last executing test programs:

3m30.110356444s ago: executing program 1 (id=23):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="8ee8c9b8ee088ed8660f3801b2d6352ed9ff660f3882040f01cf0fc72d2626652e0f01ca0fc7386635002000000f22e0", 0xffffffffffffff8b}], 0x1, 0x50, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
pipe2(&(0x7f0000000040), 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
pipe(&(0x7f0000000240))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m28.889809248s ago: executing program 1 (id=26):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x22000044}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x1000400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3m28.513828028s ago: executing program 1 (id=30):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000040)={0x0, &(0x7f0000000540)=[@cpuid={0x64, 0x18, {0x1f}}], 0x18})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000580)={0x1, 0x0, [{0x80000001, 0x7, 0x0, 0xffffffff, 0x80, 0xc, 0x4}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3m28.227456734s ago: executing program 1 (id=31):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000280)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000580)='./file0/../file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000008c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000600)='./file0\x00', &(0x7f00000001c0)='./file0/../file0\x00')

3m28.126228279s ago: executing program 1 (id=33):
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000180)='./file1\x00', 0x10000, &(0x7f0000002380)=ANY=[], 0xff, 0x254, &(0x7f0000000a00)="$eJzs3c9qE2sUAPAzadoml15uuZt7EYQRF7oq6hNUpIViQKhkobuAgtCsmk3STesLuPYVfAdBwTcRH0C6yqaMTGaSpu2YUiFNld9v09Nzvm++P5OZZJNJFoVv/72PRiOJ2mZsxjCJ9ajF2FFU+vSuOg8A3HDDLIvvWWEqvXqxZe06pwUAzNFP3v/HGhFxsoBpAQBz9PzFy6ePW62t3TRtRBwf9dv9dv53s51Xk9jeaW09SEfWT3sd9/vtpVGU1x+m5z87JP1+ezn+KuuPiv7ppLwSEe2VuH+3qOe1J89a6dnjr8arua8eAAAAAAAAAAAAAAAAAAAAAAAW43akY5XP99nYGNWybFJvlvXiv+2dVtnnqHh+T79R1utxq16WTh8PlB1ey6oAAAAAAAAAAAAAAAAAAADg99IbHOx1ut3X+73BQVKfpMvMqFTPg79jKrPfG3xc63TPZsogKY9QUbqJQS1+rXtzslFv/i2jy3sNl/INT8otmu8Cm+dO7hWCqF/a5stJdemf/2/AOe100yv1yrfq6mM1Z25vluVB9VWQX2afp18Aybk2KxExe/R7uzNnWKu4ustgmGVZ98Od/d4gsplDnN4jVq/jRgQAAAAAAAAAAAAAAAAAAEx9Q/hirbGICQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAAtRj/Pv/g4O9Tp4ZBZPMzOAwItbi0sZvvxZjLUdjwasFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT/UjAAD//2prGEI=")
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)

3m27.771542118s ago: executing program 1 (id=34):
read(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/fscaps', 0x0, 0x180)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x2, 0xd8, 0x0, 0x0, 0x88, 0x0, 0x0, 0x5, 0xff, 0x1f}, {0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfd, 0xff, 0x4, 0x20, 0x0, 0x1000000}], 0x2})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m27.621890576s ago: executing program 32 (id=34):
read(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/fscaps', 0x0, 0x180)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x2, 0xd8, 0x0, 0x0, 0x88, 0x0, 0x0, 0x5, 0xff, 0x1f}, {0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfd, 0xff, 0x4, 0x20, 0x0, 0x1000000}], 0x2})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m15.106327525s ago: executing program 0 (id=1016):
syz_read_part_table(0x1063, &(0x7f00000011c0)="$eJzszzEuxEEYxuHf/mWFDKFxFTdR65VOsI2WUyi4iUqcwQG4wcrsiiOgeJ5iMvNl3jf54k8d1831wWG1qjaN/Wz3qs7nsYyH23G5btXnnN9X27Pa7n4s61rm5fFlH3lqvP7Uv8+qj7fqpDrddNTdxXeylqvnX14XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lrwAAAP//32kPPA==")

1m14.650698059s ago: executing program 0 (id=1018):
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e1e, 0x5, @dev={0xfe, 0x80, '\x00', 0xd}, 0x402}, 0x1c)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc80}, 0x800)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x58)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000c0}, 0x80)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1000, 0x400, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x4000, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1m14.368592714s ago: executing program 0 (id=1021):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60842, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000400))

1m14.225232252s ago: executing program 0 (id=1023):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000000)={[{@test_dummy_encryption}, {@init_itable}, {@norecovery}]}, 0x3, 0x470, &(0x7f0000000dc0)="$eJzs3M1vG0UbAPBn13H65k0hoZSvlo9AQVQIkqYt0AMHQCBxKBISHOBoJaEqTQtqgkSrSKQcygkhJO6II/8CJ7ggxAmJK9xRpQr1QsvJaL27iZ3YTtPYcYt/P8ntM/vhmce7Y8/u2AlgaE1l/yQReyPi94iYyIutG0zl/12/tjJ349rKXBL1+tt/JY3t/r62MlduWu433lyIJA62qXfpwsUztcXFhfNFeWb57EczSxcuPnf6bO3UwqmFc0dPnDh+bPbFF44+35M8xyMtojfe++rNk1+05L8hjx6Z6rbyqXq9x9UN1l1N8cgA28H2VIrjVW30/4moNB29iXj9s7XCpwNqINA39Xq9Pt559Wod+A9LorWsy8OwKD/oy+vfdtfBL/dt9DF4V1/JL4CyvK8Xj3zNyNodg+qG69temoqId1f/+SZ7RH/uQwAAtPghG/88m412Vuayscf6+CON+5u2u7uYG5qMiHsiYl9E3BvnYn9E3BfR2PaBiHhwm/U3TZI0hpmbxz/plVtO7iZk47+Xirmt1vFfOfqLyUqjdCEvRDV5//TiwpHiNTkc1T1ZebZLHT++9tuXndY1j/+yR1Z/ORYs2nFlZE/rPvO15dqtZ9zq6qWIAyPt8k/WZgKSiHgoIg60e4J06zpOP/Pdw53WbZ1/Fz2YaKp/G/F0fvxXY0P+paT7/OTM/2Jx4chMeVZs9suvl9/qVP+O8u+B7Pj/v+35v5b/ZNI8X7u0/Tou//F5x2uaqWoRbOP8X60t10aTdxrxaLHsk9ry8vnZiNHkZN7o5uVH1/cty+X2Wf6HD7Xv//ti/ZU4GBHZSfxIRDwaEY8Vx+7xiHgiIg51yf/nV5/8YOOysTL/2+D4z2/r+K8Ho9G6JG2zTRZUzvz0fUulk+thkf+N7u9/xxvR4WLJzbz/bW5F+2Cnrx8AAADcCdKI2BtJOr0Wp+n0dP4d/v351Hfm43Pz+W8EJqOalne6Jpruh84Wl/V5+VJE5F8tKNcfi7Rx3/jrylijPD334eL8QDMHxjv0/8yflUG3Dug7P9iC4aX/w/Dq2v+ru9cOYPdt6v9d+/yevrYF2F1tPv/HBtEOYPe1G//7ez8wHDb0f9N+METc/4fhpf/D8NL/YSgtjcXWP5LvGpTPdIu7bxVMROy0hYMJonpbNKNvQaR9r2K0v6dW34LkDmzzpmBw70kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99G8AAAD//1KFzjw=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x2c)
getdents64(r0, 0x0, 0x0)

1m13.354883068s ago: executing program 0 (id=1029):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip_vti0\x00'})
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000040)='./file0\x00', 0x1818858, &(0x7f0000000680)=ANY=[@ANYBLOB="646f733178666c6f7070792c73686f72746e616d653d3d312c756e695f786c6174653d302c696f636861727365743d6d616363656c7469632c73686f72746e616d653d6c6f7765722c757466383d312c73686f72746e616d653d77696e6e742c73686f77657865632c756e695f786c5bad653d312c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c00"/161], 0x1, 0x377, &(0x7f0000000900)="$eJzs3U9oHFUYAPBvO0k2KbTJQSgKwuhN0NA/eFA8pJQUirmoLFUP4mJTlWwsZHExPXQbL8Wj4FFR8CIe9OChZxEU6c2DVytoVTxobwWLT3Z3dnfS3aRRSWvw9zsMX7733rz3Ji/ZyST78uJCrJyZjLPXr1+L6elKTCycWIgblZiLLPouxqipMTkAYG+4kVL8nnp22KSyy0MCAHZZ9/X/5QOlzJtfblc/efUHgD2v+Pl/Zrs606OpH5/oHM/t3rgAgN0z8vz/wU3FU5t/1T9R+qsAAGCveua55588vhTxdJ5PR6xeatVatXh8WH78bLwajViOwzEbNyN6NwqdQ6V7PHlqafFwnuft+GkuahHxQasWsdpu1Xp3CsezbvtqHInZmCvaF3cbKaXs5GdLi0fyroi42O72H6uVVm0y9hf9f7c/luNo5HHPSPuIU0uLR/PiBLXVfvt2xMbwuUVn/PMxG9+8FOeiEWdmTkdK/duapcULR/L8RFra1L5Vq8aZwVUY8wQEAAAAAAAAAAAAAAAAAAAAAAD+hfl8YG6w/00a7t8zPz+mvLs/Tq99sT/QRm9/oFRNkdJvbzxSeyuLTfsD3bo/T6s2Efvu7tQBAAAAAAAAAAAAAAAAAADgP6O5PhX1RmN5rbl+fqUctNea6/siopN57etPvpiJ0Tq3CSaKPkpFeZE6v1JPWb9yyjbVKYKs03k/8/HlwYjLdaqDWYwdRnXrokbjwAM/vDvM3J/1z/znsE4W4yeY3TKMcrB6sDekQWZyOOUtr9ixIjh6m6t6NaW01XkuvDDaKioRE3//E7d9kDrBV9deufdY89Cj3cznqeehh2dPX33nw19W6o1Ozx2Nj6bWmjfTSr34ePxi2zrISuunUlzDSnklTGzXfKOcuVStZ9/++ux9b1/ZWe+pnHl9TJ2sN51P15rrleIrpVs01Qs6uVtazTROZSMrYXLM4v8nwftX+qtu7GI79N5C/fKF73/e6QlL3yRs1AEAAAAAAAAAAAAAAAAAAHdE6b3iheLNvpPbtXrsqSKY3t3RAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCdMfz//6VgYySzk+CPdowWVZfXmhEH7/Y0AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/srAAD//3uuaGw=")
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
kcmp(0x0, 0x0, 0x4, r3, 0xffffffffffffffff)
mount$overlay(0x0, 0x0, 0x0, 0x3184fe1479f57e62, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'tunl0\x00', <r5=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00000010000100000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000003c0012800900010069706970000000002c0002800600"], 0x5c}}, 0x0)

1m12.039432448s ago: executing program 0 (id=1032):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8064}, 0x20040084)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x700}, {0xffff}, {0x2, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

1m11.738605834s ago: executing program 33 (id=1032):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x8, 0x4}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8064}, 0x20040084)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000700)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x700}, {0xffff}, {0x2, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0xffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)

52.651196466s ago: executing program 6 (id=1143):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='freezer.self_freezing\x00', 0x275a, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000000)="8ee8c9b8ee088ed8660f3801b2d6352ed9ff660f3882040f01cf0fc72d2626652e0f01ca0fc7386635002000000f22e0", 0xffffffffffffff8b}], 0x1, 0x50, 0x0, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
pipe2(&(0x7f0000000040), 0x0)
preadv(r2, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
pipe(&(0x7f0000000240))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

52.172260482s ago: executing program 6 (id=1145):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='net/icmp\x00')
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e24, 0x81000, @empty}, 0x1c)
read$FUSE(r1, &(0x7f0000002380)={0x2020}, 0x2020)

51.375368274s ago: executing program 6 (id=1146):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x482, 0x0)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x2)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000680)='./file0\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6a71666d743d7666736f6c642c7573726a71756f74613d6e6f696e6c696e650700000074727bbd0426b776aa2dd559defbabe1bb7c2990cf2327e9af29b6214ca1a0f50decac5eab7e9507cc6949f5ddd3e28e8b57ddee3b3e5d8d0f008c19753fb6357ce5402421cdf43ebd58fe035a2c7265737569643d", @ANYRES16, @ANYRESDEC], 0xfd, 0x554e, &(0x7f000000b080)="$eJzs3E1vG1UXAODjpGnTj7dvhFiw60gVUiLVVp1+CHYFWvEhWlUFFqzAsV3Lre2JYtcNXXXBErHgnyCQWLHkN7BgzQ6xALFDAnnuuDRQpEpxYpI8jzQ+M3euz5xrRZHOjOUAjqyV7LdfKnE2TkbEYkSciSj2K+VWuJbCSxFxLiIWntoq5fiTgeMRcSoizk6Sp5yV8tQXF8bnr/z8zq/ffn/i2Okvv/lhfqsG5u3liOhvpv2H/RTzTor3yvHGuFvE/uVxGdOJ3nI638/T+MP2RpHhYWM6r1HES500P998MJzEu71GcxI73bvF+OYgXXA47kzzFG+419gqjlvtjSJ2h3kRO4/Sdbcfpf9tj4ajlKdV5vukSB+j0TSm8fZ2O61n834Rm4NROZ7y5q329iSOy1heLpp5r1XUsbGLD/o/7t3u4MF2Nm5vDbv5ILtSq79Sq1+t1rfyVnvUvlxt9FtXL2ernd5kWnXUbvSvdfK802vXmnl/LVvtNJvVej1bvd7e6DYGWb1eu1S7WL2yVu5dyN689UHWa2Wrk/h6d/Bg1O0Ns7v5VpbesZat1y69upadr2fv3byd3b5z48bN2+9/dP3DW6/dfPuNctLxstZqvfK4KCtbXb+4vl6tX6yu19cO//qflPVpWfQM1w+7Upl3AQAHj/4fmId/9v/Lz93/9++Xx8/s/7fuROx9/x/6/5k4UP3vtKyj2v/vwfphV/T/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABH1o9LX71V7Kyk49Pl+P/KoRfK40pELETEH8+wGMd35Fws8yz9y/ylv9XwXSWKDJNrnCi3UxFxrdx+//9efwoAAABweH39+NznqVtPLyvzLoj9lG7aLJz5eEb5liNiaeWnGWVbmLy8OKNkxd/3sdieUbbiBtbyjJKlW27HZpXtuSzuCMtPhUoKC/taDgAAsC92dgL724UAAACwnz6bdwHMRyWmjzKnz4KLb97/9UDw5I4jAAAA4ACqzLsAAAAAYM8V/b/f/wMAAIDDLf3+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Cc795OzNBDGAfht+Sr4LxLjwp1XcQfH8AguXRoO4CU4gAvO4AU4A+48gqGGzohgWGA6beOX50nK0An8mCGweGeSAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCF9b3ZNfH73pW/Ose2nzGwAAACAWw7Nbt09Wab757n/Ze56ne+riKgjon2bOy5q91k8ucqc5Zzmz8u+Xtb6zV9j+BbRJZw+Y56vZxHxPl8/Xw35DQAAAMDjtt9sV6laTw/LqQfEmNKiTf3iQ6G8KiKa5Y9CafUp702hsO73/RCfCqV1C1iLQmFpye2hVNpdur/7edVucdFUqalvvu08yGJzBwAARjS7asatQgAAABjTx6kHwDSq+L2Ved4KnKcmb+89vboDAAAA/kPV1AMAAAAABtfV//98/t8Nd5z/1zr/DwAAAKaRzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgSIdmt95vtqu+Oce2nzKzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBf7M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxPy8pDMNADEBVt81nF3z/wwaB7xAC74GNbDGLAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN7os05Gr1+Sb3+u9RgN/1YzydaqYW/VcHSg4ezAfHobAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNm5n9Y4yjAA4M/u7GxNqxij5BARBQ96sem2tvYmHpTgwY8ghHRbo1v/tDnYUsRcvEnOvYgeRQQl3vodem6hl3rrIYcK4nFl/iXTNuImtDPb5PeDd95nhsm8zzsLIc+8kwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMrWeztxkm1mi7hbHrt1/9pK1t9+qM/c2LizkLUs7jSZ9NPhlfpOZ769RAAAADg8kqq+j4i76eZS1ndn8/o/rc7Jav4fnyviqp5/uO6v+qr2z9ofv997aXug2WKc7KLnV0fDE4+m0ntys5xuz//vGb38zufPXpL8A+l+uP7iVprfz873N2++38/DI01kCwDsx/GqL4Pq76GsH7SZGACHRq9WeFf1fzLbbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATdhaj2NV3ImIhd5OnLl9/9rKbv2NjTsLVTtz/fpGfLtzzewSaUScXx0NTzQ6m+l2+crVz5ZHo+GlxxDMlNec8KdejYjHOPqegnerVD+e4OSIFjLcT/DPEx6i1/YE9xd0yw97WvJpPUhigpNb+oUEAMCBlZYtq+vvpptL2bHOXMT4pwfr/zdqcUxY/9/75Myt+lj1+n/Q2Ayn3+LaxS8XL1+5+tbqxeULwwvDz98+OXhncOrs6dNnF/NnJYuemAAAALBn4/F4vL3TL1tW1ydl/d+de3T9/2gtjgnr/69+GHxTHzhR/+9qZ9Gv7UwAAAAOtxde+/uvzi7HO/1+fL28tnZpUGy3908W2xZS3bMjZauv/ydzbWcFAAAANGFrvfPA+v+5WhwTrv8/+/PLv9avmUTETLn+f3zli9G55qYz1Zr4l+O25wgAAEC7ZspWX/9P8/f/u9uvPHQj4s3Xi7j4GsBjEfHf9X9a1v/JB9/9Uh+r/v7/qSYnOU3KL+jrzhf3I+/nI3rzbScGAADAQfZM2bJi/890c+nT345+1Pf+PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDT/g0AAP//3hkvlw==")
pwritev2(0xffffffffffffffff, &(0x7f00000001c0)=[{0x0}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0x40305829, &(0x7f00000000c0)={0x17c04, 0xffffffffffffffff, 0xf4fb, 0x3ff, 0x71de, 0xfffffffffffffffd})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f0000000380)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000008, 0x3032, 0xffffffffffffffff, 0xcac60000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r0, 0x0, 0x0)

49.7507912s ago: executing program 6 (id=1159):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x210802, &(0x7f00000006c0)=ANY=[], 0x1, 0x5514, &(0x7f000000afc0)="$eJzs3MtrY1UYAPBz+5i3YxEX7ubCILQwCU0fg+6qzuADO5RRF640TW5DZpLc0qRp7cqFS5mF/4kouHLp3+DCtTtxobgTlNxzq60PUJs2zvT3g5vvnpOTL98JofDdWxKAc2su/emHJFwPl0MI0yGEayEU50l5FNZieK48nTpyJOX8bxMXQghXQgjXR8ljzqR86pNbw5ur37/x45dfX5y5+ukX30xu18CkPR9C6G7H871ujHkrxgflfH3YLmJ3ZVjG+ET3YTnOY9zLNosMe/XDdfUiLrfi+nx7tz+KW516YxRb7a1ifrsX37A/bB3mKV7woL5TjJvZZhHb/byIrYNY1/5B/Nt20B/EPM0y3wdF+jAYHMY4n+1ncT/bD4vY6A3K+Zg3b2b7ozgsY/l2oZF3mkUdmyf5pP/f3mz3dvfTYbbTb+e9dLVae6Fau12p7eTNbJCtVOrd5u2VdL7VGS2rDLJ6d62V561OVm3k3YV0vtVoVGq1dP5Ottmu99JarbpcXaysLpRnt9JX772Tdprp/Ci+3O7tDtqdfrqV76TxFQvpUnX5xYX0Zi19a30j3bh/9+76xtvv3Xn33kvrr79SLvpTWen80uLSUqW2WFmqLZyj/X9UFj3G/cOJJJMuAODx82/7/xv6f2AMTq//37kfwrj7/1jP0f4/6P/H4tT730eJ/v8/739j9K091f3Diej/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrW9nP3utOJmL46vl/FPl1DPlOAkhTIUQfvkL0+HCsZzTZZ7Zv1k/+4cavkpCkWH0HhfL40oIYa08fn76tD8FAAAAeHJ9/uGNR7Fbjw9zky6IsxQv2kxde39M+ZIQwuzcd2PKNjV6eHZMyYrv90zYH1O24gLWpTEli5fcZsaV7R+ZPhYuHQlJDFNnWg4AAHAmjncCZ9uFAAAAcJY+nnQBTEYSDm9lHt4LLv7z/vcbgpePjQAAAIDHUDLpAgAAAIBTV/T/fv8PAAAAnmzx9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBf2bm/m4SBOA7g12IF/0VifGcV32AMR3AEwwAuwQi4ggswA745goKhPYmY1Ki90kg+n6QcLe2X3xF4uDtSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaNNzMZ883o8emuas1jVG8YS616PmPQEAAADqLIv5pHwyrPbP4vGLeOgq7mchhLxmGN8LxzuZvZhT1JxffKnhKYQyYfMe/bidhhBu4vZ62fanAAAAAIdrMZ2Nq9F69TDsuiD+7O33l1STNvn5baISshBCMXxJlJZv8q4ThZXf73R/MyknsAZpsuKU21GqtB8pf+7bWbvBpyarmvz765P1HQAA2KPeTrPfUQgAAAD7dNd1AXQjCx9LmdulwH7VxOW9k509AAAA4B/Kui4AAAAAaF05/nf/PwAAADhs1f3/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaNOymE8W09m4ac5q3Uya3gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8sz/vKBACYRAGe9d3JnP/w0qDpqYmVSB8/I3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDF/rykQAgEQRTMGf876fsfVhL0DCJEQMOjilo0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDFzv28xlHFAQD/7uzO1lTFGCWHiCh40ItNt7W1N/GgBA/+CUJItzV26482B1uKkIs3ybkX0aOIoMRb/4eeW+il3nrIoYLgrTK/kmk24Ip0Zpp8PvDmfXcYZr7vbQj57nsbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgsvP+XtzPDn8/KpTn7jy8sZb1d/f1mVtb95aylsW9hvPunGNTZ16tv+gtNpkMAAAAR1W/qu8j4n66vZL1yXxe/6fVNUlE/PB8EVf1/P66v+qr2j9rv//24OXdB80Xz8luemF9Mj45ncrgyY2y21741ysG+cxn70M+iUkkH22+tJPm89n77vbtD4Z5OP1ZAwDQESeqvgyqv4eyftRmYgAcGYNa4V3V//35dnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaMLOZjxbxb2IWBrsxZm7D2+sHdTf2rq3VLWzN29u1e+Z3SKNiAvrk/HJBsfSdVevXb+0OpmMrzQfvBYRbT39vXL4lz6Z4eKIVuZHkAdz//uHJCnf7E4M56kJWvylBADAoZSWLavr76fbK9m53kLEox8fr//frMUxY/3/4NOzd+rPqtf/o8ZG2H3LG5e/XL567frb65dXL44vjj9/59To3dHpc2fOnFvOPyspjv228wQAAODpNSxbvf5PFqbX/4/X4pix/v/q+9E39Wf11f8H2lv0azsTAACAo+3F1//6s3fA+d5wGF+vbmxcGRXH3denimMLqf5nx8pWr//7C21nBQAAADRhZ7P32Pr/+VocM67/P/fTK7/U79mPiLly/f/E2heT880Np9P2f+n3SXyduO0xAgAA0K65stXX/9N8/3+yu+UhiYi33iji8t8AzlT/9z/89uf6von6/v/TDY6xi5LFYj7yfjFisNh2RgAAABxmz5Qtq9P/SLdXPvv1+MdD+/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmvZPAAAA//8Hv0Ae")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x200)

48.661316518s ago: executing program 6 (id=1164):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x183001, 0x0)
r2 = epoll_create1(0x80000)
epoll_pwait(r2, &(0x7f0000000040)=[{}], 0x1, 0xfffffffd, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000)={0x30000019})
epoll_wait(r2, &(0x7f00000000c0)=[{}], 0x1, 0x5f)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000000)={0x4})

