last executing test programs:

5.206141335s ago: executing program 1:
r0 = socket$inet(0x2, 0x801, 0x0)
listen(r0, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x0)

5.074035294s ago: executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1f, 0x0, 0x0, 0xff, 0x0, 0x1, 0x4}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000079000000090000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5a}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000002000000008000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r4}, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000040), 0x12, 0x80801)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105500, &(0x7f0000000000)=@usbdevfs_connect={0xb00})

3.53730648s ago: executing program 0:
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000001c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@hyper, 0x1})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000380)={@hyper})
close(r0)

3.339315899s ago: executing program 2:
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0x8, 0x2}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000000), &(0x7f0000000180)='%-5lx  \x00'}, 0x20)

3.312178702s ago: executing program 0:
r0 = socket$inet(0x2, 0x801, 0x0)
listen(r0, 0x0)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
splice(r0, 0x0, r1, 0x0, 0x7ffff000, 0x0)

3.201026895s ago: executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000000)="3f000000010089", 0x7)

3.189986113s ago: executing program 2:
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x5, 0x10001, 0x9, 0x1}, 0x48)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000006c0)='cpu.stat\x00', 0x26e1, 0x0)
close(r0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a1202, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001400)
openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000001a00000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x7, &(0x7f0000000800)=ANY=[@ANYBLOB="180000c40f000000000000010000002962725e2f7767142f1d6b037067b4e1075cb858c3501df9353227a251c30bdf965686acfc9f082229fadadfcd03220e2d53596e22e1a56bf474fe1c5a4bc734cad4ebc98a8da17cab28572749c42ca33a36918d3cfe0895fb162dea5e668953fcb8e102717515ae697c5d91e889dc7305905c949e5ea7daca155d6f642bc0cf510c90c4", @ANYRES32, @ANYBLOB="c4c5b2aef20a000000c4ff0f000000000000c73cf1970a9efaf83be478ffffffff5700851f00008600000095000100bc890bf0dff9665b2485d30438df386dfe80e860fbe077791b9b07663eb4d5ea76"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x2c, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_IE={0x4}]}, 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000005c0)={&(0x7f0000000400)={0x3c, r2, 0x0, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xffff}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x35}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x1}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x4d4}]}, 0x3c}}, 0x8811)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000071111f00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
write$cgroup_subtree(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="80fd", @ANYRES32=r5], 0x9)

3.057623823s ago: executing program 1:
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r0)
getcwd(&(0x7f00000000c0)=""/84, 0x54)

3.045139562s ago: executing program 0:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000040), 0x0, 0x4)
ioctl$UFFDIO_UNREGISTER(r1, 0xc020aa08, &(0x7f0000000180)={&(0x7f000063c000/0x4000)=nil, 0x4000})

2.932451746s ago: executing program 1:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010102}], 0x10)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000140))

2.757879824s ago: executing program 2:
syz_mount_image$reiserfs(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x2808415, &(0x7f0000001300)={[{@usrquota}, {@jqfmt_vfsold}, {@balloc_notest4}, {@replayonly}, {@jdev={'jdev', 0x3d, './bus'}, 0x3d}], [], 0x2}, 0x1, 0x110e, &(0x7f0000000140)="$eJzs2b9qFFEUB+Df/Mkaq9UR7RwEGyuJCPYWFnkHO7FLZScI8TF8AB9H8gYS8gCCAWtH5s5MJMFFJGtg4fvgzp45d8+9d8tzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCpxse9OumWTPO9ZPv+5PAsSb/k73xZTcHtOfG1POtU46iXxbpnj/e759303bkiR0dv311s2Of0vETtVn/IcdJsmtzf5k4AAACwW4ZrW19dsp2vFG5ofwAAAOBvtn2fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCvhvXvuEuyN4UP71ZJ358cniXpN1bfH27giAAAAMA1Vanzev2nfPLiwcXr0JS7garkl/GjSuoc5PNYv7pU/vHS297/Oz8AAADshnb+XG2Y/1S657HfrpM8SZthGI6X2Udp8/RKf/3tZdK8f5WD3JoS5U/+nzk9//BmGVXp6AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+sQMHAgAAAACC/K0HuQAAAAAAAAAAAAAAAADgrQAAAP//o4zYQg==")

1.591148326s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000140), 0x0}, 0x20)

1.575213162s ago: executing program 2:
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010103}, 0x10, 0x0, 0x0, &(0x7f0000000a80)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000000300)=[{0x0}], 0x1}}, @rdma_args={0x10, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x90}, 0x0)

1.566969902s ago: executing program 1:
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x2010000, &(0x7f0000000140)={[{@rodir}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp865'}}, {@uni_xlate}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@utf8no}, {}, {@rodir}, {@numtail}, {@uni_xlateno}, {@fat=@check_strict}, {@shortname_winnt}]}, 0x25, 0x33b, &(0x7f0000000200)="$eJzs3T1sW1UUAODjvjROIxVnQKpgMmxIqGqCGGBKVBWpIgMUWfwtRDTlJzaVYmEpDHG9gBhBLEgwsXWAsTNiQIiNgZUioQJioVulVjxkv2f7+SfUkXDKz/cN1dG59/ie93xVv0TJzSvrsXPxeFy6efNGLC2VYmH97HrcKsVKHIskMlcCAPgvuZWm8XuaufvsD5f70eKc+wIA5qf3+f/ayWGifC+7AQCOwoxf/z8zNXt5bm0BAHM08fn/8Mjw2Lf5FwY/EwAA/Hs99+JLT29sRlyoVpciGu+1aq1aPDkc37gUb0Q9tuNMVOJORPagkD0tdP996vzmuTPVrp9XotataNUiGu1WLXtS2Eh69eVYjUqs5PXpoD7p1q/26qsRcaXdWz8apVbteCzn6/+wHNuxFpW4f6I+4vzmubVq/gK1Rr++HdGJpf5FdPs/HZX47tW4HPW4GN3aYf/7q9Xq2XRzpL51tdybBwAAAAAAAAAAAAAAAAAAAAAA83C6OrAyOP8mbbRb714Yn7Aycj5OLRvOzwfqZOcDpeX+6TzvJ+PnA42ez9OqLcSxe3rlAAAAAAAAAAAAAAAAAAAA8M/R3FuMrXp9e7e5985OMWgXMm998/lXJ2J8zpvJMBML2cuNzMlzUahKYlCeDsrTJGJvKSJG2ki6iX7m6rVBx8U55cFVjDafB+WJoVLe01a9fvKhnz6ZVvXHMJPExG0ZDUr5+oWhxn1Z6i+qDg7W7jLnepqmB5XvfzxZFaWIhYk37u8Ivr7x+gOPNU893st8mR/68Mijleevf/TZrztb9chvTb2+uNu8kx52ibSSb5uksH9K+X0uTdkJ04POMNPZbe5tJd//9sKDH3w7NjmZvn/SYubtg9f6YjyzmAXdNme55OMx6215+fZg9x7+jTv16frWtf0ff5m1qvCfhIM6AAAAAAAAAAAAAAAAAADgSBR+V/wQnnh2fh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNEb/v3/QtCZyMwS3G7H5FB5e7d54OInjvRSAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4H/szAAD//zhTdpo=")
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r1 = socket$kcm(0x29, 0x5, 0x0)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000), 0x10)
write(r4, &(0x7f0000000100)="1400000052004f7fb3e4bf80a000f00c00000000", 0x14)
recvmmsg(r4, &(0x7f0000003140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xc}, @l2cap_cid_le_signaling={{0x8}, @l2cap_disconn_rsp={{0x7, 0x0, 0x4}}}}, 0x11)
setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000680)=0x401, 0x4)
setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f0000000000)=0x100, 0x4)
ioctl$IOCTL_START_ACCEL_DEV(0xffffffffffffffff, 0x40096102, &(0x7f0000000140))
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x1)
socket(0x21, 0x6, 0x7fff)
preadv(r0, 0x0, 0x0, 0x0, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
openat$cgroup_ro(r0, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)

