last executing test programs:

4m33.834294806s ago: executing program 2 (id=169):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x88, &(0x7f00000008c0)=ANY=[@ANYBLOB='decompose,gid=', @ANYRESHEX=0x0, @ANYBLOB=',barrier,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c666f7263652c666f7263652c6e6c733d6d61636761656c69632c706172743d3078303030303030303030303030303030362c666f7263652c00e279425bb74ad3114f3ddc775870048d243df3aa44c3a052484f836b377234bd722faad7ceb2abb9f181b85e63bf91bfe5fcd8bbcf7451d279edbb9120f8d8a24a7dcc9f6809"], 0x41, 0x6e8, &(0x7f00000001c0)="$eJzs3U1sHGf9B/DvrNcbbyq57kva/v9CitWICBpI7JiSICERKoRyqFAkLr2axGmsOGlkuyiJEHGBwhFOKIceilA49IR6QCrigChnJCSuKPdI3CMOGM3srL1rx2tvEttJ+Hyk8Twz87z85ueZx7uziTbA/6yz72R0JUXOHnv7erl9987Mwt07M1e65SQHkjSSZmeV4mpSfJ6cSWfJ/5U76+6KrcZ5895nHx29/clMZ6tZL1X9xqB261YHjLBSL5lMMlKvh9Tcqr/zeWtTf7eG6rpYi7tM2JFu4mC/rW6yMkzzHdy3wJPuVjIy+oD9E8nBJGP164DUs0Njj8N77Iaa5QAAAODJNLJdhefv536uZ3xvwgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnQ9H5zsCiXhrd8mSK7vf/t+p9pVZrn+Md7CvbHP/w4h4FAgAAAAAAAAC74tP6g/vD93M/1zPe3b9aVJ/5v15tvFz9fC7vZylzWczxXM9slrOcxUwno+M9Hbauzy4vL05vbvnrlC1XV1dv1S1PJpnY1PLkHpw0AAAAAAAAADy7fpKzGd/vIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoFeRjHRW1fJytzyRRjPJWJJWWW8l+VO3/DT7834HAAAAALuvXa/Hi/90CqtF9Z7/lep9/1jez9UsZz7LWchcLlTPAjrv+ht/X5lZuHtn5kq5bO742/8aKo6qxyQj+WCLkaeqGofWWpzNd/P9HMtkzmUx8/lhZrOcuUymXZ5EZlNkot15ejHRjfPB8Z7p2zq3MbbDG7ZfqyJp52Lmq9iO53wrnccm1TmUY77WM9ofWsmGET8os1N8q7bDHF3o+X39qn4uU1t9fod97I6J6sxH1zIyVea+zsYLg3M/5HWycaTpNNaeQb28Pkq5uXGkbs5/MEzOD9brMtc/78/54zbko7SNmTiZRn31Ja/05/zaF2+/2N/4y//4y7lLjauXL11cOraLp/QoJrerMNotbMzETE8mXh189dWZWCgzsbLzTIxu3DG205a7q1Vno5qKdjhbfqcqzeb1nkvwvVzIXE5lKtM5nal8Iycz03eFHerLa3PmSn9OqnutsXl+aw8I/siXeir9YpvKe6vMyws9ee2d6SaqY/WeM7/MVE+WXhx89Q39V6Ac///rcjnGT9f+4jwJ+jJRz83d6F4anInfrJY/lxauXl68NHtth+Mdrdflbfth/9z828dxPg+vvF7KGbdZbVU5aXevl/LYS2vR9uerVX/i0mnX2HTs0NqxiYxnPt/b8k5t1a/hNvfUOfZq77F/rs+crfr1TfdY36ucvJeF6lXIBttO1QDssYNvHGy177X/1v64/bP2pfbbY28dOH3gC62M/rX5x5HfN37X+GbxRj7OjzO+35ECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCzYOnGzcuzCwtzi2uFjG3c86iF1pZjDS6ksW2dO8/trMNMJIPHKupC6/Ge+9NYaGeXev40yYA6rUceohj6Ghu6UF7Ij6XD7henVXtWR4Zo3uy2enCdZpbGtvoNHli/CzJxeXbh36t9ddrpuWWAZ9yJ5SvXTizduPnV+Suz7869O3f15OlTp0/NfH36aycuzi/MTXV+7neUwG5YunFzZL9jAAAAAAAAAAAAAIZT/+v/5Yf+zwzNbeq0FpcePPLhvT5VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Cl19p2MrqTI9NTxqXL77p2ZhXLpltdrNpM0khQ/SorPkzPpLJno6a7Yapw373320dHbn8ys99Xs1m8MarczK/WSySQj9Xp7Bx7Qzeb+zvf0t/JQ4RVrZ1gm7Eg3cbDf/hsAAP//dKz58Q==")
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shutdown(0xffffffffffffffff, 0x0)
lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x50)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)=ANY=[@ANYBLOB='osx.'], 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)

4m31.946071036s ago: executing program 2 (id=175):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)

4m31.266474667s ago: executing program 2 (id=177):
r0 = fsopen(&(0x7f0000000100)='ecryptfs\x00', 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write$binfmt_script(r1, &(0x7f0000000cc0), 0xfd45)
close_range(r0, 0xffffffffffffffff, 0x0)

4m30.881575483s ago: executing program 2 (id=179):
mknod(0x0, 0x8001420, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x1010e, &(0x7f0000000300)={[{@stripe={'stripe', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x3ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@block_validity}, {@debug}]}, 0x3, 0x44d, &(0x7f0000000a40)="$eJzs28tvG8UfAPDvrpP219cvoZRHH0CgICIeSZMW6IEDIJA4gITEpRxDklalboOaINGqgoBQOaJK3BFHJP4CTnBBwAmJK9xRpQrlQuFktPZu/IjtJsGJS/35SNvM7I498/Xs2LM73QAG1lj2TxKxNyJ+jYiRWra5wFjtz82VK7N/rVyZTaJSefOPpFruz5Urs0XR4nV78sx4GpF+ksThNvUuXrp8bqZcnr+Y5yeXzr87uXjp8tNnz8+cmT8zf2H65MkTx6eee3b6mZ7EeVfW1kMfLBw5+Opb116fPXXt7R+/Tor4W+LokbFuBx+rVHpcXX/ta0gnQ31sCBtSioisu4ar438kSlHvvJF45eO+Ng7YUpVch8PLFeAOlkS/WwD0R/FDn13/Ftv2zT7678aLtQugLO6b+VY7MhRp1C6Mhluub3tpLCJOLf/9RbbF1tyHAABo8m02/3mq3fwvjXsbyv0/XxsazddS9kfE3RFxICLuiaiWvS8i7t9g/a2LJGvnP+n1TQW2Ttn87/l8bat5/pcWRUZLeW5fNTOcnD5bnj+WfybjMbwzy091qeO7l3/5rNOxxvlftmX1F3PBvB3Xh3Y2v2ZuZmnm38Tc6MZHEYeG2sWfrK4EJBFxMCIObbKOs098daTTsdb4K0m3d3qhOduDdabKlxGP1/p/OVriLyTd1ycn/xfl+WOTxVmx1k8/X32jU/237v+tlfX/7rbn/2r8o0njeu3ixuu4+tunHa9pJjZ1/td37Mj/vj+ztHRxKmJH8lqt0Y37p+uvLfJF+Sz+8aPtx//+qH8ShyMiO4kfiIgHI+KhvO8ejohHIuJol/h/eOnRdzodux36f66l/0ebi7T0fz2xI1r3tE+Uzn3/TfM71pPr+/47UU2N53vW8/23nnZt7mwGAACA/540IvZGkk6sptN0YqL2f/gPxO60vLC49OTphfcuzNWeERiN4bS401W7H1y7HzqVX9YX+emW/PH8vvHnpV3V/MTsQnmu38HDgNvTYfxnfi/1u3XAlvO8Fgwu4x8Gl/EPg8v4h8HVZvzv6kc7gO3X7vf/w3qyMrKdjQG2Vcv4t+wHA8T1Pwwu4x8GV+P47/r8PXAnWdwVt35IXkJiTSLS26IZvUkkWzwK9vY7wI0n+v3NBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bv/BAAA///oO+WP")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)

4m29.439745585s ago: executing program 2 (id=184):
io_uring_enter(0xffffffffffffffff, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0x4000, 0x0, 0x0, 0x0, 0x4})
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/54, 0x36}], 0x1)

4m27.502885715s ago: executing program 2 (id=194):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xd76}, 0x18)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
connect$ax25(r1, &(0x7f0000000000)={{0x3, @bcast, 0xfffffffd}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)

4m25.506002297s ago: executing program 32 (id=194):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0, 0x0, 0xd76}, 0x18)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
connect$ax25(r1, &(0x7f0000000000)={{0x3, @bcast, 0xfffffffd}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)

8.298722071s ago: executing program 0 (id=1218):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_open_dev$radio(0x0, 0x2, 0x2)
socket(0x400000000010, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="2000000000000000840000000200000006000400280000000b00000a1d"], 0x20, 0x6044}, 0x800)

7.917600437s ago: executing program 3 (id=1222):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
msync(&(0x7f0000215000/0x3000)=nil, 0x3000, 0x6)

7.001237071s ago: executing program 0 (id=1225):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000000c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
ioctl$sock_TIOCINQ(r2, 0xc0046686, 0x0)

6.644546617s ago: executing program 0 (id=1226):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080)={[{@errors_remount}, {@noload}, {@nogrpid}, {@noquota}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@resgid}], [], 0x3d}, 0x1, 0x51f, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oW8+FdOHh4utHda559X846/QjzTXucff8WI+/IPq/f5L/bOfyM9jv/HjxnjqXd/VukZ/1bEU8X88083ftIj/rN5Ff782weKvvbVnZ1e8dO3I6ZyP3+S+2JVmmsblcb2zvWVtfnl6nJ1fXZ25sW5l+ZemJuuLK3Uqtnf3Bjf/egv7hzW/8s94k8e0f/ncuobzSn7/7s3b3+wkyzlxb/6bE78X/842+Jg/EL22ffJLN16faqb3u2k7/X0T3/79GH9X+zR/6P+/1d7VbrPtS9/60/H3BQAGIDG9s7qfK1W3TwbiZej7zW3RvhD79ejl/hveiaacbqJb/a1wjRN09YxdYJ6khjcm5Ac3tRhn5kAAIB+u/ulf9gtAQAAAAAAAAAAAAAAAAAAgItrEHca2x9zdy+V9OMW2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffF+AAAA///0iOAC")
mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000bfc000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

5.866495818s ago: executing program 3 (id=1231):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={r2, 0x997}, &(0x7f0000000100)=0x8)

5.065693921s ago: executing program 5 (id=1232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x5, 0x4, 0x7, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0xffff, r1, 0x20}, 0x38)

4.862236324s ago: executing program 3 (id=1234):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r1 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000ec0)="55b8", 0x2}], 0x1}, 0x4000080)
sendmmsg$inet6(r0, &(0x7f0000001380)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000018c0)="72dadefca0f578a05844b9b965ce0977e362ab036480ca216572c4403da2fad44ac3cd82f3c5f630f05b68c41aa12ee72cd0446c61f707075de251560d6f7d1b4344a9ed9dfc77eecb1955ab694fdeb60337a6264997dab1f9a89a722639ced4c7451d70ee13ce2249a7cbc0d79caa54f8f4b6d947a0ae7cad8d80507acbf5fdc14ac57aa3471d78c29ee5adcce001f51417dab0f1110b321dab2245ecf5ccebc1f8bc3bc9e3f1c9b09c1f681a377cf87df172a8d99f00d6d60cd7be19f6da9d0c4fba5ed704576c6434109930e60b529fc0cf2798732a92bb386f5a673b1db74789c0f1e80b7c099775bae987834a3858bc293443dd8b8bacadde386fce30f10c439e8dd16b68e5ef15cfa9920a4831942900b35836749ec55fd525e6d17858c61cb4aab2105ffffc7371c68855f3f42421e09a5b6b8e3c904534897085f97a9ae1d84d125e690d1eadff0f0c286ee4b1ac743f7ef0808874bf1d9070929ca9c7ec970e2bb944a664c7a37ce658311b5984f3a902686ab45948865a7a3a588eb919554e89c15986fc50f592bd503554dbb18e8796e47cfa5f7395fbefc05ac4c1cc9135e4f58811dee05034f56601a44b439aeea9f8490a3b6b42bc54d4e5a046333f92dc46fd21e4b84eeb99f8a30bf7a7b570da734ef3ea236c8536ab0ff4ef3aa766e6ce190a3dd72562f0f7c93d4566a91bd1ec6ff236b1f46f1e37c02f1bf0448740c5752b2377372e1f0756c2b26f3adcd6666b5f5143adc57cc28959b5e3c27318617dbb840c08d44b7dcb2c0fb7461814338704c6b4dca8bb55f6a726489962c8c402c7dc871f9229a7771b516bd76373bcc00d5e70d06d1df1fae0be90a91435f690d8cc2d78835f790a7f0c72f0fc8ff6dbaa182807e11ee12c7cdf2607e66ff8985b0fc10ca1fba921845ffe85b64590c8b7694ea603013b6b7999849e2b830dd34814b41eff4bcd775dfc67f2dacdbfa681b97852766ec33ac9e969b38801771a92b1072b1a58fe28dd95fd0c86338ac3abae6408c9b78ef66456bc2258b8f8ec1091cfd1396637a0240ccaea9977f10137b55f1d1258bce38b3501a273ffc3b5208f561a0fa79b2f3d208e981e26409c4b37fa365024f9a563116ccd11e02dd3d09361dcdeab88152919840a5be743f338f4f4676f0f693413b6d0a82e24903c1f79819d642c068d4e64507ddc405450ae75bac08f615a99835feff9a8cedba1b0222d1a637865238f0abf43014aa9955538a2535f54d7d2d09cc01ca20ceef5d71e8aee8f3712d5519dc0c16252fd3428a0444b7c27f523bc65374b9815af9ee764695db32b6f1f1c260dc41c1c0395470831458e91e7763e4993761e9311650a485df539cf9fdf934ddc13b6f16c2c74da3861a655b18de2f6ea4b96488c11bffba4f7c519ede2d216e443b83d35f34b8427cbc0f9c0fc61f09dffcf8eff02df18069412785a602fcecff04c6b48cdf18cd2126ee48c3c7671602075642462800386e6cf49c7059c0ac6dda8852e20bdf300e71289bb7d0563c1eaf02a014d310f1a575767d8a6797a5feb7a1a938373d06ef0bc9bec35a93ea9d7bda2b67f7326ace9e097b71c4bf39acccf0f393af3f3d0f2962602bed872cd335c63c7641a6240769edc2004e187e3d931d594f3bb8cfa33aae52db9fc9a3622892755c510b0bfd675249e1175283d9bbe55d6bcfc5835d67aa52650ddacd021f913acdc627480b5a4089c6783b0399005146fbb7e33503f131bfc1bbeba54c382ae8ac73c36e7d95c507735ede07ca1912611437a0da1a7f90184667c57b510c7c6107e0700a226168d701ef9c8e378cc8e3481bc586b7d02d5b2234a988258f2c485db7ef8b8ed6b6d0d69d1737de654ff28cf10e40c4f9e5d3f2c5b582d1f95a1713fb28dc5394d4a2ae089cf4e5a62e22b3803912d2caf134a63dc7a1dd2ea3dd0b413c9ea7e9857cb2a5637d7c7fdfd3e01b76e5cfd0dda3c1b2db8c0acacfde209ce54cfae9e1e3b2bd85d7c281aa05700590fc9b085071034bab23011fdc212b46c3d295e5fb0727b1e4c171363dd77043acb714f38cfbd22706521e66a9af786df2a72984fe0c8b55b9df0d26ca2a8021504c7e00a7bda6c0444cddc9cf40a46d90922df7625f04eb97f7bb71680e3b367808264005174339b252c15b741c5f8a8e36a54d36820a18c891bd22cca5c5886394631b8fe04ae678d3f020cdef43fc9194da54ca2b5467127ac384a5ef0fab6b6595e421cfbef60bcbf132fe011e7cab5dcd2688b4011423f9ce55cca94bdc3d95885320e478bd127ce1de862e50a5009253fa409737931ac6b693d330bc140e6dc58622493429bb6574c2c2260be053d542c47d5dfd826f4956931db1da0fdcf3ce2385a9b408f99486d521bed8810736620185eae8aae199dab2c91458584db2ee5fa4ce61bb9c723d5b5195deb2ae7b451e6f0ec09150a31f1f5a4d5ea7aaf1d08bf519ea12828d04d353407c265567b66bc2b7fbcf4e71dfeb131e7c6d3d43dccc4a3dfede8efa204df6c45f3642757f7889f62e95cd8c0eb6a8dfec250debae5f9f9b9fd4d5dab14e5d9a7becc07eeea3a5465875fa11d44177b9a7373195861c049bd7401c6ea2ee6d4252d309d90b6aeb951e8d0dd5d513a40248cf46b5dd5d3edf1bc68f74f64ac6d489bbe66ff6f13a32c4054b59f9bac1de3a163bb862815572dbe12b4055d2ec30f89b9f8d347c66f8e65b5199dac4c54f171a3118df28986013b3153132a0aa31acf2dc3088a2d623a250fddf3aa4f7e53f1193d9f163362c18a05cbeb88e9fd45594e6f59c63dc6773c53908e21d3f41b145987e5c22c230b1ac1d6b6deeed8aea43f4a5ebc27fa7c77fea551eaed8d3560d12e06006dcd5f396e25f91bc0c4e55403fc339d7d371efd3a000305e2567080bfd57690c746c2d34e7dbe2a856114ddecc27709c5c2af149a3e2f17b68edcbcc394e7f96615c169cc2c7eba3821c2737c95f9ce86b19776f37c7d01afc9878daeb202910822eded0dfcf214920038cd6f5fc0313ef38e7e4584c97c2e08c6ced40498b86d185194cd93b7ac7aa05dadbab060d3caca9e9ee5beec4fbc1fbdc54013571663c15eef21752dcc8c5d3bbb2680e4f67eca98437bce3970f59e60dea986483b9874ee0c4cdefbdc0d3488a4fb3f7d441fa7dcf337703529bcf4be863f2ac8bbebd10813f2abddba4333b22152aeb42c970cfb310e573fe8b90c79ab737b2c9716c23b0c114612a406db1546d4384f1f5e1b570d530cd025ad06496a3032e22ee96353d8c45dd5b81f3f429b6874275d80b350d7de806eb4ce5a4c8e8d09cb365b6463d83d6b8b654cbd5141123efaa324e6d2b551e92b30ec1fe79548b962be72669e7f6695815c6df5bdebb405a98b306a0c49c5cde75da290c288ab2a44ba2bf7f1dcdbf098ae55d6c693d5c3eed20dd29fb136ead8ce271413d0c71311211c883e9f64d0edd324e24ced63d1c905cfb5a92ecc7ec6680cb1e930278455b7e36f86013bcb32e5de3e391f44a8f55bdfc5b442c1ec7aa8faf0d6ec608167929c4d65efa73cce63eccb7e787e13718e2b7a36bd2c8f57290e35a45632dfa13db399472d842281498bd4dba66e7c0659fa51e84bea05f162225acc2f83734e838120a65cd93e95b922f36097da89f820f4619fa669527fa8ac3a539b234d3653818bce11ae955e5c8d7cff8bd8ecc6f231d7db627d8e5578f2811e236f193f6870831f41da4a05ecf4d274eb927c56dff69063d87f699b63b3dd757dc12b9671d1f33e5bc684f86cbeb66eaf4b2334097ddb0c8c1a0b084f3d31928a27bdbc55e7ce3c6bddb4a510f0ea889065c1e298d2b3ff321be2d19c9dac6ffaa06562d128bda2b72abf935968457e598fe8b593aa72eecc85044861eda40d0e23dc616273315a81d67898f449579e919cc155325d3aeb4bae948c8a82a990be8cd529d54f896957335a5ce4864af1cbd617d61f084bddc3fbbd9277e8ecb2842db7b89fcde85d3429e6e1fe97aafec76e01b86e2a5e14ddcc0f6751aee179a0c2a245e4f1fc749252460dc3db5f5ba64ad77ace607cbddd68ed7d1768062872070483dcb56ce4eca890325c5407c7f25bbf389e84c891734dab70b3f33d3ca41d75aa4043496928365522baa2f578def1e989162521cb1cdb3538c7c70b44fbb916598f6ee0b349f7a670540d8e73a5c92260e03bba848d5508e59130d87fd04ac77f54ff713366c79c3f3f915b98240049f0933c35066885121c35ea2bce2a84d4a2e08b9c4ecabd1db39d37b437e3d112af6e3513e2906cae47c0095c2765a4aee271bb9cda501b9b67b06dcf96f48f55dbf98bf9b836d6f9c26895707a194f2cceb98e8e4d188f2da271b5220bf72d22139764822b1e20a48edbef6d975f49d69354bb904ebc1a9b72541d2c5af7b33430715e28baa122a96f1bf87fb68e85eb152d68a7a941ffea3709eb44ad97ee0d5e7d2e9db7cef19af354b620364b66a942babf2b246bb1e36593a653d5162e16959ea1e3f0d27bb6fdcff5f6919b2b283d0aa1f33379b23992c543c6961de77f088a67494231d74d1f62d52bb2e3bf088bd1645bfb5fd85bf5d963a4c3114ca1a776e56349b3d06200f31c07d8594f96bbc2867a90cdec7d7fdbec58db194db8de1fbb982869d5c56df0cfca3e5fa08e67973d717fbf4511bf37aa91ed8d268747b425bbcef632ec37045cdcca3659f22704b62eb0e3f56a532bae14c90a0104c0792c7d5ad21cd78e9015c2302fd38f8487c8bf040197b899d7338dfe33209e08f18fa6dbfc50a626f5fdaeebe6cddc0980fac780edfb7e8df665ea4a8da55b0a1d79456ba5ff926220f69ec9da4ea7ac2c658cd1e1b4d3988affb5e8a54c1e186d19d309f17a1935137420f397b973fa879a157643188879d82e509cdb73a6f79d875fd09c673051fbcb6c399d226a5cbef74b36ebc20aa973699d1e0da2f7a70f9af5ce490a480fe8179f49e187f6e1ebc04e8b8008f21da3e895e5ca43d9ade0e451976b02244446e63153942fa7484c006fe11f0f45197a7f436f0782016ea251c1ffd5c82ba2ef0f29623755a6db472559219693722bc95ff501cb804a856339bc9635f511a03d577c3f4ddea4e54b157a4717f0d075c5444da6024183feb99baa5070b0de78a2345bf3a3e20210c48d69f7f797b85793c494a27b3ba8d5957ab3fd57e7bee72366e0039ab9741598abc75dfad2a20317420195f7fc623e11ae91abf18543af88f89614327be073d3fd6790238ced6e523fce18a6cceae458af54b798ec87a37258e5df22c688d35f4531a0d0879f393d40780328ab80e88b5bae1a2885b55e5f93a0e884b7e4b2663abe61802c6fdbb63becb677f81c9583cfb020063605c112997a3111f280e34fd318cb49a595ea880d7d4e3b143832af9643a0b96c2ea7efa531262f100dd3d3fd4c21d731be040594d33baed8fd1cc0aa6f0cf2f8936548d0384f50613b0c0cdeca8a83b375ec8c9632958d06bcc4a0e33de31cdd5dc0449082ac4690a81a3b2b1b6a96826f16223321e81a2a2ab7367f5c5f2ae4cfbdb4708ecbfc6d62ad8cc32b97f2c13ae9953730ea049f79ed411606997ad1603219da7330698781e907d0b29242aa1f1ae216f6ca35d184d1027ad963e0cab2e26b002ab5e583d66bdf203041b216797e095ca372857ed0a54da4b0d69f62e9bf2fdb0a5352cf58ad4e172c8fcefc1e3f5d157c4635a3cf51cb3a43afdb9a618350d62f8470ebf2a32f99", 0xffc}, {&(0x7f0000000540)}], 0x2}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000006c0)="85", 0x1}], 0x1}}], 0x2, 0x4000800)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000400)={&(0x7f0000f59000/0x2000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff81, 0x1, 0x0, 0xfffffffffffffe27}, &(0x7f0000000800)=0x40)