47.563061286s ago: executing program 6 (id=1176):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x9, &(0x7f0000000340)=0x2, 0x5e)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000f9000000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000240)={0x40000000})
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0xd, 0xfffff034}, {0x50, 0x0, 0x5, 0xfffffffd}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r4, 0x84, 0x4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r5, r7, 0x1, 0x0, @void}, 0x10)
socket$igmp(0x2, 0x3, 0x2)
r8 = socket(0x10, 0x803, 0x2)
r9 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r9)
getsockname$packet(r9, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$NL80211_CMD_DEL_PMK(r2, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022dbd70822d503a8e93fb960008000300", @ANYRES32=0x0, @ANYBLOB="0a00060008021100000100000a000600ffffffffffff00000a0006000802110000010000"], 0x40}, 0x1, 0x0, 0x0, 0x40801}, 0x0)

46.93581293s ago: executing program 34 (id=1176):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x9, &(0x7f0000000340)=0x2, 0x5e)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000f9000000000000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000240)={0x40000000})
socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0xd, 0xfffff034}, {0x50, 0x0, 0x5, 0xfffffffd}, {0x6, 0x0, 0x2, 0xffffffff}]}, 0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r4, 0x84, 0x4, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r5, r7, 0x1, 0x0, @void}, 0x10)
socket$igmp(0x2, 0x3, 0x2)
r8 = socket(0x10, 0x803, 0x2)
r9 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r9)
getsockname$packet(r9, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$NL80211_CMD_DEL_PMK(r2, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022dbd70822d503a8e93fb960008000300", @ANYRES32=0x0, @ANYBLOB="0a00060008021100000100000a000600ffffffffffff00000a0006000802110000010000"], 0x40}, 0x1, 0x0, 0x0, 0x40801}, 0x0)

11.314244959s ago: executing program 4 (id=1325):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000600)=ANY=[], 0x2, 0x1511, &(0x7f00000031c0)="$eJzs3Au4TtXWOPAx5pxLm8Sb5D7HHIs3uUySJJeERJIkSZJbQpIkSUhscktCEnJPcg/JLST3+y33JDmSJAkJSeb/0anPOadzTuf8zzmf7zl7/J5nPXuOvd4x3rH22Hu/a6397Pfr9gMr161SsTYzw78E//ghFQBSAKAPAGQGgAgASmQpkQVwCKTXmPqvPYn493pgyuXuQFxOMv+0Teaftsn80zaZf9om80/bZP5pm8w/bZP5C5GWbZma82rZ0u72z9z/z/D3dv7u/X+Q+///58jr/3+RQ0VGfb6uyLUd/okUmX/aJvNP22T+aZvMP22T+adtMv//chFAhb+zW+aftsn8hUjLLvf9Z9ku73a5v/+EEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQqQNZ8MlBgB+XV/uvoQQQgghhBBCCPHvE6740yjd5WtECCGEEEIIIYQQ/0EICjQYiCAdXAEpkB4ywJWQEa6CTJAZEnA1ZIFrICtcC9kgO+SAnJALckMesEDggCGGvJAPknAd5IfroQAUhEJQGDwUgaJwAxSDG6E43AQl4GYoCbdAKSgNZaAs3Arl4DYoDxWgItwOleAOqAxV4E6oCndBNbgbqsM9UAPuhZpwH9SC+6E2PAB14EGoCw9BPXgY6kMDaAiNoPH/V/7z0BlegC7QFVKhG3SHF6EH9IRe0Bv6wEvQF16GfvAK9IcBMBBehUHwGgyG12EIDIVh8AYMhxEwEkbBaBgDY+FNGAdvwXh4GybARJgEk2EKTIVp8A5MhxkwE96FWfAezIY5MBfmwXx4HxbAQlgEH8Bi+BCWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAR7AVtsF22AE7YRfsho9hD3wCe+FT2Aef/WV+5r+ff+Yv8jsgIKBChQYNpsN0mIIpmAEzYEbMiJkwEyYwgVkwC2bFrJgNs2EOzIG5MBfmwTxISMjImBfzYhKTmB/zYwEsgIWwEHr0WBSLYjG8EYtjcSyBJbAklsRSWBpLY1ksi+WwHJbH8lgRK2IlrISVsTLeiXfiXVgNq2F1rI41sAbWxJpYC2thbayNdbAO1sW6WA/rYX2sjw2xITbGxtgEm2BTbIrNsTm2wBbYEltiK2yFrbE1tkHEttgW22E7bI/tsQN2xI74PD6PL+AL2BUrqW7YHbtjD+yBvbA39saXsC++jC/jK9gfB+BAfBVfxddwMJ7GITgUh+EwLKdG4EgchazG4Fgci+NwHI7H8TgBJ+JEnIxTcCpOw2k4HWfgDHwXZ+F7+B7OwTk4D+fjfFyAC3ERLsLFeAaX4FJchstxBa7EFbga1+BqXIfrcR1uxI24GTfjR/gRbsNtuAN34C7chR/jx/gJfoL9cR/uw/24Hw/gATyIB/EQHsLDeBiP4BE8ikfxGB7D43gCT+IJPIWn8DSewbN4Fs/hOTyPz+b6ss6ugmv7g7rIKKPSqXQqRaWoDCqDyqgyqkwqk0qohMqisqisKqvKprKpHCqHyqVyqTwqjyJFilWs8qq8KqmSKr/KrwqoAqqQKqS88qqoKqqKqWKquCquSqibVUl1iyqlSqtmvqwqq8qp5r68qqAqqoqqkrpDVVZVVBVVVVVV1VQ1VV1VVzVUDVVT3adqqW7YCx9QFydTVw3Aemog1lcNVEPVSL2Gj6gmajA2Vc1Uc/WYGopDsKVq4lupJ1VrNRLbqKfVKHxGtVNjsL16TnVQHVUn9bzqrJr6Lr/e7lSTsYfqqXqp3mo63qEuTqyyekX1VwPUQPWqmoevqcHqdTVEDVXD1BtquBqhRqpRarQao8aqN9U49ZYar95WE9RENUlNVlPUVDVNvaOmqxlqpnpXzVLvqdlqjpqr5qn56n21QC1Ui9QHarH6UC1RS9UytVytUCvVKrVarVFr1Tq1Xm1QG9UmtVltUR+prWqb2q52qJ1ql9qtPlZ71Cdqr/pU7VOfqf3qD+qA+lwdVF+oQ+pLdVh9pY6or9VR9Y06pr5Vx9UJdVJ9p06p7xOn1Rl1Vv2gzqkf1Xn1k7qgggKNWmmtjY50On2FTtHpdQZ9pQZ9lc6kM+uEvlpn0dforPpanU1n1zl0Tp1L59Z5tNWknWYd67w6n07q63R+fb0uoAvqQrqw9rqILqpv0MX0jbq4vkmX0DfrkvoWXUqX1mV0WX2rLqdv0+V1BV1R364r6Tt0ZV1F36mr6rt0NX23rq7v0TX0vbqmvk/X0vfr2voBXUc/qOvqh3Q9/bCurxvohrqRbqwf0U30o7qpbqab68d0C/24bqmf0K30k7q1fkq30U/rtvoZ3U4/q9vr53QH3VF30j/pCzroLrqrTtXddHf9ou6he+peurfuo1/SffXLup9+RffXA/RA/aoepF/Tg/XreogeqofpN/RwPUKP1KP0aD1Gj9Vv6nH6LT1ev60n6Il6kp6sp+iputcvlWb+A/lv/ZX8fj8/+2a9RX+kt+pterveoXfqXXq33q336D16r96r9+l9er/erw/oA/qgPqgP6UP6sD6sj+gj+qg+qo/pY/q4PqF/0N/pU/p7fVqf0Wf0D/qcPqfP//I1AINGGW2MiUw6c4VJMelNBnOlyWiuMplMZpMwV5ss5hqT1VxrspnsJofJaXKZ3CaPsYaMM2xik9fkM0lznclvrjcFTEFTyBQ23hQxRc0N/3L+7/XX2DQ2TUwT09Q0Nc1Nc9PCtDAtTUvTyrQyrU1r08a0MW1NW9POtDPtTXvTwXQwnUwn09l0Nl1MF5NqUk1386LpYXqaXqa36WNeMn1NX9PP9DP9TX8z0Aw0g8wgM9gMNkPMEDPMDDPDzXAz0ow0o81oM9aMNePMODPejDcTzAQzyUwyU8wUM81MM9PNdDPTzDSzzCwz28w2c81cM9/MNwvMArPILDKLzWKzxCw1S81ys9ysNCvNarParDVrzXqz3mw0G80Ss8VsMVvNVrPdbDc7zU6z2+w2e8wes9fsNfvMPrPf7DcHzAFz0Bw0h8whc9gcNkfMEXPUHDXHzDFz3Bw3J81Jc8qcMqfNaXPWnDXnzDlz3pw3F8yFi6d9kYpUZCITpYvSRSlRSpQhyhBljDJGmaJMUSJKRFmiLFHW6NooW5Q9yhHljHJFuaNUsBFFLuIojvJG+aJkdF2UP7o+KhAVjApFhSMfFYmKRjdExaIbo+LRTVGJ6OaoZHRLVCoqHZWJyka3RuWi26LyUYWoYnR7VCm6I6ocVYnujKpGd0XVoruj6tE9UY3o3qhmdF9UK7o/qh09ENWJHozqRg9F9aKHo/pRg6hh1Chq/G+tH8Lp7I/6LrarTbXdbHf7ou1he9petrftY1+yfe3Ltp99xfa3A+xA+6odZF+zg+3rdogdaofZN+xwO8KOtKPsaDvGjrVv2nH2LTvevm0n2Il2kp1sp9ipdpp9x063M+xM+66dZd+zs+0cO9fOs/Pt+3aBXWgX2Q/sYvuhXWKX2mV2uV1hV9pVdrVdY9fadXa93WA32k12s91iP7Jb7Ta73e6wO+0uu9t+bPfYT+xe+6ndZz+z++0f7AH7uT1ov7CH7Jf2sP3KHrFf26P2G3vMfmuP2xP2pP3OnrLf29P2jD1rf7Dn7I/2vP3JXrDh4sn9xZd3MmQoHaWjFEqhDJSBMlJGykSZKEEJykJZKCtlpWyUjXJQDspFuSgP5aGLmJjyUl5KUpLyU34qQAWoEBUiT56KUlEqRsWoOBWnElSCSlJJKkWlqAyVoVvpVrqNbqMKVIFup9vpDrqDqlAVqkpVqRpVo+pUnWpQDapJNakW1aLaVJvqUB2qS3WpHtWj+lSfGlJDakyNqQk1oabUlJpTc2pBLagltaRW1IpaU2tqQ22oLbWldtSO2lN76kAdqBN1os7UmbpQF0qlVOpO3akH9aBe1Iv6UB/qS32pH/Wj/tSfBtJAGkSDaDANpiE0lIbRGzScRtBIGkWjaQyNpbE0jsbReBpPE2gCTaJJNIWm0DSaRtNpOs2kmTSLZtFsmk1zaS7Np/m0gBbQIlpEi2kxLaEltIyW0QpaQatoFa2hNbSO1tEG2kCbaBNtoS20lbbSdtpOO2kn7abdtIf20F7aS/toH+2n/XSADtBBOkiH6BAdpsN0hI7QUTpKx+gYHafjdJJO0ik6RafpNJ2ls3SOfqTz9BNdoEApTkEGd6XL6K5ymVxml+LSu4txBAAX4xwup8vlcrs8zrpsLvufxeScK+AKukKusPOuiCvqbvhNXMqVdmVcWXerK+duc+V/E1d1d7lq7m5X3d3jqrg7/yyu4e51Nd1DrpZ72NV2DVwd18jVjR5y9dzDrr5r4Bq6Rq6Fe9y1dE+4Vu5J19o99Zt4gVvo1ri1bp1b7/a4T9xZ94M74r5259yProvr6vq4l1xf97Lr515x/d2A38TD3BtuuBvhRrpRbrQb85t4kpvspripbpp7x013M34Tz3fvu1lukZvt5ri5bt7P8cWeFrkP3GL3oVvilrplbrlb4Va6VW71//S63G10m9xmt9t97La6bW672+F2ul0/xxePY6/71O1zn7nD7it3wH3uDrqj7pD78uf44vEddd+4Y+5bd9ydcCfdd+6U+96ddmd+Pv6Lx/6d+8ldcMEBIyvWbDjidHwFp3B6zsBXcka+ijNxZk7w1ZyFr+GsfC1n4+ycg3NyLs7NedgysWPmmPNyPk7ydZyfr+cCXJALcWH2XISL8g1cjG/k4nwTl+CbuSTfwqW4NJfhsnwrl+PbuDxX4Ip8O1cKgStzFb6Tq/JdXI3v5up8D9fge7km38e1+H6uzQ9wHX6Q6/JDXI8f5vrcgBtyI27Mj3ATfpSbcjNuzo9xC36cW/IT3Iqf5Nb8FLfhp7ktP8Pt+Fluz89xB+7Infh57swvcBfuyqncjbvzi9yDe3Iv7s19+CXuyy9zP36F+/MAHsiv8iB+jQfz6zyEh/IwfoOH8wgeyaN4NI/hsfwmj+O3eDy/zRN4Ik/iyTyFp/I0foen8wyeye/yLH6PZ/McnsvzeD6/zwt4IS/iD3gxf8hLeCkv4+W8glfyKl7Na3gtr+P1vIE38ibezFv4I97K23g77+CdvIt388e8hz/hvfwp7+PPeD//gQ/w53yQv+BD/CUf5q/4CH/NR/kbPsbf8nE+wSf5Oz7F3/NpPsNn+Qc+xz/yef6JL3BgiDFWsY5NHMXp4ivilDh9nCG+Ms4YXxVnijPHifjqOEt8TZw1vjbOFmePc8Q541xx7jhPbGOKXcxxHOeN88XJ+Lo4f3x9XCAuGBeKC8c+LhIXjW+Ii8U3xsXjm+IS8c1xyfiWGFJLxw/dUza+NS4X3xaXjyvEFePb40rxHXHluEp8Z1w1viuuFt8dV4/viYvH98Y14/viWvH9ce34gbhO/GBcN34orhc/HNePG8QN40Zx4/iRuEn8aNw0bhY3jx+LW8SPxy3jJ+JW8ZNx6/ip392fGneLu8cvxi/GIdytfrlOTC5ILkwuSn6QXJz8MLkkuTS5LLk8uSK5MrkquTq5Jrk2uS65PrkhuTG5Kbk5GUKVK8CjV1574yOfzl/hU3x6n8Ff6TP6q3wmn9kn/NU+i7/GZ/XX+mw+u8/hc/pcPrfP460n7zz72Of1+XzSX+fz++t9AV/QF/KFvfdFfFHfyDf2jX0T/6hv6pv55v4x/5h/3D/un/BP+Cd9a/+Ub+Of9m39M76df9Y/65/zHXxH38k/7zv7F3wX39Wn+lTf3Xf3PXwP38v38n18H9/X9/X9fD/f3/f3A/1AP8gP8oP9YD/ED/HD/DA/3A/3I/1IP9qP9mP9WD/Oj/Pj/Xg/wU/wk/wkP8VP8dP8ND/dT/cz/Uw/q8AsP9vP9nP9XD/fz/cL/AK/yC/yi/1iv8Qv8cv8Mr/Cr/Cr/Cq/xq/x6/w6v8Fv8Jv8Jr/Fb/Fb/Va/3W/3O/1Ov9vv9nv8Hr/X7/X7/D6/3+/3B/wBf9B/4Q/5L/1h/5U/4r/2R/03/pj/1h/3J/xJ/50/5b/3p/0Zf9b/4M/5H/15/5O/4IMfm3gzMS7xVmJ84u3EhMTExKTE5MSUxNTEtMQ7iemJGYmZiXcTsxLvJWYn5iTmJuYl5ifeTyxILEwsSnyQWJz4MLEksTSxLLE8sSKxMhFC7q1xyBvyhWS4LuQP14cCoWAoFAoHH4qEouGGUCzcGIqHm0KJcHMoGW4JpULpUCY8HOqHBqFhaBQah0dCk/BoaBqahebhsdAiPB5ahidCq/BkaB2eCm3C06FteCa0C8+G9uG50CF0DJ3C86FzeCF0CV1DaugWuocXQ4/QM/QKvUOf8FLoG14O/cIroX8YEAaGV8Og8FoYHF4PQ8LQMCy8EYaHEWFkGBVGhzFhbHgzjAtvhfHh7TAhTAyTwuQwJUwN08I7YXqYEWaGd8Os8F6YHeaEuWFemB/eDwvCwrAofBAWhw/DkrA0LAvLw4qwMqwKq8OasDasC+vDhrAxbAqbw5bwUdgatoXtYUfYGXaF3eHjsCd8EvaGT8O+8FnYH/4QDoTPw8HwRTgUvgyHw1fhSPg6HA3fhGPh23A8nAgnw3fhVPg+nA5nwtnwQzgXfgznw0/hgvzPmhBCCCHEP0T/zv5uf+Vz6QDg10ui7gBw1bach/6y5oZsf1z3VLlaJADgya7tH/h1q1QpNTX1l8cu0RDlmwMAiT+v/2u8FJrD49AKmkGxv9pfT9XxHP9O/eTNABn+JCcFLsWX6t/4N+o/8tiwBSXjs1n+Tv05AAXyXcpJD5fiS/WL/4362Zv8Tv/pPx8L0PRPcjLCpfhS/aLwKDwFrf7skUIIIYQQQgghxB/1VGXa/u3rT/0/1+e5zKWcK+BS/HvX50IIIYQQQgghhLj8nunY6YlHWrVq1vYfW+Avf5f+57JkIYv/nkX6X350/q/08x9aXM7fSkIIIYQQQoj/hEsn/Ze7EyGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQIu3633g7sct9jEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIcTl9v8CAAD//5aUMno=")
chdir(&(0x7f0000000400)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x28)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc042, 0x0)

9.96812743s ago: executing program 4 (id=1329):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000600)=ANY=[@ANYBLOB="0201000000000010ac05418200000000000109022400010000000009040000110300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUCODE(r1, 0xc018480d, 0x0)

5.480866929s ago: executing program 4 (id=1350):
wait4(0x0, 0x0, 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = gettid()
clock_nanosleep(0x9, 0x0, &(0x7f0000000140)={0x77359400}, 0x0)
rt_sigqueueinfo(r1, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)

5.335948706s ago: executing program 3 (id=1352):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)={0x1c, 0x1d, 0x21, 0x70bd27, 0x2, {0x7}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x22000044}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=ANY=[@ANYBLOB="1400000009060102000000000010"], 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

5.232296762s ago: executing program 4 (id=1353):
timer_create(0x3, &(0x7f0000000240)={0x0, 0x31, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xb320a000)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x2002)
read(r1, &(0x7f0000000300)=""/85, 0x55)
timer_getoverrun(r0)
setpriority(0x0, 0x0, 0x2a14b58)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4a044}, 0x20004090)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080), &(0x7f00000000c0)=0x14)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

4.449896473s ago: executing program 7 (id=1361):
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000001700))
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp', 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'lo\x00'})
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendto$inet(r0, &(0x7f0000000900)="2e552f5d9fd8b0d9627c4980f0d1ea2bf8f617a682acd2841acd878bd68344d4f50f83b0c51fa9135a01c95d4a128ec8b12d01010000a44c4505ba9a36f2cf4cc5e8308126d0a2c3b9d24e57c5011376b6263e2a1258eec1eb72bedea3eb5ccf73eb081b4c6d5faa998d7b795c057dd757d14200a8a6dbb3e59df96b77d16753ac4b32b94ffe6b5ee304d0428eb18056657c8c5c71c632be66cb26fe5c9abec7591ef3cb9b2a1133e9fa9bf0de6c378bed7b51cb8a07c343aabfda193349b91a5dc81a658cb61fbbfa51ef95abe03381ee2cb8d41da19ea8b96ec68ce17cf57da60f1d04acaf34a643db8d2d5ad2991f306b42744347a0c9e1fe2136b2b3da49032d3a57df1e236222cf6d6fe396aff8e5fe7fff5baa88789b783c12045e2c904a5d118369fdddc3e6e2f24bdbb26df92ac9bf4751c897a87c0223888e36ad14ba6e4d879ff464cac6f13a3a543e067d922e99c50f2fc6391e9c1c82b7195005eafdbb3374200c134cbd0f11739e8c19dd07140686242fea48caf3a1a93b86f35d77f258a2c9ce24cf321068551a584262d7a74a344e428c77c8af755e72904b0ca8a0bb359fb0", 0xffffff5d, 0x12, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080), 0xffffffffffffffa9, 0xc9100120, 0x0, 0x1500)

4.072389933s ago: executing program 3 (id=1363):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x22000044}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x1000400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.713846722s ago: executing program 2 (id=1365):
syz_usb_connect$uac1(0x2, 0x9b, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x582, 0xc, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x89, 0x3, 0x1, 0xb, 0xb0, 0x9, "", {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x480, 0x24}, [@feature_unit={0x9, 0x24, 0x6, 0x4, 0x6, 0x1, [0x4], 0x80}, @extension_unit={0x8, 0x24, 0x8, 0x5, 0x1, 0x7, "96"}, @output_terminal={0x9, 0x24, 0x3, 0x3, 0x401, 0x5, 0x3, 0xac}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x4, 0x5, 0x1}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0x0, 0x2, 0x29, 0x1}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0x6, 0x87, 0x6e, {0x7, 0x25, 0x1, 0xc, 0x33}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0xc, 0x13, 0x7, {0x7, 0x25, 0x1, 0xc, 0x1, 0x7}}}}}}}}]}}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