1.415983377s ago: executing program 2:
sched_setscheduler(0x0, 0x0, 0x0)
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x54f6, &(0x7f0000005800)="$eJzs3M1rI2UcB/Bf2u2+uxbx4G0HFqGFTdh0X9Bb1V18wS7Fl4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJlnKltfQGm2sdvPB6bfmSeT3/yeUFqeSUgAp9Zi9stPlbgSFyJiPiIuRxT7lXIrrKZ4LiKuRsTcI1ulHP9j4GxEXIyIK5PiqWalfOiz6+Nrt3984+evvz135tLnX303u1kDs/Z8RPS30v5uP2XeSfmgHG+Mu0X2b43LTA/0H5bHecrd9kZRYbdxcF6jyJuddH6+tTOc5Gav0Zxkp7tZjG8N0gWH485BneIJDxrbxXGrvVFkd5gX2dlPfe3tp79t+8NRqtMq631YlI/R6CDTeHuvneaz9bDI5mBUjqe6eau9N8lxmeXlopn3WkUfG0d5pf/f3uwOdvaycXt72M0H2e1a/YVa/U61vp232qP2rWqj37pzK1vq9CanVUftRn+1k+edXrvWzPvL2VKn2azW69nS3fZGtzHI6vXazdqN6u3lcu969ur9d7NeK1ua5Mvdwc6o2xtmm/l2lp6xnK3Ubr64nF2rZ2+vrWfrb927t7b+zvt337v/0trrr5Qn/aWtbGnlxspKtX6julJfPrnzn/yv/0/z/7hseorzhyOpzLoBgJPH+h+YhZO+/g/r/6mw/j/d84cjsf4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi1vl/44rViZzEdXyrHnyqHnimPKxExFxG//Y35OHuo5nxZZ+Efzl/4Uw/fVKKoMLnGuXK7GBGr5fbr04/7VQAAAIAn15cfXf00rdbTj8VZN8RxSjdt5i5/MKV6lYhYWPxhClWivNkUzx69q2Ty+30m9qZUrbiBdX5KxdIttzPTqvavzB+K849EJcXcsbYDAAAci8MrgeNdhQAAAHCcPpl1A8xG8U5r+Vn88gP851KUbwheOHQEAAAAnECVWTcAAAAAPHbF+t/3/wEAAMCTLX3/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDv7NxPTupQFAfg00Lf4/0xEuPcrTiDZbgEhw4NC3ATLAG34AZYA85cggFDW6I1mJj0to3k+5L2chvy45QwOfeSAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpediNX+8v3pom7PdtZPmbgAAAIBjNsVqXr6YVvN/9fWz+tJFPc8iIo+IY737KH41Mkd1TvHF+4tPNTxFlAn7z/hdH38j4ro+Xs+7/hYAAADgdK0Xy1nVrVen6dAF0adq0Sb/f5MoL4uIYvqSKC3fny4ThZW/73HcJUorF7AmicKqJbdxqrRvGTWGyYchq4a813IAAIBeNDuBfrsQAAAA+nQ7dAEMI4vDVuZhL7j85/37huCfxgwAAAD4gbKhCwAAAAA6V/b/nv8HAAAAp616/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd2hSr+XqxnLXN2e7aSXM3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb+zPOwqEQBiEwd71ncnc/7DSoKmpSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXP/vnFTcQDAn+3zlRYQR0A3BCGQGGCh12tp6coAihj4E5Ci9FoCV360GWhVIWVhQ5m7IBgRQgKFrf9D51bqUrYONxSJiQFkn528HpE4iGJfks9Hen5fW5bf9zlRlK+f7wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa5J3dOCs2vWmcVsfuPb61VvT3Z/rCna0Hy0Ur4qTJpA+Hl+OdpN9eIgAAABwfWV3fhxAe5tsrRZ/2yvo/r88pav7vnp3GdT0/W/fXfV37F+3XXx69uDNQbzpOcdHL6+PRmX+m0jm4WS625/71jE5558tnL1n5A0nf33xhkpf3M/nm7t13u2V4oolsAYD/43TdV0H9/1DRD9tMDIBjoxMV3nX9n/XazQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgCd3N8HQdJyGE5c5uXLj/+NZa2c/s39l6sFy3C7dvb8XXLC6RhxAur49HZ5qayCFw/cbNT1bH49G15oNXQgjtjV4FH85xTghtZijYb5BWv+uLks/hCFr+wwQAwJGTV62o6x/m2yvFsWQphL++f7L+fz2KQ1z/z/Rx/f/oowv34rHi+n/Y2AwX32Dj6ueD6zduvrl+dfXK6Mro07fODt8enrt4/vzFQfmsZOCJCQAAAPvTrVpc/6dLIUxm1v9PRXGYs/7/4tvhV/FYmfp/T7uLfm1nAgAAcLw9/+ofvyd7HE+63fDl6sbGteF0u7N/drptIdX/7ETV4vo/W2o7KwAAAKAJk83kifX/S1Ec5lz/f+aHl36Kr5mFEE5W6/+n1z4bX2puOi35c66zmvg48YFPFQAAgIV2smrx+n9evv+f7rzykIYQ3nhtGldfAzhX/Z+99/WP8Vjx+//nmpviQkr70/tR9v0QOv22MwIAAOAoe6pqRbH/W7698vHPpz7oev8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoGl/BwAA//+S5D5T")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140), &(0x7f0000000200)=ANY=[], 0x39, 0x0)