4.861491364s ago: executing program 0 (id=1235):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, 0x0, 0x0, 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000380), 0x1, 0x8000)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r3, 0x4161, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0xffe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, 0x0)
syz_genetlink_get_family_id$netlbl_calipso(0x0, 0xffffffffffffffff)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1000000000000f, &(0x7f00000000c0)=0x7fffffff, 0x4)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, 0x0)
fcntl$notify(r5, 0x402, 0x11)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000240)={0x0, 0x0, r5})
socket$isdn_base(0x22, 0x3, 0x0)
unshare(0x4020400)

4.695581326s ago: executing program 5 (id=1236):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000010c0)={@in6={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}, 0x0, 0x0, 0x1b, 0x0, "61a1ed8439cde8054f2ada6fcd5fe76b933e8bb0ac60081e33dffa150835f7519d5f73b4f5d80eb4881a5b98cb9fb96d225d602392f816d0bdcc09b5063087117502d8c24f1fe97f61fd27a06d6a38a7"}, 0xd8)
rt_sigaction(0x40, 0x0, 0x0, 0x0, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x400})
ioctl$UFFDIO_CONTINUE(r3, 0xc028aa05, &(0x7f0000000140)={{&(0x7f0000032000/0x4000)=nil, 0x4000}, 0x1000000})

3.650458893s ago: executing program 1 (id=1238):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c000000110001002dbd7000fbdbdf2500000000", @ANYRES32=r5], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

3.650216343s ago: executing program 3 (id=1239):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x6, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000580), 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.56451778s ago: executing program 3 (id=1240):
socket$netlink(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0xe, &(0x7f0000001980)={@remote, @empty, @void, {@generic={0x8884}}}, 0x0)

2.507163011s ago: executing program 0 (id=1241):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000380)='./file0\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000018bbdecde39739fcd1df176dde746ec834120600000000003b814e50a959736d6572462abc30ef5b65c70f73ecea54b5e5bea9836c319f653557e79a002208ce996dda659bd5ba0f4ce5c2080002223dc60000000000000044cd0a1e3686873600000000005493b4b81d5b9fa9b40fe4d76afc3a989c6d60044e89eb96e44d01a1034e3797ffa86870b82939f41ffa0f3d726f085663c29cbdc4c766a7eb77cc36160191acf5ae7469c82ab4145b595b987d75912a0fcd1c061835294cc0c618aba204f8adaa20c80108d356cd88cc86177056b06e7068c40f807d9e539f8f5b64a8ee0725aa8d00000000007cb6020d90ea79b8027cf75964dd86c2ed2b5e75779677aa8c76b848dd03dab190b5f02ec52830a17b01eaae1c3df076000000000000000000000000000083a48a6b926c668b9b90195018ea3619f9d80a0b894e212178e1a19909d764666264fa29e2c055fd7f8e67c2acfb75f0a8d41692f4542a575ee42ed94a0014fba44985cca9df12fe93bfaccf0122a6e7e593613ac0111701b125cc6799c43aa4ff708dc4a00a6decad26f0378072a571da000000b1a6bdf03fd56697e348b5b494f6fddb9f56142a47a40ef81690a7eca421bd0ad198afa58ce69d61c29deaa93c0efea0df04f20020ee84075b4e1a2ad43d1be1138de4668e7b6137545708790c501f1ed7f6a571d500000000000000"], 0x25, 0x55a8, &(0x7f00000014c0)="$eJzs3EtvG2UXAOAzTtP71y9CLNh1pAopkWqrTi+CFQVacRGtKi4LVuDYruXW9kSx64asumCJWPBPEEisWPIbWMASdogFiB1SkWcm0KQNtI3jqO3zSDNn5vj1mXdGlqUzYzmAZ9ZC+sdvSZyIIxExFxHHk8i3k3KJuBNxsRj7QkScjIjKPUtS5v9OHIyIoxFxYlK8qJmUL31xenzq/K9v//7t94cOHPvymx/29cSBffViRPRXi+3b/SJmnSLeKPONcTeP/XPjMq5uqdHPivzt9kpe4XZjc1wjj2c7xfhs9dZwEq/3Gs1J7HSv5/nVQXHA4bizWWfyhvRGYy3fb7VX8tgdZnnsbBTHXd8ovts2hqOiTqus90lePkajzVjk2+vt4nxWb+axORiV+aJu1mqvT+K4jOXhopn1Wvk8Vh7zIj8B3ukObq2n4/basJsN0vO1+ku1+oVqfS1rtUftc9VGv3XhXLrY6U2GVUftRv9iJ8s6vXatmfWX0sVOs1mt19PFS+2VbmOQ1uu1s7Uz1fNL5dbp9I2rH6S9Vro4ia91B7dG3d4wvZ6tpcU7ltLl2tmXl9JT9fS9K9fSa+9evnzl2vsfXfrw6qtX3nq9HHTftNLF5TPLy9X6mepyfekZOv9Py0k/wvknD07/9OPuLhsUdviAAbCz+/r/2N7/h/4fmLrd9P/9m+X+3vT/8TD9f0yz/5+0VPr//+5/K4/U/56YSv87H/r/PTx/2JXH6/8PTn0eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADM3M/zX72ZbywU+8fK/P/K1HPlfhIRlYi4+wBzcXBLzbmyzvwO4+e3zeG7JPIKk2McKpejEXGxXP78/15fBQAAAHh6fX3n5OdFt16sFvZ7QsxScdOmcvzjKdVLImJ+4ZcpVatMVs9PqVj++T4Q61Oqlt/AOjylYsUttwPTqvZQ5raEw/eEpAiVmU4HAACYia2dwGy7EAAAAGbps3999ZWZzYMZS2LzUebms+D8l/f/PBA8Mlnd3fbjfgAAAOBJkuz3BAAAAIA9l/f//v8PAAAAnm7F//8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NzPjdpAFAfgZ4OB/FNQlHtayQ3KSAk55hgoIE1QAmkhDVADkXJICStYYc8ieRek1TLGWvR9ku2d8ernGeDyxtIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfpbree/f375dWnObn+ZPLMBAAAATtlW63n9x7Rpv0v9H1LXp9QuIqKMiFO1+yBGrcxByqnO/H/1aAx/IuqEQ/84HW8j4ms67j52/SkAAADA7dosV7OmWm9OaQngX7+j4kqaRZvy/bdMeUVEVNP/mdLKw+lzprD69z2MH5nS6gWsSaawZsltePreKNdD2gaty8NMFvWXWLfKbp4LAAD0qV0JnKlCAAAAuAHf+x4A1/C0tC+Op+N7xnFzSS8E37RaAAAAwCtU9D0AAAAAoHN1/d/N/n+TF+3/V9j/DwAAALJr9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqPd8sV7Nz9xfPzNntL5NvRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9+zPOwqEQBiEwd71ncnc/7DSoKGxSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsW//vm1UcQDA3/lspylUhIAiEUAFdYCFpm5p6YoQKGLgT0CKUqcEXAptBlpFlCxsKHMXBAsSQkigsOV/6NxIXcrWIUOQmBiC7lf6nJgmpO05TT8f6fl9/Xx5P86Wla/fHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQWX83vNIo4zR7GCviqu32xuJsVq9tqzOry3cms5LFyUjVeuz1+mZ/oL0aPzk+MbyJAAAAcFgc2/WItMrvQwh3WyvTWd0Yy/P/VnVMlvP/UHaVlG3b8/61jcUj5UuTVf7/x+/3XtwaaCzNx8k6nZvvdU/tnEpz38t8wj236xHN/Mznv72k+RvS+HDphfVWfj6T727der+dhyN1zBYA2I+TVV0G1f9DWd0Z5sQAeGo0o8S7yv/TseHOCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAO60vhmSpOQgiTzftxZm1jcXZQ/c3yncnVspy7eXM57jProhVCmJvvdU/VuJaDqzqb1z+b6fW6V65eqzs4HkIY8NKNvf15Wk7/P49phxD6Wk68NKCfj/cw1rZ+dgTlxzPUew5Hs/XtenDS15LsOOHvbRaG8QGoK2iU78/jGGK09ve9P6g+e4++5//zXTLyaL6SAAA41FplyTLRu62V6awtGQ9h88f+/P+NKA59ef/mjaKleL4a5f/3Pjl3Ox4rzv87Na3vSTC1cOmLqavXrr81f2nmYvdi9/O3T3fe6Zw5f/bs+an8t5KpudDwiwkAAAAPoV2WOP8fHbD/fzSKwwP2/4st4SL///L7ztfxWKn8f6D7m37DngkAAMDTqL0VPf/a338lA45I2u3w1czCwpVO8bj1/HTxWOt092mkLHH+n44Pe1YAAABAHdaXkr79/wtRHB6w/x9f///szy//GveZFtcWXA4hdE/OXu5dqG85B1r/Tb8/pY/jRuV8oPawVwoAAMCwjJYl3v9vjWf5f2PrkodGCOHNEyH8U97DH/aY/6cffPtLPFZ8/f+ZWld58DQmivOR1xMhNCeGPSMAAAAOsyNlyZL9P1sr05/+dvSjtuv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOr2bwAAAP//aR4tAA==")
mount$binderfs(0x0, 0x0, 0x0, 0x20, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x20400, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, 0x0)

2.350488244s ago: executing program 5 (id=1242):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xffffff1f, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x6d5a}]}}}]}, 0x3c}}, 0x0)

2.176133466s ago: executing program 5 (id=1243):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000000c0)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x46b, &(0x7f0000000580)="$eJzs3M1vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugB9VTbQgiFGloTIUSqMXgxMSR6Vo8m/gXevBj1ZGLiSe+GhCgX0FPNzM5Ad9ltt3TZrd3PJxl4nn2e7TzfPvPMPDPPbgPoWUPZP0nEtoj4LSIGqtnaCkPV/65dOTf595Vzk0ksLr72Z5LXu3rl3GRZtXzf1iIznEakHyXFTmrNnTl7YmJmZvp0kR+dP/nO6NyZs08ePzlxbPrY9KnxQ4cOHhh75unxp9oSZxbX1T3vz+7d/dIbF1+ePHLx7R+/ydq7rShfGsct2XTzS0NZ4H8t5urLHon/r2l36832Jemkr4sNYVUqEZF1V38+/geiEjc6byBe/LCrjQNuq+zatLl58cIisIEl0e0WAN1RXuiz+99y69DUY124/Fz1BiiL+1qxVUv6Ii3q9Nfd37bTUEQcWfjni2yLdjyHAABYwSeTnx+OJxrN/9K4e0m9HcUaymBE3BEROyPizojYFRF3ReR174mIe1e5//qloZvnP+mlWwqsRdn879libat2/lfO/mKwUuS25/H3J0ePz0zvL34nw9G/OcuPLbOP71745dNmZUvnf9mW7b+cCxbtuNRX94BuamJ+Ip+UtsHlDyL29DWKP7m+EpBExO6I2LO6H72jTBx/7Ou9zSqtHP8y2rDOtPhVxKPV/l+IuvhLyfLrk6P/i5np/aPlUXGzn36+8Gqz/a8p/jbI+n9L7fFflHx5pkgMvrV0vXYuVr1yeeH3j5ve09zq8b8peT0/H5XLru9NzM+fHovYlBzO8zWvj994b5kv62fxD+9rPP53Fu/J+v++iMgO4vsj4oGIeLBo+0MR8XBE7Fsm/h+eb162Hvp/quH57/rxP5jU9P/qE5UT33/bbP+t9f/BPDVcvJKf/1bQagPX8rsDAACA/4o0/wx8ko5cT6fpyEj1M/y7Yks6Mzs3//jR2XdPTVU/Kz8Y/Wn5pGtgyfPQsWSh+InV/HjxrLgsP1A8N/6sEnl+ZHJ2ZqrLsUOv29pk/Gf+qHS7dcBt12gdbbzBF9qAjad+/Ke12fOvdLIxQEf5vjb0rhXGf9qpdgCd5/oPvavR+D9fl7cWABuT6z/0LuMfepfxD72rbvxX4tdutQTooLV8r1+ilxORrotmtJRo/e9B3O7Em+ujGS0kun1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//9sbvBf")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141142, 0x0)
pwrite64(r0, &(0x7f0000000300)="0e48dc8f", 0x4, 0x10000)