3.512349623s ago: executing program 7 (id=1366):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB="64697361626c655f726f6c6c5f666f72776172642c6c617a7974696d652c636f6d70726573735f63616368652c6e6f696e6c696e655f78617474722c64697361626c655f6578745f6964656e746966792c6e6f657874656e745f63616368652c6e6f657874656e745f63616368652c7768696e745f6d6f64653d66732d62617365642c636865636b706f696e743d64697361626c652c6a71666d743d76667376302c6a71666d743d7666736f6c642c6261636b67726f756e645f67633d6f66662c6e6f61636c2c646174615f666c7573682c009155f76df4d07ad6534d3588c19362f06435c912cf73b02e9946cfefd7b578c7029ce8c93b87feddd9bb7bb8924e6211c8b54dffa2d339edb64a6434663023894c1ae07c9ce2b93d95fbac8d5dbd8afb838537dbe757fdc7bf5cf39436f951f8f451e754a4bcb17e69c41e94995a3ae74e9dac87ec351b0f1e4f23af9301"], 0xfd, 0x5519, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy6H+ht1V38wF3KqgdPmiZpyG6SKU2a1p48eBQP/iei4Mmjf4MHz97Eg+JNUDLvVLe6gtC0sdvfDybPzDtvnnneUArPTEgAJ9Zi9uvPlbgU5yJiPiIuRhT7lXIr3E7hhYi4HBFzj22VcvzPgdMRcT4iLk2Sp5yV8tTnV8dXbv701i/ffHfm1IUvvv5+dqsGZu3FiOhvpP3tfop5J8WH5Xhj3C1i/8a4jOlE72w638/T+HZ7rciw3dib1yji9U6an29sDSdxvddoTmKnu16MbwzSBYfjzl6e4g0PG5vFcau9VsTuMC9iZzddd2c3/W/bHY5SnlaZ76MifYxGezGNt3faaT0bj4rYHIzK8ZQ3b7V3JnFcxvJy0cx7raKOtQN80P9zb3cHWzvZuL057OaD7Gat/lKtfqta38xb7VH7RrXRb926kS11epNp1VG70b/dyfNOr11r5v3lbKnTbFbr9WzpTnut2xhk9Xrteu1a9eZyuXc1e/3+e1mvlS1N4qvdwdao2xtm6/lmlt6xnK3Urr+8nF2pZ+/cW81WH9y9e2/13Q/uvH//lXtvvlZO+kdZ2dLKtZWVav1adaW+fILW/0lZ9BTXDwdSmXUBAMeP/h+YhYP0//1H5fET+//NBxGH3/+H/n8qjlX/e9L7/0NYPxyI/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MT6YeHLN4qdxXR8oRx/phx6rjyuRMRcRPz+BPNxel/O+TLPwr/MX/hbDd9WosgwucaZcjsfEbfL7bdnD/tTAAAAgKfXVx9f/ix16+llcdYFcZTSTZu5ix9OKV8lIhYWf5xStrnJy/NTSlb8fZ+KnSllK25gnZ1SsnTL7dS0sv0n8/vC2cdCJYW5Iy0HAAA4Evs7gaPtQgAAADhKn866AGajEnuPMveeBRffvP/rgeC5fUcAAADAMVSZdQEAAADAoSv6f7//BwAAAE+39Pt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8wc793CYORHEAfjZ4Yf9p0Wrv28reoIwtIcccIwpIExSQAzWkAWogt5QQQYTHIRBxiOSxrUTfJzmTscyPNwgOMyMNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJceqnUVN39v2+bs9u3kGQ0AAABwybZaL+p/Zqn/vbn/s7n1u+kXEVFGxKW5+yi+nGWOmpzq9fm70+erNzXcR9QJh/eYNNe3iPjXXE+/uv4UAAAA4PPaLFfzNFtPf2ZDF0Sf0qJN+eN/prwiIqrZY6a08pD3J1NY/f0ex3WmtHoBa5opLC25jXOlvUv9cz+u2k1PmiI15cWXHYvMNnYAAKBHo7Om31kIAAAAfboaugCGUcTLVuZxK3CSmmZ77+tZDwAAAPiAiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADP7M87CoRAGITB3vWdydz/sNKgqalJFQgff2MwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxPy8pEAJBEAVzxv9O+v6HlQQ9gwgR0PCoohYNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCxcz8vclNxAMBfksnUVsVxlTmsiIIHvdjptLb2Jh6UxYN/grBsp3Xt1B/tHmwp4l68yZ57ET2KCMp66//Qcwu91FsPc6ggHkeSSWbSdtFZwSTd/Xzg5X0TQt73JbDsNy+7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCavLuIk2zTm8Vxcez2g+sbWX/nkT5zc+fuatayOKoz6SfDy9WdqN9cIgAAABweSVnfhxDupbtrWR/38vo/Lc/Jav7vn53FZT3/aN1f9mXtn7Xffr3/4nyg3myc7KLnN8ejE4+n0vn/Ztluz/3rGZ38zufvXpL8gcQfbL8wSfP7GX1769Z73Tw8Uke2AMB/cbzsi6D8fSjrh00mBsCh0akU3mX9n/SazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgDpPt8HQZRyGE1c4iztx5cH1jr/7mzt3Vsp25cWMnfL24ZnaJNIRwfnM8OlHrbNrtytVrF9fH49Hl+oNXQghNjf5OMf2LHy1xcgiN3J/9B3+1I422BXHxsNuSz5MRNPhDCQCAAyktWlbX30t317Jj0UoI0x8erv9fr8Rhyfr//sdnblfHqtb/w9pm2H6DrUufD65cvfbm5qX1C6MLo0/fOjl8e3jq7OnTZwf5u5KBNyYAAADs23Q6nc53ukWr1v/xyuPr/8cqcViy/v/iu+FX1YET9f+eFot+TWcCAABwuD3/6p9/RHscj7rd8OX61tbl4Ww73z852zaQ6r4dKVq1/k9Wms4KAAAAqMNkO3po/f9cJQ5Lrv8/8+NLP1evmYQQjhbr/8c3Phufq286rVbHnxM3PUcAAACadbRo1fX/NP/+P55/8hCHEN54bRYX/wbwH+v/tKj/k/e/+ak6VvX7/1P1TbGV4v7sfuR9P4ROv+mMAAAAOMieKlpW7P+e7q598suxD7u+/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACo298BAAD//y5wQIQ=")
openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x1ab341, 0x114)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r3, 0x0, 0x42, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000040)=0x1e)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r4)
sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000980)={0x18, r5, 0x1, 0x703d28, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24000040}, 0x24004084)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f0000000100)="1400000052004f7fb3e45f2024d2f1c9fb470000", 0x14)

3.068801906s ago: executing program 4 (id=1369):
syz_mount_image$f2fs(&(0x7f0000001080), &(0x7f0000000000)='./file1\x00', 0x2800000, &(0x7f0000000380)=ANY=[], 0x2, 0x5515, &(0x7f0000001300)="$eJzs3EtvG9UXAPDjpGnTx7//CLFg15EqpESqrTpNKtgFaMVDpIoKLFiBYzuWW9sTxY4TsmLBErHgmyCQWLHkM7BgzQ6xALFDAnlmAg0PqSh+0Ob3k8Zn7vX1mXOtqtKZiRzAmbWU/PxjKa7GxYiYj4grEdl5qTgyG3l4LiKuRcTcI0epmP994nxEXIqIq6Pkec5S8danN4bX139446evvrlw7vJnX347u10Ds/Z8RHR38/ODbh7TVh4fFPO1YTuL3bVhEfM3ug+LcZrHg+Z2luGgdryulsVbrXx9urvfH8WdTq0+iq32Tja/28sv2B+2jvNkH3hQ28vGjeZ2Ftv9NIuto7yuw6P8/7aj/iDP0yjyfZClj8HgOObzzcNmvp/dh1ms9wbFfJ43bTQPR3FYxOJyUU87jayO7dN80/9tb7Z7+4fJsLnXb6e9ZL1SfaFSvV2u7qWN5qC5Vq51G7fXkuVWZ7SsPGjWuhutNG11mpV62l1Jllv1erlaTZbvNLfbtV5SrVZuVW6W11eKsxvJq/feSTqNZHkUX2739gftTj/ZSfeS/BMrlyPixZXkejV5a3Mr2bp/9+7m1tvv3Xn33kubr79SLPpLWcny6s3V1XL1Znm1ujLB/S/GxPefrFZuPfb+PyqKHuP+4VRKsy4A4Mmj/wdmYXL9/979iMn3/6H/H4tZ9///qv+ddv9/BvYPp6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4s75b+Py17GQpH18u5v9XTD1TjEsRMRcRv/6N+Th/Iud8kWfhH9Yv/KmGr0uRZRhd40JxXIqIjeL45f+T/hYAAADg6fXFh9c+ybv1/GVp1gUxTflNm7kr748p32JELCx9P6Zsc6OXZ8eULPv3fS4Ox5Qtu4G1OKZk+S23c+PK9ljmT4TFR0IpD3NTLQcAAJiKk53AdLsQAAAApunjWRfAbJTi+FHm8bPg7C/v/3ggePHECAAAAHgClWZdAAAAADBxWf/v9/8AAADg6Zb//h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7FzP7eJA1EcgJ8NXtj/aLX3bWVvUMaWsMc9riggTVBADqSFNEAN5JYSIojwOAQiDpE8tpXo+yQzjGV+PCN8mBlpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6dFetFzf/f121zdnt28lzNwAAAMAl22q9qN/MUv9zc/5rc+pH0y8iooyIS2P3UXw4yxw1OdXz9den11cvariNqBMO3zFpjk8R8bs5Hr53/SsAAADA+7VZruZptJ5eZkMXRJ/SpE355U+mvCIiqtl9prTykPczU1j9/x7Hv0xp9QTWt0xhacptnCvtVerH/ThrNz1pitSUFz92LHLaeYUAAEB+o7Om31EIAAAAffo7dAEMo4inpczjUuAkNc3y3sezHgAAAPAGFUMXAAAAAHSuHv/3tP/f3v5/AAAAMIy0/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2lbrxWa5mrfN2e3byXM3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/NykQwkAQRmvG/53k/oeVAj2DCO9B4EuaXgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdJ+cTU6O3Ocm/sfR5JFk7amwdNfYuNI4ujLd/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAH8zs7O1VXGNsoeIKHjQi91ua2tv4kEJHvwThJBua+zWH20OthQxF2+Scy+iRxFBibf+DzknkEu85bCHCJ6VmZ3JTn6A66+ZTfL5wJv33WGY932zEPKd9xIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0ensSJ9mhM47j4tzm3sOlrN861Gcer23PZy2LozqTPhlerH6Ius0lAgAAwNmRlPV9CGEnXV/I+riT1/9peU1W83/79Dgu6/nDdX/Zl7V/1n75eff5/YE643Gym95cHg4uHU2l9f/NcrY985dXtPInn797SfIvJH5v9blRmj/P6OuNjXfaeXiujmwBgH/iYtkXQfn7UNb3m0wMgDOjVSm8y/o/6TSbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAdRqvhyTKOQgjzrUmc2dp7uHRc/3hte75s1x49WgtfTu6Z3SINIdxcHg4u1Tqb2Xbv/oPbi8Ph4G79wUshhKZGf6uY/u0Pprg4hEaej+A/CuLiy56VfE5G0OAPJQAATqW0aFldv5OuL2TnorkQ/vjuYP3/aiUOU9b/ux9e26yOVa3/+7XNcPb1Vu582rt3/8Hry3cWbw1uDT5+43L/zf6V61evXu/l70p63pgAAADw77SLVq3/47mj6/8XKnGYsv7/7Jv+F9WxEvX/sSaLfk1nAgAAcLY9+/Lvv0XHnI/a7fD54srK3f74uP/58vjYQKp/27miVev/ZK7prAAAAIA6jFajA+v/NypxmHL9/6nvX/ixes8khHC+WP+/uPTJ8EZ905lpdfw5cdNzBAAAoFnni1Zd/0/z/f/x/paHOITw2ivjuPg3gFPV/8m7X/1QXN4Jh/b/X6l3mjMn7o6fR953Q2h1m84IAACA0+yJomXF/q/p+sJHP114v23/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDd/gwAAP///ls9vA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1873c1, 0x10)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)

2.984881061s ago: executing program 5 (id=1370):
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000006a80), 0x1, 0x0)
socket(0x200000000000011, 0x2, 0xd)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x800000000000000, 0x0, 0x0, 0x800, 0x0, 0x8100000}, 0x0, &(0x7f0000000080)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6a9, 0x3ac8}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

2.941587343s ago: executing program 3 (id=1371):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x0, 0x56}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x3, 0x1}, 0x50)

2.81297376s ago: executing program 5 (id=1372):
r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
keyctl$read(0xb, r0, &(0x7f00000021c0)=""/4096, 0x1001)

2.81229326s ago: executing program 3 (id=1373):
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e1e, 0x5, @dev={0xfe, 0x80, '\x00', 0xd}, 0x402}, 0x1c)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc80}, 0x800)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070001040000000000040002000600030000000903000038000104ce0000000e0000000b"], 0x58)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x80)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x1000, 0x400, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x4000, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.691502416s ago: executing program 5 (id=1374):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x18, &(0x7f0000000180), 0x1, 0x562, &(0x7f00000001c0)="$eJzs3c9rHOUbAPBnNtn+/n6bQikqIoEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC+Jd756k+A/4VxS0UKQEPXiJzGY23Ta7yTbdNqnz+cC077szO+88+87z5p2dXTaAwhrN/ilFvBgRXyURByMiydcNR75ydHW75ftXp7IliZWVj/9MWttl9fa+2s/bn1deiIhfv4g4XlrfbmNxabZaq6XzeX2sOXdprLG4dOLCXHUmnUkvTkxOnnpzcuKdt98aWKyvnf37249uv3/qy6PL3/x099DNJE7HgXxdZxxP4FpnZTRG89ekHKcf2XB89b9BtLkjJNt9AGzJUJ7n5cjGgIMxlGc98N/3eUSsAAWVyH8oqPY8oH1tP6Dr4OfGvfdWL4DWxz+8+t5I7GldG+1bTh66Msqud0cG0H7Wxs9/3LqZLTG49yEANnXtekScHB5eP/4l+fi3dSf72ObRNox/8OzczuY/r3eb/5TW5j/RZf6zv0vubsXm+V+6O4Bmesrmf+92nf+u3bQaGcpr/2vN+crJ+Qu1NBvb/h8Rx6K8O6uPb9DGqeU7K73Wdc7/siVrvz0XzI/j7vDuh58zXW1WnyTmTveuR7zUdf6brPV/0qX/s9fjbJ9tHElvvdJr3ebxP10rP0S82rX/H9zRSja+PznWOh/G2mfFen/dOPJbr/a3O/6s//dtHP9I0nm/tvH4bXy/55+017qH4o/+z/9dySet8q78sSvVZnN+PGJX8uH6xycePLddb2+fxX/s6Mbj34Pz/5e1/eyNiE/7jP/G4R9f3tNP/NvU/9OP1f+PX7jzwWff9Wq/v/HvjVbpWP5IP+PfJsdVji2fzQAAAAAAALBzlSLiQCSlylq5VKpUVu8JH459pVq90Tx+vr5wcTpa35UdiXKpfaf7YMfnIcbzz8O26xOP1Ccj4lBEfD20t1WvTNVr09sdPAAAAAAAAAAAAAAAAAAAAOwQ+3t8/z/z+9B2Hx3w1PnJbyiuTfN/EL/0BOxI/v5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2bKyfP/qVFafvry4MFu/fGI6bcxW5hamKlP1+UuVmXp9ppZWpupzm+2vVq9fGp+IhStjzbTRHGssLp2bqy9cbJ67MFedSc+l5WcSFQAAAAAAAAAAAAAAAAAAADxfGotLs9VaLZ1XKFKh3f0D2OHwDghHYfCF7R2XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDTvwEAAP//zkc0bw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r0, 0x10, 0x8c3, 0x8000)

2.500153136s ago: executing program 3 (id=1375):
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x103041, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x401e, &(0x7f0000007a40)=ANY=[@ANYBLOB="7768696e745f6d6f64653d757365722d62617365642c6e6f666c7573685f6d657267652c646973636172645f756e69743d626c6f636b2c636f6d70726573735f63616368652c646973636172642c636f6d70726573735f63616368652c636f6d70726573735f63616368652c6e6f646973636172642c6e6f61636c006261636b67726f756e645f67633d6f66662c6673796e635f6d6f64653d7374726963742c617467632c636865636b706f696e743d64697361626c652c6661756c745f747970653d30303030303030303030303030303030303030362c000bfd62d218a444a68c74f026d4ccec66093eece27fe167b75e67ed0f3b3ac135096f87f1bea6b5fea173b82a6a331ed6a20e7966a79114d49d58aca09dc4cbc08f2ce2ad2c6d576d3babdbc296014f0cb17e6a9d720beaf7459568d2e674"], 0xfd, 0x5532, &(0x7f0000007b80)="$eJzs3M1rI2UYAPB3+rHb/XAt4sHbDixCC5vQ9GPRW9Vd/MAuZdWDJ02TachukilNmtaePHgUD/4nouDJo3+DB8/exIPiTVAy71S3uoLQtLHb3w8mz8w7b5553lACz0xJAC6s+fTXn5NwI1wJIUyHEK6HUOwn5VZYj+GFEMLNEMLUY1tSjv85cCmEcDWEcGOUPOZMylOf3x7eWvvprV+++e7yzLUvvv5+cqsGJm30tdLdifv73RjzVowPy/H6sF3E7uqwjPFEZy6e7+ZxfD/bKjLs14/m1Yu40orz8529/ihud+qNUWy1t4vxnV68YH/YOspTvOFhfbc4bmZbRWz38yK2DuN1Dw7jd9thfxDzNMt8HxXpw2BwFON4dpDF9ew8KmKjNyjHY968mR2M4rCM5eVCI+80izq2TvBB/8+93e7tHcyEbLffznvpWrX2UrV2p1LbzZvZIFut1LvNO6vpQqszmlYZZPXueivPW52s2si7i+lCq9Go1Grpwt1sq13vpbVadaW6VFlbLPdup6/ffy/tNNOFUXy13dsbtDv9dDvfTeM7FtPl6srLi+mtWvrOxma6+eDevY3Ndz+4+/79VzbefK2c9I+y0oXlpeXlSm2pslxbHMP60+H5WP8nZdFjXD+cSDLpAgDOH/0/MAkvnqD/7z4qj5/Y/+8+COH0+/+g/x+Lc9X/XvT+/xTWDyei/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLB+mP3yjWJnPh5fK8efKYeeK4+TEMJUCOH3J5gOl47lnC7zzP7L/Nm/1fBtEooMo2tcLrerIYT1cvvt2dP+FAAAAODp9dXHNz+L3Xp8mZ90QZyleNNm6vqHY8qXhBBm538cU7ap0cvzY0pW/H3PhIMxZStuYM2NKVm85TYzrmz/yfSxMPdYSGKYOtNyAACAM3G8EzjbLgQAAICz9OmkC2AyknD0KPPoWXDxn/d/PRC8cuwIAAAAOIeSSRcAAAAAnLqi//f7fwAAAPB0i7//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwBzv3j6M2EMUB+NngQP4pKEqfe6RKB4dIkSOkTBlxgFyCA6TgDJFScwbSpcgBVrDC42VhhVZIHtva1fdJ3llbw483CIqZkQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALv2t1lX8+Pizbc5u306e0QAAAACXbKv1ov5nlu5fN8/fNo/eN/dFRJQRcWnuPooXZ5mjJqe67//rtH/1oIbfEXXC4T0mzfUqIj431827rj8FAAAAeL42y9U8zdbTn9nQBdGntGhTvvmaKa+IiGr27/FOf/5/+nJVWnnI+5CnsvT9Hsf3TGn1AtY0U1hachvnSrtK/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36NnQBDKOIu63M41bgJDXN9t7LszsAAADgCSqGLgAAAADoXD3/7+n8v73z/wAAAGAY6fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurSt1ovNcjVvm7Pbt5NnNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAt+/OOAiEQBmGwd31nMvc/rDRoampSBcLH3xgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzsz0sKhEAQRMGc8b+Tvv9hJUHPIEIENDyqqEUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzs3M9rHFUcAPA3MztbUxXXKHuIiIIHvdjttrb2Jh6U4ME/QQjptsZu/dHmYEsRc/EmOfciehQRlHjr/9BzC73UWw57qCAeV2Z2ZnfaRk2Ezkybzwfevu8Mw7zvm4WQ77yXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlCbvLuIk++jN4rg4d+vetfWsv/1An7mxfWcla1kc1Zn04+Hl6kHUby4RAAAADo+krO9DCHfTndWsj3t5/Z+W12Q1//fPzuKynn+w7i/7svbP2m+/7r44H6g3Gye76bmN8ej4w6l0Ht0s2+25/7yikz/5/N1Lkn8h8QdbL0zS/HlG3968+V43D4/UkS0A8H8cK/siKH8fyvphk4kBcGh0KoV3Wf8nvWZzAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKjDZCs8XcZRCGGls4gzt+9dW9+rv7F9Z6Vsp69f3w5fL+6Z3SINIZzbGI+O1zqbdrt85eqFtfF4dKn+4JUQQlOjv1NM/8JH+7g4hEaez8GDv9qRRtuCuPiy25LP4xE0+EMJAIAnUlq0rK6/m+6sZuei5RCmP9xf/79eicM+6//dj0/fqo5Vrf+Htc2w/QabFz8fXL5y9c2Ni2vnR+dHn751Yvj28OSZU6fODPJ3JQNvTAAAADiw6XQ6nR90i1at/+Plh9f/j1bi8I/1/+5Stf7/4rvhV9WBE/X/nhaLfk1nAgAAcLg9/+qff0R7nI+63fDl2ubmpeHsc358YvbZQKoHdqRo1fo/WW46KwAAAKAOk63ovvX/s5U47HP//zM/vvRz9Z5JCGGpWP8/tv7Z+Gx902m1Ov6cuOk5AgAA0KylolXX/9N8/3883/IQhxDeeG0WF/8G8F/r/7So/5P3v/mpOlZ1///J+qbYSnF/9jzyvh9Cp990RgAAADzJnipaVuz/nu6sfvLL0Q+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3vAAAA//+xW0NN")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f00000001c0)='.\x00', 0x820f8, &(0x7f0000000240)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

2.413706881s ago: executing program 5 (id=1376):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x800092, &(0x7f0000000bc0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c757466383d312c696f636861727365743d69736f383835392d31332c636865636b3d7374726963742c726f6469722c757466383d302c756e695f786c6174653d312c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c646d61736b3d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303030303030303030362c756e695f786c6174653d302c696f636861727365743d63703835352c73686f72746e616d653d77696e39352c726f6469722c6e6e6f6e756d7461696c3d312c73686f72746e616d653d6d697865642c73686f72746e616d653d6d697865642c757466383d312c757466383d302c756e695f786c6174653d302c0500695f786c6174653d312c696f636861727365743d6370313235352c757466383d302c646566636f6e7465010000006e636f6e66696e65645f752c00", @ANYRESDEC], 0x46, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==")
userfaultfd(0x80801)
r0 = open(&(0x7f0000000040)='.\x00', 0x20000, 0x40)
getdents64(r0, &(0x7f0000000fc0)=""/224, 0xe0)

2.237392691s ago: executing program 5 (id=1377):
syz_mount_image$f2fs(&(0x7f0000000240), &(0x7f00000000c0)='./file1\x00', 0x18015, &(0x7f0000000080)=ANY=[], 0x1, 0x556e, &(0x7f0000004000)="$eJzs3M2LG/UbAPBnst2+//pbxIO3DpTCLjSh2b6gt6otvmBLqXrwpNkkDWmTzLJJ03VB8OBRPPifiIInj/4NHjx7Ew+KN6GSmYl21YIvedm2nw9Mnplvvnnm+YZl4JlZEsBTay39+cckTsWxiFiJiJMRk/0HSUQk00lXivBcRJyOiMpDW1KO/zZwOCKOR8SpSfIiZ1K+9em58ZlLP7z+01ffHDl04rMvv13eqoFlOzu5QJTu94uYdYp4Z7uIjXE3j/2L4zIWb/TvlsdZEe+3t/IM9xvTeY08XugU87Pte8NJvN1rNCex072dj28PihMOx51pnvwDdxo7+XGrvZXH7jDLY2evqGt3r7i27Q1HRZ5Wme/9PH2MRtNYjLd328V6tu/msTkYleNF3qzV3p3EcRmn195m1mvldWz922/54HujO7i3m47bO8NuNkgv1erP1+qXq/WdrNUetS9WG/3W5Yvpeqc3mVYdtRv9K50s6/TatWbW30jXO81mtV5P16+2t7qNQVqv1y7UzlcvbZR759JXbryd9lrp+iS+1B3cG3V7w/R2tpMWn9hIN2sXXthIz9TTN6/fTG/eunbt+s233r36zo0Xr7/2cjnpT2Wl65vnNzer9fPVzfrGU7T+j8qiZ7h++E+SZRcA8Ph5RP8f+n9gns5O+vSyz59t/79zK2L+/X/Msf8vT6f/P2j97wz7/86Jha+/Egdo/TAT/7T//2BOdQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsHDfrX7+ar6zVhyfKMf/Vw49Ux4nEVGJiAd/YSUO78u5UuZZfcT81T/U8HUSeYbJOY6U2/GIuFJuv/x/3t8CAAAAPLm++PD0J0W3XrysLbsgFqm4aVM5+d6M8iURsbr2/YyyVSYvz84oWf73fSh2Z5Qtv4F1dEbJiltuh2aV7W9Z2ReOPhSSIlQWWg4AALAQ+zuBxXYhAAAALNLHyy6A5Uhi+ihz+iw4/8/73x8IHtt3BAAAADyGkmUXAAAAAMxd3v/7/T8AAAB4shW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArO/eTq0QMxwH8N/Ne3+P5JxLj3qu4g1MYj+DSpeEAXoKV6/EKXoAzYNx4Aw1jmCkEjKCGDgTz+SRD6TB8aQkL2kIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY0pfUTD+9f/nh1JxV295FRPsHD4euKdMbAAAA4HeWqZl2d8Z9/XE+/zSfep7rVUTUBwbvN3G3kzja5qQD16eb/TZ8jugS1q9xn49HEfEqHz+eDf42AAAAwH9rMZtPIrrBeHczvnSDOKd+0qZ+8qZQXhURafytUFq9zntRKKz7fN/Gu0JpKbbzXAV0U263pdL+Sj8Bt5m1G+0UVV/Ux59frO8AAMAZ5aX4/H3/H0ch3/1sHwAA4Hq8vXQDGMjr4w9XsVnK3C4F3vdFXt572KsBAAAAV6i6dAMAAACAwXXj/2VqPn6NUcH9//r/FBzd/++Xhtj/DwAAAIbT7/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJapmS5m88mpOav2NGV6AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2Z9XHIBBIAyD23frCPc/bPM3QVZjZsTmCwsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh3fHPJWEdsiVZVe07buNWr6swqcWWVuLNOPHnQ5/4GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgZX9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPim3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+feMmwwAAv2ffXWkBEQLKEAaQGGCh6bW0dAMGUMTAn4AUpdcSeuVHm4FWFSgLG2TugsqIEBIobJ1ZO7dSl7B1yFAkJLZD9tmJQxPlQlP7aJ5H+u57bfk+v5+vavL68wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLGu1txmr1MjeKk2HfnwfXFrL/7rz5za/XebNayeFhn0v8PR6sbrZnmEgEAAOBwaBW1fVpsr3fW5rM+mcrr/055XFbz33x26z2xQ91f9mXtn7Xffr3/4ubJpkbnyQY9vzTon3g4nfbjm+lke27PI9r5lc/vvaT5B5J8sPLCRie/nq1vb99+r5uHR+rIFgDY1XD3H8bHR936zSIofx/K+l5N6QFwuLUrhXdZ/6dTzeYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUIeNlXi6jFsRMdveijN3H1xf3Km/tXpvtmxnbtxYrY6ZDdGJiPNLg/6JGucy6a5cvXZxYTDoX94r6Mbex+wveDkiDnTAfQRvF9O/+NEYB0eMN/Lfw+EwjTjwCyV4tCApPuxJyWcU/P7f3z4s//U+pgzfiYhBQ/8hAQDwxOoULavr1ztr89m+1nTE8Ift9f9rlTjGrP/vf3zmTn7wd8m282X1f6++KU68ueVLn89duXrtjaVLCxf6F/qfvnmy91bv1NnTp8/O5fdK5twxAQAA4NF0i1at/5Pph9f/j1XiGLP+/+L73lfVc6Xq/x1tLfo1nQkAAMDh9vwrf/3Z2mF/q9uNLxeWly/3Rq+b2ydHrw2kum9Hilat/9PpprMCAAAA6rCx0tq2/n+uEseY6//P/PjSz9Ux04g4Wqz/H1/8bHCuvulMtIP88vDXu3xPvuk5AgAA0KyjRauu/3fy5/+TzUcekoh4/dVRXPwZwLHq//T9b36qnqv6/P+p+qY4kZKZ0fXI+5mI9kzTGQEAAPAke6poWbH/R2dt/pNfjn3Y9fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+CQAA//+K6TmR")
stat(&(0x7f0000003200)='./file1\x00', 0x0)