1.367325891s ago: executing program 0:
syz_mount_image$xfs(&(0x7f0000009800), &(0x7f0000009840)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0x980a, &(0x7f00000130c0)="$eJzs3QXYZHXBsPFnl6UbCwNZGotuDEJBBAEJKSWkJQWUMAARBEQBSUERUKREkO7u7u7u7vyuZXcV1xte/b73+nhf7/u+rueZmTNnznPm/ztznmf2zM4sv9DSCwwMTDQwvJGnf+/glz995OYvL7DD0dcf9tLChy565IjJYww/GTJ0xOkUI06nHBgYGDRiOYOGTxs85PgTBg+MNTAw+J3LHW/scQeNNzCwxoiL8404nXP4yfjXjJzvrVHiFR22GoN2Hv41/IcODAyMPezMMwMzLvfO5YxYr5n+6Y5KW37+hRf6u9Xf3IaN35AR59/5Ncbwr/EvGxgY/9IB3j4Gvb/36O2fP9GeF6yw4vu8Hv8rWn7+hRcZxX/YY3G0EdPmHPYYH/UxaGzU7XzonHeM3AcNwh3n/5KWn3+hxQbefT8/sPKbB2z61tv7zcHjDAwMHndgYPB4AwODxx8YGDzBwMDgCd9vl/p/633d+Kqqqup9af4FZl1g2PO9Uf4eGGvk37X0d+FKbyxxx8DAwOjD5xk8x8jnglVVVVVVVVX1P7P5F5h1QXj+P9F7Pf8/7tRXp+/5f1VVVVVVVdX/nhaZf4FZhz2PH+X5/6Tv9fx/mwdeXH/Ea//nHH6rN9/fO1FVVVVVVVVV79lSX3/7+f+4ozz/H/pez/8fnnenB0fMN/LfDd54xyIHveP1BK+9Y/po75j/1XdMH/KO6e+cf4yBgcFDRkx//e+TB48z7Lp/nn/wRMPWe8T0V94xfaa////mIVO/Y/rM75g+7TumzzJiXYdNn+4d02d/x/zT/ytjW1VVVVVVVVVVVVVVVVVV9f+rN5849cy/v+f7Jwfe8f7tf3sf9xGvCxh0zNlXX/2+rej/jAb98+shtnm/1+n/tWHOYx0xdGBgw2Xf71Wp96H3+/Ma6v0tf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vIX9y7H///2/v+THbrGyP8zP+fBu04+wTtvu+47zo/1/3Wt37f+U4//D6w7aGBghO9Ew1wXn3+pZaYfGBiYYPJdD55t4G/XzTXsunknGW3EGyQMfxuEaYbwgrcZ8ano24yYdcQyjnl7+Yu8ddBog0ZZiXc08YmHHLLO8i/NNurptO9+PwaPPPOhS7ZYcOR7WQweZaZ3205HLn/kfRnVecS6Tz9s3WfcbIONZ9x0y60+t+4Gq6295tprbjj3nHPONfucc8w9y4xrrbv+mjMN//5uYzb07e9T/StjNumoY/bE/O8cs1Hv27uN2dD3HrO3lzjmHqusN3LMRl21/2rMpnrvMRu67ogfNGTo6AOrvj02gwYGhkw9+sAWwy7MPObAwJBpRsw76bB5Pz/J4IGB3f5+R4edG/Nv2+CgbYbNs/xCSy/w94/d/+eP33+Xz7MfY/jJkBFDMmSKEadTDv8xEw38fVMcPOT4EwYPu+//MMzjjT3uoPEGBtYYcXG+Eadzj7j2ypHzvcvnrI+yom+/zcrOw7/+5jH2sDNHLTnhTe9czrsQ/Hf0f/X7/5+85hr0t4EaNOJrxDzDveZfeJG//6y3h2G+ke8JM+x3yzCT/4ePsf8v+6f1HTrW229y+27r+x7vizv8/sP2Ne1j5w3973pfXN53LPb296H/yr5j4L33HaP9/ezfp655xWSj7jsWffdV/IfHxcgxGnOUmd5t3zH9vvNv/fa+6b33HYutO+KDhv6+7xg8MDBkqpH7jmE7kmlHH9ht2IVZhl2YbvSBw4ZdmPXtC2MPnD3swgyrb7T+GoPeftueEcudadhy55tk0Nt3/uoZ5z9ytD3femvqEesy0yg71hHbx9B3/n6cf5LhwzbytrTcuzcbft20I5Y787+x3JG3peXOtcnw66YbsdxZRlnuaO+x3JG3Hfl4GDbr24+H6Qf9wws/4fG70CiP30Ejd+vvuMnIrzGGf41/2cjPhoLHy7+136HH70Tvsb7v8blWuL0Nm7bd4lec+t/1uVa0vmO99/q+2+dwv+v6rjf2Fkv8N6zvoHes7z9sZxvPM3xbmX7Edjb7v7H9jrztqPux0d++djjD9P/Kfmy+f9qPbTva4FFW/h29299Aa8D8w89P+relzX34aBOOHPvRR1nuf/U30PTvvR+baN1RbrfQgQODaMwffvyQdcb8L8Z89IF//Ft95JiPvO17jfl0/zzmg/5pzOd67zH/V//unH6q4deP9h5jPnjHTRcfOeZj/JtjPt2/O+bzDYxGY77bfsPH7b32p+825iNv+49jPmTgKwMDA1OPGPNp/5XtfKb/nu18HJh/+PkH/jbpksnO2OUd+5hB/86YT/vvjvnQv23nU7993ZSDB8YYY2CL1TbbbJOZh38feXGW4d95X/T0/cPH+b1+l76b0cjbvtfjYup/xWjof4/Rx4b88/wjn3SMvLzs2UdN/H+7L5r63zMatNAA74tOvmj4uL3X30XvNuYjb0u/B4e+4/ajPq97j/ejxPs0bNo+++51+8hFjrhZ70f5r/cPm+3If+Nbd9SdfP2n1r//u8vfXf7u8neXv7h3Of7/t/f/f3iipR8b8SR59N3nWXv193t93+f+o4//j/D9h+P/q689z+7DngqOuO49j88On+d/5PHZOYefjH/NyPlGPT7IK/rux2en22OGpQb+/xyf/b9q5GP1X3ge3/7fXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3lL+5djv+PfI3y0P3fuH+bEQdCR997r9XfeL/X933uP/r4/wjffzj+/8bqe+09eOBv173n8f/h8ziO/y+x/54nDPwPPv4/8rHa8f/6L8rfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/MW9y/H/+Ua+DmCOVdbaeeTrATac+Uvbv9/r+z73n3r8v8//99b+313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5S9uxPH/gVE+1nHJtgsMjv//7+5d/L+RP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/b+aPWfyXyx+z+C+fP2bxXyF/zOK/Yv6YxX+l/DGL/7fyxyz+384fs/ivnD9m8V8lf8ziv2r+mMV/tfwxi/938scs/qvnj1n818gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW/+/mj1n818sfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi//G+WMW/+/lj1n8N8kfs/hvmj9m8d8sf8zi//38MYv/D/LHLP6b549Z/LfIH7P4b5k/ZvHfKn/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4r91/pjFf5v8MYv/tvljFv+f5o9Z/LfLH7P4/yx/zOK/ff6YxX+H/DGL/8/zxyz+O+aPWfx3yh+z+O+cP2bx/0X+mMV/l/wxi/8v88cs/r/KH7P475o/ZvHfLX/M4r97/pjF/9f5Yxb/PfLHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjF/zf5Yxb//fLHLP77549Z/H+bP2bx/13+mMX/gPwxi//v88cs/gfmj1n8D8ofs/gfnD9m8f9D/pjF/4/5Yxb/Q/LHLP5/yh+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/P+ePWfyPyh+z+P8lf8zif3T+mMX/mPwxi/9f88cs/sfmj1n8j8sfs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/1Pyxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxif+ggfwxi/+g/DGL/+D8MYv/aPljFv8h+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOI/Tv6YxX/c/DGL/3j5Yxb/8fPHLP4T5I9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjF/wP5Yxb/D+aPWfw/lD9m8f9w/pjF/yP5Yxb/SfPHLP4fzR+z+H8sf8zi//H8MYv/J/LHLP6T5Y9Z/D+ZP2bxnzx/zOI/NH/M4j9F/pjFf8r8MYv/VPljFv+p88cs/tPkj1n8p80fs/hPlz9m8Z8+f8zi/6n8MYv/p/PHLP6fyR+z+H82f8zi/7n8MYv/DPljFv8Z88cs/jPlj1n8Z84fs/jPkj9m8Z81f8ziP1v+mMV/9vwxi/8c+WMW/znzxyz+c+WPWfznzh+z+M+TP2bxnzd/zOL/+fwxi/8X8scs/l/MH7P4fyl/zOI/X/6YxX/+/DGL/wL5Yxb/BfPHLP5fzh+z+H8lf8ziv1D+mMV/4fwxi/9X88cs/ovkj1n8v5Y/ZvFfNH/M4r9Y/pjF/+v5Yxb/xfPHLP5L5I9Z/JfMH7P4fyN/zOK/VP6YxX/p/DGL/zL5Yxb/ZfPHLP7fzB+z+C+XP2bxXz5/zOK/Qv6YxX/F/DGL/0r5Yxb/b+WPWfy/nT9m8V85f8ziv0r+mMV/1fwxi/9q+WMW/+/kj1n8V88fs/ivkT9m8V8zf8ziv1b+mMV/7fwxi/86+WMW/3Xzxyz+380fs/ivlz9m8V8/f8ziv0H+mMV/w/wxi/9G+WMW/43zxyz+38sfs/hvkj9m8d80f8ziv1n+mMX/+/ljFv8f5I9Z/DfPH7P4b5E/ZvHfMn/M4r9V/pjF/4f5Yxb/H+WPWfx/nD9m8f9J/pjFf+v8MYv/NvljFv9t88cs/j/NH7P4b5c/ZvH/Wf6YxX/7/DGL/w75Yxb/n+ePWfx3zB+z+O+UP2bx3zl/zOL/i/wxi/8u+WMW/1/mj1n8f5U/ZvHfNX/M4r9b/pjFf/f8MYv/r/PHLP575I9Z/PfMH7P475U/ZvHfO3/M4r9P/pjFf9/8MYv/b/LHLP775Y9Z/PfPH7P4/zZ/zOL/u/wxi/8B+WMW/9/nj1n8D8wfs/gflD9m8T84f8zi/4f8MYv/H/PHLP6H5I9Z/P+UP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5/zh+z+B+VP2bx/0v+mMX/6Pwxi/8x+WMW/7/mj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxi/9b+WMS/7fP5v/PWfwH5Y9Z/Afnj1n8R8sfs/gPyR+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4j58/ZvGfIH/M4j9h/pjFf6L8MYv/xPljFv9J8scs/h/IH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P4T5o/ZvH/aP6Yxf9j+WMW/4/nj1n8P5E/ZvGfLH/M4v/J/DGL/+T5Yxb/ofljFv8p8scs/lPmj1n8p8ofs/hPnT9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/0/lj1n8P50/ZvH/TP6Yxf+z+WMW/8/lj1n8Z8gfs/jPmD9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/9nyxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/z+ePWfy/kD9m8f9i/pjF/0v5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/cv6Yxf8r+WMW/4Xyxyz+C+ePWfy/mj9m8V8kf8zi/7X8MYv/ovljFv/F8scs/l/PH7P4L54/ZvFfIn/M4r9k/pjF/xv5Yxb/pfLHLP5L549Z/JfJH7P4L5s/ZvH/Zv6YxX+5/DGL//L5Yxb/FfLHLP4r5o9Z/FfKH7P4fyt/zOL/7fwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+H8nf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+K+bP2bx/27+mMV/vfwxi//6+WMW/w3yxyz+G+aPWfw3yh+z+G+cP2bx/17+mMV/k/wxi/+m+WMW/83yxyz+388fs/j/IH/M4r95/pjFf4v8MYv/lvljFv+t8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/lvnj1n8t8kfs/hvmz9m8f9p/pjFf7v8MYv/z/LHLP7b549Z/HfIH7P4/zx/zOK/Y/6YxX+n/DGL/875Yxb/X+SPWfx3yR+z+P8yf8zi/6v8MYv/rvljFv/d8scs/rvnj1n8f50/ZvHfI3/M4r9n/pjFf6/8MYv/3vljFv998scs/vvmj1n8f5M/ZvHfL3/M4r9//pjF/7f5Yxb/3+WPWfwPyB+z+P8+f8zif2D+mMX/oPwxi//B+WMW/z/kj1n8/5g/ZvE/JH/M4v+n/DGL/6H5Yxb/w/LHLP6H549Z/I/IH7P4H5k/ZvH/c/6Yxf+o/DGL/1/yxyz+R+ePWfyPyR+z+P81f8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+T+I82kD9m8R+UP2bxH5w/ZvEfLX/M4j8kf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfzHyR+z+I+bP2bxHy9/zOI/fv6YxX+C/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4fyB/zOL/wfwxi/+H8scs/h/OH7P4fyR/zOI/af6Yxf+j+WMW/4/lj1n8P54/ZvH/RP6YxX+y/DGL/yfzxyz+k+ePWfyH5o9Z/KfIH7P4T5k/ZvGfKn/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8P5U/ZvH/dP6Yxf