fsid=meta.s: fatal: filesystem consistency error
[  461.407601][ T9798]   inode = 1 19
[  461.407601][ T9798]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 472
[  461.451187][ T9798] gfs2: fsid=meta.s: G:  s:SH n:2/13 f:qobnN t:SH d:EX/0 a:0 v:0 r:3 m:20 p:1
[  461.502773][ T9798] gfs2: fsid=meta.s:  H: s:SH f:eEcH e:0 p:9798 [syz.4.769] init_journal+0x17f1/0x2260
[  461.541651][ T9798] gfs2: fsid=meta.s:  I: n:1/19 t:8 f:0x00 d:0x00000000 s:0 p:0
[  461.610193][ T9798] gfs2: fsid=meta.s: about to withdraw this file system
[  461.620633][ T9798] gfs2: fsid=meta.s: Journal recovery skipped for jid 0 until next mount.
[  461.662447][ T9798] gfs2: fsid=meta.s: Glock dequeues delayed: 0
[  461.675181][ T9798] gfs2: fsid=meta.s: File system withdrawn
[  461.695386][ T9798] CPU: 0 PID: 9798 Comm: syz.4.769 Not tainted syzkaller #0
[  461.702728][ T9798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  461.712817][ T9798] Call Trace:
[  461.716108][ T9798]  <TASK>
[  461.719055][ T9798]  dump_stack_lvl+0x16c/0x230
[  461.723756][ T9798]  ? kobject_uevent_env+0x363/0x8c0
[  461.728972][ T9798]  ? show_regs_print_info+0x20/0x20
[  461.734187][ T9798]  ? load_image+0x3b0/0x3b0
[  461.738708][ T9798]  ? kobject_uevent_env+0x363/0x8c0
[  461.743929][ T9798]  gfs2_withdraw+0xe50/0x13b0
[  461.748651][ T9798]  ? gfs2_lm+0x220/0x220
[  461.752917][ T9798]  ? preempt_schedule+0xab/0xc0
[  461.757792][ T9798]  ? gfs2_consist_inode_i+0xf5/0x110
[  461.763099][ T9798]  gfs2_inode_refresh+0xb83/0xff0
[  461.768147][ T9798]  ? gfs2_inode_metasync+0xf0/0xf0
[  461.773289][ T9798]  ? gfs2_glock_nq+0xd4f/0x1420
[  461.778164][ T9798]  gfs2_instantiate+0x162/0x220
[  461.783038][ T9798]  gfs2_glock_wait+0x1d4/0x2a0
[  461.787822][ T9798]  check_journal_clean+0x11d/0x300
[  461.792959][ T9798]  ? gfs2_trans_remove_revoke+0x370/0x370
[  461.798692][ T9798]  ? init_journal+0x17f1/0x2260
[  461.803539][ T9798]  ? __rwlock_init+0x150/0x150
[  461.808299][ T9798]  ? do_raw_spin_unlock+0x121/0x230
[  461.813500][ T9798]  ? _raw_spin_unlock+0x28/0x40
[  461.818345][ T9798]  ? gfs2_jdesc_find+0xab/0xc0
[  461.823101][ T9798]  init_journal+0x17f1/0x2260
[  461.827769][ T9798]  ? gfs2_glock_dq_uninit+0x28/0xe0
[  461.832964][ T9798]  ? init_inodes+0xdb/0x320
[  461.837460][ T9798]  ? vsnprintf+0x7b2/0x1a40
[  461.841953][ T9798]  ? _compound_head+0x120/0x120
[  461.846793][ T9798]  ? vsnprintf+0x1957/0x1a40
[  461.851382][ T9798]  ? snprintf+0xdb/0x120
[  461.855625][ T9798]  ? init_inodes+0xdb/0x320
[  461.860120][ T9798]  ? vscnprintf+0x80/0x80
[  461.864440][ T9798]  ? gfs2_glock_nq_num+0x183/0x1c0
[  461.869547][ T9798]  init_inodes+0xdb/0x320
[  461.873870][ T9798]  gfs2_fill_super+0x1815/0x1f80
[  461.878814][ T9798]  ? gfs2_reconfigure+0xb10/0xb10
[  461.883832][ T9798]  ? init_locking+0xb8/0x200
[  461.888415][ T9798]  ? setup_bdev_super+0x56b/0x660
[  461.893427][ T9798]  get_tree_bdev+0x3e4/0x510
[  461.898002][ T9798]  ? end_current_label_crit_section+0x170/0x170
[  461.904232][ T9798]  ? gfs2_reconfigure+0xb10/0xb10
[  461.909250][ T9798]  ? setup_bdev_super+0x660/0x660
[  461.914271][ T9798]  gfs2_get_tree+0x51/0x1e0
[  461.918767][ T9798]  vfs_get_tree+0x8c/0x280
[  461.923176][ T9798]  do_new_mount+0x24b/0xa40
[  461.927671][ T9798]  __se_sys_mount+0x2da/0x3c0
[  461.932343][ T9798]  ? __x64_sys_mount+0xc0/0xc0
[  461.937107][ T9798]  ? lockdep_hardirqs_on+0x98/0x150
[  461.942292][ T9798]  ? __x64_sys_mount+0x20/0xc0
[  461.947051][ T9798]  do_syscall_64+0x55/0xb0
[  461.951460][ T9798]  ? clear_bhb_loop+0x40/0x90
[  461.956129][ T9798]  ? clear_bhb_loop+0x40/0x90
[  461.960798][ T9798]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  461.966681][ T9798] RIP: 0033:0x7fd2a459076a
[  461.971096][ T9798] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  461.990693][ T9798] RSP: 002b:00007fd2a27f5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  461.999099][ T9798] RAX: ffffffffffffffda RBX: 00007fd2a27f5ef0 RCX: 00007fd2a459076a
[  462.007063][ T9798] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fd2a27f5eb0
[  462.015027][ T9798] RBP: 0000200000000400 R08: 00007fd2a27f5ef0 R09: 0000000001800004
[  462.022986][ T9798] R10: 0000000001800004 R11: 0000000000000246 R12: 0000200000012500
[  462.030944][ T9798] R13: 00007fd2a27f5eb0 R14: 00000000000125fb R15: 0000200000000000
[  462.038919][ T9798]  </TASK>
[  462.230884][ T9798] gfs2: fsid=meta.s: Error -5 locking journal for spectator mount.
[  462.826084][ T9819] overlayfs: failed to resolve './file1': -2
[  463.041822][ T9826] loop4: detected capacity change from 0 to 512
[  463.065110][ T9826] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  463.112745][   T23] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  463.231278][ T9826] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  463.258850][ T9826] ext4 filesystem being mounted at /124/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  463.435064][   T23] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  463.476051][   T23] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  463.506164][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.518948][   T23] usb 3-1: Product: syz
[  463.523466][   T23] usb 3-1: Manufacturer: syz
[  463.528209][   T23] usb 3-1: SerialNumber: syz
[  463.542090][   T23] usb 3-1: config 0 descriptor??
[  464.350248][ T9839] loop5: detected capacity change from 0 to 32768
[  464.373963][   T23] usb 3-1: USB disconnect, device number 2
[  464.481605][ T9839] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  464.676504][ T9839] XFS (loop5): Ending clean mount
[  465.897326][ T9863] netlink: 'syz.2.782': attribute type 1 has an invalid length.
[  465.905385][ T9863] netlink: 'syz.2.782': attribute type 2 has an invalid length.
[  465.925178][ T9863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.782'.
[  466.467437][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  466.525842][ T7700] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  469.804583][ T9892] loop4: detected capacity change from 0 to 512
[  469.866824][ T9892] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  469.891331][ T9897] netlink: 8 bytes leftover after parsing attributes in process `syz.5.793'.
[  469.927275][ T9892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  470.015437][ T9892] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  471.728532][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  473.483051][ T5794] Bluetooth: hci0: command 0x0406 tx timeout
[  473.485214][ T9920] Invalid ELF header type: 3 != 1
[  473.498987][ T9920] netlink: 8 bytes leftover after parsing attributes in process `syz.4.796'.
[  474.026108][ T9926] loop2: detected capacity change from 0 to 512
[  474.097275][ T9926] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.799: inode has both inline data and extents flags
[  474.150609][ T9926] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.799: couldn't read orphan inode 15 (err -117)
[  474.177312][ T9924] loop4: detected capacity change from 0 to 40427
[  474.211574][ T9926] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  474.234268][ T9924] F2FS-fs (loop4): invalid crc value
[  474.254322][ T9924] F2FS-fs (loop4): Found nat_bits in checkpoint
[  474.304182][ T9924] F2FS-fs (loop4): Start checkpoint disabled!
[  474.324545][ T9924] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  474.325348][ T9926] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 7934 vs 220 free clusters
[  474.790802][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  474.997402][   T42] kworker/u4:2: attempt to access beyond end of device
[  474.997402][   T42] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  475.023316][   T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  475.072726][   T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  478.047652][ T9947] Invalid ELF header type: 3 != 1
[  478.081369][ T9947] netlink: 8 bytes leftover after parsing attributes in process `syz.5.806'.