1.507364009s ago: executing program 2 (id=1378):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r0, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

1.329593869s ago: executing program 7 (id=1379):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000a00)={0x0, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_kvm_add_vcpu$x86(r2, &(0x7f00000000c0)={0x0, 0x0})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.12473155s ago: executing program 2 (id=1380):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1200000001000000040000000800000000000000", @ANYRES32], 0x48)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
dup3(r0, r1, 0x0)

987.535887ms ago: executing program 4 (id=1381):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file1\x00', 0x2800000, &(0x7f00000010c0)={[{@debug}, {@jqfmt_vfsv0}, {@inlinecrypt}, {@errors_remount}, {@test_dummy_encryption_v1}, {@usrquota}, {@delalloc}, {@nogrpid}, {@grpquota}]}, 0x1, 0xbd0, &(0x7f0000000480)="$eJzs3M9rXVUeAPDvvfnZNp2XDsMwnU0zDEMLw7ymHVKmZcBWKm5cCLoVGtKXEvL6gyRSkwZ80X9A1LXgRlCL0oVdd6Pg1o3WrcWFUCQ2CiIaue9HkibvJU3zkhvTzwdO7jn33HvP95ubvHsOvPcCeGINZD/SiMMRcSGJKNT3pxHRXa31RlRqxy3Mz478ND87ksTi4gvfJ5FExIP52ZHGtZL69kC90RsRXzydxJ9fXzvu5PTM+HC5XJqot49PXb52fHJ65j9jl4cvlS6Vrpw49b+hk0OnBk8PtS3Xn785e/vHfzz7beWXD369+cNb7yVxNvrqfSvzqGe9ZQMxsPQ7WakzIobbcP3doKOez8o8k84NTkq3OSgAAFpKV8zh/hqF6IjlyVshPv0y1+AAAACAtljsiFgEAAAA9rjE+h8AAAD2uMb7AB7Mz440Sr7vSNhZ989FRH8t/4V6qfV0RqW67Y2uiNj/IImVH2tNaqdt2UBE3Pv69MdZiSafQ95ulbmI+Fuz+59U8++vfxJ6df5pRAy2YfyBVe0/Uv5n2zB+3vkD8GS6c672IFv7/EuX5j/R5PnX2eTZ9Tjyfv415n8La+Z/y/l3tJj/Pf+IY9x4/53rrfqy/P9/+5mPGiUbP9tuKalNuD8X8ffOZvknS/knLfK/sMG1k6hdovDb9VKrY/LOf/HdiKPRPP+GZP3vJzo+OlYuDdZ+Nh1j7vOhD1uNn3f+2f3f3yL/de5/b7bv2kNXav2lPi+dP3+rVd/G+affdScvVmvd9T2vDE9NTZyI6E6eW7v/5Pr5No5pXCPL/9g/1///b/b3n70mVOp/G1nmc/Vt1n5t1ZhP3bzxyXr5Z2u/PO//xc3f/+q+Nx5xjH999uaxVn0r179Zyca/l9TWwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQkEZEXyRpMSKSaj1Ni8WIAxHxl9iflq9OTv179OrLVy5mfRH90ZWOjpVLgxFRqLWTrH2iWl9un1zV/m9EHIqItwv7qu3iyNXyxbyTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMmBiOiLJC1GRBoRC4U0LRbzjgoAAABou/68AwAAAAC2nfU/AAAA7H3W/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGyzQ0fu3E0ionJmX7Vkuut9XblGBmy3NO8AgNx05B0AkJvOvAMAcrPJNb7pAuxByQb9vS17etoeCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC719HDd+4mEVE5s69aMt31vq6mZxzZweiA7ZTmHQCQm471Ojt3Lg5g5z32v/jB9sYB7Lzma3zgSZJs0N+7fEzl4Z6ebYsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN2nr1qStBgRabWepsVixMGI6I+uZHSsXBqMiD9FxFeFrp6s3ZN30AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALTd5PTM+HC5XJp4nEqytdNVVFpVXt0dYexsJdkdYdQqeb8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh8npmfHhcrk0MZl3JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeJqdnxofL5dLEI1RubebgFZW8cwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID+/BwAA//8v5A3O")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x4, 0xfffffffa, 0x1000000000000004, 0xffffffffffffffff})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r1, 0x10, 0x800, 0x8000)

869.387473ms ago: executing program 2 (id=1382):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x22000044}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x37, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10000, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x1000400, 0x3e55, 0x5, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x100009, 0xc, 0xffffffff, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

524.544011ms ago: executing program 2 (id=1383):
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc80}, 0x800)
write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070001040000000000040002000600030000000903000038000104ce0000000e"], 0x58)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, 0x1, 0x7}, 0x20040000)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x4000, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

403.536308ms ago: executing program 7 (id=1384):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x56}, 0x28)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000180)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, r0, 0x3, 0x1}, 0x50)

351.938741ms ago: executing program 7 (id=1385):
r0 = socket$inet6(0xa, 0x3, 0x7)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000000)=0x2, 0x4)

276.090734ms ago: executing program 2 (id=1386):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000880)={0xffffffffffffffff, 0x2f, 0x4, 0x0, &(0x7f00000002c0)="41dfb080", 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = openat$khugepaged_scan(0xffffffffffffff9c, 0x0, 0x1, 0x0)
fsetxattr(r2, 0x0, 0x0, 0x0, 0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
sendmmsg$sock(r4, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0x7f, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x28)

203.592138ms ago: executing program 7 (id=1387):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000005c0)=[{0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0502103, 0xfffffffffffffffe)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, 0x0)

26.816078ms ago: executing program 5 (id=1388):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e"])
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000140)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@noload}]}, 0x14, 0x539, &(0x7f0000000500)="$eJzs3cFvG1kZAPBvnLhJs8mmC3sABGxZFgqq6iTubrTaC9kLCFWVKipOHNqQuFEUu45iVzShh/TIvRKVOAH/ATcOSD1x4MYNblzKAalABWpAHIxm7KRuYifZxomb+PeTpp73ZurvPbvvvZlXeV4AA+tiRGxGxLmIuB0Rk638pLXFXHNLz3vx/MHC1vMHC0k0Gjf/kWTH07xo+zupt1rvORoRP/hexI+TvXFr6xsr8+Vyaa2VnqpXVqdq6xtXlnOtnOLszOz0x1c/Kvasru9VfvPsu8vXfvi7337l6R83v/3TtFjjP5vIjrXXo5eaVc/HeFvecERcO45gfTLc+vfD6ZO2ts9FxPtZ+5+MoezbBADOskZjMhqT7WkA4KxL7//HI8kVWnMB45HLFQrNObx3YyxXrtbqlyer9+4uRjaHdSHyuTvL5dJ0a67wQuSTND2T7b9MF19JPypdjYh3IuLRyPnseGGhWl7s54UPAAywt3aN//8eaY7/7fL9KhwAcHxG+10AAODEGf8BYPAY/wFg8HyG8d+vAwHgjHD/DwCDx/gPAIPnwPH/4cmUAwA4ETeuX0+3xlbz+dfbT+q+sliqrRQq9xYKC9W11cJStbpULhUWGo2D3q9cra7OfLiTrK1v3KpU792t31quzC+VbpU8SwAA+u+d9578OR30Nz85n23RtpbDIcbqueMtHXCccv0uANA3Q/0uANA3fs8Dg+sQ9/im7OGM67BEb1NrgiDpdsJji7/CaXXpi0ea/wdOsaPM/5s7gNPt9eb/v9PzcgAnzxgOg6vRSKz5DwADxhw/0PX//1u6PiLkce/LAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKfFeLYluUK2Fvhm+meuUIiYiIgLkU/uLJdL0xHxdkT8aSQ/kqZn+l1oAOCIcn9LWut/XZr8YHz30XPJf0ay14j4yS9u/vz+fL2+NpPm/3Mnv/44zT9fXyue60cFAIB2c3uzsvG72Hptu5F/8fzBwvZ2kkV89mlzcdE07lZrax4ZjuHsdTTyETH2r6SVbkqvV4Z6EH/zYUR8Ybv+o3G/LcJ4NgfSXPl0d/w09kTP47d//rvj516pby47lr7ms8/i87GrcMCBnnza7CdbbS9t4ln7uxERF7MzOrf/0ayHOrq0/0ub69ae/i+30/8N7YmfZG3+4k56/5I8+/D339+T2ZhsHnsY8aXhTvGTnfhJ5/43/8Eh6/iXL3/1/W7HGr+MuNSx/tsrUleybnaqXlmdqq1vXFmuzC+Vlkp3i8XZmdnpj69+VJy6szwR01PZTPUfOsX4+yeX3+4WP63/WJf4o/vXP75xyPr/6n+3f/S1feJ/6+udv/9394mfjonfPGT8+bG5rst3p/EXu9T/gO8/Lh8y/tO/biwe8lQA4ATU1jdW5svl0tqenf++kpNea+49x87r7qT39m9AMbKd2Izo1RtmkxIR0fGc9Ir6zajyce0kx/TO6fX7/uf8utdB+90zAcftZaPvd0kAAAAAAAAAAAAAAIBuausbKyOdf63Vs51+1xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICz6/8BAAD//5GEwrc=")
r3 = socket$inet6(0xa, 0x802, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e21, 0x4, @private1, 0x1}, 0x1c)
chown(&(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff)

0s ago: executing program 3 (id=1389):
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1900)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$rtl8150(0x0, 0x3f, &(0x7f0000000240)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xbda, 0x8150, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
ioctl$EVIOCRMFF(r0, 0xc0085508, 0x0)

kernel console output (not intermixed with test programs):