2.175646526s ago: executing program 3 (id=1244):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x16, &(0x7f00000002c0)={[{@nobarrier}, {@noflushoncommit}, {@nossd}, {@commit={'commit', 0x3d, 0x3f}}, {@nodatasum}, {@nodiscard}, {@nobarrier}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@noacl}]}, 0x6, 0x5104, &(0x7f0000005480)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75pcNWjiAAAAQF/x/90Xv1qIeT375iDN6089evBc1Xil/N8cLv+P3dJXBQAAANyMI19sf7iqXsr/reHy//htnTUAAACwFO98OPFBVb2U/2dvnP/rSf5fnS/zKx+yTj/Fv0I4NBnCxMLKXFb4ObSf7hYAAACAWyTm9D8/3flD1X6l/D9Xff//eKeDeP1/z/3/Ctf/hzDVW8ju+vdkXgAAAIB7Svl6/nh7/OzJBf2evz/s9f8P/O/gq1XHL+X//cPl/3pxeSuf/wcAAADL8F97/t/20jjVBt3//76P3v2lqn8p/7eHy/9xuab48k7E9+e9yRDWL6zkdxP8Jh5uV1KYHysUOlpJj22xR16YHy8UOuaSHpsnQ3hwYWV/Uvh/LLSTwpW1eeFIUjgdC/n50C0cSwon4pn2+dp8umnh+1jIL7CYj1dQrOleEpH0uNqvx0Lhhj3Odg8OAABwT4nhOc+yY73NkEbZ+dqgHVYP2mFk0A71QTuMJjukO/bbHmZ7C3F7+8zGpT3//8hw+T++Fflz/vpd/x/i9f/5cw271//PxkIjKczHQiu9Y0ArHiMLux/HYzRaeY8r67sFAAAAuKvF7wXqKzwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Ie9e42Rq7oPAH72Od6H1wtJFUKjZJPUOG7i9domD7VUWVOqRqQ064aCqohiY6/J4gU7tikxCpGxiWiEoLRBSj4UYRRFNR+gViAiKSBcpDhC5RFRFQUQKLSGKIiUkkSkCVKoZu89s3fO3Xks9hov/f0k75yZ/3neeXjOvXfOBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/n84/JWr/rZZ/OHfnvP0cxeOX7Zv/YUvX3POqY+HMDHzeEcW7ui//tbxn9959l377lt72z1Hz/1wb14uj4eB6p/O/M51sdajS0O4tyOE7jSwajAL9OT3B2N97xkM4ZQwG6iVmOzPSqQNh+/3hXAgzAZqVX2vL4TBQuD8Jx568MZq4pa+EJaHECppG89Wsjb60sAZvVmgPw1s784Cv3ojUwt8tzMLwDGLb4bai/7QRH2G4bnLNXj99Ry3jr210uF1xcRw43w/W7/AnSroTR+YOKanrVQdC6L09jjs3bYI3m2l7Xyzp634RSr/hvLGbKgSOrdMbt105fTu+EhnGB3talTTAj3PT736pc3zSS+a12HswPBxeR3e9NjyO7tWnvfoPauWv3jwI/tfOtZu/qiwSYvphVYJ+Wtu0TyP0bjPk0Xw9it9SxrxpSuEsPXzv/eZZvHS/H+4+fw/vpzjbWdd7ljr60PZ3Dw+MhgTrwxlc3MAAABYNBbDXtPtow98oll9pfn/SHvH/+Mh/3wyn432cAjjM4n9y0I4bebxLHBHbO6SZSG8fyY1UR9YnwQOh/DumcTKWlVJiSWxxEgS+MlQHhhPAkdiYCIJfCsGbk4C18XAoSSwOQYOJ4GzYyBM1Y/j94fycbQd6IuBjdlGPBTPQvjFUGwt2VbP1KoCAAA4TvLZYU/93cK5DseaIU4vD/W1yhDPwG6YoZLUkM5ga9OqhjV0t6qhs1UNtXHvbT78Us0drWounYbRUZ/h1l/+zWdDE6X5/1jz+X9ljo50lI7/h7Bh5m/M3ZlHpmvxjRN1GQAAAIBjMPC/z3+zWbw0/x9v7/z/uE+kq5A5PBJ3Q2xbFsJYfSCr9g/Lgeyo90AeAAAAgMWgdjy+dix8Kr/NTtFO59Pl/BPzzB8P/I/Pmb/38P0bm/W3NP+faO/8//7626wTR2IvvrYshCWFwA9iL6uBGSMx8ONP1gfy8R+JG+CGWFV+YkKtqhtiiY0xMJYEDjQq8cNaidPqA/mTVWt8f20cU3mJQgAAAABOuLg7IB6Xj+f/f+A3a69qVq40/984v/P/Z+bBpdP7pwdCWN0dQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwhnVQeWVvV8vv5/d7rG4BN9WVUxcNoHDr56RjXxzb4QVhcDT37u9o9WE7uTQK3xv+wL4X3V0aaNf2dJ1nhP2vjXl4Tw3kKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEchUKvqY5UQ9gQAFqn4X+mW4oO79ly9bdP09OTOBUzEffh9YevU9OTo5u3TWyoN+rQl6XPdMkbXlsfU7pVvnsmXKLrg7g2D7aRrvxMcK7aV78cvnTiY34/fhXpmxrm2p+7uunTIH/pguYlQ+CbVaMidCzzk/mIls09iqf6YvzcMhCVX7prcOfrFTbt371yT/W03+9rsbzzMlG2rNem26p+rb228PBqulpV4s9tqRbGS1bsv37F6156rV01dvunSyUsnr1jzsbVjZ46tG/v4mauroxrL/rYY6oq5qk6G+sbtbY7rOA719O5CJSfiU0NCQmKxJbYPrGj6f3Jp/r+j+fw/furET/58fYZGx/+H42H+7PHZw/wbY+BAu8f/hxsdza+dGDCSBPbGwF6H+QEAAHh7iJP8uDcz7pX+6crvvNisXGn+v7e93/8fp/X/a0vXn9tomf+VscRYo/X/02X+a+v/7220/n+6zH9t/f8Db8H6/1fWAskm+YX1/wEAgLeDE7f+f8vl/dMLBJQytFzeP71AQClDy2X8271AwLzX/3/2P//qv0MTpfn/ze3N/y3cDwAAACePL//ZVb/TLF6a/x9ob/5/4tf/C43O/x9pFJhotDCg9f8AAABYpBqt/zd8ff/FzcqV5v+H2pv/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYHe1pM2/dyqjr33ybT+VLgTZLFz3/J0fnd/7/4fbm/3W/y7jpseV3dq0879HX71m1/MWDH9n/0uzxfwAAAGDhtLtfAgAAAAAAAAAAAAAAeOs9/x/71jWLl37/HzbMPN7o9//xun/x9wXvrMsda229/l9+//xP37VnZsnCR4ZC+GAxsG3ftlNCfm3+FcXAgxetfFc1sS8tcf9zZ79QTVycBj616tTXqomzksDGuEjiu9NAvKria0uTQFxe8d/TQNweh9JAbx746tJsHB3ptvrpYLatOtJt9fRgCMsKgdq2uncwa6MjHeAtSaA2wC+kgTjAP88DnWmv7hrIehUDg7HobQNZrwAAOGnFb4E9YevU9ORY/Aofb0/vrr+N6pYsu7ZcbUebzT+TL012wd0bBttJd6XfRWevNd4TKtUhrCl9XS1m6ZgZ5fGppcWme2eDIbda7a2zQbnUfDddb+MR9WUjGt28fXpLT8uBr2udZW13yyxrSpOdYpbOmU3aRi1t9KWNEbW5bdrocrzfGUZHu5JcfxCDw6FOq1dEu7/XL67z1+hVUMxzxdH9v2pWX2n+P9ze/L9SHNdr+cUA9sYr6/3dMsv8AwAAwML66vpffyP+++z1Dz/ZLG9p/j/S3vw/7sHKDwVnezsOx+v/718Wwsyl9YezwB2xuUuWhfD+mdRELJFdUP/cWGIsC9wRd5isjCU2TtRXtSQGDiWBnwzlgcNJ4EgM5HspDoZ8V87fD4Xw0ZnUhvoSO2KJ4STwmRgYSQKjMTCWBJbGwHgSeHlpHphIAv8WA2GqflvdvTTfVgAAAPORz7N66u+GdJ53qLtVho5WGfpbZehslaHSKkOjUcT7344ZepKTVzoKmXrSWvuSWkoZ4sXw592vUobww/qcacFS0/H8g9r5Bh31Ge77RHclNFGa/4+1N//vr7/NWj8S5/+z1//LAj+I3ftaPHV8JAZ+/Mn6QL5j4Eic7N5Qq2oiL5FP2m+IJcZjYCQJ7IiB8SSwcUMeOPCu+kA+0641vr/W+FReohAAAACAEy7uIIi7aeL8/7ZdXxloVi6f/4/U5v/j7c3/Y3sDxcaui7UeXRrCvR2zvakFVg1mgbgfYzD+PP49gyGcUtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f75Tzz04I3VxC19ISwv7H2ptfFsJWujLw2c0ZsF+tPA9u4sEPf81ALf7cwCcMxqewXjCyo/1aVmeO5yDV5/b5drgqbDK+0DnSPfXL+5WiilHa75PtWa+T1tTfffctyU3h6HvdsW47tt2Lut+EUq/4byxmyoEjq3TG7ddOX07vhI8ZesJQv0PBd/pdpO+ji8Dve++d62Vkk7MJZ8fIzNXW7u12FHrO6mx5bf2bXyvEfvWbX8xYMf2f9S291oIP5Q+KFr/nXwR4XNu9AqIX/NLbrPkwmfJ4vxv4ERT1sIYcPLX7+hWbx0/H+ivfl/d3I749dxY+5aFsKHChv3kbj5/3hZ9jlYCGSfku8oB7JD7v811PCTEwAAAI632u6O2v6Cqfw2OyE8nSeX80/MM3/cXzE+Z/52+93/1xctbxYvzf83Np//L0m66fi/4/8sEMf/53Sy74pekj6w95h2RZeqY0E4/j+nk/3d5vj/nBz/d/x/Lo7/t+D4/5xO9qet9C1phy9dIYQX/+iBp5vFS/P/He3N/63/N/eifbX1/zY2Wv9vR6P1//Za/w8AAFhQDRaaS+d5pdX7ShnS1ftKGVouENhyiUHr/817/b8XTn/2N6GJ0vx/b3vz//hyGCi2vljW/xvZ0KCqm2Ngh4UBAQAAOBk12kEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAW+u+f/ifLc3iD//2nKefu3D8sn3rL3z5mnNOfTyEqZnHO7JwR//1t47//M6z79p339rb7jl67ocrebme/PZ363LHWl8fCuFA4ZHBmHhlqHpnNnD+p+/a011NPDIUwgeLgW37tp1STXxrKIQVxcCDF618VzWxLy1x/3Nnv1BNXJwGPrXq1NeqibPyQEfa3X9cmnW3I+3ujUtDWFYI1Lp72dL6qmpt/Gke6Ezb+KfBrI0YGIxFvzGYtRED07HE1JIQVneH0JVW9XAlq6orrepfKllVXWlVX66EcFYIoTut6rnerKrudOSP92ZVxcBpHzj46hnVxIHeEFYXA09+7vaPVhNfSAK1xv+iN4T3VV8yaePf7ska70kbv6UnhPeGEHrTEr/szkr0piWe7w7hHYVArfHPd4ewJ/C2ED986j7Rdu25etum6enJnQuY6M3b6gtbp6YnRzdvn95SSfrUSEch/ca1b37sz7z6pc3V2wvu3jDYTro7L9cz0+W1PXV3153svY/96i9WMvt8lOqP+XvDQFhy5a7JnaNf3LR798412d92s6/N/nbl0WxbrVks22pFsZLVuy/fsXrXnqtXTV2+6dLJSyevWPOxtWNnjq0b+/iZq6ujGsv+Nh5qb9tDvf3ED/X07kIlJ+IDQOLEJqqvy5OgGxKLOtFZ9+k2drJ/kJe+6M92tCdUZj6gS9OKYpaOmVEej0GvT4Irjv+gR+L3lJYjWlOaOJSyrG2dZV1pMjGbpS/LMvO9rjQ5LNbUObNJ4/3OMDra1Wg7DNffLW7en6Wbdx6eyjdju2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP9jBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1mH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//5DAgkw==")
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x10b142, 0x1fe)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
pwritev2(r4, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r5, 0x80083314, 0x0)
fallocate(r3, 0x10, 0x8fff, 0x7fff)

2.099560817s ago: executing program 1 (id=1245):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f00001c1000/0x4000)=nil, 0x4000, 0x2000002, 0x12, r0, 0xfe063000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x80000000000009, 0x9, 0x0)

1.971873759s ago: executing program 5 (id=1247):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./bus\x00', 0x1808014, &(0x7f0000000600)=ANY=[], 0x5, 0x55a2, &(0x7f0000006980)="$eJzs3M2PE/UbAPBnuizvP9j84sEbkxCT3YRu6C4QPYkK8SVCiC8HT9ptS1NoO5ttKSsnDh48GA/+J0YTTx79GzzoUW/Gg8abCaYzs0KBRYFuF+HzSabPzLffPvN8J80mz8ymATyzFtI/fkviSByIiLmIOJxEvp+UW8TNiLPF3Ocj4lhEVO7YknL874G9EXEwIo6Mkxc5k/KtL06Mjp/+9a3fv/1+355DX37zw64uHNhVL0REb73Yv94rYtbOw625crw+6uSxd2pUxvWJHL2sGL/eWsszXK9vzavncbVdzM/Wrw3G8XK33hjHdudyPr7eL044GLW38ow/kF6pb+THzdZaHjuDLI/tG8V5N28Uf9tuDIZFnmaZ7+M8fQyHW7EYb222ivWsX81joz8sx4u8WbO1OY6jMpani0bWbeZ1rD3qVX7yvd3pX9tMR62NQSfrp6eXay8u185UaxtZszVsnarWe80zp9LFdnc8rTps1Xtn21nW7raWG1lvKV1sNxrVWi1dPNda69T7aa22vLp8snp6qdw7kb5+8f2020wXx/HVTv/asNMdpJezjbT4xFK6srz60lJ6vJa+e+FSeumd8+cvXHrvw3MfXHzlwpuvlZPuKStdXDm5slKtnayu1JaeofV/Uhb9EOtP7j/804+Pd9mgsM0XDIDt3dP/x939f+j/gal7QP8fV/6h/+9dLY9v9/+rn06v/4/79v+Vyf4/ptn/j1uq7fr/W0cf70I/4R6q/63sQv87H/r/HVw/PJZH6//3Tr0OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABm7uf5r97IdxaK40Pl+P/Kof+Xx0lEVCLi1n3Mxd6JnHNlnvlt5s/fVcN3SeQZxufYV24HI+Jsuf15dKevAgAAADy9vr557POiWy9eFna7IGapuGlTOfzRlPIlETG/8MuUslXGL89NKVn+/d4Tm1PKlt/A2j+lZMUttz3TyvavzE2E/XeEpAiVmZYDAADMxGQnsH0XMjejegAAANgpnz3w3ZdnVgczlsTWo8ytZ8H5f97ffiB4YOI9AAAA4D8o2e0CAAAAgB2X9/9+/w8AAACebsXv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH+xcz+5aQNRHICfDYb+VVHVfa/SHRyjR+iyy8IBegmOQE9QqRfgDFTKIkdIQoQ9QXICUiTGOEHfJ9nOjKOfZ4DNG0sDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXfpfrWZ/fn39fWLM39vtaTJNBwAAADhgU61m9R+Tpv0+9X9MXZ9Tu4iIMiIO1e6DGLUyBymnOvL/1aMx/IuoE3b943S8i4hv6bj51PWnAAAAAJdrvVhOm2q9OaUlgKt+R8WZNIs25YfvmfKKiKgm15nSyt3pS6aw+vc9jJ+Z0uoFrDeZwpolt+Hhe6NcD2kbtC4PM5nXX2LdKrt5LgAA0Kd2JXCkCgEAAOAC/Oh7AJzD09K+2J/27xnHzSW9EHzbagEAAACvUNH3AAAAAIDO1fX/S9r/r7D/HwAAAGTX7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAlzbVarZeLKfH7s+fmXO3PU2+GQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD37844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzbT28UZRgA8Gd3dheK/2o1TawaTDjoRcqCIFdjNI0HP4JJU7ZYXUShByGN2Is30zMXo0djTDT11u/AmSZc8Mahh5p48lAzszNltl20QZxZ6O+XvPs+OzO87/PObkifmVkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAClvvxCvNPE7Sl8lBXGy7vb2ykPabe/rUxtqdmbSlcaPivB8Dr5bfHJ+uLxEAAAAOj6So7yPibnt9Lu2bk1n93y6OSWv+758ZxEU9v7fu39xeOZrvminq/99+vffi7kSTSTZPOujiUr93an8qrf9piWPvuX89opWd+ezaS5J9IM0PVl/Yamfns/HtrVvvdbLwSBXZAgAP42TR50Hx91Dad+tMDIBDo1UqvIv6P5msNycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKmytxlNF3IiImdb9OLW5vbIwqv967c7MRt7O3by5Vh4zHaIdEYtL/d6pCtcyvoqzef3T+X6/d+XqtaqD4xExYteNg/3zJE//gcd0ImJoy4mXRozz0QHm2jPOviD/eka153AiXd+Djnm22NUY2tXYd8Lf3Rmo4wtQVdDMP59xyedRBsV379GPXPF/RwAAPPHaeUsr0bvt9bl0W2MqYueH4fr/9VIcQ3X/zo3BlsH7jVL9f+/jc7fLc5Xr/25F63sczC5f+nz26rXrby5dmr/Yu9j77K3T3be7Z86fPXt+NrtWMrsYTVdMAAAA+A86eSvX/82p/ff/j5Xi+If7/+X6/4vvul+V50rU/yPdv+lXdyYAAACHUWc3ev61P/9ojDii0enEl/PLy1e6g9fd96cHr5Wm+5CO5K1c/ydTdWcFAAAAVGFrtTF0//9CKY4D3v9/+seXfy6PmUTERMTliOidXLjcv1DdcsZaFT9Uzibq1L1SAAAA6jKRt/L9/3b2/H9z95GHZkS8cSLir/w3/HHA+j95/5ufynOVn/8/U+kqx09zenA+sn46ojVdd0YAAAA8yY7mLS32f2+vz33yy7EPO57/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKja3wEAAP//dJkyYQ==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.current\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400"], 0x48)
wait4(0x0, 0x0, 0x40000000, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0x20}], 0x6)
socket$nl_generic(0x10, 0x3, 0x10)

1.886089351s ago: executing program 1 (id=1248):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=ANY=[@ANYBLOB="38000000070a01040000000000000000020000000c00034000000000000000020900020073797a3200000000090001000000eb4949"], 0x38}}, 0x0)

1.683126104s ago: executing program 4 (id=1250):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x8, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x10, 0x6, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000580), 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.659411214s ago: executing program 1 (id=1251):
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
openat(0xffffffffffffff9c, 0x0, 0x60840, 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fremovexattr(0xffffffffffffffff, &(0x7f00000000c0)=@known='system.posix_acl_access\x00')
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0xcb)
connect$ax25(r3, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)

1.458428637s ago: executing program 4 (id=1252):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000040000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000005000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

1.112512973s ago: executing program 4 (id=1253):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = io_uring_setup(0xc90, &(0x7f00000002c0))
io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000001580)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1)

779.041228ms ago: executing program 4 (id=1254):
socket$netlink(0x10, 0x3, 0x0)
socket(0x200000000000011, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r0}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0xe, &(0x7f0000001980)={@remote, @empty, @void, {@generic={0x8884}}}, 0x0)

554.935481ms ago: executing program 0 (id=1255):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000240), 0x802, 0x0)
timerfd_settime(0xffffffffffffffff, 0x2, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
readv(0xffffffffffffffff, &(0x7f0000000080)=[{0x0}], 0x1)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x3, 0x810, r0, 0x8f77e000)
write$uinput_user_dev(r0, &(0x7f0000000700)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xae9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x440, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x202, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x40000000, 0x0, 0x2, 0x0, 0x7ff, 0x4374, 0x0, 0xfffffffd, 0x0, 0x0, 0x3, 0x0, 0x10], [0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x6, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x1, 0xa814, 0x0, 0x9b6d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x89fe, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3193, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0x5501, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000020900010073797a30000000002c000000030a010200000000030000000100ffff0900010073797a30000000000900030073797a3100000000d4040000060a010400000000000000000100000008000b4000000000ac0404802c000180080001006c6f6700200002800900024073797a300000000008000340000000060800034000000002380401800c000100626974776973650028040280080003400000000808000240000000140800064000000002080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340fffffff8080003400000000908000340684dbc5808000180ffffffff6200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034080000000080003400000000308000180fffffffc080001400000000d600004804000028008000180fffffffb0d00020073797a3000000000080001802b30a3bc08000180000000000900020073797a31000000002900020073797a31000000001c0002800900020073797a31000000000900020073797a3200000000080002400000000a30010480380002800900020073797a3200000000080003400000000908000180fffffffc0800018000000007080003408000000108000340000000050b0001000bca99f460f4b0002800028008000180fffffffb0900020073797a3000000000080003400000000308000340000001ff04000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d65746100000000240002800800024000000002080003400000000d08000340000000090800034000000001100001800a0001006c696d69740000000900010073797a30"], 0x548}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r2)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x4008040)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b1a, &(0x7f0000000000)={'wlan1\x00'})
ioctl$SIOCSIFHWADDR(r2, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="01000000008d"})

554.564451ms ago: executing program 1 (id=1256):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1d4}, 0x1, 0x0, 0x0, 0x4000}, 0x4004090)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={0x0, 0x94}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

398.717624ms ago: executing program 4 (id=1257):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffffffffffeed, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_test', 0x141a82, 0x0)
sendfile(r1, r1, &(0x7f0000000000)=0x1, 0x4)

212.419417ms ago: executing program 5 (id=1258):
pwritev(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0xffffffff, 0x7c9e)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000003c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8002, 0x0)
read$msr(r0, &(0x7f0000019540)=""/102400, 0x19000)
r1 = syz_open_dev$cec(&(0x7f0000000080), 0xffffffffffffffff, 0x0)
ioctl$IOC_PR_PREEMPT(r1, 0x40046109, 0x0)
close_range(r1, r1, 0x0)

166.474158ms ago: executing program 1 (id=1259):
mremap(&(0x7f0000a99000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000ff8000/0x2000)=nil)
mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000bfc000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

0s ago: executing program 4 (id=1260):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
lremovexattr(0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x1)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000a00), 0x400)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, &(0x7f0000000a80))
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x8200, 0x0)

kernel console output (not intermixed with test programs):