[  482.151651][ T9963] ax25_connect(): syz.4.809 uses autobind, please contact jreuter@yaina.de
[  482.332322][ T9967] loop2: detected capacity change from 0 to 32768
[  482.581057][ T9967] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  482.600632][ T9968] loop5: detected capacity change from 0 to 64
[  482.952469][   T28] audit: type=1400 audit(1761698378.215:42): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9964 comm="syz.2.811"
[  483.082422][ T5784] ocfs2: Unmounting device (7,2) on (node local)
[  484.149573][ T9983] loop0: detected capacity change from 0 to 4096
[  484.354193][ T9983] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.030336][ T9992] loop2: detected capacity change from 0 to 1024
[  485.078723][ T9992] EXT4-fs: Ignoring removed i_version option
[  485.110790][ T9992] EXT4-fs: inline encryption not supported
[  485.117322][ T9992] EXT4-fs: Ignoring removed i_version option
[  485.185100][ T9994] overlayfs: failed to resolve './file1': -2
[  485.192121][ T5794] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  485.328583][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.482828][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  486.512096][T10000] loop0: detected capacity change from 0 to 40427
[  486.568964][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  486.592979][T10000] F2FS-fs (loop0): invalid crc value
[  486.598541][    T9] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  486.608454][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.619119][T10002] ax25_connect(): syz.5.821 uses autobind, please contact jreuter@yaina.de
[  486.628973][T10000] F2FS-fs (loop0): Found nat_bits in checkpoint
[  486.655999][T10000] F2FS-fs (loop0): Start checkpoint disabled!
[  486.665091][    T9] usb 5-1: Product: syz
[  486.670828][    T9] usb 5-1: Manufacturer: syz
[  486.678850][    T9] usb 5-1: SerialNumber: syz
[  486.683841][T10000] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  486.710100][    T9] usb 5-1: config 0 descriptor??
[  487.098529][T10010] loop2: detected capacity change from 0 to 64
[  487.511385][T10011] loop5: detected capacity change from 0 to 32768
[  487.664701][T10011] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  487.938779][   T28] audit: type=1400 audit(1761698383.215:43): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10009 comm="syz.5.823"
[  488.068828][  T146] kworker/u4:5: attempt to access beyond end of device
[  488.068828][  T146] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  488.140663][  T146] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  488.152191][  T146] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  488.192368][    T9] usb 5-1: USB disconnect, device number 3
[  488.216073][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  488.281860][ T7483] udevd[7483]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such device
[  491.082241][T10019] loop5: detected capacity change from 0 to 32768
[  491.281556][T10043] loop2: detected capacity change from 0 to 64
[  491.369267][T10019] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  491.548976][T10048] loop4: detected capacity change from 0 to 64
[  492.278988][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  493.464039][T10052] loop0: detected capacity change from 0 to 32768
[  493.550404][T10052] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  493.605694][T10052] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  493.652514][T10070] loop5: detected capacity change from 0 to 512
[  493.672092][T10070] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  493.752461][T10052] XFS (loop0): Ending clean mount
[  493.796775][T10052] XFS (loop0): Quotacheck needed: Please wait.
[  493.849652][T10070] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  493.872929][T10070] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  493.910414][T10052] XFS (loop0): Quotacheck: Done.
[  494.774593][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.038658][ T5786] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  496.286476][T10083] loop4: detected capacity change from 0 to 32768
[  496.508159][T10083] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  497.093478][T10118] loop5: detected capacity change from 0 to 4096
[  497.105497][T10118] ntfs3: Unknown parameter ''
[  497.476855][T10083] XFS (loop4): Ending clean mount
[  497.735824][ T7026] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  499.443397][T10132] loop4: detected capacity change from 0 to 40427
[  499.455004][T10132] F2FS-fs (loop4): invalid crc value
[  499.469189][T10132] F2FS-fs (loop4): Found nat_bits in checkpoint
[  499.520981][T10132] F2FS-fs (loop4): Start checkpoint disabled!
[  499.530818][T10132] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  499.545120][T10135] loop2: detected capacity change from 0 to 512
[  499.571246][T10135] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  499.903037][T10135] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  499.961758][T10135] ext4 filesystem being mounted at /226/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  500.265434][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  500.298121][  T146] kworker/u4:5: attempt to access beyond end of device
[  500.298121][  T146] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  500.362835][  T146] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  500.405574][  T146] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  500.599603][T10144] loop5: detected capacity change from 0 to 32768
[  500.657080][T10144] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  501.673444][T10153] loop0: detected capacity change from 0 to 64
[  501.719066][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  501.725438][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  501.954887][   T28] audit: type=1400 audit(1761698397.245:44): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10142 comm="syz.5.853"
[  502.121688][ T7700] ocfs2: Unmounting device (7,5) on (node local)
[  502.474319][T10162] loop5: detected capacity change from 0 to 512
[  502.516908][T10162] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  502.705634][T10166] loop0: detected capacity change from 0 to 4096
[  502.713550][T10166] ntfs3: Unknown parameter ''
[  503.106009][T10162] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  503.136548][T10162] ext4 filesystem being mounted at /114/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  503.905199][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.784582][T10192] loop4: detected capacity change from 0 to 4096
[  505.949913][T10192] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.998365][T10191] loop2: detected capacity change from 0 to 40427
[  506.015067][T10191] F2FS-fs (loop2): invalid crc value
[  506.060756][T10191] F2FS-fs (loop2): Found nat_bits in checkpoint
[  506.109898][T10191] F2FS-fs (loop2): Start checkpoint disabled!
[  506.135487][T10191] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  506.228630][ T5794] Bluetooth: hci4: unexpected event 0x03 length: 1 < 11
[  506.733187][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.072328][ T3452] kworker/u4:7: attempt to access beyond end of device
[  507.072328][ T3452] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  507.095784][ T3452] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  507.103338][ T3452] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  508.023150][T10211] loop5: detected capacity change from 0 to 64
[  508.370879][T10201] loop0: detected capacity change from 0 to 32768
[  508.474979][T10201] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  509.587032][   T28] audit: type=1400 audit(1761698404.825:45): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10200 comm="syz.0.866"
[  509.731125][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  510.328878][T10230] Invalid ELF header type: 3 != 1
[  510.436014][T10230] netlink: 8 bytes leftover after parsing attributes in process `syz.0.872'.
[  511.581744][T10243] loop4: detected capacity change from 0 to 4096
[  511.688240][T10243] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  511.755875][T10242] Bluetooth: hci4: unexpected event 0x03 length: 1 < 11
[  511.779030][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  512.019381][T10249] loop4: detected capacity change from 0 to 512
[  512.093610][T10249] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  512.178418][T10249] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  512.282987][T10249] ext4 filesystem being mounted at /148/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  513.279103][T10263] loop0: detected capacity change from 0 to 512
[  513.382717][T10242] Bluetooth: hci0: command 0x0406 tx timeout
[  513.421915][T10263] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  513.458399][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.531453][T10263] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  513.547567][T10263] ext4 filesystem being mounted at /239/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  514.269656][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.991240][T10276] loop5: detected capacity change from 0 to 64
[  515.271387][T10281] Invalid ELF header type: 3 != 1
[  515.375790][T10281] netlink: 8 bytes leftover after parsing attributes in process `syz.0.882'.
[  515.451714][T10282] loop4: detected capacity change from 0 to 4096
[  515.647733][T10282] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  515.854557][T10242] Bluetooth: hci4: unexpected event 0x03 length: 1 < 11
[  515.899067][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  518.054780][T10304] loop2: detected capacity change from 0 to 40427
[  518.075504][T10304] F2FS-fs (loop2): invalid crc value
[  518.097200][T10304] F2FS-fs (loop2): Found nat_bits in checkpoint
[  518.230920][T10304] F2FS-fs (loop2): Start checkpoint disabled!
[  518.283672][T10304] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  518.644346][T10313] loop5: detected capacity change from 0 to 64
[  518.669124][   T49] kworker/u4:3: attempt to access beyond end of device
[  518.669124][   T49] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  518.683865][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  518.691085][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  519.349077][T10318] loop2: detected capacity change from 0 to 512
[  519.540346][T10318] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  519.945315][T10318] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  520.017475][T10318] ext4 filesystem being mounted at /236/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  520.580013][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.724721][T10332] Invalid ELF header type: 3 != 1
[  521.783419][T10332] netlink: 8 bytes leftover after parsing attributes in process `syz.2.894'.
[  521.910671][T10337] loop4: detected capacity change from 0 to 512
[  521.921502][T10337] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  521.936705][T10325] loop0: detected capacity change from 0 to 32768
[  522.018418][T10337] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.057177][T10325] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  522.085450][T10337] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  522.808365][   T28] audit: type=1400 audit(1761698418.095:46): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10323 comm="syz.0.893"
[  522.887958][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  523.036019][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.230740][T10356] overlayfs: failed to resolve './file1': -2
[  523.532855][ T5881] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  523.973635][ T5881] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  524.025851][ T5881] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  524.240832][ T5881] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.257769][ T5881] usb 1-1: Product: syz
[  524.261985][ T5881] usb 1-1: Manufacturer: syz
[  524.267025][ T5881] usb 1-1: SerialNumber: syz
[  524.725207][ T5881] usb 1-1: config 0 descriptor??
[  525.287314][T10371] loop4: detected capacity change from 0 to 512
[  525.370465][T10371] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  525.495001][T10373] loop2: detected capacity change from 0 to 64
[  526.925031][  T788] usb 1-1: USB disconnect, device number 3
[  526.998386][T10371] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.082911][T10371] ext4 filesystem being mounted at /155/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  528.159136][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  528.267304][T10389] loop2: detected capacity change from 0 to 512
[  528.285729][T10389] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  528.340495][T10389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.361623][T10389] ext4 filesystem being mounted at /243/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  528.430333][T10385] loop5: detected capacity change from 0 to 40427
[  528.545647][T10385] F2FS-fs (loop5): invalid crc value
[  528.579969][T10385] F2FS-fs (loop5): Found nat_bits in checkpoint
[  528.633064][T10385] F2FS-fs (loop5): Start checkpoint disabled!
[  528.664040][T10385] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  529.174415][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  529.204705][   T42] kworker/u4:2: attempt to access beyond end of device
[  529.204705][   T42] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  529.249171][   T42] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  529.273226][   T42] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  529.439316][T10403] netlink: 40 bytes leftover after parsing attributes in process `syz.2.911'.