[ T6776] EXT4-fs error (device loop3): ext4_search_dir:1549: inode #2: block 16: comm syz.3.734: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  160.283823][ T6773] loop4: detected capacity change from 0 to 40427
[  160.417146][ T6773] F2FS-fs (loop4): invalid crc value
[  160.444931][ T6773] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  160.670415][ T6773] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  160.721697][ T6773] F2FS-fs (loop4): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  161.824382][ T6822] loop2: detected capacity change from 0 to 512
[  161.866801][ T6822] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  161.930442][ T6824] loop5: detected capacity change from 0 to 512
[  161.969876][ T6822] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  162.001276][ T6822] EXT4-fs (loop2): 1 truncate cleaned up
[  162.039376][ T6824] EXT4-fs (loop5): Quota format mount options ignored when QUOTA feature is enabled
[  162.065020][ T6822] EXT4-fs (loop2): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,nogrpid,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nolazytime,. Quota mode: none.
[  162.103682][ T6828] loop4: detected capacity change from 0 to 1024
[  162.149063][ T6824] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,commit=0x0000000000000005,quota,,errors=continue. Quota mode: writeback.
[  162.214920][ T6828] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  162.266928][ T6828] EXT4-fs (loop4): orphan cleanup on readonly fs
[  162.274471][ T6828] EXT4-fs error (device loop4): ext4_quota_enable:6440: comm syz.4.750: Bad quota inum: 1, type: 0
[  162.288544][ T6824] ext4 filesystem being mounted at /154/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  162.299365][ T6828] EXT4-fs warning (device loop4): ext4_enable_quotas:6488: Failed to enable quota tracking (type=0, err=-117, ino=1). Please run e2fsck to fix.
[  162.299422][ T6828] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  162.299440][ T6828] EXT4-fs (loop4): mounted filesystem without journal. Opts: nobarrier,noblock_validity,quota,resuid=0x0000000000000000,nodiscard,quota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  162.609205][ T6843] netlink: 16 bytes leftover after parsing attributes in process `syz.3.754'.
[  162.956581][   T26] audit: type=1800 audit(1777052674.468:5): pid=6849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.749" name="file1" dev="loop5" ino=15 res=0 errno=0
[  164.468845][ T6884] loop0: detected capacity change from 0 to 512
[  164.552183][ T6884] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  164.615328][ T6884] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  164.671795][ T6884] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (49809!=33349)
[  164.706700][ T6884] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002]
[  164.725470][ T6884] EXT4-fs (loop0): failed to initialize system zone (-117)
[  164.738842][ T6884] EXT4-fs (loop0): mount failed
[  164.905201][ T6891] loop5: detected capacity change from 0 to 256
[  165.239749][ T6898] loop5: detected capacity change from 0 to 256
[  165.291712][ T6898] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  165.334208][ T6898] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  165.374181][ T6898] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d)
[  165.508342][ T6886] loop3: detected capacity change from 0 to 40427
[  165.561070][ T6886] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288)
[  165.578396][ T6898] exFAT-fs (loop5): error, failed to bmap (inode : ffff8880514b2ee0 iblock : 16, err : -5)
[  165.595512][ T6886] F2FS-fs (loop3): Fix alignment : internally, start(4096) end(16896) block(12288)
[  165.602582][ T6898] exFAT-fs (loop5): Filesystem has been set read-only
[  165.661130][ T6886] F2FS-fs (loop3): invalid crc value
[  165.693617][ T6886] F2FS-fs (loop3): invalid crc value
[  165.747352][ T6886] F2FS-fs (loop3): Failed to get valid F2FS checkpoint
[  166.817538][ T6934] capability: warning: `syz.5.780' uses deprecated v2 capabilities in a way that may be insecure
[  167.016259][ T6945] loop5: detected capacity change from 0 to 512
[  167.222772][ T6945] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  167.281243][ T6945] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  167.610770][ T6966] loop0: detected capacity change from 0 to 256
[  167.673053][ T6969] netlink: 4 bytes leftover after parsing attributes in process `syz.5.790'.
[  168.125426][ T6983] input: syz0 as /devices/virtual/input/input16
[  168.133177][    T7] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  168.554638][ T7002] netlink: 4 bytes leftover after parsing attributes in process `syz.3.802'.
[  168.576696][    T7] usb 6-1: unable to get BOS descriptor or descriptor too short
[  168.696805][    T7] usb 6-1: config 1 has an invalid descriptor of length 67, skipping remainder of the config
[  168.716231][    T7] usb 6-1: config 1 interface 0 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  168.759605][    T7] usb 6-1: config 1 interface 0 has no altsetting 0
[  168.926596][ T4229] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  168.946852][    T7] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  168.966805][    T7] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.974841][    T7] usb 6-1: Product: syz
[  168.986557][    T7] usb 6-1: Manufacturer: syz
[  168.991198][    T7] usb 6-1: SerialNumber: syz
[  169.166535][ T4229] usb 5-1: Using ep0 maxpacket: 16
[  169.213800][ T6938] loop2: detected capacity change from 0 to 131072
[  169.297281][ T4229] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 8
[  169.307684][ T6938] F2FS-fs (loop2): Found nat_bits in checkpoint
[  169.337207][    T7] usb 6-1: bad CDC descriptors
[  169.365164][    T7] usb 6-1: USB disconnect, device number 8
[  169.384576][ T6938] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  169.476658][ T4229] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  169.494235][ T7027] F2FS-fs (loop2): inode (7) has corrupted xattr
[  169.505162][ T4229] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.550946][ T4229] usb 5-1: Product: syz
[  169.554293][ T7027] F2FS-fs (loop2): inode (7) has corrupted xattr
[  169.561947][ T4229] usb 5-1: Manufacturer: syz
[  169.580158][ T4229] usb 5-1: SerialNumber: syz
[  169.607615][ T4229] usb 5-1: config 0 descriptor??
[  169.647943][ T4229] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  169.684667][ T4229] usb 5-1: Detected FT232RL
[  169.924738][ T6938] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=fff70000, run fsck to fix.
[  170.044473][ T7036] loop5: detected capacity change from 0 to 4096
[  170.086567][ T4229] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  170.106593][ T4229] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  170.115249][ T4229] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  170.125504][ T4229] usb 5-1: USB disconnect, device number 13
[  170.154885][ T4229] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  170.171595][ T4229] ftdi_sio 5-1:0.0: device disconnected
[  170.207262][ T4231] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  170.397897][ T7036] EXT4-fs (loop5): Test dummy encryption mode enabled
[  170.404709][ T7036] EXT4-fs (loop5): Ignoring removed orlov option
[  170.434443][ T7051] netlink: 16 bytes leftover after parsing attributes in process `syz.0.815'.
[  170.483318][ T7036] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,orlov,,errors=continue. Quota mode: writeback.
[  170.765002][ T4231] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  170.786838][ T4231] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00
[  171.105327][ T4231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.858271][ T4231] usb 4-1: config 0 descriptor??
[  172.329860][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x2
[  172.376504][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0xe
[  172.414474][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x7
[  172.466588][ T7073] loop4: detected capacity change from 0 to 256
[  172.477968][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.526257][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.561359][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.605677][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.665700][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.693444][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.721767][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.739823][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.776824][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.831039][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.871380][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.902029][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.922078][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.943506][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.969093][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.985046][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  172.995702][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.013837][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.031584][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.072266][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.084092][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.091668][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.119484][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.137658][ T7091] loop0: detected capacity change from 0 to 512
[  173.144285][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.169364][ T4231] itetech 0003:06CB:73F4.000B: unknown main item tag 0x0
[  173.180353][ T4231] itetech 0003:06CB:73F4.000B: hidraw0: USB HID v0.20 Device [HID 06cb:73f4] on usb-dummy_hcd.3-1/input0
[  173.193148][ T7092] netlink: 16 bytes leftover after parsing attributes in process `syz.3.827'.
[  173.236642][ T4231] usb 4-1: USB disconnect, device number 12
[  173.272759][ T7091] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  173.376750][ T7091] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.502248][ T7095] fido_id[7095]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  173.659683][ T7105] netlink: 24 bytes leftover after parsing attributes in process `syz.0.829'.
[  173.813597][ T7106] loop3: detected capacity change from 0 to 2048
[  173.903542][ T7109] loop0: detected capacity change from 0 to 256
[  173.919493][ T7106] EXT4-fs (loop3): Journaled quota options ignored when QUOTA feature is enabled
[  173.976006][ T7106] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrjquota=./file1,noauto_da_alloc,bsddf,,errors=continue. Quota mode: writeback.
[  174.046798][ T7106] ext4 filesystem being mounted at /203/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  175.536646][ T4616] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  175.966664][ T4616] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[  175.977148][ T4616] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  176.000274][ T4616] usb 4-1: config 0 has no interface number 0
[  176.030263][ T7146] loop2: detected capacity change from 0 to 128
[  176.199797][ T7155] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  176.209353][ T7155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  176.218060][ T7155] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  176.228392][ T4616] usb 4-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  176.250312][ T7155] device bridge_slave_0 left promiscuous mode
[  176.257655][ T4616] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.268837][ T4616] usb 4-1: Product: syz
[  176.273344][ T7155] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.284649][ T4616] usb 4-1: Manufacturer: syz
[  176.292459][ T4616] usb 4-1: SerialNumber: syz
[  176.302631][ T4616] usb 4-1: config 0 descriptor??
[  176.308560][ T4233] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  176.326065][ T7155] device bridge_slave_1 left promiscuous mode
[  176.335699][ T7155] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.349039][ T7155] bond0: (slave bond_slave_0): Releasing backup interface
[  176.366951][ T7155] bond0: (slave bond_slave_1): Releasing backup interface
[  176.408230][ T7155] team0: Port device team_slave_0 removed
[  176.426301][ T7155] team0: Port device team_slave_1 removed
[  176.440975][ T7155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  176.450039][ T7155] batman_adv: batadv0: Removing interface: batadv_slave_0
[  176.468081][ T7155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  176.475715][ T7155] batman_adv: batadv0: Removing interface: batadv_slave_1
[  176.666863][ T4616] uvcvideo 4-1:0.64: Found Unit with invalid ID 0
[  176.686215][ T4616] usb 4-1: Found UVC 0.00 device syz (046d:0823)
[  176.719675][ T4616] usb 4-1: No valid video chain found.
[  176.743444][ T4616] usb 4-1: USB disconnect, device number 13
[  176.767871][ T4233] usb 6-1: unable to get BOS descriptor or descriptor too short
[  177.056809][ T4233] usb 6-1: New USB device found, idVendor=200c, idProduct=100b, bcdDevice= 0.40
[  177.089029][ T4233] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.094615][ T7169] loop2: detected capacity change from 0 to 4096
[  177.112324][ T4233] usb 6-1: Product: syz
[  177.128409][ T4233] usb 6-1: Manufacturer: syz
[  177.149516][ T4233] usb 6-1: SerialNumber: syz
[  177.249401][ T7175] loop0: detected capacity change from 0 to 256
[  177.260894][ T7169] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[  177.361315][ T7175] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  177.447243][ T6504] EXT4-fs error (device loop2): __ext4_get_inode_loc:4334: comm kworker/u4:10: Invalid inode table block 17005502575612209679 in block_group 0
[  177.530525][ T6504] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  177.554674][ T7182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4334: comm syz.2.847: Invalid inode table block 17005502575612209679 in block_group 0
[  177.561183][ T6504] EXT4-fs error (device loop2): __ext4_ext_dirty:183: inode #18: comm kworker/u4:10: mark_inode_dirty error
[  177.766900][ T6504] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4892: inode #18: block 15: len 1: ext4_ext_map_blocks returned -117
[  177.802471][ T7182] EXT4-fs error (device loop2): __ext4_get_inode_loc:4334: comm syz.2.847: Invalid inode table block 17005502575612209679 in block_group 0
[  178.196656][ T6504] EXT4-fs error (device loop2): __ext4_get_inode_loc:4334: comm kworker/u4:10: Invalid inode table block 17005502575612209679 in block_group 0
[  178.286922][ T7182] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  178.321694][ T6504] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  178.362200][ T7182] EXT4-fs error (device loop2): ext4_dirty_inode:6077: inode #15: comm syz.2.847: mark_inode_dirty error
[  178.412345][ T6504] EXT4-fs error (device loop2): ext4_convert_unwritten_extents:4893: inode #18: comm kworker/u4:10: mark_inode_dirty error
[  178.466954][ T6504] EXT4-fs (loop2): failed to convert unwritten extents to written extents -- potential data loss!  (inode 18, error -117)
[  178.493588][ T6504] EXT4-fs warning (device loop2): ext4_convert_unwritten_extents:4892: inode #18: block 16: len 1: ext4_ext_map_blocks returned -117
[  178.526688][ T6504] EXT4-fs (loop2): failed to convert unwritten extents to written extents -- potential data loss!  (inode 18, error -117)
[  178.641401][ T6504] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 32768 with max blocks 1 with error 117
[  178.656698][ T4233] usb 6-1: current rate 3790999 is different from the runtime rate 48000
[  178.676235][ T6504] EXT4-fs (loop2): This should not happen!! Data will be lost
[  178.676235][ T6504] 
[  178.891014][ T7206] loop0: detected capacity change from 0 to 256
[  178.903647][   T21] usb 6-1: USB disconnect, device number 9
[  179.740041][ T7214] loop3: detected capacity change from 0 to 1024
[  179.749236][ T4342] udevd[4342]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  179.897411][ T7214] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=1
[  179.907890][ T7214] EXT4-fs warning (device loop3): ext4_enable_quotas:6488: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  179.923684][ T7214] EXT4-fs (loop3): mount failed
[  181.418391][ T7249] netlink: 52 bytes leftover after parsing attributes in process `syz.0.867'.
[  181.440625][ T7251] xt_hashlimit: size too large, truncated to 1048576
[  181.610026][ T7258] loop0: detected capacity change from 0 to 512
[  181.771138][ T7258] EXT4-fs (loop0): mounted filesystem without journal. Opts: auto_da_alloc=0x000000000000007f,,errors=continue. Quota mode: writeback.
[  181.796667][ T7258] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.366899][ T7269] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  182.438251][ T7269] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  182.476811][ T7269] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  182.594500][ T7273] loop3: detected capacity change from 0 to 256
[  182.707054][ T7275] loop4: detected capacity change from 0 to 128
[  182.806623][ T7275] EXT4-fs (loop4): Test dummy encryption mode enabled
[  182.813597][ T7275] EXT4-fs (loop4): Test dummy encryption mode enabled
[  182.861740][ T7275] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption=v1,test_dummy_encryption=v1,,errors=continue. Quota mode: none.
[  182.902589][ T7275] ext4 filesystem being mounted at /60/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  183.176276][ T7275] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  184.756655][ T7300] loop3: detected capacity change from 0 to 40427
[  184.798698][ T7300] F2FS-fs (loop3): quotafile must be on filesystem root
[  185.282834][ T7312] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  185.327284][ T7312] device team0 left promiscuous mode
[  185.357512][ T7312] device team_slave_0 left promiscuous mode
[  185.363748][ T7312] device team_slave_1 left promiscuous mode
[  185.364454][ T7314] loop4: detected capacity change from 0 to 512
[  185.436674][ T7312] bridge0: port 3(team0) entered disabled state
[  185.476169][ T7312] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  185.499536][ T7312] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  185.535580][ T7314] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.886: corrupted inode contents
[  185.557934][ T7312] device bridge_slave_0 left promiscuous mode
[  185.566931][ T7314] EXT4-fs error (device loop4): ext4_dirty_inode:6077: inode #16: comm syz.4.886: mark_inode_dirty error
[  185.588122][ T7312] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.602425][ T7314] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.886: corrupted inode contents
[  185.643760][ T7312] device bridge_slave_1 left promiscuous mode
[  185.661375][ T7314] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #16: comm syz.4.886: mark_inode_dirty error
[  185.697468][ T7312] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.717721][ T7314] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.886: corrupted inode contents
[  185.736854][ T7312] bond0: (slave bond_slave_0): Releasing backup interface
[  185.772364][ T7314] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[  185.793627][ T7312] bond0: (slave bond_slave_1): Releasing backup interface
[  185.809029][ T7314] EXT4-fs error (device loop4): ext4_do_update_inode:5229: inode #16: comm syz.4.886: corrupted inode contents
[  185.861853][ T7314] EXT4-fs error (device loop4): ext4_truncate:4286: inode #16: comm syz.4.886: mark_inode_dirty error
[  185.894571][ T7314] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[  185.922916][ T7314] EXT4-fs (loop4): 1 truncate cleaned up
[  185.928230][ T7312] team0: Port device team_slave_0 removed
[  185.934806][ T7321] loop5: detected capacity change from 0 to 1024
[  185.938245][ T7314] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  185.958295][ T7314] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.988449][ T7312] team0: Port device team_slave_1 removed
[  186.006176][ T7312] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.039522][ T7312] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.046183][ T7321] EXT4-fs (loop5): Mount option "nouser_xattr" will be removed by 3.5
[  186.046183][ T7321] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  186.046183][ T7321] 
[  186.066659][ T4231] Bluetooth: hci2: command 0x0406 tx timeout
[  186.067334][    T7] Bluetooth: hci3: command 0x0406 tx timeout
[  186.076566][ T4231] Bluetooth: hci4: command 0x0406 tx timeout
[  186.080211][ T7321] EXT4-fs (loop5): inline encryption not supported
[  186.110412][ T7312] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.145184][ T7321] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  186.176530][ T7312] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.192627][ T7321] EXT4-fs (loop5): bad geometry: bigalloc file system with non-zero first_data_block
[  186.192627][ T7321] 
[  187.054510][ T7326] loop0: detected capacity change from 0 to 40427
[  187.103372][ T7326] F2FS-fs (loop0): invalid crc value
[  187.128564][ T7326] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  187.277047][ T7341] loop9: detected capacity change from 0 to 7
[  187.301968][ T7326] F2FS-fs (loop0): Start checkpoint disabled!
[  187.329098][ T7328] loop3: detected capacity change from 0 to 40427
[  187.330615][ T4571] Dev loop9: unable to read RDB block 7
[  187.353273][ T4571]  loop9: unable to read partition table
[  187.380815][ T7326] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  187.389235][ T7328] F2FS-fs (loop3): Unrecognized mount option "ÿÿÿÿ" or missing value
[  187.392052][ T4571] loop9: partition table beyond EOD, truncated
[  187.448363][ T7341] Dev loop9: unable to read RDB block 7
[  187.483804][ T7341]  loop9: unable to read partition table
[  187.506570][ T7341] loop9: partition table beyond EOD, truncated
[  187.512806][ T7341] loop_reread_partitions: partition scan of loop9 (úùƒå¡™‰ü�¾CêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆ{í©Ö�˜Èµ4FLQkÝŠ) failed (rc=-5)
[  187.775172][ T7347] loop3: detected capacity change from 0 to 512
[  187.885667][ T7347] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  187.925243][ T7347] EXT4-fs (loop3): invalid journal inode
[  188.007615][ T7352] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  188.033919][ T7352] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  188.106720][ T4229] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  188.226869][ T6408] attempt to access beyond end of device
[  188.226869][ T6408] loop0: rw=1, want=77832, limit=40427
[  188.272915][ T6408] attempt to access beyond end of device
[  188.272915][ T6408] loop0: rw=1, want=77840, limit=40427
[  188.312295][ T6408] attempt to access beyond end of device
[  188.312295][ T6408] loop0: rw=1, want=77848, limit=40427
[  188.344771][ T6408] attempt to access beyond end of device
[  188.344771][ T6408] loop0: rw=1, want=77856, limit=40427
[  188.366794][ T6408] attempt to access beyond end of device
[  188.366794][ T6408] loop0: rw=1, want=77864, limit=40427
[  188.387248][ T6408] attempt to access beyond end of device
[  188.387248][ T6408] loop0: rw=1, want=77872, limit=40427
[  188.408945][ T6408] attempt to access beyond end of device
[  188.408945][ T6408] loop0: rw=1, want=77880, limit=40427
[  188.421092][ T4229] usb 6-1: Using ep0 maxpacket: 16
[  188.451625][ T6408] attempt to access beyond end of device
[  188.451625][ T6408] loop0: rw=1, want=77888, limit=40427
[  188.483738][ T6408] attempt to access beyond end of device
[  188.483738][ T6408] loop0: rw=1, want=77896, limit=40427
[  188.517042][ T6408] attempt to access beyond end of device
[  188.517042][ T6408] loop0: rw=1, want=77904, limit=40427
[  188.579850][ T4229] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8
[  188.785137][ T4229] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  188.798918][ T4229] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.831719][ T4229] usb 6-1: Product: syz
[  188.835939][ T4229] usb 6-1: Manufacturer: syz
[  188.840642][ T4229] usb 6-1: SerialNumber: syz
[  188.871721][ T4229] usb 6-1: config 0 descriptor??
[  188.935195][ T4229] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  188.968076][ T4229] usb 6-1: Detected FT232RL
[  189.050735][ T7330] loop4: detected capacity change from 0 to 131072
[  189.145875][ T7330] F2FS-fs (loop4): invalid crc value
[  189.161535][ T4229] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  189.177618][ T7330] F2FS-fs (loop4): Found nat_bits in checkpoint
[  189.203861][ T7369] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  189.232503][ T7369] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  189.238294][ T7330] F2FS-fs (loop4): recover fsync data on readonly fs
[  189.264921][ T7330] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  189.274396][ T7369] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  189.275267][ T7330] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  189.298824][ T7369] device bridge_slave_0 left promiscuous mode
[  189.306173][ T7369] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.322945][ T7369] device bridge_slave_1 left promiscuous mode
[  189.336817][ T7369] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.372362][ T7369] bond0: (slave bond_slave_0): Releasing backup interface
[  189.439270][ T4229] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[  189.453289][ T7369] bond0: (slave bond_slave_1): Releasing backup interface
[  189.454612][ T4229] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  189.477163][ T4229] usb 6-1: USB disconnect, device number 10
[  189.508918][ T4229] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  189.546309][ T4229] ftdi_sio 6-1:0.0: device disconnected
[  189.593823][ T7369] team0: Port device team_slave_0 removed
[  189.639007][ T7369] team0: Port device team_slave_1 removed
[  189.652508][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.660930][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.676247][ T7369] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.684795][ T7369] batman_adv: batadv0: Removing interface: batadv_slave_1
[  189.760946][ T7385] loop2: detected capacity change from 0 to 1024
[  189.802561][ T7385] EXT4-fs (loop2): inline encryption not supported
[  189.835261][ T7385] EXT4-fs (loop2): Mount option "nouser_xattr" will be removed by 3.5
[  189.835261][ T7385] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  189.835261][ T7385] 
[  189.906904][ T7385] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  190.050279][ T7392] loop5: detected capacity change from 0 to 256
[  190.064505][ T7385] EXT4-fs (loop2): mounted filesystem without journal. Opts: stripe=0x0000000000000004,bsddf,sysvgroups,dioread_lock,dioread_nolock,bsddf,nogrpid,inlinecrypt,nouser_xattr,min_batch_time=0x0000000000000008,data_err=ignore,grpid,,errors=continue. Quota mode: none.
[  190.065421][ T7389] loop0: detected capacity change from 0 to 512
[  190.146211][ T7394] loop3: detected capacity change from 0 to 256
[  190.214289][ T7385] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  190.229400][ T7392] FAT-fs (loop5): Directory bread(block 64) failed
[  190.235982][ T7392] FAT-fs (loop5): Directory bread(block 65) failed
[  190.281379][ T7394] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  190.286834][ T7392] FAT-fs (loop5): Directory bread(block 66) failed
[  190.303048][ T7385] EXT4-fs (loop2): re-mounted. Opts: . Quota mode: none.
[  190.322151][ T7394] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  190.370731][ T7392] FAT-fs (loop5): Directory bread(block 67) failed
[  190.417160][ T7394] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5817f139, utbl_chksum : 0xe619d30d)
[  190.427332][ T7392] FAT-fs (loop5): Directory bread(block 68) failed
[  190.459738][ T7392] FAT-fs (loop5): Directory bread(block 69) failed
[  190.516684][ T7392] FAT-fs (loop5): Directory bread(block 70) failed
[  190.545261][ T7392] FAT-fs (loop5): Directory bread(block 71) failed
[  190.594036][ T7392] FAT-fs (loop5): Directory bread(block 72) failed
[  190.623440][ T7392] FAT-fs (loop5): Directory bread(block 73) failed
[  190.894561][ T7407] loop4: detected capacity change from 0 to 512
[  190.956822][ T7407] EXT4-fs (loop4): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  193.154405][ T7443] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  193.266557][ T4240] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  193.517734][ T4240] usb 3-1: Using ep0 maxpacket: 16
[  193.659298][ T7474] loop4: detected capacity change from 0 to 512
[  193.673550][ T4240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  193.695047][ T4240] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  193.731850][ T4240] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  193.771224][ T7474] EXT4-fs (loop4): Ignoring removed orlov option
[  193.804207][ T7474] EXT4-fs (loop4): Test dummy encryption mode enabled
[  193.826903][ T4240] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  193.845409][ T7474] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  193.881786][ T4240] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.915566][ T4240] usb 3-1: config 0 descriptor??
[  193.927698][ T7474] EXT4-fs (loop4): 1 truncate cleaned up
[  193.933385][ T7474] EXT4-fs (loop4): mounted filesystem without journal. Opts: quota,quota,barrier=0x0000000000000003,orlov,test_dummy_encryption=v1,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  194.233225][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.239710][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  194.400125][ T4240] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8241.000C/input/input18
[  194.574166][ T4240] appleir 0003:05AC:8241.000C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  194.803697][ T7489] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  194.916581][ T4240] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  195.012363][ T7494] loop0: detected capacity change from 0 to 512
[  195.075370][ T7494] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  195.122327][ T7494] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.309308][ T4240] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  195.328702][ T4240] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  195.396287][ T7502] loop0: detected capacity change from 0 to 512
[  195.446620][ T7504] netlink: 8 bytes leftover after parsing attributes in process `syz.4.943'.
[  195.504600][ T7502] EXT4-fs (loop0): 1 truncate cleaned up
[  195.518649][ T7502] EXT4-fs (loop0): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none.
[  195.537287][ T4240] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  195.547042][ T4240] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.555522][ T4240] usb 4-1: Product: syz
[  195.563691][ T4240] usb 4-1: Manufacturer: syz
[  195.568877][ T4240] usb 4-1: SerialNumber: syz
[  195.643973][ T7513] device bridge_slave_0 left promiscuous mode
[  195.652187][ T4240] usb 4-1: bad CDC descriptors
[  195.660859][ T7513] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.670874][ T7513] device bridge_slave_1 left promiscuous mode
[  195.682001][ T7513] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.756025][ T7513] bond0: (slave bond_slave_0): Releasing backup interface