8z+WMW/8/mj1n8P5c/ZvGfIX/M4j9j/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8Z8sfs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfw/nz9m8f9C/pjF/4v5Yxb/L+WPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/L+WMW/6/kj1n8F8ofs/gvnD9m8f9q/pjFf5H8MYv/1/LHLP6L5o9Z/BfLH7P4fz1/zOK/eP6YxX+J/DGL/5L5Yxb/b+SPWfyXyh+z+C+dP2bxXyZ/zOK/bP6Yxf+b+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxXyl/zOL/rfwxi/+388cs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/538MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMX/u/ljFv/18scs/uvnj1n8N8gfs/hvmD9m8d8of8ziv3H+mMX/e/ljFv9N8scs/pvmj1n8N8sfs/h/P3/M4v+D/DGL/+b5Yxb/LfLHLP5b5o9Z/LfKH7P4/zB/zOL/o/wxi/+P88cs/j/JH7P4b50/ZvHfJn/M4r9t/pjF/6f5Yxb/7fLHLP4/yx+z+G+fP2bx3yF/zOL/8/wxi/+O+WMW/53yxyz+O+ePWfx/kT9m8d8lf8zi/8v8MYv/r/LHLP675o9Z/HfLH7P4754/ZvH/df6YxX+P/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvH/Tf6YxX+//DGL//75Yxb/3+aPWfx/lz9m8T8gf8zi//v8MYv/gfljFv+D8scs/gfnj1n8/5A/ZvH/Y/6Yxf+Q/DGL/5/yxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf/P+WMW/6Pyxyz+f8kfs/gfnT9m8T8mf8zi/9f8MYv/sfljFv/j8scs/sfnj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+J+ZP2bxPyt/zOJ/dv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4X5g/ZvG/KH/M4n9x/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf0ziP2Qgf8ziPyh/zOI/OH/M4j9a/pjFf0j+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6YxX/8/DGL/wT5Yxb/CfPHLP4T5Y9Z/CfOH7P4T5I/ZvH/QP6Yxf+D+WMW/w/lj1n8P5w/ZvH/SP6YxX/S/DGL/0fzxyz+H8sfs/h/PH/M4v+J/DGL/2T5Yxb/T+aPWfwnzx+z+A/NH7P4T5E/ZvGfMn/M4j9V/pjFf+r8MYv/NPljFv9p88cs/tPlj1n8p88fs/h/Kn/M4v/p/DGL/2fyxyz+n80fs/h/Ln/M4j9D/pjFf8b8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/jPlj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+H8+f8zi/4X8MYv/F/PHLP5fyh+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/5fzxyz+X8kfs/gvlD9m8V84f8zi/9X8MYv/IvljFv+v5Y9Z/BfNH7P4L5Y/ZvH/ev6YxX/x/DGL/xL5Yxb/JfPHLP7fyB+z+C+VP2bxXzp/zOK/TP6YxX/Z/DGL/zfzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOK/Uv6Yxf9b+WMW/2/nj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/O/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMV/3fwxi/9388cs/uvlj1n8188fs/hvkD9m8d8wf8ziv1H+mMV/4/wxi//38scs/pvkj1n8N80fs/hvlj9m8f9+/pjF/wf5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvHfOn/M4r9N/pjFf9v8MYv/T/PHLP7b5Y9Z/H+WP2bx3z5/zOK/Q/6Yxf/n+WMW/x3zxyz+O+WPWfx3zh+z+P8if8ziv0v+mMX/l/ljFv9f5Y9Z/HfNH7P475Y/ZvHfPX/M4v/r/DGL/x75Yxb/PfPHLP575Y9Z/PfOH7P475M/ZvHfN3/M4v+b/DGL/375Yxb//fPHLP6/zR+z+P8uf8zif0D+mMX/9/ljFv8D88cs/gflj1n8D84fs/j/IX/M4v/H/DGL/yH5Yxb/P+WPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/5/zxyz+R+WPWfz/kj9m8T86f8zif0z+mMX/r/ljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljFv9X88cs/q/lj1n8X88fs/i/kT9m8X8zf8zi/1b+mMR/9IH8MYv/oPwxi//g/DGL/2j5Yxb/IfljFv/R88cs/mPkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6Yxf8D+WMW/w/mj1n8P5Q/ZvH/cP6Yxf8j+WMW/0nzxyz+H80fs/h/LH/M4v/x/DGL/yfyxyz+k+WPWfw/mT9m8Z88f8ziPzR/zOI/Rf6YxX/K/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4v+p/DGL/6fzxyz+n8kfs/h/Nn/M4v+5/DGL/wz5Yxb/GfPHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP1/+mMV//vwxi/8C+WMW/wXzxyz+X84fs/h/JX/M4r9Q/pjFf+H8MYv/V/PHLP6L5I9Z/L+WP2bxXzR/zOK/WP6Yxf/r+WMW/8Xzxyz+S+SPWfyXzB+z+H8jf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+38wfs/gvlz9m8V8+f8ziv0L+mMV/xfwxi/9K+WMW/2/lj1n8v50/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/v5I9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/t/NH7P4r5c/ZvFfP3/M4r9B/pjFf8P8MYv/RvljFv+N88cs/t/LH7P4b5I/ZvHfNH/M4r9Z/pjF//v5Yxb/H+SPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6Yxf+H+WMW/x/lj1n8f5w/ZvH/Sf6YxX/r/DGL/zb5Yxb/bfPHLP4/zR+z+G