[  529.461203][T10403] ax25_connect(): syz.2.911 uses autobind, please contact jreuter@yaina.de
[  529.775913][T10395] loop4: detected capacity change from 0 to 32768
[  530.550296][T10395] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  530.797275][   T28] audit: type=1400 audit(1761698426.065:47): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10394 comm="syz.4.908"
[  530.855261][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  532.244063][T10425] overlayfs: failed to resolve './file1': -2
[  532.381561][T10428] loop4: detected capacity change from 0 to 512
[  532.406541][T10428] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  532.457646][T10428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.505045][T10428] ext4 filesystem being mounted at /158/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  532.567567][T10433] loop0: detected capacity change from 0 to 512
[  532.598291][T10433] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  532.697773][T10433] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.737340][ T5838] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  532.743603][T10433] ext4 filesystem being mounted at /246/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  532.907663][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.978186][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  533.026779][ T5838] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  533.066679][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.103820][ T5838] usb 3-1: Product: syz
[  533.112140][ T5838] usb 3-1: Manufacturer: syz
[  533.124510][ T5838] usb 3-1: SerialNumber: syz
[  533.144128][ T5838] usb 3-1: config 0 descriptor??
[  533.938536][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  535.441075][T10453] netlink: 40 bytes leftover after parsing attributes in process `syz.0.920'.
[  535.450909][T10453] ax25_connect(): syz.0.920 uses autobind, please contact jreuter@yaina.de
[  537.282847][T10466] loop4: detected capacity change from 0 to 512
[  537.350200][T10466] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  537.466564][T10466] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  537.541089][T10466] ext4 filesystem being mounted at /163/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  537.829478][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.257528][T10472] loop4: detected capacity change from 0 to 40427
[  538.288858][T10472] F2FS-fs (loop4): invalid crc value
[  538.297157][T10472] F2FS-fs (loop4): Found nat_bits in checkpoint
[  538.327998][T10472] F2FS-fs (loop4): Start checkpoint disabled!
[  538.336763][T10474] loop5: detected capacity change from 0 to 512
[  538.353331][T10474] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  538.370090][T10472] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  538.999063][T10474] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  539.041966][ T5852] usb 3-1: USB disconnect, device number 3
[  539.087256][T10474] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  539.321122][   T42] kworker/u4:2: attempt to access beyond end of device
[  539.321122][   T42] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  539.404383][   T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  539.442794][   T42] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  539.606827][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.058155][T10489] loop5: detected capacity change from 0 to 40427
[  540.132048][T10489] F2FS-fs (loop5): invalid crc value
[  540.138206][T10483] loop2: detected capacity change from 0 to 32768
[  540.154227][T10489] F2FS-fs (loop5): Found nat_bits in checkpoint
[  540.209460][T10489] F2FS-fs (loop5): Start checkpoint disabled!
[  540.220802][T10489] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  540.254700][T10483] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  540.826350][   T28] audit: type=1400 audit(1761698436.025:48): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10482 comm="syz.2.930"
[  540.866586][T10497] Invalid ELF header type: 3 != 1
[  540.963141][T10495] netlink: 8 bytes leftover after parsing attributes in process `syz.4.929'.
[  541.101441][ T5784] ocfs2: Unmounting device (7,2) on (node local)
[  541.195044][T10502] loop0: detected capacity change from 0 to 512
[  541.239524][ T3452] kworker/u4:7: attempt to access beyond end of device
[  541.239524][ T3452] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  541.245870][T10502] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  541.401937][ T3452] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  541.442984][ T3452] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  541.484802][T10502] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  541.595986][T10502] ext4 filesystem being mounted at /251/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  542.684632][   T28] audit: type=1326 audit(1761698437.735:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10516 comm="syz.2.938" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33a5f8efc9 code=0x0
[  542.831967][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  543.019992][T10523] loop4: detected capacity change from 0 to 64
[  543.538785][T10526] loop0: detected capacity change from 0 to 40427
[  543.624334][T10526] F2FS-fs (loop0): invalid crc value
[  543.651799][T10526] F2FS-fs (loop0): Found nat_bits in checkpoint
[  543.708518][T10526] F2FS-fs (loop0): Start checkpoint disabled!
[  543.718169][T10526] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  544.721361][T10538] loop5: detected capacity change from 0 to 64
[  545.193434][   T11] kworker/u4:0: attempt to access beyond end of device
[  545.193434][   T11] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  545.266331][   T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  545.300765][   T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  547.168959][T10557] loop4: detected capacity change from 0 to 512
[  547.839313][T10557] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  548.047205][T10557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  548.102947][T10557] ext4 filesystem being mounted at /170/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  548.142728][   T28] audit: type=1326 audit(1761698443.425:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10564 comm="syz.2.949" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33a5f8efc9 code=0x0
[  548.645854][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  548.660038][T10552] loop0: detected capacity change from 0 to 32768
[  548.756972][T10552] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  548.904077][   T28] audit: type=1400 audit(1761698444.195:51): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10551 comm="syz.0.942"
[  549.273095][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  551.823255][T10601] loop5: detected capacity change from 0 to 512
[  552.915269][T10606] loop0: detected capacity change from 0 to 64
[  553.284934][T10601] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  553.675529][T10599] netlink: 40 bytes leftover after parsing attributes in process `syz.2.957'.
[  553.688294][T10599] ax25_connect(): syz.2.957 uses autobind, please contact jreuter@yaina.de
[  553.916310][T10601] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  553.957435][   T28] audit: type=1326 audit(1761698449.235:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10609 comm="syz.4.959" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2a458efc9 code=0x0
[  554.003204][T10601] ext4 filesystem being mounted at /131/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  555.000104][T10624] loop0: detected capacity change from 0 to 4096
[  555.014881][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.041949][T10624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  555.130520][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.142194][   T51] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  558.367048][T10664] netlink: 40 bytes leftover after parsing attributes in process `syz.5.970'.
[  558.378015][T10664] ax25_connect(): syz.5.970 uses autobind, please contact jreuter@yaina.de
[  559.143511][T10669] loop5: detected capacity change from 0 to 512
[  559.174655][T10669] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  559.352220][T10669] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  559.381816][T10669] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  560.139196][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.262380][T10682] loop0: detected capacity change from 0 to 4096
[  560.316832][T10682] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.623135][   T51] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  560.677085][T10686] loop5: detected capacity change from 0 to 40427
[  560.695087][T10686] F2FS-fs (loop5): invalid crc value
[  560.704554][T10686] F2FS-fs (loop5): Found nat_bits in checkpoint
[  560.751847][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  560.762936][T10686] F2FS-fs (loop5): Start checkpoint disabled!
[  560.784607][T10686] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  561.564580][  T146] kworker/u4:5: attempt to access beyond end of device
[  561.564580][  T146] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  561.578956][  T146] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  561.586740][  T146] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  562.704239][T10699] loop0: detected capacity change from 0 to 40427
[  562.729501][T10699] F2FS-fs (loop0): invalid crc value
[  562.737270][T10699] F2FS-fs (loop0): Found nat_bits in checkpoint
[  562.788167][T10699] F2FS-fs (loop0): Start checkpoint disabled!
[  562.820274][T10699] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  563.148638][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  563.159555][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  563.348403][   T42] kworker/u4:2: attempt to access beyond end of device
[  563.348403][   T42] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  563.362709][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  563.369810][   T42] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  563.916748][T10713] netlink: 40 bytes leftover after parsing attributes in process `syz.0.980'.
[  563.927885][T10713] ax25_connect(): syz.0.980 uses autobind, please contact jreuter@yaina.de
[  564.610828][   T96] null_blk: rq ffff8880228c8000 timed out
[  564.616706][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.632827][   T96] null_blk: rq ffff8880228c8180 timed out
[  564.639085][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.649991][   T96] null_blk: rq ffff8880228c8300 timed out
[  564.656191][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.668153][   T96] null_blk: rq ffff8880228c8480 timed out
[  564.674028][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.684635][   T96] null_blk: rq ffff8880228c8600 timed out
[  564.690434][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.701036][   T96] null_blk: rq ffff8880228c8780 timed out
[  564.706880][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.717633][   T96] null_blk: rq ffff8880228c8900 timed out
[  564.723472][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.734067][   T96] null_blk: rq ffff8880228c8a80 timed out
[  564.739810][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.753550][   T96] null_blk: rq ffff8880228c8c00 timed out
[  564.759327][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.771208][   T96] null_blk: rq ffff8880228c8d80 timed out
[  564.777045][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 1 prio class 1
[  564.787661][   T96] null_blk: rq ffff8880228c8f00 timed out
[  564.793482][   T96] null_blk: rq ffff8880228c9080 timed out
[  564.799390][   T96] null_blk: rq ffff8880228c9200 timed out
[  564.805251][   T96] null_blk: rq ffff8880228c9380 timed out
[  564.811057][   T96] null_blk: rq ffff8880228c9500 timed out
[  564.811905][T10718] loop0: detected capacity change from 0 to 512
[  564.816930][   T96] null_blk: rq ffff8880228c9680 timed out
[  564.819693][   T96] null_blk: rq ffff8880228c9800 timed out
[  564.835084][   T96] null_blk: rq ffff8880228c9980 timed out
[  564.840828][   T96] null_blk: rq ffff8880228c9b00 timed out
[  564.846733][   T96] null_blk: rq ffff8880228c9c80 timed out
[  564.852499][   T96] null_blk: rq ffff8880228c9e00 timed out
[  564.858384][   T96] null_blk: rq ffff8880228c9f80 timed out
[  564.864228][   T96] null_blk: rq ffff8880228ca100 timed out
[  564.871308][   T96] null_blk: rq ffff8880228ca280 timed out
[  564.877757][   T96] null_blk: rq ffff8880228ca400 timed out
[  564.883678][   T96] null_blk: rq ffff8880228ca580 timed out
[  564.889442][   T96] null_blk: rq ffff8880228ca700 timed out
[  564.895328][   T96] null_blk: rq ffff8880228ca880 timed out
[  564.901088][   T96] null_blk: rq ffff8880228caa00 timed out
[  564.907163][   T96] null_blk: rq ffff8880228cab80 timed out
[  564.912990][   T96] null_blk: rq ffff8880228cad00 timed out
[  564.919017][   T96] null_blk: rq ffff8880228cae80 timed out
[  564.928139][   T96] null_blk: rq ffff8880228cb000 timed out
[  564.934047][   T96] null_blk: rq ffff8880228cb180 timed out
[  564.939823][   T96] null_blk: rq ffff8880228cb300 timed out
[  564.945728][   T96] null_blk: rq ffff8880228cb480 timed out
[  564.951472][   T96] null_blk: rq ffff8880228cb600 timed out
[  564.953881][T10718] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  564.957332][   T96] null_blk: rq ffff8880228cb780 timed out
[  564.975798][   T96] null_blk: rq ffff8880228cb900 timed out
[  564.981564][   T96] null_blk: rq ffff8880228cba80 timed out
[  564.987487][   T96] null_blk: rq ffff8880228cbc00 timed out
[  565.122080][T10718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.212221][T10718] ext4 filesystem being mounted at /262/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  565.485488][T10723] loop2: detected capacity change from 0 to 4096
[  565.557753][T10723] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.792370][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.827852][   T51] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  565.920792][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.036866][T10726] loop4: detected capacity change from 0 to 32768
[  566.122327][T10726] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  566.257398][T10736] Invalid ELF header type: 3 != 1
[  566.274500][T10736] netlink: 8 bytes leftover after parsing attributes in process `syz.0.986'.