[  195.767465][ T7513] bond0: (slave bond_slave_1): Releasing backup interface
[  195.808119][ T7513] team0: Port device team_slave_0 removed
[  195.837164][ T7513] team0: Port device team_slave_1 removed
[  195.857528][ T7513] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.898653][ T7513] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.923775][ T7513] bond0: (slave netdevsim0): Releasing backup interface
[  196.279161][ T7534] loop2: detected capacity change from 0 to 512
[  196.306667][ T4233] Bluetooth: hci1: command 0x0406 tx timeout
[  196.320601][ T7534] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  196.375615][ T7534] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  196.417917][ T7534] EXT4-fs (loop2): 1 truncate cleaned up
[  196.423613][ T7534] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.". Quota mode: writeback.
[  196.457605][   T13] usb 3-1: USB disconnect, device number 15
[  196.866511][ T7538] loop2: detected capacity change from 0 to 1024
[  196.918812][ T7538] EXT4-fs (loop2): Ignoring removed bh option
[  196.969553][ T7538] EXT4-fs (loop2): mounted filesystem without journal. Opts: nouid32,nodioread_nolock,noquota,delalloc,journal_dev=0x0000000000000009,commit=0x0000000000000000,usrquota,bh,,errors=continue. Quota mode: writeback.
[  196.993003][ T7538] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.018305][ T7538] EXT4-fs error (device loop2): ext4_map_blocks:741: inode #15: comm syz.2.953: lblock 0 mapped to illegal pblock 0 (length 1)
[  197.049478][ T7538] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  197.062336][ T7538] EXT4-fs (loop2): This should not happen!! Data will be lost
[  197.062336][ T7538] 
[  197.136614][   T21] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  197.232907][ T7554] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  197.262743][ T7545] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  197.278766][ T7545] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  197.506644][   T21] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  197.517827][   T21] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.531282][   T21] usb 1-1: New USB device found, idVendor=056a, idProduct=0117, bcdDevice= 0.00
[  197.540548][   T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.557344][   T21] usb 1-1: config 0 descriptor??
[  197.592923][ T7568] loop4: detected capacity change from 0 to 1024
[  197.634488][ T7568] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  197.651795][ T7570] loop5: detected capacity change from 0 to 256
[  197.653375][ T4233] usb 4-1: USB disconnect, device number 14
[  197.669784][ T7568] EXT4-fs (loop4): Ignoring removed orlov option
[  197.704623][ T7568] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,nojournal_checksum,grpid,inode_readahead_blks=0x0000000000010000,debug_want_extra_isize=0x0000000000000080,orlov,data_err=abort,sb=0x0000000000000080,grpjquota=,,errors=continue. Quota mode: none.
[  197.737175][ T7570] exfat: Deprecated parameter 'utf8'
[  197.769536][ T7570] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xf8a64500, utbl_chksum : 0xe619d30d)
[  197.771274][ T7568] EXT4-fs error (device loop4): ext4_free_inode:355: comm syz.4.963: bit already cleared for inode 13
[  197.833999][ T7568] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[  198.057079][   T21] hid (null): unknown global tag 0xd
[  198.074540][ T7584] netlink: 32 bytes leftover after parsing attributes in process `syz.5.967'.
[  198.092723][   T21] wacom 0003:056A:0117.000D: unknown global tag 0xd
[  198.110181][   T21] wacom 0003:056A:0117.000D: item 0 2 1 13 parsing failed
[  198.140594][   T21] wacom 0003:056A:0117.000D: parse failed
[  198.163597][   T21] wacom: probe of 0003:056A:0117.000D failed with error -22
[  198.262915][   T21] usb 1-1: USB disconnect, device number 16
[  198.565459][ T7603] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=2182154216 (4364308432 ns) > initial count (507749598 ns). Using initial count to start timer.
[  199.652342][ T7618] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  199.711295][ T7626] loop2: detected capacity change from 0 to 256
[  199.740348][ T7618] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  199.839517][ T7632] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  199.862508][ T7632] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  199.876054][ T7632] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  200.254158][ T7652] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  200.274361][ T7652] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  200.859717][ T4233] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  201.106521][ T4233] usb 4-1: Using ep0 maxpacket: 32
[  201.227136][ T4233] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  201.250851][ T4233] usb 4-1: config 0 has no interface number 0
[  201.507233][ T4233] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  201.524100][ T4233] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.537869][ T4233] usb 4-1: Product: syz
[  201.545461][ T4233] usb 4-1: Manufacturer: syz
[  201.555171][ T4233] usb 4-1: SerialNumber: syz
[  201.578108][ T4233] usb 4-1: config 0 descriptor??
[  201.627552][ T4233] smsc95xx v2.0.0
[  201.905195][ T7676] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  202.066596][ T4233] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  202.090031][ T4233] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  202.116121][ T7678] loop0: detected capacity change from 0 to 256
[  202.139081][ T7678] exfat: Deprecated parameter 'utf8'
[  202.171010][ T7678] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x72bddf51, utbl_chksum : 0xe619d30d)
[  202.214689][ T7649] loop4: detected capacity change from 0 to 131072
[  202.326833][ T7649] F2FS-fs (loop4): Invalid log sectorsize (67108873)
[  202.352102][ T7649] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  202.403271][ T7649] F2FS-fs (loop4): invalid crc value
[  202.438891][ T7649] F2FS-fs (loop4): Found nat_bits in checkpoint
[  202.549609][ T7649] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  202.559092][ T7649] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  203.401782][    T7] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  203.585350][ T7696] loop4: detected capacity change from 0 to 256
[  203.646990][    T7] usb 1-1: Using ep0 maxpacket: 16
[  203.686607][ T4233] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  203.712195][ T4233] smsc95xx: probe of 4-1:0.67 failed with error -71
[  203.757555][ T4233] usb 4-1: USB disconnect, device number 15
[  203.776816][    T7] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.807634][    T7] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.831181][    T7] usb 1-1: config 0 interface 0 has no altsetting 0
[  203.856911][    T7] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  203.869851][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.895016][    T7] usb 1-1: config 0 descriptor??
[  204.368232][ T7694] udc-core: couldn't find an available UDC or it's busy
[  204.375459][ T7694] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.423593][ T7687] loop5: detected capacity change from 0 to 131072
[  204.446574][ T4231] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  204.469913][ T7687] F2FS-fs (loop5): Segment count (31) mismatch with total segments from devices (0)
[  204.508425][ T7687] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  204.551824][ T7687] F2FS-fs (loop5): invalid crc value
[  204.595718][ T7687] F2FS-fs (loop5): Found nat_bits in checkpoint
[  204.663160][ T4233] usb 1-1: USB disconnect, device number 17
[  204.740216][ T7687] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  204.750984][ T7687] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  204.876784][ T4231] usb 3-1: unable to get BOS descriptor or descriptor too short
[  204.937913][ T4231] usb 3-1: not running at top speed; connect to a high speed hub
[  205.186870][ T7725] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  205.199737][ T4231] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0014, bcdDevice= 0.40
[  205.256270][ T4231] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.284879][ T4231] usb 3-1: Product: syz
[  205.293736][ T4231] usb 3-1: Manufacturer: syz
[  205.306576][ T4231] usb 3-1: SerialNumber: syz
[  205.528517][ T7730] loop0: detected capacity change from 0 to 8192
[  205.599925][ T4174]  loop0: p1 < > p3 p4 < >
[  205.625948][ T4174] loop0: p3 start 201326592 is beyond EOD, truncated
[  205.677253][ T7730]  loop0: p1 < > p3 p4 < >
[  205.703092][ T7730] loop0: p3 start 201326592 is beyond EOD, truncated
[  205.710388][ T4231] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  205.736679][ T4231] usb 3-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  205.757991][ T4231] usb 3-1: found format II with max.bitrate = 83, frame size=3
[  205.775931][ T4231] usb 3-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  205.794690][ T4231] usb 3-1: found format II with max.bitrate = 83, frame size=3
[  205.922740][ T4231] usb 3-1: USB disconnect, device number 16
[  205.972105][ T7742] loop5: detected capacity change from 0 to 1024
[  206.005361][ T7742] EXT4-fs (loop5): Ignoring removed bh option
[  206.030037][ T4340] udevd[4340]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  206.044214][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  206.141260][ T7742] EXT4-fs (loop5): mounted filesystem without journal. Opts: nobarrier,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x000000000000000c,bh,init_itable,. Quota mode: none.
[  206.189577][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  206.220373][ T4571] udevd[4571]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  206.244743][ T7757] loop0: detected capacity change from 0 to 512
[  206.262802][ T7757] EXT4-fs (loop0): Test dummy encryption mode enabled
[  206.270140][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  206.293563][   T26] audit: type=1800 audit(1777052717.828:6): pid=7742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1013" name="file1" dev="loop5" ino=15 res=0 errno=0
[  206.321657][ T7757] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  206.397925][ T7759] loop2: detected capacity change from 0 to 1024
[  206.453823][ T7759] EXT4-fs (loop2): Ignoring removed bh option
[  206.461525][ T7759] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  206.475634][ T7759] EXT4-fs (loop2): barriers disabled
[  206.481082][ T7759] JBD2: no valid journal superblock found
[  206.486983][ T7759] EXT4-fs (loop2): error loading journal
[  206.567179][ T7757] EXT4-fs error (device loop0): ext4_orphan_get:1432: comm syz.0.1023: bad orphan inode 131083
[  206.652645][ T7757] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none.
[  206.845943][ T7757] overlayfs: upper fs needs to support d_type.
[  206.924814][ T7768] loop4: detected capacity change from 0 to 2048
[  207.057600][ T7768] EXT4-fs (loop4): Journaled quota options ignored when QUOTA feature is enabled
[  207.080915][ T7768] EXT4-fs (loop4): Unrecognized mount option "euid=18446744073709551615" or missing value
[  207.840971][ T7774] loop3: detected capacity change from 0 to 40427
[  207.904789][ T7768] loop4: detected capacity change from 0 to 40427
[  207.925696][ T7774] F2FS-fs (loop3): invalid crc value
[  207.947431][ T7774] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  207.963480][ T7768] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  208.031509][ T7768] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  208.073184][ T7768] F2FS-fs (loop4): invalid crc value
[  208.135358][ T7768] F2FS-fs (loop4): Found nat_bits in checkpoint
[  208.149026][ T7774] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[  208.181710][ T7774] F2FS-fs (loop3): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  208.220509][ T7787] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  208.273892][ T7768] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  208.295705][ T7768] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  208.338925][ T7768] F2FS-fs (loop4): quotafile must be on filesystem root
[  208.396633][ T4185] syz-executor (4185) used greatest stack depth: 20272 bytes left
[  208.675383][ T7774] xt_TCPMSS: Only works on TCP SYN packets
[  208.688126][ T7774] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1028'.
[  208.752625][ T7774] overlayfs: missing 'lowerdir'
[  209.232194][ T7801] netlink: 'syz.5.1036': attribute type 4 has an invalid length.
[  209.586338][ T7797] chnl_net:caif_netlink_parms(): no params data found
[  209.798143][ T7797] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.854556][ T7797] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.917518][ T7797] device bridge_slave_0 entered promiscuous mode
[  209.946148][ T7797] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.976537][ T7797] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.004057][ T7797] device bridge_slave_1 entered promiscuous mode
[  210.097732][ T7797] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  210.131306][ T7797] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  210.195373][ T7797] team0: Port device team_slave_0 added
[  210.211335][ T7797] team0: Port device team_slave_1 added
[  210.268928][ T7797] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.283999][ T7797] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.348828][ T7797] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.380928][ T7797] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.402067][ T7797] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.472640][ T7797] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.592268][ T7797] device hsr_slave_0 entered promiscuous mode
[  210.613856][ T7797] device hsr_slave_1 entered promiscuous mode
[  210.636011][ T7797] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  210.664111][ T7797] Cannot create hsr debugfs directory
[  211.016932][ T7790] loop4: detected capacity change from 0 to 131072
[  211.096263][ T7790] F2FS-fs (loop4): Invalid log sectorsize (67108873)
[  211.099698][ T7797] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  211.104034][ T7790] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  211.126571][ T4231] Bluetooth: hci2: command 0x0409 tx timeout
[  211.145130][ T7797] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  211.188969][ T7790] F2FS-fs (loop4): invalid crc value
[  211.192272][ T7836] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  211.206719][ T7797] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  211.234735][ T7797] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  211.305803][ T7790] F2FS-fs (loop4): Found nat_bits in checkpoint
[  211.417315][ T7790] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  211.429333][ T7790] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  211.432132][ T7797] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.483951][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  211.513669][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  211.527273][ T7790] F2FS-fs (loop4): inconsistent node block, nid:8, node_footer[nid:5,ino:5,ofs:0,cpver:1219692001,blkaddr:15361]
[  211.545449][ T7797] 8021q: adding VLAN 0 to HW filter on device team0
[  211.584231][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  211.592822][   T26] audit: type=1800 audit(1777052723.118:7): pid=7845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1033" name="file1" dev="loop4" ino=10 res=0 errno=0
[  211.663558][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  211.685066][  T469] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.693058][  T469] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.714859][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  211.740390][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  211.749897][  T469] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.757052][  T469] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.767085][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  211.779279][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  211.792456][ T7847] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  211.805993][ T7847] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  211.817268][ T7847] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  211.884697][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  211.912810][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  211.983454][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  212.015318][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  212.065432][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  212.079954][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  212.115403][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  212.137907][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  212.181617][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  212.221041][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  212.253040][ T7797] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  212.496643][ T4231] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  212.603777][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  212.612188][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  212.637283][ T7797] 8021q: adding VLAN 0 to HW filter on device batadv0
[  212.857869][ T4231] usb 4-1: too many endpoints for config 0 interface 0 altsetting 5: 254, using maximum allowed: 30
[  212.878151][ T4231] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  212.910845][ T4231] usb 4-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  212.942758][ T4231] usb 4-1: config 0 interface 0 has no altsetting 0
[  212.951035][ T4231] usb 4-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  212.960914][ T4231] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.973709][ T4231] usb 4-1: config 0 descriptor??
[  213.043872][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  213.059850][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  213.086494][ T4229] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  213.094115][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  213.105301][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  213.132476][ T7797] device veth0_vlan entered promiscuous mode
[  213.145598][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  213.156260][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  213.178032][ T7797] device veth1_vlan entered promiscuous mode
[  213.188014][    T7] Bluetooth: hci2: command 0x041b tx timeout
[  213.223749][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  213.235066][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  213.244219][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  213.254231][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  213.267283][ T7797] device veth0_macvtap entered promiscuous mode
[  213.285270][ T7797] device veth1_macvtap entered promiscuous mode
[  213.305722][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  213.320239][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.332285][ T7797] batman_adv: batadv0: Interface activated: batadv_slave_0
[  213.341802][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  213.353899][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  213.365445][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  213.381176][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  213.397858][ T7797] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  213.409992][ T7797] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  213.422086][ T7797] batman_adv: batadv0: Interface activated: batadv_slave_1
[  213.432321][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  213.442744][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  213.457243][ T7797] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.469090][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.475927][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.483574][ T7797] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.492491][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.496937][ T7797] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.500110][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.519034][ T7797] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.525093][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.536794][ T4229] usb 6-1: unable to get BOS descriptor or descriptor too short
[  213.541554][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.551600][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x3
[  213.564585][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.571817][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.586807][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.591149][ T4229] usb 6-1: not running at top speed; connect to a high speed hub
[  213.600290][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.616972][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.625100][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.642521][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.652836][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.663404][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.678875][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.686037][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.693744][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.701376][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.710829][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.718043][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.724941][ T6408] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  213.732765][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.742218][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.750758][ T6408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.764639][ T6408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.782460][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.790100][ T7863] loop2: detected capacity change from 0 to 131072
[  213.791131][ T4231] sony 0003:054C:05C4.000F: unknown main item tag 0x0
[  213.818661][ T6624] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  213.831503][ T7889] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  213.848978][ T4231] sony 0003:054C:05C4.000F: hidraw0: USB HID v80.08 Device [HID 054c:05c4] on usb-dummy_hcd.3-1/input0
[  213.856740][ T7863] F2FS-fs (loop2): Test dummy encryption mode enabled
[  213.886792][ T4229] usb 6-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice= 0.40
[  213.892693][ T4231] sony 0003:054C:05C4.000F: failed to claim input
[  213.924058][ T4229] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.937009][ T7863] F2FS-fs (loop2): invalid crc value
[  213.956715][ T4229] usb 6-1: Product: syz
[  213.961363][ T4229] usb 6-1: Manufacturer: syz
[  213.965973][ T4229] usb 6-1: SerialNumber: syz
[  213.980122][ T7896] tc_dump_action: action bad kind
[  213.988325][ T7863] F2FS-fs (loop2): Found nat_bits in checkpoint
[  213.988367][ T4231] usb 4-1: USB disconnect, device number 16
[  214.091042][ T7900] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  214.112854][ T7900] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  214.130803][ T7863] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  214.143085][ T7898] fido_id[7898]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  214.158450][ T7900] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  214.203779][ T7900] device bridge_slave_0 left promiscuous mode
[  214.246974][ T7900] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.282379][ T7900] device bridge_slave_1 left promiscuous mode
[  214.297710][ T7900] bridge0: port 2(bridge_slave_1) entered disabled state
[  214.335871][ T7900] bond0: (slave bond_slave_0): Releasing backup interface
[  214.388690][ T4229] usb 6-1: USB disconnect, device number 11
[  214.411219][ T7900] bond0: (slave bond_slave_1): Releasing backup interface
[  214.505994][ T7908] loop3: detected capacity change from 0 to 512
[  214.562671][ T7900] team0: Port device team_slave_0 removed
[  214.611639][ T7900] team0: Port device team_slave_1 removed
[  214.639928][ T7900] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  214.647839][ T7908] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  214.659546][ T7900] batman_adv: batadv0: Removing interface: batadv_slave_0
[  214.673004][ T7900] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  214.693749][ T7908] EXT4-fs (loop3): 1 truncate cleaned up
[  214.699803][ T7900] batman_adv: batadv0: Removing interface: batadv_slave_1
[  214.756523][ T7908] EXT4-fs (loop3): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,jqfmt=vfsold,debug_want_extra_isize=0x000000000000006a,user_xattr,errors=remount-ro,nombcache,. Quota mode: none.
[  214.929260][ T7908] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: none.
[  215.853132][ T4229] Bluetooth: hci2: command 0x040f tx timeout
[  216.021711][ T7935] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  216.092067][ T7934] loop4: detected capacity change from 0 to 128
[  216.139246][ T7935] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  216.430803][ T7954] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  216.465857][ T7954] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  216.482528][ T7954] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  216.495890][ T7954] device bridge_slave_0 left promiscuous mode
[  216.508960][ T7954] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.519359][ T7954] device bridge_slave_1 left promiscuous mode
[  216.525747][ T7954] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.545170][ T7954] bond0: (slave bond_slave_1): Releasing backup interface
[  216.624876][ T7954] team0: Port device team_slave_0 removed
[  216.646585][ T4308] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  216.662476][ T7954] team0: Port device team_slave_1 removed
[  216.678933][ T7954] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  216.694917][ T7954] batman_adv: batadv0: Removing interface: batadv_slave_0
[  216.704411][ T7954] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  216.713289][ T7954] batman_adv: batadv0: Removing interface: batadv_slave_1
[  216.737253][   T21] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  216.991369][   T21] usb 6-1: Using ep0 maxpacket: 32
[  217.081480][ T7969] loop6: detected capacity change from 0 to 512
[  217.116785][   T21] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  217.128392][   T21] usb 6-1: config 0 has no interface number 0
[  217.158444][ T7969] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1079: invalid indirect mapped block 256 (level 2)
[  217.188256][ T7969] EXT4-fs (loop6): 2 truncates cleaned up
[  217.204496][ T7969] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpid,auto_da_alloc,lazytime,journal_dev=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  217.276793][ T4308] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  217.296456][ T4308] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.304847][ T4308] usb 4-1: Product: syz
[  217.309210][ T4308] usb 4-1: Manufacturer: syz
[  217.313869][ T4308] usb 4-1: SerialNumber: syz
[  217.316744][   T21] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  217.345827][   T21] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.364790][   T21] usb 6-1: Product: syz
[  217.371591][   T21] usb 6-1: Manufacturer: syz
[  217.381159][   T21] usb 6-1: SerialNumber: syz
[  217.404029][   T21] usb 6-1: config 0 descriptor??
[  217.447703][   T21] smsc95xx v2.0.0
[  217.886775][   T21] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  217.906562][   T21] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  217.912897][ T4240] Bluetooth: hci2: command 0x0419 tx timeout
[  217.965386][ T7981] loop2: detected capacity change from 0 to 4096
[  218.062435][ T7981] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[  218.096044][ T7981] Quota error (device loop2): find_tree_dqentry: Getting block too big (65539 >= 6)
[  218.158138][ T7981] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  218.168655][ T7981] EXT4-fs error (device loop2): ext4_acquire_dquot:6236: comm syz.2.1082: Failed to acquire dquot type 0
[  218.356500][ T7988] loop3: detected capacity change from 0 to 1024
[  218.400288][ T7988] EXT4-fs (loop3): Ignoring removed bh option
[  218.469295][ T7988] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodelalloc,minixdf,jqfmt=vfsv1,abort,debug_want_extra_isize=0x0000000000000008,lazytime,errors=remount-ro,stripe=0x0000000000000005,bh,jqfmt=vfsv0,. Quota mode: none.
[  218.640391][ T7996] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1086'.
[  218.755384][ T8001] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  218.787439][ T8001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  218.816080][ T8001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  218.879828][ T8003] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  218.945841][ T8015] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1093'.
[  219.391790][   T21] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  219.416649][   T21] smsc95xx: probe of 6-1:0.67 failed with error -71
[  219.434790][   T21] usb 6-1: USB disconnect, device number 12
[  219.983774][ T8010] loop6: detected capacity change from 0 to 40427
[  220.040427][ T8010] F2FS-fs (loop6): Corrupted extension count (64 + 1 > 64)
[  220.083469][ T8010] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  220.111767][ T8010] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x6
[  220.136952][ T8010] F2FS-fs (loop6): invalid crc value
[  220.147067][ T8010] F2FS-fs (loop6): Mismatch valid blocks 0 vs. 1
[  220.154925][ T8010] F2FS-fs (loop6): Failed to initialize F2FS segment manager (-117)
[  220.242043][ T8043] loop5: detected capacity change from 0 to 512
[  220.257643][ T8044] loop2: detected capacity change from 0 to 512
[  220.357731][ T8043] EXT4-fs (loop5): Unrecognized mount option "func=KEXEC_KERNEL_CHECK" or missing value
[  220.396236][ T8047] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  220.416550][ T8044] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  220.506798][ T4308] rtl8150 4-1:1.0: couldn't reset the device
[  220.513521][ T4308] rtl8150: probe of 4-1:1.0 failed with error -5
[  220.520535][ T8044] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  220.546510][ T8044] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  220.603064][ T4308] usb 4-1: USB disconnect, device number 17
[  221.297592][ T8044] EXT4-fs (loop2): 1 truncate cleaned up
[  221.303390][ T8044] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodiscard,mblk_io_submit,nouid32,lazytime,barrier,mblk_io_submit,nogrpid,,errors=continue. Quota mode: none.
[  221.569102][ T8058] loop3: detected capacity change from 0 to 4096
[  221.694073][ T8058] EXT4-fs (loop3): Test dummy encryption mode enabled
[  221.730409][ T8058] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=8843c01c, mo2=0003]
[  221.800412][ T8058] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug,delalloc,bsdgroups,test_dummy_encryption,errors=continue,bsddf,noauto_da_alloc,noblock_validity,,errors=continue. Quota mode: writeback.
[  221.906787][ T4240] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  221.929678][ T8074] loop6: detected capacity change from 0 to 256