4967295 subj=unconfined pid=5146 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  148.120455][ T5156] loop3: detected capacity change from 0 to 256
[  148.204645][   T26] audit: type=1326 audit(1750640106.037:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  148.268942][ T5156] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  148.348174][   T26] audit: type=1326 audit(1750640106.037:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5146 comm="syz.3.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  148.617733][ T5114] chnl_net:caif_netlink_parms(): no params data found
[  148.839245][ T4323] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  149.109359][ T4323] usb 5-1: Using ep0 maxpacket: 32
[  149.127697][ T4323] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  149.204189][ T4323] usb 5-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  149.285794][ T4323] usb 5-1: config 0 interface 0 has no altsetting 0
[  149.338785][ T4323] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  149.398697][ T4323] usb 5-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  149.456737][ T4323] usb 5-1: Product: syz
[  149.540303][ T4323] usb 5-1: config 0 descriptor??
[  149.593857][ T4323] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  149.609299][ T4269] Bluetooth: hci4: command 0x041b tx timeout
[  149.667677][ T5181] loop0: detected capacity change from 0 to 512
[  149.697013][ T5181] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  149.748768][   T26] audit: type=1800 audit(1750640107.967:178): pid=5181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.221" name="bus" dev="loop0" ino=18 res=0 errno=0
[  150.559957][ T5114] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.567136][ T5114] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.617532][ T5195] netlink: 256 bytes leftover after parsing attributes in process `syz.3.222'.
[  150.638605][ T5114] device bridge_slave_0 entered promiscuous mode
[  150.682461][ T5195] netlink: 72 bytes leftover after parsing attributes in process `syz.3.222'.
[  150.696829][ T5114] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.737123][ T5114] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.771521][ T5114] device bridge_slave_1 entered promiscuous mode
[  151.518122][ T5114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  151.586165][ T5114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  151.679214][ T4269] Bluetooth: hci4: command 0x040f tx timeout
[  151.716917][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  151.753667][   T11] device hsr_slave_0 left promiscuous mode
[  151.826058][   T11] device hsr_slave_1 left promiscuous mode
[  151.838186][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  151.873825][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  151.905431][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  151.937237][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  151.962915][   T26] audit: type=1326 audit(1750640110.187:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  151.987508][   T11] device bridge_slave_1 left promiscuous mode
[  151.998741][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.053200][   T11] device bridge_slave_0 left promiscuous mode
[  152.067409][   T26] audit: type=1326 audit(1750640110.187:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.067523][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  152.143371][   T26] audit: type=1326 audit(1750640110.187:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.235426][   T26] audit: type=1326 audit(1750640110.187:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.305956][   T11] device veth1_macvtap left promiscuous mode
[  152.346247][   T11] device veth0_macvtap left promiscuous mode
[  152.371847][   T11] device veth1_vlan left promiscuous mode
[  152.389472][   T11] device veth0_vlan left promiscuous mode
[  152.736681][ T5214] loop1: detected capacity change from 0 to 1024
[  152.782173][ T5214] EXT4-fs: Ignoring removed oldalloc option
[  152.788175][ T5214] EXT4-fs: Ignoring removed bh option
[  152.795568][   T26] kauditd_printk_skb: 356 callbacks suppressed
[  152.795582][   T26] audit: type=1326 audit(1750640111.017:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.870444][  T127] usb 5-1: USB disconnect, device number 2
[  152.890546][ T5214] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  152.934023][   T26] audit: type=1326 audit(1750640111.057:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934066][   T26] audit: type=1326 audit(1750640111.057:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934103][   T26] audit: type=1326 audit(1750640111.057:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934138][   T26] audit: type=1326 audit(1750640111.057:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934173][   T26] audit: type=1326 audit(1750640111.057:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934206][   T26] audit: type=1326 audit(1750640111.057:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934241][   T26] audit: type=1326 audit(1750640111.057:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934276][   T26] audit: type=1326 audit(1750640111.057:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.934311][   T26] audit: type=1326 audit(1750640111.057:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5201 comm="syz.3.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7effbc52ab19 code=0x7ffc0000
[  152.938982][ T5214] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  153.801341][ T4269] Bluetooth: hci4: command 0x0419 tx timeout
[  153.828631][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.895550][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.964983][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  156.544979][ T5264] netlink: 12 bytes leftover after parsing attributes in process `syz.4.242'.
[  156.565523][   T11] team0 (unregistering): Port device team_slave_1 removed
[  156.674882][   T11] team0 (unregistering): Port device team_slave_0 removed
[  156.744420][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  156.834401][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.330971][   T11] bond0 (unregistering): Released all slaves
[  157.682800][ T5114] team0: Port device team_slave_0 added
[  157.759190][ T5114] team0: Port device team_slave_1 added
[  157.969774][ T5114] batman_adv: batadv0: Adding interface: batadv_slave_0
[  157.999372][ T5114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.091898][ T5114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  158.141810][ T5114] batman_adv: batadv0: Adding interface: batadv_slave_1
[  158.183641][ T5114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  158.289181][ T5114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  158.542770][ T5114] device hsr_slave_0 entered promiscuous mode
[  158.581449][ T5114] device hsr_slave_1 entered promiscuous mode
[  158.599175][ T5114] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  158.637625][ T5114] Cannot create hsr debugfs directory
[  159.514367][ T5313] overlayfs: failed to decode file handle (len=6, type=196859, flags=0, err=-22)
[  160.546320][ T5287] loop4: detected capacity change from 0 to 32768
[  160.552698][ T5114] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  160.560608][ T5287] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 10
[  160.752779][ T5114] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  160.993549][ T5114] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  161.377214][ T5114] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  162.626701][ T5114] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.711424][ T5186] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  162.784633][ T5186] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  163.623379][ T5114] 8021q: adding VLAN 0 to HW filter on device team0
[  163.819033][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  163.858849][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  163.919919][ T4415] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.927167][ T4415] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.999569][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  164.117508][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  164.140092][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  164.177554][ T4415] bridge0: port 2(bridge_slave_1) entered blocking state
[  164.184769][ T4415] bridge0: port 2(bridge_slave_1) entered forwarding state
[  164.218239][ T5364] loop0: detected capacity change from 0 to 512
[  164.242117][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  164.268900][ T5364] EXT4-fs: quotafile must be on filesystem root
[  164.277216][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  164.440122][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  164.481336][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  164.640179][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  164.685289][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  164.699739][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  164.708538][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  165.317602][ T5353] loop1: detected capacity change from 0 to 40427
[  165.413676][ T5353] F2FS-fs (loop1): invalid crc value
[  165.468169][ T5353] F2FS-fs (loop1): Found nat_bits in checkpoint
[  165.523761][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  165.545300][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  165.584039][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  165.657138][ T5114] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  165.780650][ T5353] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  166.871375][ T5391] netem: change failed
[  166.881061][ T4251] syz-executor: attempt to access beyond end of device
[  166.881061][ T4251] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  168.053467][ T5114] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.090952][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  168.098615][ T4337] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  168.942052][ T5417] loop0: detected capacity change from 0 to 64
[  169.056790][ T5417] syz.0.287: attempt to access beyond end of device
[  169.056790][ T5417] loop0: rw=0, sector=1024, nr_sectors = 2 limit=64
[  169.151039][ T5417] Buffer I/O error on dev loop0, logical block 512, async page read
[  169.179433][ T5417] syz.0.287: attempt to access beyond end of device
[  169.179433][ T5417] loop0: rw=0, sector=113152, nr_sectors = 2 limit=64
[  169.229450][ T5417] Buffer I/O error on dev loop0, logical block 56576, async page read
[  170.076921][   T26] kauditd_printk_skb: 725 callbacks suppressed
[  170.076935][   T26] audit: type=1326 audit(1750640128.297:1274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5434 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  170.180315][   T26] audit: type=1326 audit(1750640128.337:1275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5434 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  170.219642][ T5442] loop3: detected capacity change from 0 to 1024
[  170.266194][ T5442] hfsplus: bad catalog entry type
[  170.273102][   T26] audit: type=1326 audit(1750640128.337:1276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5434 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  170.409942][   T26] audit: type=1326 audit(1750640128.337:1277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5434 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  170.445037][ T4337] hfsplus: b-tree write err: -5, ino 4
[  170.532557][   T26] audit: type=1326 audit(1750640128.337:1278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5434 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  170.640649][ T5449] loop4: detected capacity change from 0 to 1024
[  170.946082][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  170.969891][ T4379] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  171.018974][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  171.070091][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  171.111927][ T5114] device veth0_vlan entered promiscuous mode
[  171.120765][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  171.129787][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  171.173107][ T5114] device veth1_vlan entered promiscuous mode
[  171.207994][ T5440] program syz.0.291 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  171.243633][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  171.264859][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  171.300299][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  171.378583][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  171.486286][ T5114] device veth0_macvtap entered promiscuous mode
[  171.621409][ T5114] device veth1_macvtap entered promiscuous mode
[  172.239579][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  172.281389][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  172.341448][ T5476] netlink: 36 bytes leftover after parsing attributes in process `syz.4.302'.
[  172.356927][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.373510][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.436160][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.612959][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.613894][   T26] audit: type=1326 audit(1750640130.837:1279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5479 comm="syz.3.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  172.653337][   T26] audit: type=1326 audit(1750640130.837:1280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5479 comm="syz.3.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  172.786040][   T26] audit: type=1326 audit(1750640130.867:1281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5479 comm="syz.3.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  172.837315][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.868115][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  172.898536][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  172.914776][   T26] audit: type=1326 audit(1750640130.867:1282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5479 comm="syz.3.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  172.951621][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.055737][ T5114] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.124207][ T5478] Zero length message leads to an empty skb
[  173.138604][ T5483] netlink: 4 bytes leftover after parsing attributes in process `syz.3.304'.
[  173.242071][   T26] audit: type=1326 audit(1750640130.867:1283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5479 comm="syz.3.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  173.435966][ T5491] loop0: detected capacity change from 0 to 128
[  173.556304][ T4415] FAT-fs (loop0): error, invalid FAT chain (i_pos 548, last_block 8)
[  173.565655][ T4415] FAT-fs (loop0): Filesystem has been set read-only
[  173.574814][ T4415] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  173.637889][ T5496] FAT-fs (loop0): error, corrupted file size (i_pos 548, 522)
[  173.728803][ T5499] loop4: detected capacity change from 0 to 2048
[  173.759659][ T5499] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  173.864830][ T5501] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  173.967902][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  174.154042][ T4546] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  174.195231][ T5501] sctp: [Deprecated]: syz.4.309 (pid 5501) Use of struct sctp_assoc_value in delayed_ack socket option.
[  174.195231][ T5501] Use struct sctp_sack_info instead
[  174.326746][ T5501] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  174.367097][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.504901][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.544616][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.595966][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.619895][ T5511] loop0: detected capacity change from 0 to 16
[  174.689300][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.723568][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.756502][ T5114] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  174.781640][ T5114] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  174.812435][ T5114] batman_adv: batadv0: Interface activated: batadv_slave_1
[  174.884171][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  174.907611][ T4415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  174.952961][ T5114] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  174.980095][ T5114] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.019142][ T5114] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.058586][ T5114] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.121818][ T5525] loop3: detected capacity change from 0 to 1024
[  175.141805][ T5525] EXT4-fs: Ignoring removed orlov option
[  175.249758][ T5525] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  175.378877][ T5525] EXT4-fs (loop3): re-mounted. Quota mode: none.
[  175.466683][ T4400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.499430][ T4400] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.566707][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  175.593642][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  175.602505][ T4332] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  175.621676][ T4332] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  175.632868][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  175.656963][ T5541] loop0: detected capacity change from 0 to 4096
[  175.739468][ T4296] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  175.892616][ T4253] ntfs3: loop0: ntfs_evict_inode r=5 failed, -22.
[  175.938644][ T4253] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  175.949047][ T5544] loop5: detected capacity change from 0 to 1024
[  175.949389][ T4296] usb 2-1: Using ep0 maxpacket: 32
[  176.018763][ T4296] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  176.245383][ T4296] usb 2-1: config 0 has no interface number 0
[  176.280242][ T4296] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  177.209183][ T4296] usb 2-1: config 0 interface 85 has no altsetting 0
[  177.304300][ T4296] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  177.374751][ T4416] hfsplus: b-tree write err: -5, ino 4
[  177.730126][ T4296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.893909][   T26] kauditd_printk_skb: 24 callbacks suppressed
[  177.893925][   T26] audit: type=1326 audit(1750640136.117:1308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5554 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  177.974838][ T4296] usb 2-1: Product: syz
[  177.993642][ T4296] usb 2-1: Manufacturer: syz
[  178.028944][ T4296] usb 2-1: SerialNumber: syz
[  178.050076][   T26] audit: type=1326 audit(1750640136.177:1309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5554 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  178.072472][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.080571][ T4296] usb 2-1: config 0 descriptor??
[  178.149353][   T26] audit: type=1326 audit(1750640136.177:1310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5554 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  178.171611][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.269273][   T26] audit: type=1326 audit(1750640136.177:1311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5554 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  178.295266][ T4296] appletouch 2-1:0.85: Failed to read mode from device.
[  178.317814][ T4296] appletouch: probe of 2-1:0.85 failed with error -5
[  178.375151][   T26] audit: type=1326 audit(1750640136.177:1312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5554 comm="syz.4.326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  178.421081][ T4296] usb 2-1: USB disconnect, device number 2
[  178.681243][ T5569] loop3: detected capacity change from 0 to 32768
[  178.716166][ T5569] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10
[  179.487574][ T5578] loop0: detected capacity change from 0 to 1024
[  179.771995][ T5581] loop4: detected capacity change from 0 to 2048
[  179.830181][ T5581] EXT4-fs: Ignoring removed mblk_io_submit option
[  179.837589][ T4424] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 10
[  179.868323][ T5581] EXT4-fs: Ignoring removed nobh option
[  179.951330][ T5581] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  180.305483][ T4264] EXT4-fs (loop4): unmounting filesystem.
[  180.379113][   T26] audit: type=1326 audit(1750640138.597:1313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  180.483556][   T26] audit: type=1326 audit(1750640138.607:1314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  180.506110][    C1] vkms_vblank_simulate: vblank timer overrun
[  180.624055][   T26] audit: type=1326 audit(1750640138.627:1315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  180.713459][   T26] audit: type=1326 audit(1750640138.627:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  180.735864][    C1] vkms_vblank_simulate: vblank timer overrun
[  180.827208][   T26] audit: type=1326 audit(1750640138.627:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5601 comm="syz.0.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  181.162874][ T5595] loop1: detected capacity change from 0 to 32768
[  181.371080][ T5595] XFS (loop1): Mounting V5 Filesystem
[  181.445283][ T5629] loop0: detected capacity change from 0 to 512
[  181.457838][ T5595] XFS (loop1): Ending clean mount
[  181.497642][ T5595] XFS (loop1): Quotacheck needed: Please wait.
[  181.500198][ T5629] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.345: invalid indirect mapped block 256 (level 2)
[  181.656263][ T5629] EXT4-fs (loop0): 2 truncates cleaned up
[  181.661537][ T5595] XFS (loop1): Quotacheck: Done.
[  181.693604][ T5629] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  181.769689][ T5629] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.345: bg 0: block 5: invalid block bitmap
[  181.852099][ T5629] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 21 with max blocks 44 with error 28
[  181.931323][ T5629] EXT4-fs (loop0): This should not happen!! Data will be lost
[  181.931323][ T5629] 
[  181.974404][ T5629] EXT4-fs (loop0): Total free blocks count 0
[  181.994982][ T5629] EXT4-fs (loop0): Free/Dirty block details
[  182.015609][ T5637] sp0: Synchronizing with TNC
[  182.022715][ T5629] EXT4-fs (loop0): free_blocks=0
[  182.051214][ T5629] EXT4-fs (loop0): dirty_blocks=44
[  182.072375][ T5629] EXT4-fs (loop0): Block reservation details
[  182.097309][ T5629] EXT4-fs (loop0): i_reserved_data_blocks=44
[  182.161053][ T5642] loop4: detected capacity change from 0 to 128
[  182.242292][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  182.250654][ T4251] XFS (loop1): Unmounting Filesystem
[  184.437176][ T5688] loop1: detected capacity change from 0 to 128
[  184.478848][ T5688] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  184.562607][ T5688] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  185.462615][   T26] kauditd_printk_skb: 5 callbacks suppressed
[  185.462632][   T26] audit: type=1326 audit(1750640143.687:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5699 comm="syz.5.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  185.472856][ T5702] loop4: detected capacity change from 0 to 64
[  185.519225][ T4269] Bluetooth: hci3: command 0x0409 tx timeout
[  185.688793][   T26] audit: type=1326 audit(1750640143.717:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5699 comm="syz.5.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  185.729325][ T5710] loop3: detected capacity change from 0 to 512