[  566.444897][   T28] audit: type=1400 audit(1761698461.675:53): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10725 comm="syz.4.985"
[  566.903080][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  568.550579][T10751] netlink: 40 bytes leftover after parsing attributes in process `syz.0.991'.
[  568.561675][T10751] ax25_connect(): syz.0.991 uses autobind, please contact jreuter@yaina.de
[  569.545305][T10754] loop4: detected capacity change from 0 to 64
[  569.805589][T10756] loop0: detected capacity change from 0 to 512
[  569.835519][T10756] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  569.977876][T10756] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  570.023206][T10756] ext4 filesystem being mounted at /265/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  570.867208][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  570.993458][T10765] loop4: detected capacity change from 0 to 512
[  571.060989][T10765] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  571.171903][T10765] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.195608][T10767] loop0: detected capacity change from 0 to 4096
[  571.222521][T10765] ext4 filesystem being mounted at /181/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  571.258996][T10767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.473035][   T51] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  571.728399][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.826416][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  572.126045][T10777] loop4: detected capacity change from 0 to 512
[  572.211546][T10777] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  572.296478][T10777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  572.319929][T10777] ext4 filesystem being mounted at /182/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  573.284001][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  573.490179][T10775] loop0: detected capacity change from 0 to 32768
[  573.579417][T10775] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  573.749604][T10798] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1001'.
[  573.760525][T10798] ax25_connect(): syz.4.1001 uses autobind, please contact jreuter@yaina.de
[  574.607344][   T28] audit: type=1400 audit(1761698469.875:54): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10774 comm="syz.0.996"
[  574.975261][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  575.048263][T10807] loop0: detected capacity change from 0 to 512
[  575.092449][T10804] loop2: detected capacity change from 0 to 4096
[  575.437768][T10805] loop4: detected capacity change from 0 to 64
[  575.445749][T10807] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  575.494086][T10804] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  575.521015][T10807] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  575.584335][T10807] ext4 filesystem being mounted at /268/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  575.886508][   T51] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  576.009586][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.205346][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.457532][T10825] loop0: detected capacity change from 0 to 512
[  576.485456][T10825] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  576.557526][T10825] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  576.592992][T10825] ext4 filesystem being mounted at /269/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  577.445156][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  577.901795][   T28] audit: type=1326 audit(1761698473.185:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10836 comm="syz.5.1011" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f367538efc9 code=0x0
[  577.923588][    C0] vkms_vblank_simulate: vblank timer overrun
[  579.753824][T10841] loop0: detected capacity change from 0 to 32768
[  580.578795][T10841] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  580.633058][   T28] audit: type=1400 audit(1761698475.915:56): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=10840 comm="syz.0.1012"
[  580.650718][T10859] loop5: detected capacity change from 0 to 512
[  580.706919][T10859] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  580.752998][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  580.823401][T10859] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  580.871759][T10859] ext4 filesystem being mounted at /149/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  581.025924][T10867] loop0: detected capacity change from 0 to 512
[  581.236150][T10867] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  581.714033][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  581.821697][T10867] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  581.844446][T10867] ext4 filesystem being mounted at /272/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  581.966632][   T28] audit: type=1326 audit(1761698477.245:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10872 comm="syz.4.1021" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2a458efc9 code=0x0
[  582.657591][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.747196][T10882] loop2: detected capacity change from 0 to 64
[  583.268842][T10888] loop4: detected capacity change from 0 to 512
[  583.383145][T10888] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  583.526225][T10888] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  583.749849][T10888] ext4 filesystem being mounted at /188/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  584.817390][T10904] loop5: detected capacity change from 0 to 512
[  584.869589][T10904] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  584.889442][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  584.911130][T10904] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  584.941709][T10904] ext4 filesystem being mounted at /153/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  585.485491][T10914] loop2: detected capacity change from 0 to 512
[  585.495155][T10914] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  585.874965][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  585.951438][T10914] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  586.067569][T10914] ext4 filesystem being mounted at /272/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  587.191169][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  587.196273][   T28] audit: type=1326 audit(1761698482.475:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10925 comm="syz.4.1032" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd2a458efc9 code=0x0
[  588.045635][T10935] loop0: detected capacity change from 0 to 40427
[  588.074062][T10935] F2FS-fs (loop0): invalid crc value
[  588.096390][T10935] F2FS-fs (loop0): Found nat_bits in checkpoint
[  588.158714][T10929] loop5: detected capacity change from 0 to 32768
[  588.166343][T10935] F2FS-fs (loop0): Start checkpoint disabled!
[  588.200250][T10935] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  588.261547][T10929] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  588.719842][T10929] XFS (loop5): Ending clean mount
[  588.860546][   T78] kworker/u4:4: attempt to access beyond end of device
[  588.860546][   T78] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  588.875881][   T78] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  588.887142][   T78] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  588.894897][ T7700] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  589.133755][T10951] loop5: detected capacity change from 0 to 512
[  589.190297][T10951] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  589.228943][T10953] loop4: detected capacity change from 0 to 512
[  589.275334][T10953] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  589.308183][T10951] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.361602][T10951] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  589.397617][T10953] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.472982][T10953] ext4 filesystem being mounted at /192/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  590.424926][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.447126][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.656827][T10970] loop4: detected capacity change from 0 to 512
[  590.757352][T10970] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  590.824010][T10970] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.882942][T10970] ext4 filesystem being mounted at /193/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  591.671311][T10982] loop5: detected capacity change from 0 to 64
[  591.859794][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.176781][T10991] loop2: detected capacity change from 0 to 40427
[  593.246710][T10991] F2FS-fs (loop2): invalid crc value
[  593.380174][T10991] F2FS-fs (loop2): Found nat_bits in checkpoint
[  593.442156][T10991] F2FS-fs (loop2): Start checkpoint disabled!
[  593.458419][T10991] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  594.638109][   T49] kworker/u4:3: attempt to access beyond end of device
[  594.638109][   T49] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  594.928623][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  594.966227][   T49] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  595.148243][T11006] loop4: detected capacity change from 0 to 512
[  595.215767][T11006] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  595.295374][T11006] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  595.340329][T11006] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  595.410371][T10993] loop0: detected capacity change from 0 to 40427
[  595.446556][T10993] F2FS-fs (loop0): invalid crc value
[  595.977483][T10993] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-4)
[  596.178657][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.229597][T11025] loop2: detected capacity change from 0 to 512
[  596.308377][T11025] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  596.324895][T11029] loop4: detected capacity change from 0 to 512
[  596.361743][T11029] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  596.494706][T11025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  596.539698][T11025] ext4 filesystem being mounted at /276/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  596.606307][T11029] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  596.735762][T11029] ext4 filesystem being mounted at /197/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  597.526515][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.548409][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.847682][T11044] loop4: detected capacity change from 0 to 32768
[  598.956336][T11044] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  598.992391][   T28] audit: type=1400 audit(1761698494.275:59): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=11042 comm="syz.4.1056"
[  599.088926][ T7026] ocfs2: Unmounting device (7,4) on (node local)
[  601.224097][T11063] loop0: detected capacity change from 0 to 64
[  601.376605][T11061] loop4: detected capacity change from 0 to 40427
[  601.441487][T11061] F2FS-fs (loop4): invalid crc value
[  601.481341][T11061] F2FS-fs (loop4): Found nat_bits in checkpoint
[  601.575461][T11061] F2FS-fs (loop4): Start checkpoint disabled!