[  222.366822][ T4240] usb 3-1: unable to get BOS descriptor or descriptor too short
[  222.460984][ T8086] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  222.475156][   T26] audit: type=1800 audit(1777052734.008:8): pid=8087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1106" name="file1" dev="loop3" ino=15 res=0 errno=0
[  222.641778][ T4240] usb 3-1: New USB device found, idVendor=200c, idProduct=100b, bcdDevice= 0.40
[  222.661204][ T4240] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.678320][ T4240] usb 3-1: Product: syz
[  222.687232][ T4240] usb 3-1: Manufacturer: syz
[  222.697819][ T4240] usb 3-1: SerialNumber: syz
[  222.866550][   T13] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  223.267556][   T13] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  223.282368][   T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.302322][   T13] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.313111][   T13] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  223.344763][ T8097] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  223.363025][ T8097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  223.378986][ T8097] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  223.444130][   T13] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  223.456497][   T13] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  223.479993][   T13] usb 5-1: Manufacturer: syz
[  223.516135][   T13] usb 5-1: config 0 descriptor??
[  223.816653][   T21] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  224.018652][   T13] appleir 0003:05AC:8243.0010: unknown main item tag 0x0
[  224.030476][   T13] appleir 0003:05AC:8243.0010: No inputs registered, leaving
[  224.052893][   T13] appleir 0003:05AC:8243.0010: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  224.056498][   T21] usb 7-1: Using ep0 maxpacket: 16
[  224.112502][ T4240] usb 3-1: 1:1: cannot get freq at ep 0x1
[  224.158269][ T8107] loop5: detected capacity change from 0 to 256
[  224.184197][ T4240] usb 3-1: USB disconnect, device number 17
[  224.216613][   T21] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  224.255588][   T21] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  224.280017][ T8107] FAT-fs (loop5): Directory bread(block 64) failed
[  224.298342][ T4229] usb 5-1: USB disconnect, device number 14
[  224.318700][ T8107] FAT-fs (loop5): Directory bread(block 65) failed
[  224.325334][ T8107] FAT-fs (loop5): Directory bread(block 66) failed
[  224.369037][ T8107] FAT-fs (loop5): Directory bread(block 67) failed
[  224.376032][ T8107] FAT-fs (loop5): Directory bread(block 68) failed
[  224.396525][ T8107] FAT-fs (loop5): Directory bread(block 69) failed
[  224.403587][ T8107] FAT-fs (loop5): Directory bread(block 70) failed
[  224.410883][ T8107] FAT-fs (loop5): Directory bread(block 71) failed
[  224.418242][ T8107] FAT-fs (loop5): Directory bread(block 72) failed
[  224.424892][ T8107] FAT-fs (loop5): Directory bread(block 73) failed
[  224.468302][ T4172] udevd[4172]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  224.469313][   T21] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  224.530034][   T21] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.541351][   T21] usb 7-1: Product: syz
[  224.545571][   T21] usb 7-1: Manufacturer: syz
[  224.554557][   T21] usb 7-1: SerialNumber: syz
[  224.952392][   T21] usb 7-1: 0:2 : does not exist
[  224.990166][   T21] usb 7-1: USB disconnect, device number 2
[  224.996876][ T8127] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  225.220447][ T8136] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  225.231517][ T8136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  225.240382][ T8136] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  225.253630][ T4571] udevd[4571]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  225.487239][ T8143] binder: 8142:8143 ioctl c0306201 0 returned -14
[  227.985497][ T8160] loop5: detected capacity change from 0 to 40427
[  228.077548][ T8160] F2FS-fs (loop5): Invalid log_blocksize (64), supports only 12
[  228.085341][ T8160] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  228.136678][ T8160] F2FS-fs (loop5): invalid crc value
[  229.091993][ T8160] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  229.231366][ T8194] loop4: detected capacity change from 0 to 1024
[  229.256073][ T8195] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  229.290405][ T8194] EXT4-fs (loop4): Ignoring removed bh option
[  229.357229][ T8194] EXT4-fs (loop4): mounted filesystem without journal. Opts: stripe=0x0000000000001000,dioread_lock,lazytime,nolazytime,nolazytime,barrier=0x0000000000000004,init_itable,init_itable,bh,errors=remount-ro,. Quota mode: none.
[  229.445197][   T26] audit: type=1400 audit(1777052740.978:9): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=8191 comm="syz.4.1149"
[  229.449605][ T8160] F2FS-fs (loop5): Cannot turn on quotas: -2 on 1
[  229.514108][ T8160] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  229.536541][ T8160] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  229.789954][ T8187] loop6: detected capacity change from 0 to 40427
[  229.835451][ T8187] F2FS-fs (loop6): invalid crc value
[  229.853737][ T8160] F2FS-fs (loop5): Unrecognized mount option "./file0" or missing value
[  229.869884][ T8187] F2FS-fs (loop6): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  229.934048][ T4446] handle_bad_sector: 639 callbacks suppressed
[  229.934065][ T4446] attempt to access beyond end of device
[  229.934065][ T4446] loop5: rw=2049, want=45104, limit=40427
[  229.962339][ T8187] F2FS-fs (loop6): Cannot turn on quotas: -2 on 0
[  229.983243][ T8187] F2FS-fs (loop6): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  230.136529][ T4228] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  230.185994][ T8204] loop4: detected capacity change from 0 to 40427
[  230.235694][ T8204] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  230.283695][ T8204] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  230.314634][ T8204] F2FS-fs (loop4): invalid crc value
[  230.347996][ T8204] F2FS-fs (loop4): Found nat_bits in checkpoint
[  230.480828][ T8204] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  230.510624][ T4228] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  230.534058][ T4228] usb 3-1: config 4 has 0 interfaces, different from the descriptor's value: 1
[  230.544808][ T8204] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  230.674851][ T8231] loop5: detected capacity change from 0 to 512
[  230.716685][ T4228] usb 3-1: New USB device found, idVendor=1f7b, idProduct=550c, bcdDevice=46.bd
[  230.733890][ T4228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.775790][ T4228] usb 3-1: Product: syz
[  230.786561][ T4228] usb 3-1: Manufacturer: syz
[  230.803423][ T4228] usb 3-1: SerialNumber: syz
[  230.848536][ T8051] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  230.862912][ T8231] EXT4-fs (loop5): 1 truncate cleaned up
[  230.896034][ T8051] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  230.906856][ T8231] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none.
[  231.128511][ T4228] usb 3-1: USB disconnect, device number 18
[  231.131148][ T4446] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  231.203704][ T8233] loop6: detected capacity change from 0 to 40427
[  231.211349][ T4446] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  231.232891][ T4446] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  231.246878][ T8233] F2FS-fs (loop6): Wrong segment_count / block_count (64 > 16384)
[  231.254926][ T8233] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  231.355499][ T8233] F2FS-fs (loop6): Found nat_bits in checkpoint
[  231.479027][ T8244] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  231.494161][ T8233] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  231.511588][ T8233] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  231.513943][ T8244] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  231.548334][ T8244] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  231.751399][ T8252] loop4: detected capacity change from 0 to 256
[  231.794014][ T7797] attempt to access beyond end of device
[  231.794014][ T7797] loop6: rw=524288, want=45072, limit=40427
[  231.847834][ T8252] FAT-fs (loop4): Directory bread(block 64) failed
[  231.868135][ T7797] attempt to access beyond end of device
[  231.868135][ T7797] loop6: rw=0, want=45072, limit=40427
[  231.885867][ T8252] FAT-fs (loop4): Directory bread(block 65) failed
[  231.903875][ T8252] FAT-fs (loop4): Directory bread(block 66) failed
[  231.943383][ T8252] FAT-fs (loop4): Directory bread(block 67) failed
[  231.963607][ T8252] FAT-fs (loop4): Directory bread(block 68) failed
[  231.985173][ T8252] FAT-fs (loop4): Directory bread(block 69) failed
[  232.002492][ T8252] FAT-fs (loop4): Directory bread(block 70) failed
[  232.011156][ T8260] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  232.017875][ T6504] attempt to access beyond end of device
[  232.017875][ T6504] loop6: rw=2049, want=40992, limit=40427
[  232.029615][ T8252] FAT-fs (loop4): Directory bread(block 71) failed
[  232.046319][ T8252] FAT-fs (loop4): Directory bread(block 72) failed
[  232.054035][ T8252] FAT-fs (loop4): Directory bread(block 73) failed
[  232.146609][   T13] Bluetooth: hci0: command 0x0406 tx timeout
[  232.396281][ T7926] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.498689][ T7926] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.575556][ T7926] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.588974][ T8276] loop4: detected capacity change from 0 to 512
[  232.629939][ T8276] EXT4-fs (loop4): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  232.696202][ T7926] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.768907][ T8276] EXT4-fs (loop4): mounted filesystem without journal. Opts: nouid32,errors=remount-ro,grpjquota=,nodiscard,dioread_nolock,. Quota mode: writeback.
[  232.806947][ T8285] loop5: detected capacity change from 0 to 256
[  232.813958][ T8276] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.619523][   T13] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  233.886632][   T13] usb 3-1: Using ep0 maxpacket: 32
[  233.986600][ T4308] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  234.006857][   T13] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  234.015790][   T13] usb 3-1: config 0 has no interface number 0
[  234.247069][   T13] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  234.256286][ T4308] usb 5-1: Using ep0 maxpacket: 32
[  234.275069][   T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.303998][ T8329] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1183'.
[  234.334843][   T13] usb 3-1: Product: syz
[  234.348337][   T13] usb 3-1: Manufacturer: syz
[  234.365246][   T13] usb 3-1: SerialNumber: syz
[  234.410308][   T13] usb 3-1: config 0 descriptor??
[  234.429782][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.450674][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.461972][   T13] smsc95xx v2.0.0
[  234.476688][ T4308] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  234.496510][ T4308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.508417][ T4308] usb 5-1: config 0 descriptor??
[  234.552888][ T8307] chnl_net:caif_netlink_parms(): no params data found
[  234.563734][ T4308] hub 5-1:0.0: USB hub found
[  234.825669][ T8338] loop3: detected capacity change from 0 to 4096
[  234.887505][ T8307] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.888154][ T8338] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,,errors=continue. Quota mode: writeback.
[  234.894651][ T8307] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.914833][   T13] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  234.925672][ T4308] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  234.927409][ T8307] device bridge_slave_0 entered promiscuous mode
[  234.967617][ T8338] Quota error (device loop3): find_tree_dqentry: Getting block too big (65539 >= 6)
[  234.996560][   T13] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  234.996596][ T8338] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  235.023892][ T8338] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.1185: Failed to acquire dquot type 0
[  235.111093][ T7926] device hsr_slave_0 left promiscuous mode
[  235.142223][ T7926] device hsr_slave_1 left promiscuous mode
[  235.177745][ T7926] device veth1_macvtap left promiscuous mode
[  235.184425][ T7926] device veth0_macvtap left promiscuous mode
[  235.203904][ T7926] device veth1_vlan left promiscuous mode
[  235.212554][ T7926] device veth0_vlan left promiscuous mode
[  235.238561][ T4308] hid-generic 0003:046D:C31C.0011: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[  235.456780][ T4237] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  235.560870][ T4229] usb 5-1: USB disconnect, device number 15
[  235.674392][ T7926] bond0 (unregistering): Released all slaves
[  235.741705][ T8307] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.749075][ T8307] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.757208][ T8307] device bridge_slave_1 entered promiscuous mode
[  235.804992][ T8307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.820177][ T8307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.847987][ T4237] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.859405][ T4237] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  235.875919][ T8307] team0: Port device team_slave_0 added
[  235.893192][ T8307] team0: Port device team_slave_1 added
[  235.929994][    T7] Bluetooth: hci2: command 0x0409 tx timeout
[  235.931109][ T8307] batman_adv: batadv0: Adding interface: batadv_slave_0
[  235.949871][ T8307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  235.976635][ T4237] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  235.984334][ T8307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  236.000561][ T8307] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.015581][ T8368] loop3: detected capacity change from 0 to 128
[  236.018176][ T8307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  236.037921][ T4237] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  236.064709][ T4237] usb 6-1: Manufacturer: syz
[  236.087753][ T4237] usb 6-1: config 0 descriptor??
[  236.123659][ T8307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.251032][ T8307] device hsr_slave_0 entered promiscuous mode
[  236.258551][ T8307] device hsr_slave_1 entered promiscuous mode
[  236.265385][ T8307] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  236.273842][ T8307] Cannot create hsr debugfs directory
[  236.805999][   T13] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  236.819978][   T13] smsc95xx: probe of 3-1:0.67 failed with error -71
[  236.835944][   T13] usb 3-1: USB disconnect, device number 19
[  237.073882][ T8307] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  237.125626][ T8307] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  237.173032][ T8307] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  237.232815][ T8307] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  237.981107][ T4237] uclogic 0003:256C:006D.0012: interface is invalid, ignoring
[  238.001020][ T4231] Bluetooth: hci2: command 0x041b tx timeout
[  238.001146][ T8307] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.022034][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  238.043823][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  238.199560][ T8307] 8021q: adding VLAN 0 to HW filter on device team0
[  238.249579][ T8408] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  238.288818][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  238.653296][ T4233] usb 6-1: USB disconnect, device number 13
[  238.804020][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  239.693480][ T8051] bridge0: port 1(bridge_slave_0) entered blocking state
[  239.700789][ T8051] bridge0: port 1(bridge_slave_0) entered forwarding state
[  239.985027][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  240.053095][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  240.133940][ T8051] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.141211][ T8051] bridge0: port 2(bridge_slave_1) entered forwarding state
[  240.152281][   T13] Bluetooth: hci2: command 0x040f tx timeout
[  240.181238][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  240.242383][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  241.297970][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  241.406936][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  241.461915][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  241.531784][ T8442] loop4: detected capacity change from 0 to 128
[  241.609341][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  241.685593][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  242.454767][ T4229] Bluetooth: hci2: command 0x0419 tx timeout
[  242.475329][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  242.493333][ T8456] loop2: detected capacity change from 0 to 256
[  242.501181][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  242.522195][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  242.540744][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  242.559736][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  242.591664][ T8307] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  242.602571][ T8460] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  242.668600][ T8456] FAT-fs (loop2): Directory bread(block 64) failed
[  242.716298][ T8456] FAT-fs (loop2): Directory bread(block 65) failed
[  242.736637][ T8456] FAT-fs (loop2): Directory bread(block 66) failed
[  242.743309][ T8456] FAT-fs (loop2): Directory bread(block 67) failed
[  242.831756][ T8456] FAT-fs (loop2): Directory bread(block 68) failed
[  242.875974][ T8456] FAT-fs (loop2): Directory bread(block 69) failed
[  242.925311][ T8456] FAT-fs (loop2): Directory bread(block 70) failed
[  242.950030][ T8456] FAT-fs (loop2): Directory bread(block 71) failed
[  243.004942][ T8456] FAT-fs (loop2): Directory bread(block 72) failed
[  243.036103][ T8456] FAT-fs (loop2): Directory bread(block 73) failed
[  243.102046][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  243.155312][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  243.221078][ T8307] 8021q: adding VLAN 0 to HW filter on device batadv0
[  245.519915][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  245.547186][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  245.675883][ T8307] device veth0_vlan entered promiscuous mode
[  245.737158][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  245.777278][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  245.796537][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  245.805929][  T469] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  245.839991][ T8307] device veth1_vlan entered promiscuous mode
[  245.973800][ T6504] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  246.002696][ T6504] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  246.029953][ T6504] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  246.079842][ T6504] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  246.111560][ T8307] device veth0_macvtap entered promiscuous mode
[  246.152060][ T8307] device veth1_macvtap entered promiscuous mode
[  246.243429][ T8307] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.285439][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  246.288910][ T8540] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1222'.
[  246.294568][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  246.345944][ T8540] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1222'.
[  246.362865][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  246.402903][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  246.458437][ T8307] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.477750][ T8546] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  246.515755][ T8541] tipc: Started in network mode
[  246.521189][ T8541] tipc: Node identity ac14140f, cluster identity 4711
[  246.528515][ T8541] tipc: New replicast peer: 255.255.255.255
[  246.535138][ T8541] tipc: Enabled bearer <udp:syz2>, priority 10
[  246.546959][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  246.565346][ T8051] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  246.608442][ T8307] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.659959][ T8307] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.684987][ T8556] loop3: detected capacity change from 0 to 512
[  246.693735][ T8307] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.723851][ T8307] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.863636][ T8556] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  246.994484][ T8556] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouid32,errors=remount-ro,grpjquota=,nodiscard,dioread_nolock,. Quota mode: writeback.
[  247.023321][ T8556] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.054867][ T4491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.144421][ T4491] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.200520][ T6504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  247.228551][ T4491] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  247.239716][ T6504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  247.269358][ T6504] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  247.555885][   T13] tipc: Node number set to 2886997007
[  247.966518][   T21] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  248.230529][ T8619] loop7: detected capacity change from 0 to 1024
[  248.282843][ T8619] EXT4-fs (loop7): Ignoring removed bh option
[  248.292792][ T8619] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (58532!=20869)
[  248.339046][ T8619] EXT4-fs (loop7): barriers disabled
[  248.344445][ T8619] JBD2: no valid journal superblock found
[  248.350573][ T8619] EXT4-fs (loop7): error loading journal
[  250.310980][ T8627] loop5: detected capacity change from 0 to 256
[  250.521523][ T8627] FAT-fs (loop5): Directory bread(block 64) failed
[  250.562082][ T8627] FAT-fs (loop5): Directory bread(block 65) failed
[  250.622093][ T8627] FAT-fs (loop5): Directory bread(block 66) failed
[  250.636663][ T8627] FAT-fs (loop5): Directory bread(block 67) failed
[  250.658237][ T8627] FAT-fs (loop5): Directory bread(block 68) failed
[  250.666582][   T21] usb 5-1: device descriptor read/all, error -71
[  250.687345][ T8627] FAT-fs (loop5): Directory bread(block 69) failed
[  250.848377][ T8627] FAT-fs (loop5): Directory bread(block 70) failed
[  250.904234][ T8627] FAT-fs (loop5): Directory bread(block 71) failed
[  250.911474][ T8627] FAT-fs (loop5): Directory bread(block 72) failed
[  250.920329][ T8642] loop7: detected capacity change from 0 to 128
[  250.926972][ T8627] FAT-fs (loop5): Directory bread(block 73) failed
[  251.232195][ T8642] EXT4-fs (loop7): Test dummy encryption mode enabled
[  251.396209][ T8642] EXT4-fs (loop7): inline encryption not supported
[  251.593152][ T8642] EXT4-fs (loop7): Mount option "noacl" will be removed by 3.5
[  251.593152][ T8642] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  251.593152][ T8642] 
[  251.729858][ T8642] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption=v1,max_dir_size_kb=0x0000000000000002,inlinecrypt,inode_readahead_blks=0x0000000000000010,noacl,,errors=continue. Quota mode: none.
[  251.751918][ T8642] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  252.767206][ T8696] tipc: Started in network mode
[  252.772779][ T8696] tipc: Node identity ac14140f, cluster identity 4711
[  252.781247][ T8696] tipc: New replicast peer: 255.255.255.255
[  252.788848][ T8696] tipc: Enabled bearer <udp:syz2>, priority 10
[  253.414490][ T8700] loop4: detected capacity change from 0 to 512
[  253.586680][ T8700] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  253.687872][ T8700] EXT4-fs error (device loop4): ext4_iget_extra_inode:4573: inode #15: comm syz.4.1258: corrupted in-inode xattr
[  253.845323][ T8700] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.1258: couldn't read orphan inode 15 (err -117)
[  253.908971][ T4616] tipc: Node number set to 2886997007
[  254.163063][ T8700] EXT4-fs (loop4): mounted filesystem without journal. Opts: lazytime,delalloc,noinit_itable,noload,journal_ioprio=0x0000000000000001,nodiscard,discard,inode_readahead_blks=0x0000000000020000,nomblk_io_submit,acl,,errors=continue. Quota mode: none.
[  255.057750][ T8746] loop4: detected capacity change from 0 to 16
[  255.109157][ T8746] erofs: (device loop4): mounted with root inode @ nid 36.
[  255.180507][ T8746] erofs: (device loop4): z_erofs_readahead: readahead error at page 2 @ nid 89
[  255.255599][ T8746] attempt to access beyond end of device
[  255.255599][ T8746] loop4: rw=524288, want=524304, limit=16
[  255.322492][ T4194] erofs: (device loop4): z_erofs_lz4_decompress: failed to decompress -5 in[4096, 0] out[4100]
[  255.368300][ T8746] erofs: (device loop4): z_erofs_lz4_decompress: failed to decompress -5 in[4096, 0] out[4096]
[  255.462780][   T26] audit: type=1800 audit(1777052766.998:10): pid=8746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1268" name="file2" dev="loop4" ino=89 res=0 errno=0
[  255.680584][ T8732] loop3: detected capacity change from 0 to 40427
[  255.700132][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.707030][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  255.779744][ T8732] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  255.856880][ T8732] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  256.086136][ T8732] F2FS-fs (loop3): invalid crc value
[  256.469842][ T4229] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  256.521915][ T8732] F2FS-fs (loop3): Found nat_bits in checkpoint
[  256.680043][ T8732] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  256.720782][ T8732] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  256.739374][ T8741] loop7: detected capacity change from 0 to 40427
[  256.752160][ T8777] loop2: detected capacity change from 0 to 256
[  256.796807][ T4229] usb 5-1: Using ep0 maxpacket: 32
[  256.917369][ T8741] F2FS-fs (loop7): invalid crc value
[  256.926632][ T4229] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  256.934848][ T4229] usb 5-1: config 0 has no interface number 0
[  256.973377][   T26] audit: type=1804 audit(1777052768.508:11): pid=8777 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1273" name="/newroot/244/file1/bus" dev="loop2" ino=1048653 res=1 errno=0
[  257.768344][ T8741] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  257.975955][ T8792] loop5: detected capacity change from 0 to 512
[  257.986855][ T4229] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  258.007850][ T4229] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.036489][ T4229] usb 5-1: Product: syz
[  258.041649][ T4229] usb 5-1: Manufacturer: syz
[  258.046275][ T4229] usb 5-1: SerialNumber: syz
[  258.060345][ T8741] F2FS-fs (loop7): Start checkpoint disabled!
[  258.087584][ T4229] usb 5-1: config 0 descriptor??
[  258.104951][ T8741] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  258.137536][ T4229] smsc95xx v2.0.0
[  258.198191][ T8792] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1278: invalid indirect mapped block 256 (level 2)
[  258.311611][ T8792] EXT4-fs (loop5): 2 truncates cleaned up
[  258.343714][ T8792] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,auto_da_alloc,lazytime,journal_dev=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  258.395183][ T4237] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  258.576746][ T4229] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  258.616517][ T4229] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  258.666459][ T4237] usb 3-1: Using ep0 maxpacket: 16
[  258.867696][ T4237] usb 3-1: unable to get BOS descriptor or descriptor too short
[  259.489715][ T4237] usb 3-1: config 1 has an invalid interface number: 206 but max is 0
[  259.506439][ T4237] usb 3-1: config 1 has no interface number 0
[  259.617782][ T4229] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000020: -32
[  259.655633][ T4229] smsc95xx: probe of 5-1:0.67 failed with error -32
[  259.686709][ T4237] usb 3-1: New USB device found, idVendor=152d, idProduct=0310, bcdDevice=3b.0a
[  259.696170][ T4237] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.724938][ T4237] usb 3-1: Product: syz
[  260.542879][ T4237] usb 3-1: Manufacturer: syz
[  260.549060][ T4237] usb 3-1: SerialNumber: syz
[  260.579617][ T8826] syz.5.1287 (8826) used greatest stack depth: 18096 bytes left
[  260.753236][ T4240] usb 5-1: USB disconnect, device number 18
[  261.686193][ T4237] usb 3-1: USB disconnect, device number 20
[  263.006764][    T7] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  263.118209][ T8874] loop4: detected capacity change from 0 to 1024
[  263.154538][ T8874] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  263.309823][ T8874] EXT4-fs (loop4): orphan cleanup on readonly fs
[  263.803849][ T8868] loop7: detected capacity change from 0 to 40427
[  263.807812][ T8874] EXT4-fs error (device loop4): ext4_map_blocks:741: inode #3: block 3: comm syz.4.1301: lblock 3 mapped to illegal pblock 3 (length 1)
[  263.899298][ T8874] Quota error (device loop4): write_blk: dquota write failed
[  263.904876][    T7] usb 3-1: Using ep0 maxpacket: 32
[  263.912310][ T8868] F2FS-fs (loop7): Corrupted extension count (64 + 1 > 64)
[  263.923864][ T8868] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  263.932532][ T8868] F2FS-fs (loop7): build fault injection attr: rate: 0, type: 0x6
[  263.957001][ T8874] Quota error (device loop4): find_free_dqentry: Can't write quota data block 3
[  263.966334][ T8874] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  263.977910][ T8868] F2FS-fs (loop7): invalid crc value
[  263.988304][ T8874] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.1301: Failed to acquire dquot type 0
[  264.040493][    T7] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  264.053528][    T7] usb 3-1: config 0 has no interface number 0
[  264.081659][ T8874] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #3: block 3: comm syz.4.1301: lblock 3 mapped to illegal pblock 3 (length 1)
[  264.106164][ T8868] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  264.162563][ T8886] loop5: detected capacity change from 0 to 1024
[  264.169477][ T8874] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  264.179875][ T8874] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.1301: Failed to acquire dquot type 0
[  264.196570][ T8874] EXT4-fs error (device loop4): ext4_free_blocks:6231: comm syz.4.1301: Freeing blocks not in datazone - block = 0, count = 4096
[  264.386780][ T8874] EXT4-fs error (device loop4): ext4_map_blocks:631: inode #3: block 3: comm syz.4.1301: lblock 3 mapped to illegal pblock 3 (length 1)
[  264.665459][ T8886] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #3: block 2: comm syz.5.1303: lblock 2 mapped to illegal pblock 2 (length 1)
[  264.787281][    T7] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  264.862916][ T8868] F2FS-fs (loop7): Start checkpoint disabled!