[  185.798306][   T26] audit: type=1326 audit(1750640143.717:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5699 comm="syz.5.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  185.915127][   T26] audit: type=1326 audit(1750640143.717:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5699 comm="syz.5.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  185.937893][   T26] audit: type=1326 audit(1750640143.717:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5699 comm="syz.5.364" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  186.054776][ T5710] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  186.111731][ T5710] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.200801][ T5723] lo speed is unknown, defaulting to 1000
[  186.207344][ T5723] lo speed is unknown, defaulting to 1000
[  186.226983][ T5723] lo speed is unknown, defaulting to 1000
[  186.259306][ T5723] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  186.304370][ T5723] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  186.422614][ T5723] lo speed is unknown, defaulting to 1000
[  186.437920][ T5723] lo speed is unknown, defaulting to 1000
[  186.452255][ T5723] lo speed is unknown, defaulting to 1000
[  186.464744][ T5723] lo speed is unknown, defaulting to 1000
[  186.476872][ T5723] lo speed is unknown, defaulting to 1000
[  186.790738][ T5710] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #2: comm syz.3.368: corrupted inode contents
[  186.937374][ T5710] EXT4-fs error (device loop3): ext4_dirty_inode:6118: inode #2: comm syz.3.368: mark_inode_dirty error
[  186.970317][ T5729] process 'syz.5.372' launched './file1' with NULL argv: empty string added
[  186.979222][ T4297] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  187.000565][ T5710] EXT4-fs error (device loop3): ext4_do_update_inode:5253: inode #2: comm syz.3.368: corrupted inode contents
[  187.084194][ T5710] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz.3.368: mark_inode_dirty error
[  187.171050][ T4297] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.201955][ T5733] loop0: detected capacity change from 0 to 1024
[  187.223007][ T4297] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.331891][ T4297] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  187.351844][ T5733] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  187.411621][ T5733] hfsplus: xattr searching failed
[  187.423950][ T4297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.520879][ T4297] usb 5-1: config 0 descriptor??
[  187.770281][ T5726] loop1: detected capacity change from 0 to 131072
[  187.838922][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  187.876867][ T5734] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  187.883381][ T5734] hfsplus: xattr searching failed
[  187.889152][   T26] audit: type=1800 audit(1750640146.107:1328): pid=5734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.373" name="file1" dev="loop0" ino=20 res=0 errno=0
[  187.918641][ T5726] XFS (loop1): Mounting V5 Filesystem
[  188.053063][ T5726] XFS (loop1): Torn write (CRC failure) detected at log block 0x40. Truncating head block from 0xc0.
[  188.113634][ T5726] XFS (loop1): Corruption warning: Metadata has LSN (1:192) ahead of current LSN (1:64). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  188.129312][ T5726] XFS (loop1): log mount/recovery failed: error -22
[  188.158998][ T5734] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  188.165522][ T5734] hfsplus: xattr search failed
[  188.179379][ T5726] XFS (loop1): log mount failed
[  188.558811][ T5752] Error parsing options; rc = [-22]
[  189.728478][ T5761] loop5: detected capacity change from 0 to 512
[  189.802637][ T5761] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  189.876722][ T5761] EXT4-fs (loop5): 1 truncate cleaned up
[  190.176529][ T4297] input: HID 256c:006d as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0001/input/input7
[  190.719467][ T5761] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  190.956628][   T26] audit: type=1326 audit(1750640149.177:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  191.135299][ T4297] uclogic 0003:256C:006D.0001: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[  191.243860][ T4297] usb 5-1: USB disconnect, device number 3
[  191.428435][ T5774] loop1: detected capacity change from 0 to 1024
[  191.706427][ T5774] EXT4-fs (loop1): can't mount with data=, fs mounted w/o journal
[  191.719738][ T4400] hfsplus: b-tree write err: -5, ino 4
[  191.740862][ T5114] EXT4-fs (loop5): unmounting filesystem.
[  191.767988][   T26] audit: type=1326 audit(1750640149.347:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  191.902671][   T26] audit: type=1326 audit(1750640149.347:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  191.947638][ T4300] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  192.064687][ T4300] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  192.123763][ T5790] loop3: detected capacity change from 0 to 1024
[  192.127102][   T26] audit: type=1326 audit(1750640149.357:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  192.180148][ T5790] EXT4-fs: Ignoring removed nomblk_io_submit option
[  192.253634][ T5790] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  192.323863][ T5779] fido_id[5779]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  192.324617][   T26] audit: type=1326 audit(1750640149.357:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5770 comm="syz.3.380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effbc58e929 code=0x7ffc0000
[  192.338253][ T5790] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  192.451898][ T5790] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  192.477989][ T5800] loop5: detected capacity change from 0 to 128
[  192.520236][ T5800] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  192.565351][ T4300] kernel write not supported for file /uhid (pid: 4300 comm: kworker/0:7)
[  192.612990][ T5800] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  192.678416][ T5800] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.386: No space for directory leaf checksum. Please run e2fsck -D.
[  192.761389][ T5800] EXT4-fs error (device loop5): __ext4_find_entry:1696: inode #2: comm syz.5.386: checksumming directory block 0
[  192.970774][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  192.982601][ T5806] loop1: detected capacity change from 0 to 128
[  193.402487][ T5806] EXT4-fs warning (device loop1): ext4_init_metadata_csum:4558: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  193.436976][ T5801] fido_id[5801]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  193.459434][ T5806] EXT4-fs (loop1): Encoding requested by superblock is unknown
[  193.490058][ T5800] EXT4-fs warning (device loop5): ext4_dirblock_csum_verify:406: inode #2: comm syz.5.386: No space for directory leaf checksum. Please run e2fsck -D.
[  193.691581][ T5800] EXT4-fs error (device loop5): htree_dirblock_to_tree:1083: inode #2: comm syz.5.386: Directory block failed checksum
[  194.076915][ T5813] loop3: detected capacity change from 0 to 1024
[  194.324118][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  194.330533][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  194.396329][ T5114] EXT4-fs (loop5): unmounting filesystem.
[  196.675828][   T26] audit: type=1326 audit(1750640154.897:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5831 comm="syz.1.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  196.698258][    C1] vkms_vblank_simulate: vblank timer overrun
[  197.128289][   T26] audit: type=1326 audit(1750640154.977:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5831 comm="syz.1.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  197.230976][   T26] audit: type=1326 audit(1750640155.097:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5831 comm="syz.1.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=51 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  197.265367][ T5838] loop0: detected capacity change from 0 to 512
[  197.319901][   T26] audit: type=1326 audit(1750640155.097:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5831 comm="syz.1.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  197.356456][ T5838] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  197.357263][ T5845] loop1: detected capacity change from 0 to 8
[  197.545004][   T26] audit: type=1326 audit(1750640155.137:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5831 comm="syz.1.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c1818e929 code=0x7ffc0000
[  197.555978][ T5847] loop3: detected capacity change from 0 to 1024
[  197.628254][ T5850] x_tables: duplicate underflow at hook 3
[  198.421049][   T26] audit: type=1800 audit(1750640155.617:1339): pid=5838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.396" name="bus" dev="loop0" ino=18 res=0 errno=0
[  198.453635][ T5847] EXT4-fs: Ignoring removed orlov option
[  198.478614][ T5845] SQUASHFS error: xz decompression failed, data probably corrupt
[  198.511427][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  198.529392][ T5845] SQUASHFS error: Failed to read block 0x108: -5
[  198.529726][ T5847] EXT4-fs: Ignoring removed nomblk_io_submit option
[  198.543299][ T5845] SQUASHFS error: Unable to read metadata cache entry [106]
[  198.585028][ T5845] SQUASHFS error: Unable to read inode 0x11f
[  198.790222][ T5847] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  198.845551][ T4424] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  198.879244][ T4447] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  199.761712][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  199.813092][ T4447] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  199.844159][ T4447] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  199.894773][ T4447] usb 5-1: config 1 has no interface number 0
[  199.923848][ T4447] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.957663][ T5872] loop1: detected capacity change from 0 to 1024
[  199.965976][ T4424] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  199.988767][ T4447] usb 5-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  199.993734][ T5872] EXT4-fs: Ignoring removed nobh option
[  200.015838][ T5876] netlink: 28 bytes leftover after parsing attributes in process `syz.3.405'.
[  200.031154][ T4447] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  200.033564][ T5872] EXT4-fs: Ignoring removed bh option
[  200.054917][ T5871] loop0: detected capacity change from 0 to 2048
[  200.056752][ T5876] netlink: 28 bytes leftover after parsing attributes in process `syz.3.405'.
[  200.074067][ T4447] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.086410][ T4447] usb 5-1: Product: syz
[  200.092440][ T4447] usb 5-1: Manufacturer: syz
[  200.097265][ T4447] usb 5-1: SerialNumber: syz
[  200.116464][ T5872] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  200.166295][ T5876] device team0 entered promiscuous mode
[  200.195630][ T5876] device team_slave_0 entered promiscuous mode
[  200.209173][ T5877] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  200.242231][ T5872] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  200.258082][ T5877] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  200.274518][ T5876] device team_slave_1 entered promiscuous mode
[  200.317116][ T5877] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  200.336961][ T4332] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  200.369422][ T5877] Remounting filesystem read-only
[  200.492777][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  201.140924][ T4447] cdc_ncm 5-1:1.1: bind() failure
[  201.173023][ T4447] usb 5-1: USB disconnect, device number 4
[  201.299229][ T4872] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  201.313207][ T5870] loop5: detected capacity change from 0 to 32768
[  201.435941][ T5870] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  201.454901][ T5870] XFS (loop5): Mounting V5 Filesystem
[  201.509245][ T4872] usb 2-1: Using ep0 maxpacket: 8
[  201.516456][ T4872] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  201.526179][ T4270] Bluetooth: hci1: command 0x0406 tx timeout
[  201.532394][ T4270] Bluetooth: hci2: command 0x0406 tx timeout
[  201.538521][ T4270] Bluetooth: hci0: command 0x0406 tx timeout
[  201.545078][ T4872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.555948][ T4872] usb 2-1: config 0 descriptor??
[  201.647515][ T5870] XFS (loop5): Ending clean mount
[  201.673489][ T5870] XFS (loop5): Quotacheck needed: Please wait.
[  201.932026][ T5870] XFS (loop5): Quotacheck: Done.
[  202.459250][   T26] audit: type=1804 audit(1750640160.637:1340): pid=5870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.406" name="/newroot/18/file0/file1" dev="loop5" ino=4422 res=1 errno=0
[  202.566337][ T5114] XFS (loop5): Unmounting Filesystem
[  204.193389][ T4872] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  204.217841][ T4872] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  204.300025][ T4872] asix: probe of 2-1:0.0 failed with error -71
[  204.339342][ T4872] usb 2-1: USB disconnect, device number 3
[  204.568556][ T5947] loop4: detected capacity change from 0 to 4096
[  204.599497][ T5947] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[  206.465193][ T5960] loop5: detected capacity change from 0 to 47
[  210.438967][ T5981] loop1: detected capacity change from 0 to 32768
[  210.658965][ T5981] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  210.881176][ T5981] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  210.911308][ T6009] capability: warning: `syz.3.441' uses deprecated v2 capabilities in a way that may be insecure
[  212.171146][ T6027] loop5: detected capacity change from 0 to 131072
[  212.187922][ T6027] F2FS-fs (loop5): Wrong CP boundary, start(512) end(1536) blocks(0)
[  212.196197][ T6027] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  212.209755][ T6027] F2FS-fs (loop5): invalid crc value
[  212.243508][ T4251] ocfs2: Unmounting device (7,1) on (node local)
[  212.294932][ T6027] F2FS-fs (loop5): Found nat_bits in checkpoint
[  212.353306][ T6027] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  212.360693][ T6027] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  212.411876][   T26] audit: type=1800 audit(1750640170.637:1341): pid=6027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.448" name="file1" dev="loop5" ino=7 res=0 errno=0
[  212.589191][   T26] audit: type=1804 audit(1750640170.707:1342): pid=6027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.448" name="/newroot/25/bus/file1" dev="loop5" ino=7 res=1 errno=0
[  212.679210][ T4447] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  212.874363][ T4447] usb 5-1: not running at top speed; connect to a high speed hub
[  212.941356][ T4447] usb 5-1: config 0 interface 0 has no altsetting 0
[  212.972433][ T4447] usb 5-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice=2b.5c
[  212.990549][ T4447] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.998650][ T4447] usb 5-1: Product: syz
[  213.003060][ T4447] usb 5-1: Manufacturer: syz
[  213.007696][ T4447] usb 5-1: SerialNumber: syz
[  213.038551][ T4447] usb 5-1: config 0 descriptor??
[  213.383691][ T4447] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input8
[  213.417209][ T3609] bcm5974 5-1:0.0: could not read from device
[  213.480602][ T4447] usb 5-1: USB disconnect, device number 5
[  216.194891][ T6094] netdevsim netdevsim1: Firmware load for '/../file0' refused, path contains '..' component
[  217.150801][ T6107] syz.3.471 (6107): /proc/6102/oom_adj is deprecated, please use /proc/6102/oom_score_adj instead.
[  219.268403][ T6120] loop3: detected capacity change from 0 to 32768
[  219.323878][ T6120] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.475 (6120)
[  219.348707][ T6120] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  219.358926][ T6120] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  219.367710][ T6120] BTRFS info (device loop3): setting nodatacow, compression disabled
[  219.375843][ T6120] BTRFS info (device loop3): turning on sync discard
[  219.382606][ T6120] BTRFS info (device loop3): setting datacow
[  219.388588][ T6120] BTRFS info (device loop3): doing ref verification
[  219.395234][ T6120] BTRFS info (device loop3): turning off barriers
[  219.401738][ T6120] BTRFS info (device loop3): enabling ssd optimizations
[  219.408700][ T6120] BTRFS info (device loop3): using spread ssd allocation scheme
[  219.416358][ T6120] BTRFS info (device loop3): setting datasum
[  219.422371][ T6120] BTRFS info (device loop3): turning on barriers
[  219.429222][ T6120] BTRFS info (device loop3): not using ssd optimizations
[  219.436269][ T6120] BTRFS info (device loop3): not using spread ssd allocation scheme
[  219.444524][ T6120] BTRFS info (device loop3): using free space tree
[  219.918916][ T6138] loop4: detected capacity change from 0 to 256
[  220.320702][ T6152] random: crng reseeded on system resumption
[  220.864033][ T6156] overlayfs: './file1' not a directory
[  221.324736][ T6170] loop4: detected capacity change from 0 to 128
[  222.303190][ T4252] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  223.162278][ T6200] loop0: detected capacity change from 0 to 256
[  223.169638][ T6200] exfat: Deprecated parameter 'utf8'
[  223.391533][ T6200] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  223.434786][ T6200] binder: 6194:6200 ioctl 4018620d 0 returned -22
[  224.728475][ T6208] loop3: detected capacity change from 0 to 512
[  224.779309][ T6186] loop1: detected capacity change from 0 to 40427
[  225.181437][ T6186] F2FS-fs (loop1): Found nat_bits in checkpoint
[  225.230071][ T6208] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  225.299119][ T6208] ext4 filesystem being mounted at /122/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  225.358880][ T6186] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  225.436006][   T26] audit: type=1800 audit(1750640183.321:1343): pid=6186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.491" name="file1" dev="loop1" ino=10 res=0 errno=0
[  225.584857][   T26] audit: type=1800 audit(1750640183.349:1344): pid=6186 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.491" name="file1" dev="loop1" ino=10 res=0 errno=0
[  225.661280][ T6208] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.490: path (unknown): bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=2060, size=2048 fake=1
[  225.741979][ T4251] syz-executor: attempt to access beyond end of device
[  225.741979][ T4251] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  226.163767][ T6208] EXT4-fs (loop3): Remounting filesystem read-only
[  226.210406][ T6225] device syzkaller0 entered promiscuous mode
[  226.316160][ T6233] affs: No valid root block on device nullb0
[  227.021475][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  228.664889][ T6270] random: crng reseeded on system resumption
[  228.916468][ T6276] loop0: detected capacity change from 0 to 512
[  228.982629][ T6276] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  229.052331][ T6276] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  229.073345][ T6276] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  229.077613][ T6279] Trying to write to read-only block-device nullb0
[  229.095898][ T6276] EXT4-fs (loop0): 1 truncate cleaned up
[  229.101612][ T6276] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  230.067767][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  230.598153][ T6307] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  230.605443][ T6307] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  230.684594][ T6307] vhci_hcd vhci_hcd.0: Device attached
[  230.861647][ T6309] vhci_hcd: connection closed
[  230.866362][   T56] vhci_hcd: stop threads
[  230.894361][   T56] vhci_hcd: release socket
[  230.911135][   T56] vhci_hcd: disconnect device
[  230.942291][ T4296] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  231.096559][ T6318] loop1: detected capacity change from 0 to 256
[  231.528121][ T6324] loop0: detected capacity change from 0 to 2048
[  231.667897][ T6331] Bluetooth: MGMT ver 1.22
[  231.691983][ T6324] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  231.789631][ T6330] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[  231.804447][   T26] audit: type=1800 audit(1750640189.279:1345): pid=6324 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.524" name="file1" dev="loop0" ino=1415 res=0 errno=0
[  232.369583][ T6339] loop1: detected capacity change from 0 to 128
[  232.498347][ T6328] loop5: detected capacity change from 0 to 131072
[  232.507520][ T6328] F2FS-fs (loop5): build fault injection attr: rate: 7, type: 0x3ffff
[  232.542319][ T6311] loop3: detected capacity change from 0 to 32768
[  232.588702][ T4424] I/O error, dev loop5, sector 130944 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  232.944569][ T6328] loop5: detected capacity change from 0 to 256
[  232.955492][ T6328] exFAT-fs (loop5): bogus data start sector
[  232.961462][ T6328] exFAT-fs (loop5): failed to read boot sector
[  232.967735][ T6328] exFAT-fs (loop5): failed to recognize exfat type
[  235.525508][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  235.847266][ T4424] udevd[4424]: incorrect exfat checksum on /dev/loop5
[  236.411009][ T4296] vhci_hcd: vhci_device speed not set
[  238.261754][   T26] audit: type=1326 audit(1750640195.322:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  238.365352][   T26] audit: type=1326 audit(1750640195.322:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  238.507416][   T26] audit: type=1326 audit(1750640195.322:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  238.604872][   T26] audit: type=1326 audit(1750640195.322:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  238.672647][ T6408] loop4: detected capacity change from 0 to 4096
[  238.749073][   T26] audit: type=1326 audit(1750640195.322:1350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  238.783087][ T6408] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  238.842501][   T26] audit: type=1326 audit(1750640195.322:1351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  238.950626][ T6381] loop1: detected capacity change from 0 to 32768
[  238.974809][   T26] audit: type=1326 audit(1750640195.322:1352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6404 comm="syz.0.551" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  239.079798][   T26] audit: type=1326 audit(1750640195.537:1353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.5.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  239.210222][ T6381] XFS (loop1): Mounting V5 Filesystem
[  239.241488][   T26] audit: type=1326 audit(1750640195.565:1354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.5.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  239.318748][   T26] audit: type=1326 audit(1750640195.565:1355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6409 comm="syz.5.553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feb4a78e929 code=0x7ffc0000
[  239.464288][ T6381] XFS (loop1): Ending clean mount
[  239.668563][ T6451] loop3: detected capacity change from 0 to 512
[  239.675493][ T6451] EXT4-fs: Ignoring removed bh option
[  239.685134][ T6451] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  239.694476][ T6451] EXT4-fs (loop3): invalid journal inode
[  239.700319][ T6451] EXT4-fs (loop3): can't get journal size
[  239.743982][ T6451] EXT4-fs (loop3): 1 truncate cleaned up
[  239.749681][ T6451] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  239.761778][ T6451] ERROR: device name not specified.
[  239.965688][ T6423] DRBG: could not allocate digest TFM handle: hmac(sha384)
[  240.390791][ T4251] XFS (loop1): Unmounting Filesystem
[  240.655796][ T6467] loop5: detected capacity change from 0 to 8
[  240.719711][ T6467] cramfs: Error -5 while decompressing!
[  240.739942][ T6467] cramfs: ffffffff96b4c568(26)->ffff88804297b000(4096)
[  240.750805][ T6467] cramfs: Error -5 while decompressing!
[  240.764519][ T6467] cramfs: ffffffff96b4c582(26)->ffff888051ebe000(4096)
[  240.788632][ T6467] cramfs: Error -3 while decompressing!