+XP2bx/1n+mMV/+/wxi/8O+WMW/5/nj1n8d8wfs/jvlD9m8d85f8zi/4v8MYv/LvljFv9f5o9Z/H+VP2bx3zV/zOK/W/6YxX/3/DGL/6/zxyz+e+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/2/yxyz+++WPWfz3zx+z+P82f8zi/7v8MYv/AfljFv/f549Z/A/MH7P4H5Q/ZvE/OH/M4v+H/DGL/x/zxyz+h+SPWfz/lD9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+f84fs/gflT9m8f9L/pjF/+j8MYv/MfljFv+/5o9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjF/8H8MYv/Q/ljFv+H88cs/o/kj1n8H80fs/g/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/ZvF/PX/M4v9G/pjF/838MYv/W/ljEv8xBvLHLP6D8scs/oPzxyz+o+WPWfyH5I9Z/EfPH7P4j5E/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8x88fs/hPkD9m8Z8wf8ziP1H+mMV/4vwxi/8k+WMW/w/kj1n8P5g/ZvH/UP6Yxf/D+WMW/4/kj1n8J80fs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/hPlj9m8f9k/pjFf/L8MYv/0Pwxi/8U+WMW/ynzxyz+U+WPWfynzh+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/6fyxyz+n84fs/h/Jn/M4v/Z/DGL/+fyxyz+M+SPWfxnzB+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/2z5Yxb/2fPHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/5/PHLP5fyB+z+H8xf8zi/6X8MYv/fPljFv/588cs/gvkj1n8F8wfs/h/OX/M4v+V/DGL/0L5Yxb/hfPHLP5fzR+z+C+SP2bx/1r+mMV/0fwxi/9i+WMW/6/nj1n8F88fs/gvkT9m8V8yf8zi/438MYv/UvljFv+l88cs/svkj1n8l80fs/h/M3/M4r9c/pjFf/n8MYv/CvljFv8V88cs/ivlj1n8v5U/ZvH/dv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/L+TP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/NfNH7P4fzd/zOK/Xv6YxX/9/DGL/wb5Yxb/DfPHLP4b5Y9Z/DfOH7P4fy9/zOK/Sf6YxX/T/DGL/2b5Yxb/7+ePWfx/kD9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/63zxyz+2+SPWfy3zR+z+P80f8ziv13+mMX/Z/ljFv/t88cs/jvkj1n8f54/ZvHfMX/M4r9T/pjFf+f8MYv/L/LHLP675I9Z/H+ZP2bx/1X+mMV/1/wxi/9u+WMW/93zxyz+v84fs/jvkT9m8d8zf8ziv1f+mMV/7/wxi/8++WMW/33zxyz+v8kfs/jvlz9m8d8/f8zi/9v8MYv/7/LHLP4H5I9Z/H+fP2bxPzB/zOJ/UP6Yxf/g/DGL/x/yxyz+f8wfs/gfkj9m8f9T/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/j/OX/M4n9U/pjF/y/5Yxb/o/PHLP7H5I9Z/P+aP2bxPzZ/zOJ/XP6Yxf/4/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4n5I/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv8z88cs/mflj1n8z84fs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/wvzxyz+F+WPWfwvzh+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9J/MccyB+z+A/KH7P4D84fs/iPlj9m8R+SP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvGfNH/M4v/R/DGL/8fyxyz+H88fs/h/In/M4j9Z/pjF/5P5Yxb/yfPHLP5D88cs/lPkj1n8p8wfs/hPlT9m8Z86f8ziP03+mMV/2vwxi/90+WMW/+nzxyz+n8ofs/h/On/M4v+Z/DGL/2fzxyz+n8sfs/jPkD9m8Z8xf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP6fzx+z+H8hf8zi/8X8MYv/l/LHLP7z5Y9Z/OfPH7P4L5A/ZvFfMH/M4v/l/DGL/1fyxyz+C+WPWfwXzh+z+H81f8ziv0j+mMX/a/ljFv9F88cs/ovlj1n8v54/ZvFfPH/M4r9E/pjFf8n8MYv/N/LHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v/N/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4r5Q/ZvH/Vv6Yxf/b+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bx/07+mMV/9fwxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/3fwxi/96+WMW//Xzxyz+G+SPWfw3zB+z+G+UP2bx3zh/zOL/vfwxi/8m+WMW/03zxyz+m+WPWfy/nz9m8f9B/pjFf/P8MYv/FvljFv8t88cs/lvlj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8t84fs/hvkz9m8d82f8zi/9P8MYv/dvljFv+f5Y9Z/LfPH7P475A/ZvH/ef6YxX/H/DGL/075Yxb/nfPHLP6/yB+z+O+SP2bx/2X+mMX/V/ljFv9d88cs/rvlj1n8d88fs/j/On/M4r9H/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/j/Jn/M4r9f/pjFf//8MYv/b/PHLP6/yx+z+B+QP2bx/33+mMX/wPwxi/9B+WMW/4Pzxyz+f8gfs/j/MX/M4n9I/pjF/0/5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4v/n/DGL/1H5Yxb/v+SPWfyPzh+z+B+TP2bx/2v+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VPybxH2sgf8ziPyh/zOI/OH/M4j9a/pjFf0j+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6YxX/8/DGL/wT5Yxb/CfPHLP4T5Y9Z/CfOH7P4T5I/ZvH/QP6Yxf+D+WMW/w/lj1n