[  264.881252][ T8874] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  264.891604][ T8886] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  264.900011][    T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.903830][ T8874] EXT4-fs error (device loop4): ext4_acquire_dquot:6236: comm syz.4.1301: Failed to acquire dquot type 0
[  264.912773][ T8892] loop3: detected capacity change from 0 to 512
[  264.926063][    T7] usb 3-1: Product: syz
[  264.928317][ T8868] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  264.931006][    T7] usb 3-1: Manufacturer: syz
[  264.942502][    T7] usb 3-1: SerialNumber: syz
[  264.953561][    T7] usb 3-1: config 0 descriptor??
[  264.958828][ T8886] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #3: block 48: comm syz.5.1303: lblock 0 mapped to illegal pblock 48 (length 1)
[  264.972498][ T8874] EXT4-fs (loop4): 1 orphan inode deleted
[  264.979147][ T8868] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  264.997405][    T7] smsc95xx v2.0.0
[  265.003395][ T8874] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  265.015153][ T8886] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  265.043752][ T8874] EXT4-fs error (device loop4): ext4_search_dir:1549: inode #2: block 16: comm syz.4.1301: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  265.054619][ T8892] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  265.067003][ T8886] EXT4-fs error (device loop5): ext4_acquire_dquot:6236: comm syz.5.1303: Failed to acquire dquot type 0
[  265.112481][ T8892] EXT4-fs error (device loop3): ext4_orphan_get:1432: comm syz.3.1304: bad orphan inode 131083
[  265.115878][ T8886] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  265.134612][ T8886] EXT4-fs error (device loop5): ext4_evict_inode:284: inode #11: comm syz.5.1303: mark_inode_dirty error
[  265.160350][ T8886] EXT4-fs warning (device loop5): ext4_evict_inode:287: couldn't mark inode dirty (err -117)
[  265.191639][ T8892] EXT4-fs (loop3): mounted filesystem without journal. Opts: acl,discard,sb=0xfffffffffffffffe,,errors=continue. Quota mode: none.
[  265.214364][ T8886] EXT4-fs (loop5): 1 orphan inode deleted
[  265.220271][ T8886] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,data_err=ignore,max_batch_time=0x00000000000008c9,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,,errors=continue. Quota mode: none.
[  265.258090][ T8892] syz.3.1304 (pid 8892) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  265.311962][  T469] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  265.429040][  T469] Quota error (device loop5): remove_tree: Can't read quota data block 1
[  265.442590][ T6624] attempt to access beyond end of device
[  265.442590][ T6624] loop7: rw=2049, want=45104, limit=40427
[  265.455317][  T469] EXT4-fs error (device loop5): ext4_release_dquot:6272: comm kworker/u4:3: Failed to release dquot type 0
[  265.516532][    T7] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  265.539255][    T7] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  265.564969][  T469] EXT4-fs error (device loop5): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:3: lblock 1 mapped to illegal pblock 1 (length 1)
[  265.605386][  T469] Quota error (device loop5): remove_tree: Can't read quota data block 1
[  265.635306][  T469] EXT4-fs error (device loop5): ext4_release_dquot:6272: comm kworker/u4:3: Failed to release dquot type 0
[  265.670918][ T4446] EXT4-fs error (device loop5): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0
[  266.412672][ T4446] EXT4-fs error (device loop5) in ext4_reserve_inode_write:5873: Corrupt filesystem
[  266.453172][ T8909] overlayfs: upper fs does not support tmpfile.
[  266.518112][ T4446] EXT4-fs error (device loop5): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error
[  266.536590][    T7] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000020: -71
[  266.569402][    T7] smsc95xx: probe of 3-1:0.67 failed with error -71
[  266.627516][    T7] usb 3-1: USB disconnect, device number 21
[  266.763031][ T8922] loop4: detected capacity change from 0 to 512
[  267.000316][ T8922] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.1314: invalid block
[  267.072001][ T8922] EXT4-fs (loop4): Remounting filesystem read-only
[  267.141689][ T8922] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1314: invalid indirect mapped block 4294967295 (level 1)
[  267.677643][ T8922] EXT4-fs (loop4): Remounting filesystem read-only
[  267.866567][ T8922] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.1314: invalid indirect mapped block 4294967295 (level 1)
[  267.989586][ T8922] EXT4-fs (loop4): Remounting filesystem read-only
[  268.106944][ T8922] EXT4-fs (loop4): 2 truncates cleaned up
[  268.151540][ T8922] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpjquota=,errors=remount-ro,discard,auto_da_alloc=0x0000000000000100,barrier=0x0000000000000000,. Quota mode: writeback.
[  268.318533][ T8922] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.1314: bg 0: block 5: invalid block bitmap
[  268.436806][ T8922] EXT4-fs (loop4): Remounting filesystem read-only
[  268.511561][ T8949] Illegal XDP return value 4291420072, expect packet loss!
[  268.661379][ T8915] loop2: detected capacity change from 0 to 40427
[  268.684157][ T8955] loop3: detected capacity change from 0 to 512
[  268.775270][ T8915] F2FS-fs (loop2): invalid crc value
[  268.805075][ T4231] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  268.922541][ T8955] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  268.968379][ T8915] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  269.046623][ T4231] usb 6-1: Using ep0 maxpacket: 32
[  269.060413][ T8955] EXT4-fs warning (device loop3): ext4_xattr_inode_get:506: inode #11: comm syz.3.1323: EA inode hash validation failed
[  269.098811][ T8955] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #11: comm syz.3.1323: iget: bad extra_isize 90 (inode size 256)
[  269.166786][ T4231] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  269.174951][ T4231] usb 6-1: config 0 has no interface number 0
[  269.194193][ T8955] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.1323: error while reading EA inode 11 err=-117
[  269.262192][ T8915] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  269.277176][ T8955] EXT4-fs (loop3): 1 orphan inode deleted
[  269.307258][ T8955] EXT4-fs (loop3): mounted filesystem without journal. Opts: data_err=ignore,dioread_nolock,debug_want_extra_isize=0x000000000000005a,prjquota,max_dir_size_kb=0x0000000000000004,nobarrier,min_batch_time=0x0000000000000003,,errors=continue. Quota mode: writeback.
[  269.334092][ T8915] F2FS-fs (loop2): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  269.354369][ T8975] loop4: detected capacity change from 0 to 256
[  269.386840][ T4231] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  269.395924][ T4231] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.426815][ T4231] usb 6-1: Product: syz
[  269.431290][ T4231] usb 6-1: Manufacturer: syz
[  269.463183][ T4231] usb 6-1: SerialNumber: syz
[  269.489115][ T8975] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  269.501686][ T4231] usb 6-1: config 0 descriptor??
[  269.514272][ T8975] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  269.637183][ T8975] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c91aa, utbl_chksum : 0xe619d30d)
[  269.674013][ T4231] smsc95xx v2.0.0
[  270.137063][ T4231] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  270.235028][ T4231] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  270.341359][   T26] audit: type=1800 audit(1777052781.878:12): pid=8975 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1325" name="file1" dev="loop4" ino=1048657 res=0 errno=0
[  270.704393][ T9003] loop2: detected capacity change from 0 to 128
[  271.157316][ T9003] EXT4-fs (loop2): Mount option "noacl" will be removed by 3.5
[  271.157316][ T9003] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  271.157316][ T9003] 
[  271.307091][ T4231] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000020: -32
[  271.444477][ T4231] smsc95xx: probe of 6-1:0.67 failed with error -32
[  271.481181][ T9003] EXT4-fs (loop2): Test dummy encryption mode enabled
[  271.527417][ T9003] EXT4-fs (loop2): mounted filesystem without journal. Opts: nojournal_checksum,nolazytime,noacl,jqfmt=vfsv0,nombcache,grpjquota=,test_dummy_encryption,,errors=continue. Quota mode: none.
[  271.547256][ T4229] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  271.667676][ T9003] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.796532][ T4229] usb 5-1: Using ep0 maxpacket: 16
[  271.889532][ T9026] loop7: detected capacity change from 0 to 128
[  271.921442][ T9027] loop3: detected capacity change from 0 to 512
[  271.928186][ T4229] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.940749][ T9026] EXT4-fs (loop7): Test dummy encryption mode enabled
[  271.954450][ T4229] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.966734][ T4229] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  271.991598][ T9026] EXT4-fs (loop7): Unrecognized mount option "uid>00000000000000060928" or missing value
[  271.993881][ T4229] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  272.018077][ T4229] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.030463][ T9027] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  272.040347][ T4229] usb 5-1: config 0 descriptor??
[  272.121194][ T9027] EXT4-fs (loop3): invalid journal inode
[  272.152128][ T9027] EXT4-fs (loop3): can't get journal size
[  272.241513][ T9027] EXT4-fs (loop3): 1 truncate cleaned up
[  272.285799][ T9027] EXT4-fs (loop3): mounted filesystem without journal. Opts: norecovery,init_itable=0x0000000000000006,sysvgroups,abort,,errors=continue. Quota mode: none.
[  272.350750][    T7] usb 6-1: USB disconnect, device number 14
[  272.446088][ T9027] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1335'.
[  272.475172][ T9047] loop5: detected capacity change from 0 to 1024
[  272.505688][   T26] audit: type=1326 audit(1777052784.038:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9025 comm="syz.3.1335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564e0b3dd9 code=0x7ffc0000
[  272.531754][ T9047] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  272.553894][ T4229] input: HID 05ac:8241 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:05AC:8241.0013/input/input21
[  272.576287][ T9047] EXT4-fs (loop5): bad geometry: bigalloc file system with non-zero first_data_block
[  272.576287][ T9047] 
[  272.630487][   T26] audit: type=1326 audit(1777052784.078:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9025 comm="syz.3.1335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f564e0b3dd9 code=0x7ffc0000
[  272.703154][ T4229] appleir 0003:05AC:8241.0013: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.4-1/input0
[  272.730484][   T26] audit: type=1326 audit(1777052784.078:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9025 comm="syz.3.1335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564e0b3dd9 code=0x7ffc0000
[  272.837306][   T26] audit: type=1326 audit(1777052784.078:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9025 comm="syz.3.1335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f564e0b3dd9 code=0x7ffc0000
[  272.951365][ T9061] loop2: detected capacity change from 0 to 256
[  272.968473][   T26] audit: type=1326 audit(1777052784.098:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9025 comm="syz.3.1335" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f564e0b3dd9 code=0x7ffc0000
[  273.037093][ T9061] exfat: Deprecated parameter 'utf8'
[  273.049970][ T9061] exfat: Deprecated parameter 'utf8'
[  273.075536][ T9068] loop3: detected capacity change from 0 to 256
[  273.099715][ T9061] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  273.181636][   T26] audit: type=1804 audit(1777052784.718:18): pid=9068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1344" name="/newroot/320/file1/bus" dev="loop3" ino=1048658 res=1 errno=0
[  273.545015][ T9084] loop2: detected capacity change from 0 to 256
[  273.630266][ T9084] exfat: Deprecated parameter 'namecase'
[  273.636012][ T9084] exfat: Deprecated parameter 'namecase'
[  273.689006][ T9084] exFAT-fs (loop2): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  273.826646][ T4229] usb 5-1: reset high-speed USB device number 19 using dummy_hcd
[  274.222996][ T9099] loop5: detected capacity change from 0 to 512
[  275.053274][ T9099] EXT4-fs (loop5): 1 truncate cleaned up
[  275.086989][ T9099] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,stripe=0x000000000000030c,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,usrjquota=,,errors=continue. Quota mode: none.
[  275.195498][ T4237] usb 5-1: USB disconnect, device number 19
[  275.392527][ T9124] loop2: detected capacity change from 0 to 1024
[  275.495451][ T9129] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  275.503606][ T9129] IPv6: NLM_F_CREATE should be set when creating new route
[  275.511140][ T9129] IPv6: NLM_F_CREATE should be set when creating new route
[  275.546006][ T9124] EXT4-fs (loop2): inline encryption not supported
[  275.555036][ T9124] EXT4-fs (loop2): Ignoring removed bh option
[  275.621022][ T9132] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  275.656855][ T9124] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,dioread_lock,barrier=0x0000000000000004,inlinecrypt,journal_dev=0x0000000000000007,lazytime,errors=remount-ro,stripe=0x0000000000000007,bh,init_itable,. Quota mode: none.
[  275.768789][   T26] audit: type=1800 audit(1777052787.308:19): pid=9124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1355" name="file1" dev="loop2" ino=15 res=0 errno=0
[  275.984096][ T9143] loop2: detected capacity change from 0 to 512
[  276.096130][ T9143] EXT4-fs error (device loop2): ext4_orphan_get:1406: inode #15: comm syz.2.1359: inode has both inline data and extents flags
[  276.125994][ T9143] EXT4-fs error (device loop2): ext4_orphan_get:1411: comm syz.2.1359: couldn't read orphan inode 15 (err -117)
[  276.144043][ T9143] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  276.223003][   T26] audit: type=1800 audit(1777052787.758:20): pid=9143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1359" name="file1" dev="loop2" ino=18 res=0 errno=0
[  277.056522][   T13] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  277.077225][ T9182] loop5: detected capacity change from 0 to 16
[  277.179654][ T9182] erofs: (device loop5): mounted with root inode @ nid 36.
[  277.526696][   T13] usb 3-1: unable to get BOS descriptor or descriptor too short
[  277.586904][   T13] usb 3-1: not running at top speed; connect to a high speed hub
[  277.799194][ T9207] loop5: detected capacity change from 0 to 1024
[  277.896693][   T13] usb 3-1: New USB device found, idVendor=0582, idProduct=000c, bcdDevice= 0.40
[  277.936079][ T9207] EXT4-fs (loop5): bad geometry: bigalloc file system with non-zero first_data_block
[  277.936079][ T9207] 
[  277.937177][   T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.991930][ T9180] loop7: detected capacity change from 0 to 40427
[  278.008990][   T13] usb 3-1: Product: syz
[  278.013182][   T13] usb 3-1: Manufacturer: syz
[  278.029236][   T13] usb 3-1: SerialNumber: syz
[  278.058303][ T9180] F2FS-fs (loop7): invalid crc value
[  278.117941][ T9215] loop5: detected capacity change from 0 to 256
[  278.134688][ T9180] F2FS-fs (loop7): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  278.279204][ T9180] F2FS-fs (loop7): Start checkpoint disabled!
[  278.317218][ T9180] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  278.323908][ T9193] loop4: detected capacity change from 0 to 40427
[  278.356611][   T13] usb 3-1: 1:1 : sample bitwidth 41 in over sample bytes 2
[  278.374445][   T13] usb 3-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  278.394584][   T13] usb 3-1: 1:1 : invalid channels 0
[  278.425436][   T13] snd-usb-audio: probe of 3-1:1.0 failed with error -2
[  278.487983][   T13] usb 3-1: 1:1 : sample bitwidth 41 in over sample bytes 2
[  278.495256][   T13] usb 3-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  278.541981][ T9193] F2FS-fs (loop4): invalid crc value
[  278.563247][   T13] usb 3-1: 1:1 : invalid channels 0
[  278.861094][ T9193] F2FS-fs (loop4): Found nat_bits in checkpoint
[  279.122538][ T6624] attempt to access beyond end of device
[  279.122538][ T6624] loop7: rw=2049, want=45104, limit=40427
[  279.136857][   T13] snd-usb-audio: probe of 3-1:1.1 failed with error -2
[  279.146172][ T9193] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  279.171530][ T9213] loop3: detected capacity change from 0 to 40427
[  279.178327][   T13] usb 3-1: 1:1 : sample bitwidth 41 in over sample bytes 2
[  279.185572][   T13] usb 3-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  279.199266][   T13] usb 3-1: 1:1 : invalid channels 0
[  279.241184][ T9213] F2FS-fs (loop3): Corrupted extension count (64 + 1 > 64)
[  279.253451][   T13] snd-usb-audio: probe of 3-1:1.2 failed with error -2
[  279.276641][ T9213] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  279.328129][ T9213] F2FS-fs (loop3): invalid crc value
[  279.343218][   T13] usb 3-1: USB disconnect, device number 22
[  279.352389][ T9213] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  279.375011][ T4340] udevd[4340]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  279.438235][ T5805] attempt to access beyond end of device
[  279.438235][ T5805] loop4: rw=2049, want=45104, limit=40427
[  279.629665][ T9219] loop5: detected capacity change from 0 to 40427
[  279.664898][ T9213] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  279.690523][ T9219] F2FS-fs (loop5): Invalid log blocks per segment (4278190089)
[  279.712967][ T9213] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  279.743448][ T9219] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  279.817203][ T9219] F2FS-fs (loop5): invalid crc value
[  279.844381][ T9219] F2FS-fs (loop5): Found nat_bits in checkpoint
[  279.979949][ T9219] F2FS-fs (loop5): recover fsync data on readonly fs
[  280.015764][ T9219] F2FS-fs (loop5): Try to recover 1th superblock, ret: -30
[  280.033568][ T9219] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  280.130197][ T9219] F2FS-fs (loop5): Corrupted max_depth of 3: 255
[  280.160082][ T9219] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  280.285566][   T26] audit: type=1326 audit(1777052791.818:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9257 comm="syz.7.1387" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f054f932dd9 code=0x0
[  280.436222][ T9260] loop4: detected capacity change from 0 to 4096
[  280.492240][ T9260] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[  280.503216][ T9260] EXT4-fs (loop4): inline encryption not supported
[  280.511338][ T9260] EXT4-fs (loop4): Test dummy encryption mode enabled
[  280.582693][ T9260] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a85ec028, mo2=0003]
[  280.603307][ T9260] System zones: 0-5
[  280.611421][ T9260] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug,jqfmt=vfsv0,inlinecrypt,errors=remount-ro,test_dummy_encryption=v1,usrquota,delalloc,nogrpid,grpquota,. Quota mode: writeback.
[  280.707021][ T9260] 
[  280.709392][ T9260] ======================================================
[  280.716419][ T9260] WARNING: possible circular locking dependency detected
[  280.723542][ T9260] syzkaller #0 Not tainted
[  280.727991][ T9260] ------------------------------------------------------
[  280.735010][ T9260] syz.4.1381/9260 is trying to acquire lock:
[  280.741103][ T9260] ffff88805ff54968 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410
[  280.750018][ T9260] 
[  280.750018][ T9260] but task is already holding lock:
[  280.757558][ T9260] ffff888051404840 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8bf/0x1b30
[  280.767070][ T9260] 
[  280.767070][ T9260] which lock already depends on the new lock.
[  280.767070][ T9260] 
[  280.777638][ T9260] 
[  280.777638][ T9260] the existing dependency chain (in reverse order) is:
[  280.786658][ T9260] 
[  280.786658][ T9260] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[  280.794496][ T9260]        down_read+0x44/0x2e0
[  280.799268][ T9260]        ext4_map_blocks+0x33c/0x1b30
[  280.804653][ T9260]        ext4_getblk+0x176/0x670
[  280.809582][ T9260]        ext4_bread+0x26/0x180
[  280.814341][ T9260]        ext4_quota_read+0x1b3/0x3a0
[  280.819607][ T9260]        find_tree_dqentry+0x188/0xb30
[  280.825051][ T9260]        find_tree_dqentry+0x3eb/0xb30
[  280.830615][ T9260]        qtree_read_dquot+0x13c/0x680
[  280.835968][ T9260]        v2_read_dquot+0xc0/0x110
[  280.840971][ T9260]        dquot_acquire+0x152/0x520
[  280.846068][ T9260]        ext4_acquire_dquot+0x2d9/0x4a0
[  280.851611][ T9260]        dqget+0x778/0xeb0
[  280.856026][ T9260]        __dquot_initialize+0x333/0xcd0
[  280.861642][ T9260]        ext4_process_orphan+0x54/0x300
[  280.867180][ T9260]        ext4_orphan_cleanup+0xad2/0x1320
[  280.872910][ T9260]        ext4_fill_super+0x8d6e/0x94f0
[  280.878374][ T9260]        mount_bdev+0x287/0x3c0
[  280.883217][ T9260]        legacy_get_tree+0xe6/0x180
[  280.888405][ T9260]        vfs_get_tree+0x88/0x270
[  280.893356][ T9260]        do_new_mount+0x24a/0xa40
[  280.898361][ T9260]        __se_sys_mount+0x2e3/0x3d0
[  280.903539][ T9260]        do_syscall_64+0x4c/0xa0
[  280.908454][ T9260]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  280.914854][ T9260] 
[  280.914854][ T9260] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[  280.922999][ T9260]        down_read+0x44/0x2e0
[  280.927702][ T9260]        v2_read_dquot+0x4a/0x110
[  280.932961][ T9260]        dquot_acquire+0x152/0x520
[  280.938105][ T9260]        ext4_acquire_dquot+0x2d9/0x4a0
[  280.943664][ T9260]        dqget+0x778/0xeb0
[  280.948136][ T9260]        __dquot_initialize+0x3c3/0xcd0
[  280.953688][ T9260]        ext4_create+0x92/0x470
[  280.958533][ T9260]        path_openat+0x11db/0x2fa0
[  280.963934][ T9260]        do_filp_open+0x1e2/0x410
[  280.969060][ T9260]        do_sys_openat2+0x150/0x4b0
[  280.974258][ T9260]        __x64_sys_creat+0x8c/0xb0
[  280.979379][ T9260]        do_syscall_64+0x4c/0xa0
[  280.984312][ T9260]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  280.990722][ T9260] 
[  280.990722][ T9260] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[  280.998393][ T9260]        __lock_acquire+0x2c42/0x7d10
[  281.003849][ T9260]        lock_acquire+0x19e/0x400
[  281.008860][ T9260]        __mutex_lock_common+0x1e3/0x2400
[  281.014570][ T9260]        mutex_lock_nested+0x17/0x20
[  281.019855][ T9260]        dquot_commit+0x5a/0x410
[  281.024800][ T9260]        ext4_write_dquot+0x1f0/0x360
[  281.030190][ T9260]        mark_all_dquot_dirty+0xf9/0x400
[  281.035846][ T9260]        __dquot_alloc_space+0x5d0/0xe20
[  281.041470][ T9260]        ext4_mb_new_blocks+0xfb1/0x4820
[  281.047315][ T9260]        ext4_ext_map_blocks+0x18ab/0x65e0
[  281.053164][ T9260]        ext4_map_blocks+0x98e/0x1b30
[  281.058539][ T9260]        _ext4_get_block+0x1e7/0x540
[  281.063913][ T9260]        ext4_block_write_begin+0x61b/0x1220
[  281.069960][ T9260]        ext4_write_begin+0x6c8/0x15d0
[  281.075402][ T9260]        ext4_da_write_begin+0x43b/0xb40
[  281.081016][ T9260]        generic_perform_write+0x2b6/0x550
[  281.086983][ T9260]        ext4_buffered_write_iter+0x25f/0x3b0
[  281.093056][ T9260]        ext4_file_write_iter+0x74d/0x1700
[  281.098847][ T9260]        vfs_write+0x745/0xd60
[  281.103595][ T9260]        __x64_sys_pwrite64+0x19a/0x220
[  281.109121][ T9260]        do_syscall_64+0x4c/0xa0
[  281.114040][ T9260]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  281.120538][ T9260] 
[  281.120538][ T9260] other info that might help us debug this:
[  281.120538][ T9260] 
[  281.130887][ T9260] Chain exists of:
[  281.130887][ T9260]   &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[  281.130887][ T9260] 
[  281.144890][ T9260]  Possible unsafe locking scenario:
[  281.144890][ T9260] 
[  281.152325][ T9260]        CPU0                    CPU1
[  281.157674][ T9260]        ----                    ----
[  281.163151][ T9260]   lock(&ei->i_data_sem/2);
[  281.167729][ T9260]                                lock(&s->s_dquot.dqio_sem);
[  281.175094][ T9260]                                lock(&ei->i_data_sem/2);
[  281.182460][ T9260]   lock(&dquot->dq_lock);
[  281.186895][ T9260] 
[  281.186895][ T9260]  *** DEADLOCK ***
[  281.186895][ T9260] 
[  281.195062][ T9260] 4 locks held by syz.4.1381/9260:
[  281.200240][ T9260]  #0: ffff888077644460 (sb_writers#5){.+.+}-{0:0}, at: vfs_write+0x295/0xd60
[  281.209139][ T9260]  #1: ffff8880514049b8 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_buffered_write_iter+0xa6/0x3b0
[  281.220550][ T9260]  #2: ffff888051404840 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x8bf/0x1b30
[  281.230555][ T9260]  #3: ffffffff8c4415f8 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30
[  281.239581][ T9260] 
[  281.239581][ T9260] stack backtrace:
[  281.245464][ T9260] CPU: 0 PID: 9260 Comm: syz.4.1381 Not tainted syzkaller #0
[  281.252820][ T9260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  281.263005][ T9260] Call Trace:
[  281.266273][ T9260]  <TASK>
[  281.269312][ T9260]  dump_stack_lvl+0x188/0x250
[  281.273984][ T9260]  ? load_image+0x400/0x400
[  281.278587][ T9260]  ? show_regs_print_info+0x20/0x20
[  281.283884][ T9260]  ? print_circular_bug+0x12b/0x1a0
[  281.289074][ T9260]  check_noncircular+0x296/0x330
[  281.294004][ T9260]  ? add_chain_block+0x940/0x940
[  281.298925][ T9260]  ? lockdep_lock+0xf1/0x1f0
[  281.303521][ T9260]  ? mark_lock+0x94/0x320
[  281.307861][ T9260]  __lock_acquire+0x2c42/0x7d10
[  281.312702][ T9260]  ? verify_lock_unused+0x140/0x140
[  281.318006][ T9260]  ? mark_lock+0x94/0x320
[  281.322327][ T9260]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  281.328357][ T9260]  ? lock_chain_count+0x20/0x20
[  281.333206][ T9260]  lock_acquire+0x19e/0x400
[  281.337690][ T9260]  ? dquot_commit+0x5a/0x410
[  281.342268][ T9260]  ? finish_task_switch+0x1e4/0x640
[  281.347457][ T9260]  ? __might_sleep+0xf0/0xf0
[  281.352253][ T9260]  ? read_lock_is_recursive+0x10/0x10
[  281.357617][ T9260]  ? __schedule+0x11f7/0x43c0
[  281.362296][ T9260]  ? dquot_commit+0x5a/0x410
[  281.366879][ T9260]  __mutex_lock_common+0x1e3/0x2400
[  281.372121][ T9260]  ? dquot_commit+0x5a/0x410
[  281.376719][ T9260]  ? __might_sleep+0xf0/0xf0
[  281.381301][ T9260]  ? mutex_lock_io_nested+0x60/0x60
[  281.386500][ T9260]  ? preempt_schedule+0xbc/0xd0
[  281.391473][ T9260]  mutex_lock_nested+0x17/0x20
[  281.396424][ T9260]  dquot_commit+0x5a/0x410
[  281.400922][ T9260]  ? __ext4_journal_start_sb+0x1bd/0x360
[  281.406634][ T9260]  ext4_write_dquot+0x1f0/0x360
[  281.411491][ T9260]  mark_all_dquot_dirty+0xf9/0x400
[  281.416590][ T9260]  __dquot_alloc_space+0x5d0/0xe20
[  281.421706][ T9260]  ext4_mb_new_blocks+0xfb1/0x4820
[  281.426860][ T9260]  ? __es_insert_extent+0x1790/0x1790
[  281.432258][ T9260]  ? rcu_is_watching+0x11/0xa0
[  281.437044][ T9260]  ? trace_ext4_get_implied_cluster_alloc_exit+0x83/0x1d0
[  281.444141][ T9260]  ? ext4_mb_pa_callback+0xd0/0xd0
[  281.449268][ T9260]  ? ext4_ext_check_overlap+0x401/0x560
[  281.454813][ T9260]  ? ext4_ext_find_goal+0xed/0x1d0
[  281.460028][ T9260]  ext4_ext_map_blocks+0x18ab/0x65e0
[  281.465311][ T9260]  ? lockdep_hardirqs_on+0x94/0x140
[  281.470501][ T9260]  ? lock_acquire+0x208/0x400
[  281.475168][ T9260]  ? ext4_ext_release+0x10/0x10
[  281.480131][ T9260]  ? rwsem_write_trylock+0x135/0x1c0
[  281.485400][ T9260]  ? ext4_es_lookup_extent+0x60a/0xa00
[  281.490852][ T9260]  ext4_map_blocks+0x98e/0x1b30
[  281.495701][ T9260]  ? ext4_issue_zeroout+0x250/0x250
[  281.500908][ T9260]  _ext4_get_block+0x1e7/0x540
[  281.505659][ T9260]  ? ext4_get_block+0x40/0x40
[  281.510343][ T9260]  ext4_block_write_begin+0x61b/0x1220
[  281.515907][ T9260]  ? _ext4_get_block+0x540/0x540
[  281.521184][ T9260]  ? ext4_print_free_blocks+0x390/0x390
[  281.526821][ T9260]  ? __ext4_journal_start_sb+0x1bd/0x360
[  281.532674][ T9260]  ? ext4_inode_journal_mode+0x18f/0x460
[  281.538480][ T9260]  ext4_write_begin+0x6c8/0x15d0
[  281.543425][ T9260]  ? ext4_readahead+0x110/0x110
[  281.548276][ T9260]  ext4_da_write_begin+0x43b/0xb40
[  281.553409][ T9260]  ? __mark_inode_dirty+0x757/0xc90
[  281.558651][ T9260]  ? __lock_acquire+0x7d10/0x7d10
[  281.563857][ T9260]  ? __rwlock_init+0x140/0x140
[  281.568632][ T9260]  ? ext4_set_page_dirty+0x320/0x320
[  281.574106][ T9260]  generic_perform_write+0x2b6/0x550
[  281.579398][ T9260]  ? grab_cache_page_write_begin+0xa0/0xa0
[  281.585290][ T9260]  ? ext4_write_checks+0x24b/0x2c0
[  281.590422][ T9260]  ext4_buffered_write_iter+0x25f/0x3b0
[  281.595971][ T9260]  ext4_file_write_iter+0x74d/0x1700
[  281.601250][ T9260]  ? rcu_read_lock_any_held+0xb0/0x130
[  281.606702][ T9260]  ? ext4_file_read_iter+0x700/0x700
[  281.611999][ T9260]  ? end_current_label_crit_section+0x14b/0x170
[  281.618233][ T9260]  ? memset+0x1e/0x40
[  281.622197][ T9260]  ? iov_iter_init+0xb4/0x170
[  281.626863][ T9260]  vfs_write+0x745/0xd60
[  281.631123][ T9260]  ? file_end_write+0x250/0x250
[  281.635957][ T9260]  ? __fget_files+0x40f/0x480
[  281.640724][ T9260]  ? __fdget+0x18b/0x210
[  281.644943][ T9260]  ? __x64_sys_pwrite64+0xf2/0x220
[  281.652382][ T9260]  __x64_sys_pwrite64+0x19a/0x220
[  281.657401][ T9260]  ? ksys_pwrite64+0x1c0/0x1c0
[  281.662164][ T9260]  ? lockdep_hardirqs_on+0x94/0x140
[  281.667547][ T9260]  do_syscall_64+0x4c/0xa0
[  281.672178][ T9260]  ? clear_bhb_loop+0x30/0x80
[  281.676961][ T9260]  ? clear_bhb_loop+0x30/0x80
[  281.681732][ T9260]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  281.687630][ T9260] RIP: 0033:0x7f91d9775dd9
[  281.692201][ T9260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  281.711914][ T9260] RSP: 002b:00007f91d79cf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  281.720327][ T9260] RAX: ffffffffffffffda RBX: 00007f91d99eefa0 RCX: 00007f91d9775dd9
[  281.728297][ T9260] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000004
[  281.736276][ T9260] RBP: 00007f91d980bd69 R08: 0000000000000000 R09: 0000000000000000
[  281.744330][ T9260] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000000
[  281.752379][ T9260] R13: 00007f91d99ef038 R14: 00007f91d99eefa0 R15: 00007ffcc1c2cd28
[  281.760529][ T9260]  </TASK>
[  281.903334][ T9274] loop5: detected capacity change from 0 to 512
[  282.366615][ T4231] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  282.907270][ T4231] usb 4-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  282.927723][ T4231] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.936228][ T4231] usb 4-1: Product: syz
[  282.951972][ T4231] usb 4-1: Manufacturer: syz
[  282.960910][ T4231] usb 4-1: SerialNumber: syz
[  283.325972][ T9274] EXT4-fs (loop5): mounted filesystem without journal. Opts: nodioread_nolock,noload,,errors=continue. Quota mode: writeback.
[  283.339418][ T9274] ext4 filesystem being mounted at /291/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.266523][ T4231] rtl8150 4-1:1.0: couldn't reset the device
[  285.272677][ T4231] rtl8150: probe of 4-1:1.0 failed with error -5
[  285.281547][ T4231] usb 4-1: USB disconnect, device number 18