[  240.794257][ T6467] cramfs: ffffffff96b4c59c(16)->ffff888042978000(4096)
[  240.873788][ T6467] cramfs: Error -5 while decompressing!
[  240.880849][ T6467] cramfs: ffffffff96b4c568(26)->ffff88804297b000(4096)
[  240.889819][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  241.614177][ T6475] loop3: detected capacity change from 0 to 64
[  241.985608][ T4296] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  242.193977][ T4296] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  242.215413][ T4296] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  242.475453][ T4296] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.551609][ T4296] usb 2-1: config 0 descriptor??
[  242.568162][ T4296] pwc: Askey VC010 type 2 USB webcam detected.
[  242.598809][ T6501] loop3: detected capacity change from 0 to 1024
[  243.014407][ T4296] pwc: recv_control_msg error -32 req 02 val 2b00
[  243.025907][ T4296] pwc: recv_control_msg error -32 req 02 val 2700
[  243.050420][ T4296] pwc: recv_control_msg error -32 req 02 val 2c00
[  243.739098][ T4296] pwc: recv_control_msg error -32 req 04 val 1000
[  243.748091][ T4296] pwc: recv_control_msg error -32 req 04 val 1300
[  243.788382][ T4296] pwc: recv_control_msg error -32 req 04 val 1400
[  243.814466][ T4296] pwc: recv_control_msg error -32 req 02 val 2000
[  243.838310][ T4296] pwc: recv_control_msg error -32 req 02 val 2100
[  243.877866][ T4296] pwc: recv_control_msg error -32 req 04 val 1500
[  243.900016][ T4296] pwc: recv_control_msg error -32 req 02 val 2500
[  243.921282][ T4296] pwc: recv_control_msg error -32 req 02 val 2400
[  243.940419][ T6520] netlink: 40 bytes leftover after parsing attributes in process `syz.0.581'.
[  243.950166][ T4296] pwc: recv_control_msg error -32 req 02 val 2600
[  243.972004][ T4296] pwc: recv_control_msg error -32 req 02 val 2900
[  244.209347][ T6198] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  244.219598][ T4296] pwc: recv_control_msg error -71 req 04 val 1100
[  244.284039][ T4296] pwc: recv_control_msg error -71 req 04 val 1200
[  244.433974][ T6198] usb 4-1: config 0 interface 0 has no altsetting 0
[  244.447768][ T6198] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  244.465786][ T6198] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.515442][ T6198] usb 4-1: config 0 descriptor??
[  244.905542][ T4296] pwc: Registered as video103.
[  244.905555][ T6198] videodev: could not get a free minor
[  244.934605][ T4296] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input10
[  244.937078][ T6198] radio-keene 4-1:0.0: could not register video device
[  245.016497][ T6198] radio-keene: probe of 4-1:0.0 failed with error -23
[  245.034377][ T4296] usb 2-1: USB disconnect, device number 4
[  245.049088][ T6198] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  247.150312][ T6555] loop0: detected capacity change from 0 to 512
[  247.239537][ T4296] usb 4-1: USB disconnect, device number 3
[  247.282472][ T6555] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #4: comm syz.0.588: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  247.359097][ T6555] EXT4-fs error (device loop0): ext4_quota_enable:7025: comm syz.0.588: Bad quota inode: 4, type: 1
[  247.413262][ T6555] EXT4-fs warning (device loop0): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  247.503395][ T6555] EXT4-fs (loop0): mount failed
[  247.640333][ T6555] input: syz1 as /devices/virtual/input/input11
[  250.091981][ T6567] loop5: detected capacity change from 0 to 40427
[  250.498521][ T6567] F2FS-fs (loop5): build fault injection attr: rate: 19, type: 0x3ffff
[  251.459820][ T6609] loop1: detected capacity change from 0 to 64
[  255.994302][ T6678] loop1: detected capacity change from 0 to 8192
[  256.041190][ T6647] loop0: detected capacity change from 0 to 32768
[  256.063823][ T6647] gfs2: Bad value for 'quota'
[  256.190579][ T6682] loop3: detected capacity change from 0 to 512
[  256.194667][ T6683] loop5: detected capacity change from 0 to 64
[  256.264271][ T6682] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  256.351437][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  256.351455][   T26] audit: type=1804 audit(1750640212.243:1357): pid=6683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.627" name="/newroot/60/file1/file1" dev="loop5" ino=5 res=1 errno=0
[  256.421518][ T6682] EXT4-fs (loop3): 1 truncate cleaned up
[  256.450109][ T6682] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  256.681541][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  256.740640][ T6699] usb usb8: usbfs: process 6699 (syz.5.633) did not claim interface 0 before use
[  257.114650][ T6712] loop8: detected capacity change from 0 to 7
[  257.127457][ T6712] Dev loop8: unable to read RDB block 7
[  257.134293][ T6712]  loop8: unable to read partition table
[  257.147649][ T6712] loop8: partition table beyond EOD, truncated
[  257.153930][ T6712] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  257.691629][  T127] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  257.966108][  T127] usb 4-1: config 0 interface 0 has no altsetting 0
[  257.986725][  T127] usb 4-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  258.157464][ T6719] loop1: detected capacity change from 0 to 128
[  258.187076][  T127] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.204483][  T127] usb 4-1: config 0 descriptor??
[  258.211989][ T6721] loop5: detected capacity change from 0 to 64
[  258.227338][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  258.233743][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  258.251395][ T6719] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  258.273586][ T6719] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.917238][  T127] video4linux radio48: keene_cmd_set failed (-71)
[  258.954975][  T127] radio-keene 4-1:0.0: V4L2 device registered as radio48
[  259.083413][  T127] usb 4-1: USB disconnect, device number 4
[  259.270907][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  259.358866][ T6734] loop4: detected capacity change from 0 to 512
[  259.493777][ T6734] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  259.533287][ T6734] ext4 filesystem being mounted at /138/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  259.692097][ T6734] Quota error (device loop4): do_check_range: Getting block 134217728 out of range 0-5
[  259.835453][ T4264] EXT4-fs (loop4): unmounting filesystem.
[  260.726748][ T6756] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  260.734097][ T6756] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  260.749336][ T6759] loop5: detected capacity change from 0 to 256
[  260.772247][ T6756] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  260.817568][ T6756] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  260.958611][ T6756] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  260.965455][ T6756] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  260.971790][ T6756] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  260.980007][ T6756] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  260.986216][ T6756] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  260.991268][ T6759] FAT-fs (loop5): Unrecognized mount option "utf8æi�Te·" or missing value
[  260.992340][ T6756] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  261.012399][ T6756] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  261.018525][ T6756] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  261.024509][ T6756] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  262.105334][ T6198] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  262.489667][ T6780] netlink: 'syz.0.663': attribute type 4 has an invalid length.
[  262.930199][ T4268] Bluetooth: hci1: command 0x0c1a tx timeout
[  263.071957][ T6198] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  263.090137][ T6198] usb 2-1: config 0 interface 0 has no altsetting 0
[  263.105376][ T6198] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  263.139318][ T6198] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.174408][ T4268] Bluetooth: hci4: command 0x0c1a tx timeout
[  263.180516][ T4270] Bluetooth: hci3: command 0x0c1a tx timeout
[  263.180556][ T4269] Bluetooth: hci2: command 0x0c1a tx timeout
[  263.191634][ T6198] usb 2-1: Product: syz
[  263.217626][ T6198] usb 2-1: Manufacturer: syz
[  263.217803][ T6784] loop3: detected capacity change from 0 to 1024
[  263.222387][ T6198] usb 2-1: SerialNumber: syz
[  263.236835][ T6198] usb 2-1: config 0 descriptor??
[  263.268696][ T6198] usb 2-1: selecting invalid altsetting 0
[  263.304583][ T6784] EXT4-fs: Ignoring removed oldalloc option
[  263.345245][ T6787] netlink: 4 bytes leftover after parsing attributes in process `syz.4.668'.
[  263.354284][ T6784] EXT4-fs: Ignoring removed bh option
[  263.365280][ T6784] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  263.396468][ T6787] device bridge_slave_1 left promiscuous mode
[  263.426326][ T6787] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.622186][ T6787] device bridge_slave_0 left promiscuous mode
[  263.630466][ T6784] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  263.656549][ T6787] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.603662][ T6784] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:3841: comm syz.3.667: Allocating blocks 497-513 which overlap fs metadata
[  264.649230][ T6782] EXT4-fs (loop3): pa ffff8880747d8ee0: logic 128, phys. 273, len 15
[  264.658294][ T6782] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:4881: group 0, free 0, pa_free 1
[  264.769985][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  265.042920][ T6805] loop4: detected capacity change from 0 to 256
[  265.092390][ T6805] exfat: Deprecated parameter 'utf8'
[  265.141505][ T4269] Bluetooth: hci1: command 0x0406 tx timeout
[  265.168275][ T6805] exfat: Deprecated parameter 'namecase'
[  265.185148][ T6805] exfat: Deprecated parameter 'namecase'
[  265.195345][ T6805] exfat: Deprecated parameter 'utf8'
[  265.216322][ T4297] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  265.244132][ T6805] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  265.398096][ T4255] Bluetooth: hci2: command 0x0406 tx timeout
[  265.404333][ T4269] Bluetooth: hci3: command 0x0406 tx timeout
[  265.404982][ T4255] Bluetooth: hci4: command 0x0406 tx timeout
[  265.419446][ T4297] usb 4-1: Using ep0 maxpacket: 16
[  265.427646][ T4297] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  265.456422][ T4297] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  265.481859][ T4297] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  265.542377][ T4297] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.563918][ T4297] usb 4-1: Product: syz
[  265.568206][ T4297] usb 4-1: Manufacturer: syz
[  265.575179][ T4297] usb 4-1: SerialNumber: syz
[  265.614942][ T1169] usb 2-1: USB disconnect, device number 5
[  265.845400][ T6815] loop1: detected capacity change from 0 to 256
[  266.294364][ T4297] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[  267.182675][ T4297] usb 4-1: failed to read current rate; disabling the check
[  267.532370][ T4297] usb 4-1: USB disconnect, device number 5
[  267.626405][ T6834] batman_adv: batadv0: Adding interface: dummy0
[  267.636882][ T6834] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.696328][ T6834] batman_adv: batadv0: Interface activated: dummy0
[  267.788578][ T6835] batadv0: mtu less than device minimum
[  267.831086][ T6837] loop4: detected capacity change from 0 to 256
[  267.838468][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.851701][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.855497][ T6837] exfat: Bad value for 'gid'
[  267.864252][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.879334][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.891701][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.904163][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.916554][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.928943][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  267.941276][ T6835] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  268.014608][ T4254] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  268.068470][ T6842] loop1: detected capacity change from 0 to 2048
[  268.112195][ T6842] EXT4-fs: Ignoring removed bh option
[  268.154242][ T6844] loop3: detected capacity change from 0 to 512
[  268.173714][ T6844] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  268.232562][ T6839] netlink: 24 bytes leftover after parsing attributes in process `syz.1.684'.
[  268.276218][ T6844] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  268.297237][ T6842] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  268.348709][ T6844] ext4 filesystem being mounted at /158/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.376378][ T6839] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  269.240281][ T6859] syz.5.688 (6859) used greatest stack depth: 17032 bytes left
[  269.332345][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  269.452026][ T4251] EXT4-fs (loop1): unmounting filesystem.
[  269.511325][ T6864] hub 8-0:1.0: USB hub found
[  269.563518][ T6864] hub 8-0:1.0: 1 port detected
[  269.623937][ T6867] loop3: detected capacity change from 0 to 1024
[  269.844250][ T6867] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  269.863398][ T6868] loop0: detected capacity change from 0 to 4096
[  269.870154][ T6867] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  269.882378][ T6868] ntfs3: Unknown parameter 'windows_names'
[  270.640917][ T6876] overlayfs: failed to resolve './file0': -2
[  270.842370][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  271.462763][ T6904] loop5: detected capacity change from 0 to 1024
[  271.481205][ T4255] Bluetooth: hci4: command 0x0406 tx timeout
[  271.487768][ T4255] Bluetooth: hci3: command 0x0406 tx timeout
[  271.494809][ T6904] hfsplus: unable to parse mount options
[  271.767754][ T6897] loop0: detected capacity change from 0 to 32768
[  271.817754][ T6897] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.702 (6897)
[  271.844498][  T127] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  271.863591][ T6897] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  271.895274][ T6897] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  271.915198][ T6897] BTRFS info (device loop0): using free space tree
[  272.047803][  T127] usb 6-1: Using ep0 maxpacket: 16
[  272.055300][  T127] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  272.107766][  T127] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  272.107915][ T6900] loop3: detected capacity change from 0 to 40427
[  272.144114][ T6900] F2FS-fs (loop3): invalid crc value
[  272.150726][ T6897] BTRFS info (device loop0): enabling ssd optimizations
[  272.161467][  T127] usb 6-1: config 0 has no interface number 0
[  272.244011][ T6900] F2FS-fs (loop3): Found nat_bits in checkpoint
[  272.353629][  T127] usb 6-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[  272.378959][  T127] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.387039][  T127] usb 6-1: Product: syz
[  272.400307][  T127] usb 6-1: Manufacturer: syz
[  272.404999][  T127] usb 6-1: SerialNumber: syz
[  272.503590][  T127] usb 6-1: config 0 descriptor??
[  272.645189][  T127] usb 6-1: Found UVC 0.00 device syz (046c:14e8)
[  272.674299][ T6890] loop4: detected capacity change from 0 to 32768
[  272.899248][  T127] usb 6-1: No valid video chain found.
[  273.126274][ T6900] F2FS-fs (loop3): Start checkpoint disabled!
[  273.160447][  T127] usb 6-1: USB disconnect, device number 2
[  273.185791][ T6900] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  273.353571][ T6890] XFS (loop4): Mounting V5 Filesystem
[  273.383162][   T26] audit: type=1804 audit(1750640228.173:1358): pid=6900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.705" name="/newroot/161/file0/file0" dev="loop3" ino=10 res=1 errno=0
[  273.505066][ T6890] XFS (loop4): Ending clean mount
[  273.555977][ T6890] XFS (loop4): Quotacheck needed: Please wait.
[  273.665092][ T6890] XFS (loop4): Quotacheck: Done.
[  273.868806][ T5186] kworker/u4:17: attempt to access beyond end of device
[  273.868806][ T5186] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  273.944115][ T4264] XFS (loop4): Unmounting Filesystem
[  273.946238][ T4253] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  274.196513][ T6198] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  274.454459][ T6198] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  274.491800][ T6198] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  274.542102][ T6198] usb 6-1: New USB device found, idVendor=0b05, idProduct=18c6, bcdDevice= 0.00
[  274.561240][ T6198] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.593433][ T6198] usb 6-1: config 0 descriptor??
[  274.614107][ T6947] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  275.040520][ T6954] IPVS: Scheduler module ip_vs_sip not found
[  275.061441][ T6956] IPVS: length: 8 != 216
[  275.328882][ T6198] usbhid 6-1:0.0: can't add hid device: -71
[  275.337753][ T6198] usbhid: probe of 6-1:0.0 failed with error -71
[  275.544781][ T6198] usb 6-1: USB disconnect, device number 3
[  276.591300][ T6969] netlink: 'syz.1.719': attribute type 10 has an invalid length.
[  276.618850][ T6952] loop0: detected capacity change from 0 to 40427
[  276.667116][ T6952] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  276.674932][ T6952] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  276.790034][ T6952] F2FS-fs (loop0): invalid crc value
[  276.908524][ T6969] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  276.961952][ T6952] F2FS-fs (loop0): Found nat_bits in checkpoint
[  277.572940][ T6952] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  277.775506][ T6952] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  277.898245][ T4255] Bluetooth: hci4: command 0x0405 tx timeout
[  277.984703][ T6988] loop3: detected capacity change from 0 to 256
[  278.045185][ T4300] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  278.250321][ T4300] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  278.276419][ T4300] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  278.315369][ T4300] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  278.330533][ T4300] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.614722][ T6971] loop4: detected capacity change from 0 to 65536
[  278.780011][ T6971] XFS: ikeep mount option is deprecated.
[  279.312544][ T4300] usb 6-1: usb_control_msg returned -32
[  279.427823][ T4300] usbtmc 6-1:16.0: can't read capabilities
[  279.469832][ T6971] XFS (loop4): Mounting V5 Filesystem
[  279.554270][ T7012] loop3: detected capacity change from 0 to 128
[  279.648081][ T7012] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  279.657183][ T6971] XFS (loop4): Ending clean mount
[  279.688363][ T7012] ext4 filesystem being mounted at /169/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  279.826249][ T7012] EXT4-fs error (device loop3): dx_make_map:1328: inode #2: block 18: comm syz.3.731: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  279.894610][ T7012] EXT4-fs error (device loop3) in do_split:2095: Corrupt filesystem
[  279.897811][ T4264] XFS (loop4): Unmounting Filesystem
[  280.236629][ T6198] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  280.452012][ T6198] usb 4-1: Using ep0 maxpacket: 16
[  280.462313][ T6198] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  280.505527][ T6198] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  280.534193][ T6198] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.564988][ T7025] loop4: detected capacity change from 0 to 256
[  280.567023][ T6198] usb 4-1: config 0 descriptor??
[  280.594928][ T6198] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input13
[  280.660166][ T1169] usb 6-1: USB disconnect, device number 4
[  280.722286][ T4255] Bluetooth: hci4: hardware error 0x02
[  280.798587][ T7012] EXT4-fs error (device loop3): dx_make_map:1328: inode #2: block 18: comm syz.3.731: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  280.840421][ T7012] EXT4-fs error (device loop3) in do_split:2095: Corrupt filesystem
[  280.922504][ T3609] bcm5974 4-1:0.0: could not read from device
[  280.961999][ T6198] usb 4-1: USB disconnect, device number 6
[  281.294130][ T7044] loop4: detected capacity change from 0 to 128
[  281.301493][ T7044] EXT4-fs: Ignoring removed nobh option
[  281.570859][ T7044] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  281.583267][ T7044] ext4 filesystem being mounted at /154/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  282.208624][ T7053] loop0: detected capacity change from 0 to 256
[  282.215923][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  282.288951][ T7053] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  283.101687][ T4255] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  284.246882][ T7068] netlink: 'syz.3.751': attribute type 10 has an invalid length.
[  284.309078][ T7068] netlink: 40 bytes leftover after parsing attributes in process `syz.3.751'.
[  284.319373][ T7068] bridge0: port 3(team0) entered blocking state
[  284.325921][ T7068] bridge0: port 3(team0) entered disabled state
[  284.334213][ T7068] net_ratelimit: 10 callbacks suppressed
[  284.334230][ T7068] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  284.516899][ T7072] netlink: 132 bytes leftover after parsing attributes in process `syz.3.753'.
[  284.526268][ T7073] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  284.532828][ T7073] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  284.556804][ T7073] vhci_hcd vhci_hcd.0: Device attached
[  284.842789][ T7073] loop5: detected capacity change from 0 to 4096
[  284.885021][ T7080] loop0: detected capacity change from 0 to 1
[  284.897849][ T4300] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  285.229100][ T7080] syz.0.754: attempt to access beyond end of device
[  285.229100][ T7080] loop0: rw=2048, sector=0, nr_sectors = 8 limit=1
[  285.245951][ T7080] SQUASHFS error: Failed to read block 0x0: -5
[  285.254622][ T7080] unable to read squashfs_super_block
[  285.437506][ T7073] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  285.502574][ T7073] ntfs3: loop5: Failed to load $Extend.
[  285.525925][ T7074] usb 43-1: recv xbuf, 0
[  285.544679][ T6231] vhci_hcd: stop threads
[  285.549022][ T6231] vhci_hcd: release socket
[  285.571403][ T6231] vhci_hcd: disconnect device
[  285.624874][ T4300] vhci_hcd: vhci_device speed not set
[  285.798489][ T4264] EXT4-fs (loop4): unmounting filesystem.
[  286.000530][ T7086] loop3: detected capacity change from 0 to 40427
[  286.051338][ T7086] F2FS-fs (loop3): Found nat_bits in checkpoint
[  286.146719][ T7086] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  286.232696][ T4252] syz-executor: attempt to access beyond end of device
[  286.232696][ T4252] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  286.347159][ T7100] loop5: detected capacity change from 0 to 512
[  286.388862][ T7100] EXT4-fs: Ignoring removed i_version option
[  286.414216][ T7100] EXT4-fs: Ignoring removed mblk_io_submit option
[  286.442054][ T7100] ext4: Unknown parameter 'seclabel'
[  287.738456][ T7109] loop0: detected capacity change from 0 to 512
[  287.930350][ T7109] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  288.015643][ T7109] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  288.016272][ T7111] loop5: detected capacity change from 0 to 2048
[  288.051662][ T7109] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.200943][ T7111] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  288.218480][ T7109] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.774: corrupted xattr block 19
[  288.395657][ T7111] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  288.598915][ T7109] EXT4-fs error (device loop0): ext4_get_inode_usage:852: inode #15: comm syz.0.774: corrupted xattr block 19
[  288.981887][ T7126] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.774: corrupted xattr block 19