[  601.618116][T11061] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  602.185190][   T96] null_blk: rq ffff8880228c8000 timed out
[  602.191117][   T96] blk_print_req_error: 31 callbacks suppressed
[  602.191129][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.209791][   T96] null_blk: rq ffff8880228c8180 timed out
[  602.215634][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.226443][   T96] null_blk: rq ffff8880228c8300 timed out
[  602.232249][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.244168][   T96] null_blk: rq ffff8880228c8480 timed out
[  602.250015][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.260725][   T96] null_blk: rq ffff8880228c8600 timed out
[  602.266591][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.277354][   T96] null_blk: rq ffff8880228c8780 timed out
[  602.283245][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.293830][   T96] null_blk: rq ffff8880228c8900 timed out
[  602.299648][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.310280][   T96] null_blk: rq ffff8880228c8a80 timed out
[  602.316114][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.328598][   T96] null_blk: rq ffff8880228c8c00 timed out
[  602.334613][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.343714][  T146] kworker/u4:5: attempt to access beyond end of device
[  602.343714][  T146] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  602.346489][   T96] null_blk: rq ffff8880228c8d80 timed out
[  602.365028][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  602.375640][   T96] null_blk: rq ffff8880228c8f00 timed out
[  602.381476][   T96] null_blk: rq ffff8880228c9080 timed out
[  602.387424][   T96] null_blk: rq ffff8880228c9200 timed out
[  602.393299][   T96] null_blk: rq ffff8880228c9380 timed out
[  602.396717][  T146] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  602.399151][   T96] null_blk: rq ffff8880228c9500 timed out
[  602.411815][   T96] null_blk: rq ffff8880228c9680 timed out
[  602.418127][   T96] null_blk: rq ffff8880228c9800 timed out
[  602.424839][   T96] null_blk: rq ffff8880228c9980 timed out
[  602.427106][  T146] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  602.431887][   T96] null_blk: rq ffff8880228c9b00 timed out
[  602.443497][   T96] null_blk: rq ffff8880228c9c80 timed out
[  602.450437][   T96] null_blk: rq ffff8880228c9e00 timed out
[  602.456302][   T96] null_blk: rq ffff8880228c9f80 timed out
[  602.462076][   T96] null_blk: rq ffff8880228ca100 timed out
[  602.467919][   T96] null_blk: rq ffff8880228ca280 timed out
[  602.474182][   T96] null_blk: rq ffff8880228ca400 timed out
[  602.479958][   T96] null_blk: rq ffff8880228ca580 timed out
[  602.495638][   T96] null_blk: rq ffff8880228ca700 timed out
[  602.501434][   T96] null_blk: rq ffff8880228ca880 timed out
[  602.507394][   T96] null_blk: rq ffff8880228caa00 timed out
[  602.513242][   T96] null_blk: rq ffff8880228cab80 timed out
[  602.518997][   T96] null_blk: rq ffff8880228cad00 timed out
[  602.524835][   T96] null_blk: rq ffff8880228cae80 timed out
[  602.531582][   T96] null_blk: rq ffff8880228cb000 timed out
[  602.537460][   T96] null_blk: rq ffff8880228cb180 timed out
[  602.543266][   T96] null_blk: rq ffff8880228cb300 timed out
[  602.550244][   T96] null_blk: rq ffff8880228cb480 timed out
[  602.556102][   T96] null_blk: rq ffff8880228cb600 timed out
[  602.561857][   T96] null_blk: rq ffff8880228cb780 timed out
[  602.568183][   T96] null_blk: rq ffff8880228cb900 timed out
[  602.574012][   T96] null_blk: rq ffff8880228cba80 timed out
[  602.580052][   T96] null_blk: rq ffff8880228cbc00 timed out
[  602.585894][   T96] null_blk: rq ffff8880228cbd80 timed out
[  602.591648][   T96] null_blk: rq ffff8880228cbf00 timed out
[  602.597457][   T96] null_blk: rq ffff8880228cc080 timed out
[  602.603247][   T96] null_blk: rq ffff8880228cc200 timed out
[  602.608995][   T96] null_blk: rq ffff8880228cc380 timed out
[  602.614822][   T96] null_blk: rq ffff8880228cc500 timed out
[  602.620589][   T96] null_blk: rq ffff8880228cc680 timed out
[  602.626401][   T96] null_blk: rq ffff8880228cc800 timed out
[  602.632153][   T96] null_blk: rq ffff8880228cc980 timed out
[  602.637981][   T96] null_blk: rq ffff8880228ccb00 timed out
[  602.643789][   T96] null_blk: rq ffff8880228ccc80 timed out
[  602.649533][   T96] null_blk: rq ffff8880228cce00 timed out
[  602.656516][   T96] null_blk: rq ffff8880228ccf80 timed out
[  602.662275][   T96] null_blk: rq ffff8880228cd100 timed out
[  602.668092][   T96] null_blk: rq ffff8880228cd280 timed out
[  602.677291][   T96] null_blk: rq ffff8880228cd400 timed out
[  602.749164][T11072] loop5: detected capacity change from 0 to 512
[  602.798820][T11072] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  602.919319][T11072] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.967674][T11072] ext4 filesystem being mounted at /159/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  605.666153][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  609.244192][T11105] loop4: detected capacity change from 0 to 40427
[  609.275154][T11105] F2FS-fs (loop4): invalid crc value
[  609.302840][T11105] F2FS-fs (loop4): Found nat_bits in checkpoint
[  609.394498][T11105] F2FS-fs (loop4): Start checkpoint disabled!
[  609.413225][T11105] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  609.782938][T11110] loop5: detected capacity change from 0 to 65536
[  609.812220][T11110] XFS (loop5): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  609.855835][  T146] kworker/u4:5: attempt to access beyond end of device
[  609.855835][  T146] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  609.870507][  T146] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  609.877721][  T146] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  609.884561][T11110] XFS (loop5): Ending clean mount
[  610.683567][T11143] loop2: detected capacity change from 0 to 512
[  610.704509][T11143] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  610.797628][T11143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.809143][T11148] loop4: detected capacity change from 0 to 512
[  610.818560][T11143] ext4 filesystem being mounted at /283/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  610.830975][T11148] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  610.969609][T11148] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.984416][T11148] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  611.045564][ T7700] XFS (loop5): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  611.768688][ T5784] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.827274][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.014134][T11158] loop4: detected capacity change from 0 to 4096
[  612.091447][T11160] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  612.172966][T11161] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1079'.
[  613.907739][   T96] null_blk: rq ffff8880228c8000 timed out
[  613.913778][   T96] blk_print_req_error: 47 callbacks suppressed
[  613.913791][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  613.932357][   T96] null_blk: rq ffff8880228c8180 timed out
[  613.938497][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  613.949425][   T96] null_blk: rq ffff8880228c8300 timed out
[  613.955520][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  613.966365][   T96] null_blk: rq ffff8880228c8480 timed out
[  613.972367][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  613.983134][   T96] null_blk: rq ffff8880228c8600 timed out
[  613.989058][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  614.123585][T11174] netlink: 'syz.5.1078': attribute type 1 has an invalid length.
[  614.131428][T11174] netlink: 'syz.5.1078': attribute type 2 has an invalid length.
[  614.812858][   T96] null_blk: rq ffff8880228c8780 timed out
[  614.818655][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  614.829291][   T96] null_blk: rq ffff8880228c8900 timed out
[  614.835203][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  614.846951][   T96] null_blk: rq ffff8880228c8a80 timed out
[  614.852770][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  614.863780][   T96] null_blk: rq ffff8880228c8c00 timed out
[  614.869544][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  614.881829][   T96] null_blk: rq ffff8880228c8d80 timed out
[  614.890236][   T96] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  614.900781][   T96] null_blk: rq ffff8880228c8f00 timed out
[  614.906704][   T96] null_blk: rq ffff8880228c9080 timed out
[  614.912471][   T96] null_blk: rq ffff8880228c9200 timed out
[  614.918419][   T96] null_blk: rq ffff8880228c9380 timed out
[  614.924253][   T96] null_blk: rq ffff8880228c9500 timed out
[  614.930021][   T96] null_blk: rq ffff8880228c9680 timed out
[  614.936290][   T96] null_blk: rq ffff8880228c9800 timed out
[  614.951102][   T96] null_blk: rq ffff8880228c9980 timed out
[  614.957029][   T96] null_blk: rq ffff8880228c9b00 timed out
[  614.962837][   T96] null_blk: rq ffff8880228c9c80 timed out
[  614.968708][   T96] null_blk: rq ffff8880228c9e00 timed out
[  614.974542][   T96] null_blk: rq ffff8880228c9f80 timed out
[  614.980292][   T96] null_blk: rq ffff8880228ca100 timed out
[  614.986300][   T96] null_blk: rq ffff8880228ca280 timed out
[  614.992449][   T96] null_blk: rq ffff8880228ca400 timed out
[  614.998278][   T96] null_blk: rq ffff8880228ca580 timed out
[  615.004113][   T96] null_blk: rq ffff8880228ca700 timed out
[  615.009870][   T96] null_blk: rq ffff8880228ca880 timed out
[  615.015674][   T96] null_blk: rq ffff8880228caa00 timed out
[  615.021438][   T96] null_blk: rq ffff8880228cab80 timed out
[  615.027613][   T96] null_blk: rq ffff8880228cad00 timed out
[  615.033418][   T96] null_blk: rq ffff8880228cae80 timed out
[  615.040188][   T96] null_blk: rq ffff8880228cb000 timed out
[  615.047266][   T96] null_blk: rq ffff8880228cb180 timed out
[  615.053179][   T96] null_blk: rq ffff8880228cb300 timed out
[  615.059000][   T96] null_blk: rq ffff8880228cb480 timed out
[  615.064975][   T96] null_blk: rq ffff8880228cb600 timed out
[  615.070743][   T96] null_blk: rq ffff8880228cb780 timed out
[  615.076575][   T96] null_blk: rq ffff8880228cb900 timed out
[  615.082340][   T96] null_blk: rq ffff8880228cba80 timed out
[  615.088477][   T96] null_blk: rq ffff8880228cbc00 timed out
[  615.094289][   T96] null_blk: rq ffff8880228cbd80 timed out
[  615.100056][   T96] null_blk: rq ffff8880228cbf00 timed out
[  615.105909][   T96] null_blk: rq ffff8880228cc080 timed out
[  615.111688][   T96] null_blk: rq ffff8880228cc200 timed out
[  615.117505][   T96] null_blk: rq ffff8880228cc380 timed out
[  615.123331][   T96] null_blk: rq ffff8880228cc500 timed out
[  615.129081][   T96] null_blk: rq ffff8880228cc680 timed out
[  615.134867][   T96] null_blk: rq ffff8880228cc800 timed out
[  615.140607][   T96] null_blk: rq ffff8880228cc980 timed out
[  615.147599][   T96] null_blk: rq ffff8880228ccb00 timed out
[  615.153391][   T96] null_blk: rq ffff8880228ccc80 timed out
[  615.159141][   T96] null_blk: rq ffff8880228cce00 timed out
[  615.164951][   T96] null_blk: rq ffff8880228ccf80 timed out
[  615.170692][   T96] null_blk: rq ffff8880228cd100 timed out
[  615.176478][   T96] null_blk: rq ffff8880228cd280 timed out
[  615.182227][   T96] null_blk: rq ffff8880228cd400 timed out
[  615.188058][   T96] null_blk: rq ffff8880228cd580 timed out
[  615.193860][   T96] null_blk: rq ffff8880228cd700 timed out
[  615.488519][T11192] loop4: detected capacity change from 0 to 512
[  615.526738][T11192] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  615.619990][T11192] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  615.634121][T11192] ext4 filesystem being mounted at /208/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  616.461711][ T7026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.596535][T11186] loop5: detected capacity change from 0 to 32768
[  616.632272][T11186] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.1085 (11186)
[  616.660207][T11186] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  616.676560][T11186] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  616.687414][T11186] BTRFS info (device loop5): using free space tree
[  616.778897][T11210] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1089'.