8P5w/ZvH/SP6YxX/S/DGL/0fzxyz+H8sfs/h/PH/M4v+J/DGL/2T5Yxb/T+aPWfwnzx+z+A/NH7P4T5E/ZvGfMn/M4j9V/pjFf+r8MYv/NPljFv9p88cs/tPlj1n8p88fs/h/Kn/M4v/p/DGL/2fyxyz+n80fs/h/Ln/M4j9D/pjFf8b8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/jPlj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+H8+f8zi/4X8MYv/F/PHLP5fyh+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/5fzxyz+X8kfs/gvlD9m8V84f8zi/9X8MYv/IvljFv+v5Y9Z/BfNH7P4L5Y/ZvH/ev6YxX/x/DGL/xL5Yxb/JfPHLP7fyB+z+C+VP2bxXzp/zOK/TP6YxX/Z/DGL/zfzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOK/Uv6Yxf9b+WMW/2/nj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/O/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMV/3fwxi/9388cs/uvlj1n8188fs/hvkD9m8d8wf8ziv1H+mMV/4/wxi//38scs/pvkj1n8N80fs/hvlj9m8f9+/pjF/wf5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvHfOn/M4r9N/pjFf9v8MYv/T/PHLP7b5Y9Z/H+WP2bx3z5/zOK/Q/6Yxf/n+WMW/x3zxyz+O+WPWfx3zh+z+P8if8ziv0v+mMX/l/ljFv9f5Y9Z/HfNH7P475Y/ZvHfPX/M4v/r/DGL/x75Yxb/PfPHLP575Y9Z/PfOH7P475M/ZvHfN3/M4v+b/DGL/375Yxb//fPHLP6/zR+z+P8uf8zif0D+mMX/9/ljFv8D88cs/gflj1n8D84fs/j/IX/M4v/H/DGL/yH5Yxb/P+WPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/5/zxyz+R+WPWfz/kj9m8T86f8zif0z+mMX/r/ljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljFv9X88cs/q/lj1n8X88fs/i/kT9m8X8zf8zi/1b+mMR/7IH8MYv/oPwxi//g/DGL/2j5Yxb/IfljFv/R88cs/mPkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6Yxf8D+WMW/w/mj1n8P5Q/ZvH/cP6Yxf8j+WMW/0nzxyz+H80fs/h/LH/M4v/x/DGL/yfyxyz+k+WPWfw/mT9m8Z88f8ziPzR/zOI/Rf6YxX/K/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4v+p/DGL/6fzxyz+n8kfs/h/Nn/M4v+5/DGL/wz5Yxb/GfPHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP1/+mMV//vwxi/8C+WMW/wXzxyz+X84fs/h/JX/M4r9Q/pjFf+H8MYv/V/PHLP6L5I9Z/L+WP2bxXzR/zOK/WP6Yxf/r+WMW/8Xzxyz+S+SPWfyXzB+z+H8jf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+38wfs/gvlz9m8V8+f8ziv0L+mMV/xfwxi/9K+WMW/2/lj1n8v50/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/v5I9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/t/NH7P4r5c/ZvFfP3/M4r9B/pjFf8P8MYv/RvljFv+N88cs/t/LH7P4b5I/ZvHfNH/M4r9Z/pjF//v5Yxb/H+SPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6Yxf+H+WMW/x/lj1n8f5w/ZvH/Sf6YxX/r/DGL/zb5Yxb/bfPHLP4/zR+z+G+XP2bx/1n+mMV/+/wxi/8O+WMW/5/nj1n8d8wfs/jvlD9m8d85f8zi/4v8MYv/LvljFv9f5o9Z/H+VP2bx3zV/zOK/W/6YxX/3/DGL/6/zxyz+e+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/2/yxyz+++WPWfz3zx+z+P82f8zi/7v8MYv/AfljFv/f549Z/A/MH7P4H5Q/ZvE/OH/M4v+H/DGL/x/zxyz+h+SPWfz/lD9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+f84fs/gflT9m8f9L/pjF/+j8MYv/MfljFv+/5o9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/8r8MYv/VfljFv+r88cs/tfkj1n8r80fs/hflz9m8b8+f8zif0P+mMX/xvwxi/9N+WMW/5vzxyz+t+SPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/O/DGL/135Yxb/u/PHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjF/8H8MYv/Q/ljFv+H88cs/o/kj1n8H80fs/g/lj9m8X88f8zi/0T+mMX/yfwxi/9T+WMW/6fzxyz+z+SPWfyfzR+z+D+XP2bxfz5/zOL/Qv6Yxf/F/DGL/0v5Yxb/l/PHLP6v5I9Z/F/NH7P4v5Y/ZvF/PX/M4v9G/pjF/838MYv/W/ljEv9xBvLHLP6D8scs/oPzxyz+o+WPWfyH5I9Z/EfPH7P4j5E/ZvEfM3/M4j9W/pjFf+z8MYv/OPljFv9x88cs/uPlj1n8x88fs/hPkD9m8Z8wf8ziP1H+mMV/4vwxi/8k+WMW/w/kj1n8P5g/ZvH/UP6Yxf/D+WMW/4/kj1n8J80fs/h/NH/M4v+x/DGL/8fzxyz+n8gfs/hPlj9m8f9k/pjFf/L8MYv/0Pwxi/8U+WMW/ynzxyz+U+WPWfynzh+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/6fyxyz+n84fs/h/Jn/M4v/Z/DGL/+fyxyz+M+SPWfxnzB+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/2z5Yxb/2fPHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/5/PHLP5fyB+z+H8xf8zi/6X8MYv/fPljFv/588cs/gvkj1n8F8wfs/h/OX/M4v+V/DGL/0L5Yxb/hfPHLP5fzR+z+C+SP2bx/1r+mMV/0fwxi/9i+WMW/6/nj1n8F88fs/gvkT9m8V8yf8zi/438MYv/UvljFv+l88cs/svkj1n8