[  288.984505][ T7133] EXT4-fs (loop5): unmounting filesystem.
[  289.045756][   T26] audit: type=1804 audit(1750640242.822:1359): pid=7109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.774" name="/newroot/146/file0/file1" dev="loop0" ino=15 res=1 errno=0
[  289.259507][ T4297] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  289.286602][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  289.458237][   T26] audit: type=1326 audit(1750640243.205:1360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.0.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  289.484095][ T4297] usb 5-1: Using ep0 maxpacket: 8
[  289.491610][ T4297] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  289.514677][ T4297] usb 5-1: config 0 has no interfaces?
[  289.661034][ T4297] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  289.693794][ T4297] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  289.702524][ T4297] usb 5-1: Product: syz
[  289.706734][ T4297] usb 5-1: Manufacturer: syz
[  289.718274][ T4297] usb 5-1: SerialNumber: syz
[  289.725698][ T4297] usb 5-1: config 0 descriptor??
[  290.532793][   T26] audit: type=1326 audit(1750640243.233:1361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.0.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  290.656999][   T26] audit: type=1326 audit(1750640243.261:1362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.0.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  290.735357][   T26] audit: type=1326 audit(1750640243.261:1363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.0.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  291.189470][   T26] audit: type=1326 audit(1750640243.261:1364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7135 comm="syz.0.770" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7ffc0000
[  291.733741][ T6198] usb 5-1: USB disconnect, device number 6
[  293.524494][ T7174] loop4: detected capacity change from 0 to 2048
[  293.586485][ T7174] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  293.751700][ T7174] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  294.493591][ T7174] EXT4-fs (loop4): unmounting filesystem.
[  299.903713][ T7231] tipc: Started in network mode
[  299.946296][ T7231] tipc: Node identity ac14140f, cluster identity 4711
[  299.965615][ T7231] tipc: New replicast peer: 255.255.255.255
[  299.995927][ T7231] tipc: Enabled bearer <udp:syz2>, priority 10
[  300.034793][ T7232] netlink: 12 bytes leftover after parsing attributes in process `syz.0.804'.
[  300.060718][ T7232] tipc: Disabling bearer <udp:syz2>
[  300.657944][   T26] audit: type=1326 audit(1750640253.691:1365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7236 comm="syz.3.807" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7effbc58e929 code=0x0
[  301.500433][ T7243] sctp: [Deprecated]: syz.5.797 (pid 7243) Use of int in max_burst socket option deprecated.
[  301.500433][ T7243] Use struct sctp_assoc_value instead
[  303.794485][ T7251] loop0: detected capacity change from 0 to 512
[  303.988790][ T7251] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -13
[  303.999169][ T7251] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  304.011815][ T7251] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  305.057864][ T7251] EXT4-fs (loop0): 1 truncate cleaned up
[  305.064282][ T7251] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  305.075518][ T7251] EXT4-fs (loop0): unmounting filesystem.
[  308.649456][ T7290] netlink: 68 bytes leftover after parsing attributes in process `syz.0.823'.
[  308.679525][ T7291] loop3: detected capacity change from 0 to 128
[  309.298149][ T7299] loop0: detected capacity change from 0 to 128
[  310.044442][ T7306] loop3: detected capacity change from 0 to 128
[  310.194874][ T7306] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  310.292376][ T7306] ext4 filesystem being mounted at /189/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.326470][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  311.377495][ T7325] loop0: detected capacity change from 0 to 1764
[  312.240637][ T7332] netlink: 'syz.3.835': attribute type 1 has an invalid length.
[  312.480584][ T7332] 8021q: adding VLAN 0 to HW filter on device bond1
[  312.513614][ T7336] 8021q: adding VLAN 0 to HW filter on device bond1
[  312.520965][ T7336] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[  312.533223][ T7336] bond1: (slave ipip0): Error -95 calling set_mac_address
[  312.658468][ T7339] bond1: (slave ip6erspan0): making interface the new active one
[  312.749356][ T7339] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  317.720868][ T7390] loop3: detected capacity change from 0 to 128
[  318.584431][ T7390] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  318.738148][ T7376] loop0: detected capacity change from 0 to 32768
[  318.752617][ T7376] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.848 (7376)
[  318.788415][ T7390] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  320.085185][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  320.472730][ T7415] loop8: detected capacity change from 0 to 8
[  320.512082][ T4254] Dev loop8: unable to read RDB block 8
[  320.518864][ T4254]  loop8: unable to read partition table
[  320.548591][ T4254] loop8: partition table beyond EOD, truncated
[  320.585239][ T7415] Dev loop8: unable to read RDB block 8
[  320.593837][ T7415]  loop8: unable to read partition table
[  320.641618][ T7415] loop8: partition table beyond EOD, truncated
[  320.686672][ T7415] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[  323.323014][ T7448] overlayfs: failed to resolve './file1': -2
[  323.906112][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  323.912551][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  325.093434][ T7489] loop3: detected capacity change from 0 to 128
[  325.802952][ T7497] loop3: detected capacity change from 0 to 128
[  325.833346][ T7479] loop0: detected capacity change from 0 to 32768
[  325.896608][ T7479] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.888 (7479)
[  325.965446][ T7497] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  325.977906][ T7497] ext4 filesystem being mounted at /203/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  326.006168][ T7479] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  326.052407][ T7479] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  326.198599][ T7479] BTRFS info (device loop0): using free space tree
[  326.564466][ T7479] BTRFS info (device loop0): enabling ssd optimizations
[  326.901445][ T7486] overlayfs: failed to resolve './file1': -2
[  328.119121][ T4253] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  328.326888][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  331.295792][ T7559] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  331.317170][ T7559] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  331.358530][ T7559] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  331.409859][ T7559] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  331.453726][ T7559] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  331.468056][ T7550] loop0: detected capacity change from 0 to 40427
[  331.482298][ T7559] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  331.491437][ T7550] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  331.501974][ T7559] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  331.516009][ T7550] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  331.529858][ T7550] F2FS-fs (loop0): invalid crc value
[  331.540290][ T7559] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  331.685625][ T7559] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  331.701917][ T7559] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  331.716124][ T7550] F2FS-fs (loop0): Found nat_bits in checkpoint
[  332.594953][ T7550] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  332.620620][ T7550] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  332.705333][ T7578] fuse: Bad value for 'fd'
[  332.895541][ T4476] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  332.925762][ T4476] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  333.214745][ T7582] loop3: detected capacity change from 0 to 32768
[  333.255250][ T7582] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.918 (7582)
[  333.282982][ T7582] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  333.293629][ T7582] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  333.317824][ T7582] BTRFS info (device loop3): turning off barriers
[  333.350691][ T7582] BTRFS info (device loop3): setting nodatasum
[  333.358846][ T7582] BTRFS info (device loop3): use zlib compression, level 3
[  333.368434][ T7582] BTRFS info (device loop3): using free space tree
[  333.384869][ T7591] loop0: detected capacity change from 0 to 128
[  333.404907][ T7591] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  333.476111][ T4255] Bluetooth: hci1: command 0x0c1a tx timeout
[  333.651088][ T4269] Bluetooth: hci2: command 0x0c1a tx timeout
[  333.732439][ T4255] Bluetooth: hci3: command 0x0c1a tx timeout
[  334.481487][ T4252] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  335.699485][ T4255] Bluetooth: hci1: command 0x0406 tx timeout
[  335.871276][ T4255] Bluetooth: hci2: command 0x0406 tx timeout
[  335.974765][ T4255] Bluetooth: hci3: command 0x0406 tx timeout
[  336.393452][ T7641] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  336.401729][ T7641] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  336.408178][ T7641] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  336.414477][ T7641] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  336.422675][ T7641] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  336.429075][ T7641] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  336.435260][ T7641] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  336.443216][ T7641] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  336.449617][ T7641] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  336.455928][ T7641] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  336.595459][ T7647] futex_wake_op: syz.1.943 tries to shift op by -1; fix this program
[  336.671557][ T7650] loop0: detected capacity change from 0 to 512
[  336.690387][ T7650] EXT4-fs: Ignoring removed mblk_io_submit option
[  336.723296][ T7650] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  336.774732][ T7650] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  336.798822][ T7650] EXT4-fs (loop0): orphan cleanup on readonly fs
[  336.837966][ T7650] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.932: Invalid block bitmap block 0 in block_group 0
[  337.663470][ T7650] EXT4-fs (loop0): Remounting filesystem read-only
[  337.709545][ T7650] Quota error (device loop0): write_blk: dquota write failed
[  337.827097][ T7650] Quota error (device loop0): write_blk: dquota write failed
[  337.834974][ T7650] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  337.891558][ T7650] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.932: Failed to acquire dquot type 1
[  338.066714][ T7650] EXT4-fs (loop0): Remounting filesystem read-only
[  338.179964][ T7650] Quota error (device loop0): write_blk: dquota write failed
[  338.349584][ T7650] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  338.607435][ T4255] Bluetooth: hci3: command 0x0c1a tx timeout
[  338.613590][ T4255] Bluetooth: hci2: command 0x0c1a tx timeout
[  338.619800][ T4255] Bluetooth: hci1: command 0x0c1a tx timeout
[  338.643939][ T7650] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.932: Failed to acquire dquot type 1
[  338.762773][ T7650] EXT4-fs (loop0): Remounting filesystem read-only
[  338.812057][ T7650] Quota error (device loop0): write_blk: dquota write failed
[  338.845650][ T7650] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  338.877993][ T7650] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.932: Failed to acquire dquot type 1
[  338.937620][ T7650] EXT4-fs (loop0): Remounting filesystem read-only
[  338.966382][ T7650] EXT4-fs (loop0): 1 orphan inode deleted
[  339.143137][ T7724] tipc: Started in network mode
[  339.171633][ T7724] tipc: Node identity 00000000000000008, cluster identity 4711
[  339.289005][ T7650] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  339.616009][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  339.701560][ T7710] loop3: detected capacity change from 0 to 40427
[  339.750917][ T7710] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  339.771067][ T7710] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  339.795440][ T7736] tipc: Can't bind to reserved service type 0
[  339.845513][ T7710] F2FS-fs (loop3): invalid crc value
[  339.884051][ T7710] F2FS-fs (loop3): Found nat_bits in checkpoint
[  340.081985][ T7710] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  340.104324][ T7710] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  340.831032][ T4269] Bluetooth: hci1: command 0x0406 tx timeout
[  340.831124][ T4255] Bluetooth: hci2: command 0x0406 tx timeout
[  340.831180][ T4268] Bluetooth: hci3: command 0x0406 tx timeout
[  341.217982][ T7759] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  341.280197][ T7759] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  341.291945][ T7759] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  341.333556][ T7759] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  341.392559][ T7759] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  341.417034][ T7759] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  341.444300][ T7759] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  341.471704][ T7759] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  341.496437][ T7759] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  341.548467][ T7759] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  341.560544][ T6125] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  341.587938][ T6125] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  343.135891][ T7788] loop0: detected capacity change from 0 to 64
[  343.292167][ T4253] hfs: node 4:3 still has 1 user(s)!
[  343.396846][ T4270] Bluetooth: hci1: command 0x0c1a tx timeout
[  343.567808][ T4270] Bluetooth: hci2: command 0x0c1a tx timeout
[  343.804317][ T7796] loop3: detected capacity change from 0 to 1764
[  344.354768][ T4270] Bluetooth: hci3: command 0x0c1a tx timeout
[  344.397092][ T7796] iso9660: Corrupted directory entry in block 2 of inode 1920
[  344.981504][ T7806] overlayfs: failed to resolve './file1': -2
[  345.339772][ T7825] loop0: detected capacity change from 0 to 64
[  345.750374][ T4268] Bluetooth: hci1: command 0x0406 tx timeout
[  345.797068][ T4270] Bluetooth: hci2: command 0x0406 tx timeout
[  346.130561][ T7828] overlayfs: failed to clone upperpath
[  346.349785][ T7834] loop0: detected capacity change from 0 to 1024
[  346.465962][ T7834] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  346.559788][ T7834] ext4 filesystem being mounted at /187/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  346.571836][ T4270] Bluetooth: hci3: command 0x0406 tx timeout
[  346.664077][ T7834] EXT4-fs (loop0): shut down requested (2)
[  346.670315][   T26] audit: type=1800 audit(1750640296.701:1366): pid=7834 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.987" name="file2" dev="loop0" ino=16 res=0 errno=0
[  346.700674][ T7847] xt_hashlimit: max too large, truncated to 1048576
[  346.890085][ T7845] overlayfs: failed to resolve './file1': -2
[  346.890513][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  348.860093][ T7882] xt_hashlimit: max too large, truncated to 1048576
[  349.056911][ T7858] loop0: detected capacity change from 0 to 40427
[  349.122914][ T7858] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  349.287299][ T7858] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  349.544614][ T7858] F2FS-fs (loop0): invalid crc value
[  349.835374][ T7858] F2FS-fs (loop0): Found nat_bits in checkpoint
[  349.876892][ T7892] loop3: detected capacity change from 0 to 64
[  350.021317][ T7858] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  350.031140][ T7858] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  350.221071][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.245019][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.272620][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.317022][ T7899] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  350.407082][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.438695][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.474728][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.498325][ T7899] dummy0 speed is unknown, defaulting to 1000
[  350.524448][ T7899] dummy0 speed is unknown, defaulting to 1000
[  352.704553][ T7910] loop3: detected capacity change from 0 to 256
[  360.256553][ T7986] loop3: detected capacity change from 0 to 47
[  360.336653][   T26] audit: type=1800 audit(1750640309.506:1367): pid=7986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1044" name="file1" dev="loop3" ino=8 res=0 errno=0
[  361.651330][ T8001] loop0: detected capacity change from 0 to 64
[  361.809840][ T8004] loop3: detected capacity change from 0 to 2048
[  361.846020][ T8004] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=3932051, location=3932051
[  361.878595][ T8004] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  361.891149][ T8010] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  362.131883][ T8020] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  365.106212][ T8049] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  365.112956][ T8049] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  365.119117][ T8049] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  365.125224][ T8049] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  365.132590][ T8049] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  365.138670][ T8049] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  365.144759][ T8049] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  365.163085][ T8049] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  365.176185][ T8049] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  365.182255][ T8049] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  365.466468][ T8069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1075'.
[  365.499182][ T8069] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  365.879218][ T8069] batman_adv: batadv0: Removing interface: batadv_slave_1
[  366.499249][ T8075] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1078'.
[  368.070603][ T4270] Bluetooth: hci1: command 0x0c1a tx timeout
[  368.076690][ T4270] Bluetooth: hci3: command 0x0c1a tx timeout
[  368.082837][ T4268] Bluetooth: hci2: command 0x0c1a tx timeout
[  368.163668][ T8094] overlayfs: failed to resolve './file1': -2
[  370.002772][ T8124] loop3: detected capacity change from 0 to 8
[  370.076624][ T8124] SQUASHFS error: lzo decompression failed, data probably corrupt
[  370.085659][ T8124] SQUASHFS error: Failed to read block 0x60: -5
[  370.100949][ T8124] SQUASHFS error: Failed to read block 0x71: -5
[  370.115678][ T8124] SQUASHFS error: lzo decompression failed, data probably corrupt
[  370.124537][ T8124] SQUASHFS error: Failed to read block 0x60: -5
[  370.131574][   T26] audit: type=1800 audit(1750640318.673:1368): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1094" name="file0" dev="loop3" ino=1 res=0 errno=0
[  370.251607][ T4270] Bluetooth: hci3: command 0x0406 tx timeout
[  370.257811][ T4270] Bluetooth: hci2: command 0x0406 tx timeout
[  370.264095][ T4255] Bluetooth: hci1: command 0x0406 tx timeout
[  370.897996][ T8098] loop0: detected capacity change from 0 to 32768
[  371.073841][ T8098] JBD2: Ignoring recovery information on journal
[  371.132673][ T8129] loop3: detected capacity change from 0 to 32768
[  371.158699][ T8129] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1099 (8129)
[  371.174236][ T8129] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  371.184569][ T8129] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  371.193313][ T8129] BTRFS info (device loop3): setting nodatacow, compression disabled
[  371.202156][ T8129] BTRFS info (device loop3): turning on sync discard
[  371.208958][ T8129] BTRFS info (device loop3): setting datacow
[  371.215614][ T8129] BTRFS info (device loop3): doing ref verification
[  371.222269][ T8129] BTRFS info (device loop3): turning off barriers
[  371.228858][ T8129] BTRFS info (device loop3): enabling ssd optimizations
[  371.235879][ T8129] BTRFS info (device loop3): using spread ssd allocation scheme
[  371.243558][ T8129] BTRFS info (device loop3): setting datasum
[  371.249729][ T8129] BTRFS info (device loop3): turning on barriers
[  371.256123][ T8129] BTRFS info (device loop3): not using ssd optimizations
[  371.263340][ T8129] BTRFS info (device loop3): not using spread ssd allocation scheme
[  371.271564][ T8129] BTRFS info (device loop3): using free space tree
[  371.339842][ T8098] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  371.675033][ T8157] overlayfs: './file1' not a directory
[  371.842491][ T4253] ocfs2: Unmounting device (7,0) on (node local)
[  371.994262][ T4252] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  372.324881][ T7916] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop3 scanned by udevd (7916)
[  372.385440][ T8171] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1103'.
[  375.691622][ T8200] loop3: detected capacity change from 0 to 32768
[  375.717007][ T8200] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  375.729974][ T8200] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  375.738754][ T8200] BTRFS info (device loop3): setting nodatacow, compression disabled
[  375.747014][ T8200] BTRFS info (device loop3): turning on sync discard
[  375.753757][ T8200] BTRFS info (device loop3): setting datacow
[  375.759949][ T8200] BTRFS info (device loop3): doing ref verification
[  375.769118][ T8200] BTRFS info (device loop3): turning off barriers
[  375.775627][ T8200] BTRFS info (device loop3): enabling ssd optimizations
[  375.782685][ T8200] BTRFS info (device loop3): using spread ssd allocation scheme
[  375.790503][ T8200] BTRFS info (device loop3): setting datasum
[  375.796534][ T8200] BTRFS info (device loop3): turning on barriers
[  375.802948][ T8200] BTRFS info (device loop3): not using ssd optimizations
[  375.810584][ T8200] BTRFS info (device loop3): not using spread ssd allocation scheme
[  375.818736][ T8200] BTRFS info (device loop3): using free space tree
[  375.955603][ T8204] netlink: 136 bytes leftover after parsing attributes in process `syz.4.1118'.
[  375.992464][ T8204] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[  376.643415][ T8200] overlayfs: './file1' not a directory
[  376.850236][ T4252] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  377.388712][ T8245] loop3: detected capacity change from 0 to 512
[  377.395977][ T8245] EXT4-fs: Ignoring removed mblk_io_submit option
[  377.413978][ T8245] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  377.718015][ T8245] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  377.880707][ T8245] EXT4-fs (loop3): orphan cleanup on readonly fs
[  378.143212][ T8245] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:477: comm syz.3.1123: Invalid block bitmap block 0 in block_group 0
[  378.266925][ T8245] EXT4-fs (loop3): Remounting filesystem read-only
[  378.278731][ T8245] Quota error (device loop3): write_blk: dquota write failed
[  378.305436][ T8245] Quota error (device loop3): write_blk: dquota write failed
[  378.323942][ T8245] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  378.352726][ T8245] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1123: Failed to acquire dquot type 1
[  378.408200][ T8245] EXT4-fs (loop3): Remounting filesystem read-only
[  378.434421][ T8245] Quota error (device loop3): write_blk: dquota write failed