[  617.412738][T11186] BTRFS info (device loop5): enabling ssd optimizations
[  617.468999][T11186] BTRFS info (device loop5): auto enabling async discard
[  617.487208][T11222] overlayfs: failed to resolve './file1': -2
[  617.977513][ T5852] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  618.038652][ T7700] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  618.204738][ T5852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  618.256436][ T5852] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  618.272520][ T5852] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.294837][ T5852] usb 5-1: Product: syz
[  618.299063][ T5852] usb 5-1: Manufacturer: syz
[  618.330717][ T5852] usb 5-1: SerialNumber: syz
[  618.348549][ T5852] usb 5-1: config 0 descriptor??
[  619.255789][ T5852] usb 5-1: USB disconnect, device number 4
[  619.710726][T11231] loop5: detected capacity change from 0 to 32768
[  619.821644][T11231] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  620.651379][T11231] XFS (loop5): Ending clean mount
[  620.678508][T11266] loop4: detected capacity change from 0 to 128
[  620.710250][T11266] EXT4-fs: Ignoring removed nobh option
[  620.716764][T11231] XFS (loop5): Quotacheck needed: Please wait.
[  620.758542][T11266] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  620.892027][T11266] ext4 filesystem being mounted at /210/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  621.004656][T11231] XFS (loop5): Quotacheck: Done.
[  621.473570][ T7026] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  621.590973][T11271] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1101'.
[  621.638240][ T7700] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  623.150653][T11282] loop0: detected capacity change from 0 to 32768
[  623.200558][T11284] loop5: detected capacity change from 0 to 512
[  623.216211][T11284] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  623.232142][T11284] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  623.236520][T11282] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  623.276625][T11284] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  623.310622][T11284] EXT4-fs (loop5): 1 truncate cleaned up
[  623.325818][T11284] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  623.374069][   T28] audit: type=1400 audit(1761698518.655:60): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=11281 comm="syz.0.1104"
[  623.501625][T11291] 9pnet_virtio: no channels available for device ./cgroup
[  624.331761][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  624.343127][T11294] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  624.504460][ T7700] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.544463][T11298] overlayfs: failed to resolve './file1': -2
[  624.598471][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  624.607764][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  624.733278][T11301] ax25_connect(): syz.4.1108 uses autobind, please contact jreuter@yaina.de
[  624.744599][ T9092] null_blk: rq ffff8880228c8000 timed out
[  624.750549][ T9092] blk_print_req_error: 49 callbacks suppressed
[  624.750562][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  624.781073][ T9092] null_blk: rq ffff8880228c8180 timed out
[  624.806305][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  624.849694][ T9092] null_blk: rq ffff8880228c8300 timed out
[  624.873613][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  624.916855][ T9092] null_blk: rq ffff8880228c8480 timed out
[  624.941824][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  624.952913][  T788] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  624.987530][ T9092] null_blk: rq ffff8880228c8600 timed out
[  625.011821][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  625.055614][ T9092] null_blk: rq ffff8880228c8780 timed out
[  625.080098][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  625.123290][ T9092] null_blk: rq ffff8880228c8900 timed out
[  625.129179][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  625.192317][ T9092] null_blk: rq ffff8880228c8a80 timed out
[  625.210769][  T788] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  625.217153][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  625.382506][ T9092] null_blk: rq ffff8880228c8c00 timed out
[  625.407542][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  625.548424][ T9092] null_blk: rq ffff8880228c8d80 timed out
[  625.554284][ T9092] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 1
[  625.564797][ T9092] null_blk: rq ffff8880228c8f00 timed out
[  625.570586][ T9092] null_blk: rq ffff8880228c9080 timed out
[  625.582755][ T9092] null_blk: rq ffff8880228c9200 timed out
[  625.602792][T11307] loop5: detected capacity change from 0 to 24
[  625.609843][T11307] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  625.626827][ T9092] null_blk: rq ffff8880228c9380 timed out
[  625.636381][T11307] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  625.674716][ T9092] null_blk: rq ffff8880228c9500 timed out
[  625.680667][ T9092] null_blk: rq ffff8880228c9680 timed out
[  625.695385][ T9092] null_blk: rq ffff8880228c9800 timed out
[  625.701383][ T9092] null_blk: rq ffff8880228c9980 timed out
[  625.710880][ T9092] null_blk: rq ffff8880228c9b00 timed out
[  625.716891][ T9092] null_blk: rq ffff8880228c9c80 timed out
[  625.722972][ T9092] null_blk: rq ffff8880228c9e00 timed out
[  625.728802][ T9092] null_blk: rq ffff8880228c9f80 timed out
[  625.734801][ T9092] null_blk: rq ffff8880228ca100 timed out
[  625.740618][ T9092] null_blk: rq ffff8880228ca280 timed out
[  625.747138][ T9092] null_blk: rq ffff8880228ca400 timed out
[  625.754054][ T9092] null_blk: rq ffff8880228ca580 timed out
[  625.760291][ T9092] null_blk: rq ffff8880228ca700 timed out
[  625.766230][ T9092] null_blk: rq ffff8880228ca880 timed out
[  625.772003][ T9092] null_blk: rq ffff8880228caa00 timed out
[  625.777997][ T9092] null_blk: rq ffff8880228cab80 timed out
[  625.784114][ T9092] null_blk: rq ffff8880228cad00 timed out
[  625.789899][ T9092] null_blk: rq ffff8880228cae80 timed out
[  625.796088][  T788] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  625.796115][  T788] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.796135][  T788] usb 1-1: Product: syz
[  625.796148][  T788] usb 1-1: Manufacturer: syz
[  625.796162][  T788] usb 1-1: SerialNumber: syz
[  625.813774][  T788] usb 1-1: config 0 descriptor??
[  625.819767][ T9092] null_blk: rq ffff8880228cb000 timed out
[  625.837701][ T9092] null_blk: rq ffff8880228cb180 timed out
[  625.843513][ T9092] null_blk: rq ffff8880228cb300 timed out
[  625.849374][ T9092] null_blk: rq ffff8880228cb480 timed out
[  625.855332][ T9092] null_blk: rq ffff8880228cb600 timed out
[  625.861113][ T9092] null_blk: rq ffff8880228cb780 timed out
[  625.866952][ T9092] null_blk: rq ffff8880228cb900 timed out
[  625.872846][ T9092] null_blk: rq ffff8880228cba80 timed out
[  625.879075][ T9092] null_blk: rq ffff8880228cbc00 timed out
[  625.884897][ T9092] null_blk: rq ffff8880228cbd80 timed out
[  625.890667][ T9092] null_blk: rq ffff8880228cbf00 timed out
[  625.897566][ T9092] null_blk: rq ffff8880228cc080 timed out
[  625.903384][ T9092] null_blk: rq ffff8880228cc200 timed out
[  625.909149][ T9092] null_blk: rq ffff8880228cc380 timed out
[  625.914959][ T9092] null_blk: rq ffff8880228cc500 timed out
[  625.920810][ T9092] null_blk: rq ffff8880228cc680 timed out
[  625.927006][ T9092] null_blk: rq ffff8880228cc800 timed out
[  625.932941][ T9092] null_blk: rq ffff8880228cc980 timed out
[  625.938693][ T9092] null_blk: rq ffff8880228ccb00 timed out
[  625.944731][ T9092] null_blk: rq ffff8880228ccc80 timed out
[  625.950497][ T9092] null_blk: rq ffff8880228cce00 timed out
[  625.956300][ T9092] null_blk: rq ffff8880228ccf80 timed out
[  625.962067][ T9092] null_blk: rq ffff8880228cd100 timed out
[  625.967924][   T23] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  625.975610][ T9092] null_blk: rq ffff8880228cd280 timed out
[  625.981375][ T9092] null_blk: rq ffff8880228cd400 timed out
[  625.987264][ T9092] null_blk: rq ffff8880228cd580 timed out
[  625.993075][ T9092] null_blk: rq ffff8880228cd700 timed out
[  625.999233][ T9092] null_blk: rq ffff8880228cd880 timed out
[  626.005531][ T9092] null_blk: rq ffff8880228cda00 timed out
[  626.011739][ T9092] null_blk: rq ffff8880228cdb80 timed out
[  626.075920][T11310] netlink: 'syz.4.1110': attribute type 1 has an invalid length.