[  378.472239][ T8245] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  378.514861][ T8245] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1123: Failed to acquire dquot type 1
[  378.575836][ T8245] EXT4-fs (loop3): Remounting filesystem read-only
[  378.597257][ T8245] Quota error (device loop3): write_blk: dquota write failed
[  378.646243][ T8245] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  378.689398][ T8245] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1123: Failed to acquire dquot type 1
[  378.753852][ T8245] EXT4-fs (loop3): Remounting filesystem read-only
[  378.760598][ T8245] EXT4-fs (loop3): 1 orphan inode deleted
[  379.123921][ T8245] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  381.100060][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  381.240891][ T8280] tipc: New replicast peer: 172.30.1.1
[  381.247212][ T8280] tipc: Enabled bearer <udp:syz2>, priority 10
[  382.202332][ T4875] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  382.254566][ T4875] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  382.356402][ T6201] tipc: Node number set to 2886997007
[  383.282931][ T8288] loop3: detected capacity change from 0 to 32768
[  383.380019][ T8288] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  383.444759][ T8288] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  383.661318][ T4252] ocfs2: Unmounting device (7,3) on (node local)
[  383.998147][ T8313] loop3: detected capacity change from 0 to 512
[  384.153677][ T8313] EXT4-fs: Ignoring removed mblk_io_submit option
[  384.453079][ T8313] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  384.719248][ T8313] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  384.771796][ T8313] EXT4-fs (loop3): orphan cleanup on readonly fs
[  384.846922][ T8313] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:477: comm syz.3.1148: Invalid block bitmap block 0 in block_group 0
[  384.947712][ T8313] EXT4-fs (loop3): Remounting filesystem read-only
[  384.972618][ T8313] Quota error (device loop3): write_blk: dquota write failed
[  384.983847][ T8313] Quota error (device loop3): write_blk: dquota write failed
[  385.009000][ T8313] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  385.047495][ T8313] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1148: Failed to acquire dquot type 1
[  385.095171][ T8313] EXT4-fs (loop3): Remounting filesystem read-only
[  385.114249][ T8313] Quota error (device loop3): write_blk: dquota write failed
[  385.135385][ T8313] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  385.182673][ T8313] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1148: Failed to acquire dquot type 1
[  385.203661][ T8313] EXT4-fs (loop3): Remounting filesystem read-only
[  385.213223][ T8313] Quota error (device loop3): write_blk: dquota write failed
[  385.247515][ T8313] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  385.279937][ T8313] EXT4-fs error (device loop3): ext4_acquire_dquot:6814: comm syz.3.1148: Failed to acquire dquot type 1
[  385.564448][ T8313] EXT4-fs (loop3): Remounting filesystem read-only
[  385.575013][ T8313] EXT4-fs (loop3): 1 orphan inode deleted
[  385.716982][ T8313] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  386.044137][ T4252] EXT4-fs (loop3): unmounting filesystem.
[  387.667723][ T8357] virtio-fs: tag </dev/loop4> not found
[  388.629112][ T8360] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1167'.
[  388.648227][ T8337] loop3: detected capacity change from 0 to 32768
[  388.680544][ T8337] XFS: ikeep mount option is deprecated.
[  388.774975][ T8337] XFS (loop3): Mounting V5 Filesystem
[  388.943651][ T8337] XFS (loop3): Ending clean mount
[  388.987121][ T8337] XFS (loop3): Quotacheck needed: Please wait.
[  389.113943][ T8337] XFS (loop3): Quotacheck: Done.
[  389.369288][ T4252] XFS (loop3): Unmounting Filesystem
[  389.589014][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  389.596328][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  390.563437][ T8403] loop3: detected capacity change from 0 to 64
[  390.681675][ T8394] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  390.734931][ T8394] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  390.745354][ T8394] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  390.751490][ T8394] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  390.806061][ T8394] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  390.848797][ T8394] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  390.862051][ T8394] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  390.881883][ T8394] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  390.902111][ T8394] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  390.937050][ T8394] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  391.786149][ T8416] 9pnet_virtio: no channels available for device syz
[  391.795781][ T8416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1184'.
[  392.446190][ T8420] loop0: detected capacity change from 0 to 512
[  392.935059][ T8420] EXT4-fs: Ignoring removed nomblk_io_submit option
[  392.955126][ T8420] EXT4-fs (loop0): Test dummy encryption mode enabled
[  393.001667][ T4270] Bluetooth: hci1: command 0x0c1a tx timeout
[  393.007899][ T4270] Bluetooth: hci2: command 0x0c1a tx timeout
[  393.065685][ T8420] EXT4-fs (loop0): 1 truncate cleaned up
[  393.086771][ T4268] Bluetooth: hci3: command 0x0c1a tx timeout
[  393.092049][ T8428] loop3: detected capacity change from 0 to 32768
[  393.107048][ T8428] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.1189 (8428)
[  393.115729][ T8420] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  393.140988][ T8428] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  393.151410][ T8428] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  393.160100][ T8428] BTRFS info (device loop3): setting nodatacow, compression disabled
[  393.168760][ T8428] BTRFS info (device loop3): turning on sync discard
[  393.175670][ T8428] BTRFS info (device loop3): setting datacow
[  393.181667][ T8428] BTRFS info (device loop3): doing ref verification
[  393.188343][ T8428] BTRFS info (device loop3): turning off barriers
[  393.194960][ T8428] BTRFS info (device loop3): enabling ssd optimizations
[  393.201923][ T8428] BTRFS info (device loop3): using spread ssd allocation scheme
[  393.209648][ T8428] BTRFS info (device loop3): setting datasum
[  393.216197][ T8428] BTRFS info (device loop3): turning on barriers
[  393.222572][ T8428] BTRFS info (device loop3): not using ssd optimizations
[  393.229666][ T8428] BTRFS info (device loop3): not using spread ssd allocation scheme
[  393.237714][ T8428] BTRFS info (device loop3): using free space tree
[  393.295859][ T8438] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1191'.
[  394.081695][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  394.199920][ T8463] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1197'.
[  395.224897][ T4268] Bluetooth: hci2: command 0x0406 tx timeout
[  395.230989][ T4268] Bluetooth: hci1: command 0x0406 tx timeout
[  395.310827][ T4268] Bluetooth: hci3: command 0x0406 tx timeout
[  395.824483][ T4252] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  396.873654][ T7916] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 10 /dev/loop3 scanned by udevd (7916)
[  397.203218][ T8496] loop0: detected capacity change from 0 to 512
[  397.737971][ T8496] EXT4-fs: Ignoring removed mblk_io_submit option
[  397.769418][ T8496] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  397.825719][ T8496] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  397.856795][ T8496] EXT4-fs (loop0): orphan cleanup on readonly fs
[  397.935649][ T8502] netlink: 196 bytes leftover after parsing attributes in process `syz.1.1208'.
[  397.981635][ T8496] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.1205: Invalid block bitmap block 0 in block_group 0
[  398.054075][ T8496] EXT4-fs (loop0): Remounting filesystem read-only
[  398.061485][ T8496] Quota error (device loop0): write_blk: dquota write failed
[  398.083086][ T8496] Quota error (device loop0): write_blk: dquota write failed
[  398.109814][ T8496] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  398.162492][ T8496] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1205: Failed to acquire dquot type 1
[  398.366122][ T8496] EXT4-fs (loop0): Remounting filesystem read-only
[  398.527504][ T8496] Quota error (device loop0): write_blk: dquota write failed
[  398.664913][ T8496] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  398.857212][ T8496] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1205: Failed to acquire dquot type 1
[  399.341121][ T8496] EXT4-fs (loop0): Remounting filesystem read-only
[  399.500883][ T8496] Quota error (device loop0): write_blk: dquota write failed
[  399.511698][ T8496] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  399.521733][ T8496] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1205: Failed to acquire dquot type 1
[  399.862331][ T8496] EXT4-fs (loop0): Remounting filesystem read-only
[  399.982317][ T8496] EXT4-fs (loop0): 1 orphan inode deleted
[  400.009400][ T8496] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  400.267730][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  402.430714][ T8550] loop0: detected capacity change from 0 to 512
[  402.453738][ T8550] EXT4-fs: Ignoring removed mblk_io_submit option
[  402.492443][ T8550] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  402.552090][ T8550] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  402.570728][ T8550] EXT4-fs (loop0): orphan cleanup on readonly fs
[  402.595803][ T8550] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:477: comm syz.0.1226: Invalid block bitmap block 0 in block_group 0
[  402.620289][ T8550] EXT4-fs (loop0): Remounting filesystem read-only
[  402.644292][ T8550] Quota error (device loop0): write_blk: dquota write failed
[  402.651860][ T8550] Quota error (device loop0): write_blk: dquota write failed
[  402.847312][ T8550] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[  402.878045][ T8550] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1226: Failed to acquire dquot type 1
[  402.905809][ T8550] EXT4-fs (loop0): Remounting filesystem read-only
[  402.912928][ T8550] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1226: Failed to acquire dquot type 1
[  402.930353][ T8550] EXT4-fs (loop0): Remounting filesystem read-only
[  402.949534][ T8550] EXT4-fs error (device loop0): ext4_acquire_dquot:6814: comm syz.0.1226: Failed to acquire dquot type 1
[  403.056164][ T8550] EXT4-fs (loop0): Remounting filesystem read-only
[  403.163546][ T8550] EXT4-fs (loop0): 1 orphan inode deleted
[  403.322755][ T8550] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  404.012407][ T4253] EXT4-fs (loop0): unmounting filesystem.
[  406.111010][   T26] kauditd_printk_skb: 18 callbacks suppressed
[  406.111030][   T26] audit: type=1326 audit(1750640352.151:1383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8578 comm="syz.0.1235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb14698e929 code=0x7fc00000
[  406.160166][ T8589] netlink: 'syz.1.1238': attribute type 1 has an invalid length.
[  406.230884][ T8593] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1238'.
[  406.440039][ T8593] bond1 (unregistering): Released all slaves
[  407.419237][   T26] audit: type=1326 audit(1750640353.554:1384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.506611][   T26] audit: type=1326 audit(1750640353.610:1385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.540185][   T26] audit: type=1326 audit(1750640353.610:1386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.590116][   T26] audit: type=1326 audit(1750640353.610:1387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.655888][   T26] audit: type=1326 audit(1750640353.629:1388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.688154][ T8595] loop0: detected capacity change from 0 to 40427
[  407.722133][   T26] audit: type=1326 audit(1750640353.629:1389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.751593][ T8595] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  407.785808][ T8595] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  407.797040][   T26] audit: type=1326 audit(1750640353.629:1390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.833588][ T8595] F2FS-fs (loop0): invalid crc value
[  407.862908][   T26] audit: type=1326 audit(1750640353.685:1391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  407.888425][ T8595] F2FS-fs (loop0): Found nat_bits in checkpoint
[  407.940840][ T8603] loop3: detected capacity change from 0 to 32768
[  407.978882][ T8603] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1244 (8603)
[  407.986070][   T26] audit: type=1326 audit(1750640353.685:1392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.4.1252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b8a38e929 code=0x7ffc0000
[  408.051322][ T8603] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  408.058150][ T8595] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  408.079820][ T8595] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  408.091344][ T8603] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  408.232071][ T8603] BTRFS info (device loop3): turning off barriers
[  408.238865][ T8603] BTRFS info (device loop3): setting nodatasum
[  408.245098][ T8603] BTRFS info (device loop3): use zlib compression, level 3
[  408.253470][ T8603] BTRFS info (device loop3): using free space tree
[  408.979918][ T8657] random: crng reseeded on system resumption
[  522.047382][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  522.054436][    C0] rcu: 	1-...!: (1 GPs behind) idle=fe0c/1/0x4000000000000000 softirq=30281/30282 fqs=0
[  522.066368][    C0] 	(detected by 0, t=10506 jiffies, g=38509, q=88 ncpus=2)
[  522.073605][    C0] Sending NMI from CPU 0 to CPUs 1:
[  522.078839][    C1] NMI backtrace for cpu 1
[  522.078850][    C1] CPU: 1 PID: 8665 Comm: syz.0.1255 Not tainted 6.1.141-syzkaller #0
[  522.078868][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.078879][    C1] RIP: 0010:__sanitizer_cov_trace_pc+0x1b/0x60
[  522.078906][    C1] Code: 89 de 5b e9 c7 af 50 00 00 00 cc cc 00 00 cc 48 8b 04 24 65 48 8b 0d c4 98 81 7e 65 8b 15 c5 98 81 7e 81 e2 00 01 ff 00 74 11 <81> fa 00 01 00 00 75 35 83 b9 1c 16 00 00 00 74 2c 8b 91 f8 15 00
[  522.078921][    C1] RSP: 0018:ffffc900001e0c90 EFLAGS: 00000006
[  522.078936][    C1] RAX: ffffffff8a0087dd RBX: 1ffff110171e54da RCX: ffff8880261e9dc0
[  522.078949][    C1] RDX: 0000000000010000 RSI: ffff88801ceb3340 RDI: ffff88801ceb3340
[  522.078962][    C1] RBP: 0000000000000000 R08: dffffc0000000000 R09: fffffbfff1bfd0b6
[  522.078979][    C1] R10: fffffbfff1bfd0b6 R11: 1ffffffff1bfd0b5 R12: ffff88801ceb3340
[  522.078992][    C1] R13: dffffc0000000000 R14: ffff8880b8f2a6d0 R15: ffff88801ceb3340
[  522.079005][    C1] FS:  00007fb1477926c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  522.079020][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  522.079032][    C1] CR2: 0000200000003c80 CR3: 000000005838d000 CR4: 00000000003506e0
[  522.079047][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  522.079057][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  522.079068][    C1] Call Trace:
[  522.079075][    C1]  <IRQ>
[  522.079081][    C1]  timerqueue_add+0x16d/0x1f0
[  522.079116][    C1]  enqueue_hrtimer+0x1b3/0x3f0
[  522.079137][    C1]  __hrtimer_run_queues+0x68e/0xd60
[  522.079153][    C1]  ? ktime_get_update_offsets_now+0x95/0x3e0
[  522.079174][    C1]  ? ktime_get_update_offsets_now+0x95/0x3e0
[  522.079198][    C1]  ? taprio_free_sched_cb+0x190/0x190
[  522.079225][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[  522.079246][    C1]  hrtimer_interrupt+0x3c5/0x9c0
[  522.079276][    C1]  __sysvec_apic_timer_interrupt+0x153/0x5a0
[  522.079302][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  522.079330][    C1]  </IRQ>
[  522.079335][    C1]  <TASK>
[  522.079340][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  522.079358][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa5/0x100
[  522.079383][    C1] Code: 74 05 e8 ce 97 6d f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> c6 13 3e f7 65 8b 05 97 d4 e8 75 85 c0 74 3c 48 c7 04 24 0e 36
[  522.079398][    C1] RSP: 0018:ffffc9000c6a7b80 EFLAGS: 00000206
[  522.079411][    C1] RAX: 0072ef2d07b0e300 RBX: 0000000000000a02 RCX: 0072ef2d07b0e300
[  522.079423][    C1] RDX: dffffc0000000000 RSI: ffffffff8a6bffe0 RDI: 0000000000000001
[  522.079435][    C1] RBP: ffffc9000c6a7c10 R08: dffffc0000000000 R09: fffffbfff2117049
[  522.079447][    C1] R10: fffffbfff2117049 R11: 1ffffffff2117048 R12: dffffc0000000000
[  522.079460][    C1] R13: ffff8880b8e2a580 R14: ffff8880b8e2a580 R15: 1ffff920018d4f70
[  522.079481][    C1]  ? _raw_spin_unlock+0x40/0x40
[  522.079504][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  522.079529][    C1]  clock_was_set+0x189/0x990
[  522.079549][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  522.079573][    C1]  ? destroy_hrtimer_on_stack+0x20/0x20
[  522.079590][    C1]  ? memcpy+0x3c/0x60
[  522.079608][    C1]  ? timekeeping_update+0x3ec/0x460
[  522.079629][    C1]  do_settimeofday64+0x575/0x720
[  522.079651][    C1]  ? __xfrm_state_insert+0x94d/0xcc0
[  522.079669][    C1]  ? __x64_sys_clock_settime+0x223/0x270
[  522.079695][    C1]  ? get_device_system_crosststamp+0x8f0/0x8f0
[  522.079716][    C1]  ? __xfrm_state_insert+0x94d/0xcc0
[  522.079736][    C1]  ? security_settime64+0x77/0x90
[  522.079757][    C1]  ? do_sys_settimeofday64+0x15f/0x250
[  522.079780][    C1]  __x64_sys_clock_settime+0x223/0x270
[  522.079806][    C1]  ? lock_chain_count+0x20/0x20
[  522.079828][    C1]  ? exit_itimers+0x550/0x550
[  522.079854][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  522.079871][    C1]  do_syscall_64+0x4c/0xa0
[  522.079893][    C1]  ? clear_bhb_loop+0x60/0xb0
[  522.079909][    C1]  ? clear_bhb_loop+0x60/0xb0
[  522.079926][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  522.079952][    C1] RIP: 0033:0x7fb14698e929
[  522.079974][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  522.079988][    C1] RSP: 002b:00007fb147792038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e3
[  522.080004][    C1] RAX: ffffffffffffffda RBX: 00007fb146bb5fa0 RCX: 00007fb14698e929
[  522.080017][    C1] RDX: 0000000000000000 RSI: 0000200000003c80 RDI: 0000000000000000
[  522.080028][    C1] RBP: 00007fb146a10b39 R08: 0000000000000000 R09: 0000000000000000
[  522.080038][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  522.080048][    C1] R13: 0000000000000000 R14: 00007fb146bb5fa0 R15: 00007ffe9c1d8888
[  522.080067][    C1]  </TASK>
[  522.080831][    C0] rcu: rcu_preempt kthread starved for 10506 jiffies! g38509 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  522.560798][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  522.570794][    C0] rcu: RCU grace-period kthread stack dump:
[  522.576702][    C0] task:rcu_preempt     state:R  running task     stack:27840 pid:16    ppid:2      flags:0x00004000
[  522.587513][    C0] Call Trace:
[  522.590814][    C0]  <TASK>
[  522.593772][    C0]  __schedule+0x10e9/0x40d0
[  522.598337][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  522.603568][    C0]  ? _raw_spin_unlock+0x40/0x40
[  522.608469][    C0]  ? release_firmware_map_entry+0x18a/0x18a
[  522.614402][    C0]  schedule+0xb9/0x180
[  522.618505][    C0]  schedule_timeout+0x15c/0x280
[  522.623390][    C0]  ? console_conditional_schedule+0x40/0x40
[  522.629322][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  522.635337][    C0]  ? update_process_times+0x1b0/0x1b0
[  522.640753][    C0]  ? prepare_to_swait_event+0x335/0x350
[  522.646341][    C0]  rcu_gp_fqs_loop+0x2f2/0x1310
[  522.651231][    C0]  ? rcu_gp_kthread+0x380/0x380
[  522.656117][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  522.662138][    C0]  ? rcu_gp_init+0x14b0/0x14b0
[  522.667037][    C0]  ? rcu_gp_cleanup+0xb4c/0xca0
[  522.671950][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  522.677191][    C0]  ? lockdep_hardirqs_on+0x94/0x140
[  522.682420][    C0]  rcu_gp_kthread+0x95/0x380
[  522.687046][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  522.692188][    C0]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  522.698124][    C0]  ? __kthread_parkme+0x162/0x1c0
[  522.703190][    C0]  kthread+0x29d/0x330
[  522.707304][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  522.712449][    C0]  ? kthread_blkcg+0xd0/0xd0
[  522.717089][    C0]  ret_from_fork+0x1f/0x30
[  522.721571][    C0]  </TASK>
[  522.724612][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  522.730953][    C0] CPU: 0 PID: 7685 Comm: kworker/u4:20 Not tainted 6.1.141-syzkaller #0
[  522.739304][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  522.749390][    C0] Workqueue: events_unbound toggle_allocation_gate
[  522.755945][    C0] RIP: 0010:smp_call_function_many_cond+0xe7b/0x1270
[  522.762652][    C0] Code: 00 00 00 41 8b 1f 89 de 83 e6 01 31 ff e8 6d e9 0a 00 83 e3 01 48 bb 00 00 00 00 00 fc ff df 75 07 e8 f9 e5 0a 00 eb 37 f3 90 <41> 0f b6 04 1c 84 c0 75 10 41 f7 07 01 00 00 00 74 1e e8 de e5 0a
[  522.782286][    C0] RSP: 0018:ffffc9000ceb7800 EFLAGS: 00000293
[  522.788384][    C0] RAX: ffffffff8175f092 RBX: dffffc0000000000 RCX: ffff88807a8f5940
[  522.796391][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  522.804391][    C0] RBP: ffffc9000ceb7960 R08: dffffc0000000000 R09: fffffbfff2117049
[  522.812390][    C0] R10: fffffbfff2117049 R11: 1ffffffff2117048 R12: 1ffff110171e81c1
[  522.820392][    C0] R13: ffff8880b8e3bb40 R14: 0000000000000001 R15: ffff8880b8f40e08
[  522.828393][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  522.837349][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  522.843962][    C0] CR2: 00007f0b8a57e2d8 CR3: 000000000c68e000 CR4: 00000000003506f0
[  522.851962][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  522.859958][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  522.867952][    C0] Call Trace:
[  522.871256][    C0]  <TASK>
[  522.874218][    C0]  ? text_poke_sync+0x20/0x20
[  522.878942][    C0]  ? smp_call_function_many+0x30/0x30
[  522.884339][    C0]  ? kmem_cache_alloc_bulk+0x11a/0x4e0
[  522.889845][    C0]  ? text_poke+0x90/0x90
[  522.894134][    C0]  ? trace_raw_output_contention_end+0xd0/0xd0
[  522.900416][    C0]  ? text_poke_loc_init+0xd6/0x570
[  522.905581][    C0]  ? text_poke_sync+0x20/0x20
[  522.910305][    C0]  on_each_cpu_cond_mask+0x3b/0x80
[  522.915447][    C0]  ? kmem_cache_alloc_bulk+0x11a/0x4e0
[  522.920940][    C0]  text_poke_bp_batch+0x2b0/0x7d0
[  522.926004][    C0]  ? arch_jump_label_transform_apply+0xe/0x20
[  522.932104][    C0]  ? text_poke_loc_init+0x570/0x570
[  522.937338][    C0]  ? arch_jump_label_transform_queue+0x76/0xd0
[  522.943543][    C0]  text_poke_finish+0x16/0x30
[  522.948270][    C0]  arch_jump_label_transform_apply+0x13/0x20
[  522.954295][    C0]  static_key_enable_cpuslocked+0x11f/0x240
[  522.960250][    C0]  static_key_enable+0x16/0x20
[  522.965045][    C0]  toggle_allocation_gate+0xb4/0x430
[  522.970362][    C0]  ? show_object+0xa0/0xa0
[  522.974811][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  522.980851][    C0]  ? read_lock_is_recursive+0x10/0x10
[  522.986277][    C0]  ? _raw_spin_unlock_irq+0x1f/0x40
[  522.991523][    C0]  ? process_one_work+0x7a1/0x1160
[  522.996664][    C0]  process_one_work+0x898/0x1160
[  523.001645][    C0]  ? worker_detach_from_pool+0x240/0x240
[  523.007313][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  523.012376][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  523.017819][    C0]  ? kthread_data+0x4b/0xc0
[  523.022392][    C0]  worker_thread+0xaa2/0x1250
[  523.027138][    C0]  kthread+0x29d/0x330
[  523.031261][    C0]  ? worker_clr_flags+0x1a0/0x1a0
[  523.036344][    C0]  ? kthread_blkcg+0xd0/0xd0
[  523.040982][    C0]  ret_from_fork+0x1f/0x30
[  523.045466][    C0]  </TASK>