[  626.084460][T11310] netlink: 'syz.4.1110': attribute type 2 has an invalid length.
[  626.229299][   T23] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  626.323090][   T23] usb 6-1: New USB device found, idVendor=0424, idProduct=c001, bcdDevice=99.40
[  626.341730][   T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  626.350165][   T23] usb 6-1: Product: syz
[  626.357258][   T23] usb 6-1: Manufacturer: syz
[  626.362010][   T23] usb 6-1: SerialNumber: syz
[  626.443062][   T23] usb 6-1: config 0 descriptor??
[  626.775181][  T788] usb 1-1: USB disconnect, device number 4
[  626.876007][ T7481] udevd[7481]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  628.105767][   T23] usb 6-1: USB disconnect, device number 2
[  628.249363][   T23] ==================================================================
[  628.257500][   T23] BUG: KASAN: slab-use-after-free in hdm_disconnect+0x10d/0x1c0
[  628.265161][   T23] Read of size 8 at addr ffff88805b9ed898 by task kworker/1:0/23
[  628.272892][   T23] 
[  628.275220][   T23] CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted syzkaller #0
[  628.282515][   T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  628.292597][   T23] Workqueue: usb_hub_wq hub_event
[  628.297641][   T23] Call Trace:
[  628.300926][   T23]  <TASK>
[  628.303864][   T23]  dump_stack_lvl+0x16c/0x230
[  628.308560][   T23]  ? __lock_acquire+0x7c80/0x7c80
[  628.313597][   T23]  ? show_regs_print_info+0x20/0x20
[  628.318805][   T23]  ? load_image+0x3b0/0x3b0
[  628.323319][   T23]  ? __virt_addr_valid+0x469/0x540
[  628.328443][   T23]  print_report+0xac/0x220
[  628.332870][   T23]  ? hdm_disconnect+0x10d/0x1c0
[  628.337737][   T23]  kasan_report+0x117/0x150
[  628.342251][   T23]  ? hdm_disconnect+0x10d/0x1c0
[  628.347133][   T23]  hdm_disconnect+0x10d/0x1c0
[  628.351834][   T23]  usb_unbind_interface+0x1f2/0x870
[  628.357061][   T23]  ? kernfs_remove_by_name_ns+0x117/0x150
[  628.362803][   T23]  ? usb_driver_release_interface+0x1c0/0x1c0
[  628.368888][   T23]  device_release_driver_internal+0x4cb/0x7a0
[  628.374976][   T23]  bus_remove_device+0x342/0x400
[  628.379926][   T23]  device_del+0x50b/0x900
[  628.384268][   T23]  ? mark_lock+0x94/0x320
[  628.388609][   T23]  ? kill_device+0x160/0x160
[  628.393213][   T23]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  628.399196][   T23]  ? usb_disconnect+0x10b/0x8a0
[  628.404053][   T23]  ? mutex_lock_nested+0x20/0x20
[  628.409004][   T23]  ? _raw_spin_lock_irq+0xaf/0xe0
[  628.414036][   T23]  usb_disable_device+0x3e9/0x8a0
[  628.419075][   T23]  usb_disconnect+0x34c/0x8a0
[  628.423779][   T23]  hub_event+0x1cef/0x49c0
[  628.428217][   T23]  ? verify_lock_unused+0x140/0x140
[  628.433459][   T23]  ? hub_post_resume+0x120/0x120
[  628.438422][   T23]  ? read_lock_is_recursive+0x20/0x20
[  628.443842][   T23]  ? _raw_spin_unlock_irq+0x23/0x50
[  628.449043][   T23]  ? process_scheduled_works+0x957/0x15b0
[  628.454773][   T23]  ? process_scheduled_works+0x957/0x15b0
[  628.460516][   T23]  process_scheduled_works+0xa45/0x15b0
[  628.466101][   T23]  ? assign_work+0x400/0x400
[  628.470718][   T23]  ? assign_work+0x39e/0x400
[  628.475320][   T23]  worker_thread+0xa55/0xfc0
[  628.479931][   T23]  kthread+0x2fa/0x390
[  628.484010][   T23]  ? pr_cont_work+0x560/0x560
[  628.488706][   T23]  ? kthread_blkcg+0xd0/0xd0
[  628.493315][   T23]  ret_from_fork+0x48/0x80
[  628.497746][   T23]  ? kthread_blkcg+0xd0/0xd0
[  628.502358][   T23]  ret_from_fork_asm+0x11/0x20
[  628.507152][   T23]  </TASK>
[  628.510178][   T23] 
[  628.512522][   T23] Allocated by task 23:
[  628.516677][   T23]  kasan_set_track+0x4e/0x70
[  628.521287][   T23]  __kasan_kmalloc+0x8f/0xa0
[  628.525891][   T23]  hdm_probe+0x96/0x13e0
[  628.530159][   T23]  usb_probe_interface+0x5a4/0xb00
[  628.535293][   T23]  really_probe+0x25b/0xb40
[  628.539806][   T23]  __driver_probe_device+0x18c/0x330
[  628.545103][   T23]  driver_probe_device+0x4f/0x420
[  628.550144][   T23]  __device_attach_driver+0x2ca/0x520
[  628.555531][   T23]  bus_for_each_drv+0x24b/0x2d0
[  628.560392][   T23]  __device_attach+0x2b5/0x400
[  628.565171][   T23]  bus_probe_device+0x180/0x260
[  628.570037][   T23]  device_add+0x85b/0xc20
[  628.574378][   T23]  usb_set_configuration+0x1a79/0x20c0
[  628.579829][   T23]  usb_generic_driver_probe+0x8d/0x150
[  628.585276][   T23]  usb_probe_device+0x13d/0x280
[  628.590110][   T23]  really_probe+0x25b/0xb40
[  628.594594][   T23]  __driver_probe_device+0x18c/0x330
[  628.599861][   T23]  driver_probe_device+0x4f/0x420
[  628.604874][   T23]  __device_attach_driver+0x2ca/0x520
[  628.610245][   T23]  bus_for_each_drv+0x24b/0x2d0
[  628.615076][   T23]  __device_attach+0x2b5/0x400
[  628.619820][   T23]  bus_probe_device+0x180/0x260
[  628.624651][   T23]  device_add+0x85b/0xc20
[  628.628966][   T23]  usb_new_device+0xa31/0x1630
[  628.633715][   T23]  hub_event+0x2962/0x49c0
[  628.638111][   T23]  process_scheduled_works+0xa45/0x15b0
[  628.643639][   T23]  worker_thread+0xa55/0xfc0
[  628.648210][   T23]  kthread+0x2fa/0x390
[  628.652286][   T23]  ret_from_fork+0x48/0x80
[  628.656686][   T23]  ret_from_fork_asm+0x11/0x20
[  628.661485][   T23] 
[  628.663807][   T23] Freed by task 23:
[  628.667617][   T23]  kasan_set_track+0x4e/0x70
[  628.672205][   T23]  kasan_save_free_info+0x2e/0x50
[  628.677209][   T23]  ____kasan_slab_free+0x126/0x1e0
[  628.682303][   T23]  slab_free_freelist_hook+0x130/0x1b0
[  628.687748][   T23]  __kmem_cache_free+0xba/0x1f0
[  628.692583][   T23]  device_release+0x96/0x1c0
[  628.697156][   T23]  kobject_put+0x221/0x470
[  628.701572][   T23]  hdm_disconnect+0xf3/0x1c0
[  628.706155][   T23]  usb_unbind_interface+0x1f2/0x870
[  628.711342][   T23]  device_release_driver_internal+0x4cb/0x7a0
[  628.717394][   T23]  bus_remove_device+0x342/0x400
[  628.722318][   T23]  device_del+0x50b/0x900
[  628.726632][   T23]  usb_disable_device+0x3e9/0x8a0
[  628.731644][   T23]  usb_disconnect+0x34c/0x8a0
[  628.736302][   T23]  hub_event+0x1cef/0x49c0
[  628.740702][   T23]  process_scheduled_works+0xa45/0x15b0
[  628.746230][   T23]  worker_thread+0xa55/0xfc0
[  628.750834][   T23]  kthread+0x2fa/0x390
[  628.754896][   T23]  ret_from_fork+0x48/0x80
[  628.759299][   T23]  ret_from_fork_asm+0x11/0x20
[  628.764064][   T23] 
[  628.766370][   T23] Last potentially related work creation:
[  628.772068][   T23]  kasan_save_stack+0x3e/0x60
[  628.776730][   T23]  __kasan_record_aux_stack+0xaf/0xc0
[  628.782084][   T23]  insert_work+0x3d/0x310
[  628.786400][   T23]  __queue_work+0xc39/0x1020
[  628.790972][   T23]  queue_work_on+0x121/0x1e0
[  628.795540][   T23]  sg_release+0x1b6/0x2b0
[  628.799857][   T23]  __fput+0x234/0x970
[  628.803823][   T23]  task_work_run+0x1ce/0x250
[  628.808402][   T23]  exit_to_user_mode_loop+0xe6/0x110
[  628.813682][   T23]  exit_to_user_mode_prepare+0xf6/0x180
[  628.819212][   T23]  syscall_exit_to_user_mode+0x1a/0x50
[  628.824652][   T23]  do_syscall_64+0x61/0xb0
[  628.829050][   T23]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  628.834923][   T23] 
[  628.837223][   T23] Second to last potentially related work creation:
[  628.843783][   T23]  kasan_save_stack+0x3e/0x60
[  628.848441][   T23]  __kasan_record_aux_stack+0xaf/0xc0
[  628.853796][   T23]  insert_work+0x3d/0x310
[  628.858108][   T23]  __queue_work+0xc39/0x1020
[  628.862679][   T23]  queue_work_on+0x121/0x1e0
[  628.867252][   T23]  f2fs_handle_critical_error+0x58e/0x900
[  628.872966][   T23]  f2fs_write_end_io+0x52b/0x8a0
[  628.877887][   T23]  __submit_merged_bio+0x256/0x630
[  628.882980][   T23]  __submit_merged_write_cond+0x449/0x520
[  628.888681][   T23]  f2fs_sync_node_pages+0x13ef/0x1560
[  628.894036][   T23]  f2fs_write_node_pages+0x315/0x6b0
[  628.899299][   T23]  do_writepages+0x3a2/0x600
[  628.903871][   T23]  __writeback_single_inode+0x153/0xee0
[  628.909404][   T23]  writeback_sb_inodes+0x77c/0xef0
[  628.914497][   T23]  wb_writeback+0x450/0xba0
[  628.918983][   T23]  wb_workfn+0x3ff/0xe20
[  628.923206][   T23]  process_scheduled_works+0xa45/0x15b0
[  628.928734][   T23]  worker_thread+0xa55/0xfc0
[  628.933316][   T23]  kthread+0x2fa/0x390
[  628.937362][   T23]  ret_from_fork+0x48/0x80
[  628.941759][   T23]  ret_from_fork_asm+0x11/0x20
[  628.946508][   T23] 
[  628.948811][   T23] The buggy address belongs to the object at ffff88805b9ec000
[  628.948811][   T23]  which belongs to the cache kmalloc-8k of size 8192
[  628.962850][   T23] The buggy address is located 6296 bytes inside of
[  628.962850][   T23]  freed 8192-byte region [ffff88805b9ec000, ffff88805b9ee000)
[  628.976833][   T23] 
[  628.979140][   T23] The buggy address belongs to the physical page:
[  628.985542][   T23] page:ffffea00016e7a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5b9e8
[  628.995674][   T23] head:ffffea00016e7a00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  629.004591][   T23] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  629.012558][   T23] page_type: 0xffffffff()
[  629.016869][   T23] raw: 00fff00000000840 ffff888017842280 ffffea00017cc800 dead000000000004
[  629.025442][   T23] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[  629.034003][   T23] page dumped because: kasan: bad access detected
[  629.040425][   T23] page_owner tracks the page as allocated
[  629.046122][   T23] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 7026, tgid 7026 (syz-executor), ts 195937719288, free_ts 195744749271
[  629.069026][   T23]  post_alloc_hook+0x1cd/0x210
[  629.073785][   T23]  get_page_from_freelist+0x195c/0x19f0
[  629.079318][   T23]  __alloc_pages+0x1e3/0x460
[  629.083902][   T23]  alloc_slab_page+0x5d/0x170
[  629.088587][   T23]  new_slab+0x87/0x2e0
[  629.092644][   T23]  ___slab_alloc+0xc6d/0x1300
[  629.097314][   T23]  __kmem_cache_alloc_node+0x1a2/0x260
[  629.102765][   T23]  __kmalloc+0xa4/0x240
[  629.106923][   T23]  cache_create_net+0x92/0x250
[  629.111691][   T23]  gss_svc_init_net+0x58/0x560
[  629.116438][   T23]  ops_init+0x397/0x640
[  629.120575][   T23]  setup_net+0x3a5/0xa00
[  629.124799][   T23]  copy_net_ns+0x36d/0x5e0
[  629.129196][   T23]  create_new_namespaces+0x3d3/0x6f0
[  629.134465][   T23]  unshare_nsproxy_namespaces+0x11a/0x160
[  629.140163][   T23]  ksys_unshare+0x4c0/0x890
[  629.144646][   T23] page last free stack trace:
[  629.149297][   T23]  free_unref_page_prepare+0x7ce/0x8e0
[  629.154745][   T23]  free_unref_page+0x32/0x2e0
[  629.159404][   T23]  __unfreeze_partials+0x1cf/0x210
[  629.164503][   T23]  put_cpu_partial+0x17c/0x250
[  629.169250][   T23]  __slab_free+0x31d/0x410
[  629.173652][   T23]  qlist_free_all+0x75/0xe0
[  629.178137][   T23]  kasan_quarantine_reduce+0x143/0x160
[  629.183579][   T23]  __kasan_slab_alloc+0x22/0x80
[  629.188415][   T23]  slab_post_alloc_hook+0x6e/0x4d0
[  629.193512][   T23]  kmem_cache_alloc+0x11e/0x2e0
[  629.198344][   T23]  getname_flags+0xbb/0x500
[  629.202836][   T23]  vfs_fstatat+0x111/0x1b0
[  629.207233][   T23]  __x64_sys_newfstatat+0x117/0x190
[  629.212413][   T23]  do_syscall_64+0x55/0xb0
[  629.216813][   T23]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  629.222689][   T23] 
[  629.224993][   T23] Memory state around the buggy address:
[  629.230605][   T23]  ffff88805b9ed780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  629.238648][   T23]  ffff88805b9ed800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  629.246688][   T23] >ffff88805b9ed880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  629.254726][   T23]                             ^
[  629.259556][   T23]  ffff88805b9ed900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  629.267598][   T23]  ffff88805b9ed980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  629.275645][   T23] ==================================================================
[  629.326514][T11331] Invalid ELF header type: 3 != 1
[  629.546838][T11337] loop2: detected capacity change from 0 to 4096
[  629.554431][T11337] EXT4-fs: Ignoring removed mblk_io_submit option
[  631.898204][T11337] fscrypt: Error allocating hmac(sha512): -2
[  632.037873][   T23] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  632.045114][   T23] CPU: 1 PID: 23 Comm: kworker/1:0 Not tainted syzkaller #0
[  632.052423][   T23] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  632.062504][   T23] Workqueue: usb_hub_wq hub_event
[  632.067558][   T23] Call Trace:
[  632.070852][   T23]  <TASK>
[  632.073798][   T23]  dump_stack_lvl+0x16c/0x230
[  632.078493][   T23]  ? show_regs_print_info+0x20/0x20
[  632.083705][   T23]  ? load_image+0x3b0/0x3b0
[  632.088241][   T23]  panic+0x2c0/0x710
[  632.092175][   T23]  ? bpf_jit_dump+0xd0/0xd0
[  632.096696][   T23]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  632.102613][   T23]  ? _raw_spin_unlock+0x40/0x40
[  632.107482][   T23]  ? print_memory_metadata+0x314/0x400
[  632.112949][   T23]  ? hdm_disconnect+0x10d/0x1c0
[  632.117795][   T23]  check_panic_on_warn+0x84/0xa0
[  632.122747][   T23]  ? hdm_disconnect+0x10d/0x1c0
[  632.127615][   T23]  end_report+0x6f/0x140
[  632.131882][   T23]  kasan_report+0x128/0x150
[  632.136388][   T23]  ? hdm_disconnect+0x10d/0x1c0
[  632.141245][   T23]  hdm_disconnect+0x10d/0x1c0
[  632.145931][   T23]  usb_unbind_interface+0x1f2/0x870
[  632.151138][   T23]  ? kernfs_remove_by_name_ns+0x117/0x150
[  632.156854][   T23]  ? usb_driver_release_interface+0x1c0/0x1c0
[  632.162912][   T23]  device_release_driver_internal+0x4cb/0x7a0
[  632.168970][   T23]  bus_remove_device+0x342/0x400
[  632.173898][   T23]  device_del+0x50b/0x900
[  632.178217][   T23]  ? mark_lock+0x94/0x320
[  632.182536][   T23]  ? kill_device+0x160/0x160
[  632.187116][   T23]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  632.193089][   T23]  ? usb_disconnect+0x10b/0x8a0
[  632.197925][   T23]  ? mutex_lock_nested+0x20/0x20
[  632.202866][   T23]  ? _raw_spin_lock_irq+0xaf/0xe0
[  632.207909][   T23]  usb_disable_device+0x3e9/0x8a0
[  632.212945][   T23]  usb_disconnect+0x34c/0x8a0
[  632.217612][   T23]  hub_event+0x1cef/0x49c0
[  632.222019][   T23]  ? verify_lock_unused+0x140/0x140
[  632.227236][   T23]  ? hub_post_resume+0x120/0x120
[  632.232188][   T23]  ? read_lock_is_recursive+0x20/0x20
[  632.237566][   T23]  ? _raw_spin_unlock_irq+0x23/0x50
[  632.242777][   T23]  ? process_scheduled_works+0x957/0x15b0
[  632.248496][   T23]  ? process_scheduled_works+0x957/0x15b0
[  632.254223][   T23]  process_scheduled_works+0xa45/0x15b0
[  632.259770][   T23]  ? assign_work+0x400/0x400
[  632.264355][   T23]  ? assign_work+0x39e/0x400
[  632.268951][   T23]  worker_thread+0xa55/0xfc0
[  632.273566][   T23]  kthread+0x2fa/0x390
[  632.277627][   T23]  ? pr_cont_work+0x560/0x560
[  632.282292][   T23]  ? kthread_blkcg+0xd0/0xd0
[  632.286870][   T23]  ret_from_fork+0x48/0x80
[  632.291277][   T23]  ? kthread_blkcg+0xd0/0xd0
[  632.295859][   T23]  ret_from_fork_asm+0x11/0x20
[  632.300620][   T23]  </TASK>
[  632.303882][   T23] Kernel Offset: disabled
[  632.308209][   T23] Rebooting in 86400 seconds..