l80fs/h/M3/M4r9c/pjFf/n8MYv/CvljFv8V88cs/ivlj1n8v5U/ZvH/dv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/L+TP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/NfNH7P4fzd/zOK/Xv6YxX/9/DGL/wb5Yxb/DfPHLP4b5Y9Z/DfOH7P4fy9/zOK/Sf6YxX/T/DGL/2b5Yxb/7+ePWfx/kD9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/63zxyz+2+SPWfy3zR+z+P80f8ziv13+mMX/Z/ljFv/t88cs/jvkj1n8f54/ZvHfMX/M4r9T/pjFf+f8MYv/L/LHLP675I9Z/H+ZP2bx/1X+mMV/1/wxi/9u+WMW/93zxyz+v84fs/jvkT9m8d8zf8ziv1f+mMV/7/wxi/8++WMW/33zxyz+v8kfs/jvlz9m8d8/f8zi/9v8MYv/7/LHLP4H5I9Z/H+fP2bxPzB/zOJ/UP6Yxf/g/DGL/x/yxyz+f8wfs/gfkj9m8f9T/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/j/OX/M4n9U/pjF/y/5Yxb/o/PHLP7H5I9Z/P+aP2bxPzZ/zOJ/XP6Yxf/4/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4n5I/ZvE/NX/M4n9a/pjF//T8MYv/GfljFv8z88cs/mflj1n8z84fs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/wvzxyz+F+WPWfwvzh+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9J/McdyB+z+A/KH7P4D84fs/iPlj9m8R+SP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8P5A/ZvH/YP6Yxf9D+WMW/w/nj1n8P5I/ZvGfNH/M4v/R/DGL/8fyxyz+H88fs/h/In/M4j9Z/pjF/5P5Yxb/yfPHLP5D88cs/lPkj1n8p8wfs/hPlT9m8Z86f8ziP03+mMV/2vwxi/90+WMW/+nzxyz+n8ofs/h/On/M4v+Z/DGL/2fzxyz+n8sfs/jPkD9m8Z8xf8ziP1P+mMV/5vwxi/8s+WMW/1nzxyz+s+WPWfxnzx+z+M+RP2bxnzN/zOI/V/6YxX/u/DGL/zz5Yxb/efPHLP6fzx+z+H8hf8zi/8X8MYv/l/LHLP7z5Y9Z/OfPH7P4L5A/ZvFfMH/M4v/l/DGL/1fyxyz+C+WPWfwXzh+z+H81f8ziv0j+mMX/a/ljFv9F88cs/ovlj1n8v54/ZvFfPH/M4r9E/pjFf8n8MYv/N/LHLP5L5Y9Z/JfOH7P4L5M/ZvFfNn/M4v/N/DGL/3L5Yxb/5fPHLP4r5I9Z/FfMH7P4r5Q/ZvH/Vv6Yxf/b+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bx/07+mMV/9fwxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/3fwxi/96+WMW//Xzxyz+G+SPWfw3zB+z+G+UP2bx3zh/zOL/vfwxi/8m+WMW/03zxyz+m+WPWfy/nz9m8f9B/pjFf/P8MYv/FvljFv8t88cs/lvlj1n8f5g/ZvH/Uf6Yxf/H+WMW/5/kj1n8t84fs/hvkz9m8d82f8zi/9P8MYv/dvljFv+f5Y9Z/LfPH7P475A/ZvH/ef6YxX/H/DGL/075Yxb/nfPHLP6/yB+z+O+SP2bx/2X+mMX/V/ljFv9d88cs/rvlj1n8d88fs/j/On/M4r9H/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/j/Jn/M4r9f/pjFf//8MYv/b/PHLP6/yx+z+B+QP2bx/33+mMX/wPwxi/9B+WMW/4Pzxyz+f8gfs/j/MX/M4n9I/pjF/0/5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4v/n/DGL/1H5Yxb/v+SPWfyPzh+z+B+TP2bx/2v+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VPybxH28gf8ziPyh/zOI/OH/M4j9a/pjFf0j+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6YxX/8/DGL/wT5Yxb/CfPHLP4T5Y9Z/CfOH7P4T5I/ZvH/QP6Yxf+D+WMW/w/lj1n8P5w/ZvH/SP6YxX/S/DGL/0fzxyz+H8sfs/h/PH/M4v+J/DGL/2T5Yxb/T+aPWfwnzx+z+A/NH7P4T5E/ZvGfMn/M4j9V/pjFf+r8MYv/NPljFv9p88cs/tPlj1n8p88fs/h/Kn/M4v/p/DGL/2fyxyz+n80fs/h/Ln/M4j9D/pjFf8b8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/jPlj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+H8+f8zi/4X8MYv/F/PHLP5fyh+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/5fzxyz+X8kfs/gvlD9m8V84f8zi/9X8MYv/IvljFv+v5Y9Z/BfNH7P4L5Y/ZvH/ev6YxX/x/DGL/xL5Yxb/JfPHLP7fyB+z+C+VP2bxXzp/zOK/TP6YxX/Z/DGL/zfzxyz+y+WPWfyXzx+z+K+QP2bxXzF/zOK/Uv6Yxf9b+WMW/2/nj1n8V84fs/ivkj9m8V81f8ziv1r+mMX/O/ljFv/V88cs/mvkj1n818wfs/ivlT9m8V87f8ziv07+mMV/3fwxi/9388cs/uvlj1n8188fs/hvkD9m8d8wf8ziv1H+mMV/4/wxi//38scs/pvkj1n8N80fs/hvlj9m8f9+/pjF/wf5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvHfOn/M4r9N/pjFf9v8MYv/T/PHLP7b5Y9Z/H+WP2bx3z5/zOK/Q/6Yxf/n+WMW/x3zxyz+O+WPWfx3zh+z+P8if8ziv0v+mMX/l/ljFv9f5Y9Z/HfNH7P475Y/ZvHfPX/M4v/r/DGL/x75Yxb/PfPHLP575Y9Z/PfOH7P475M/ZvHfN3/M4v+b/DGL/375Yxb//fPHLP6/zR+z+P8uf8zif0D+mMX/9/ljFv8D88cs/gflj1n8D84fs/j/IX/M4v/H/DGL/yH5Yxb/P+WPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/5/zxyz+R+WPWfz/kj9m8T86f8zif0z+mMX/r/ljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vwxi/81+WMW/2vzxyz+1+WPWfyvzx+z+N+QP2bxvzF/zOJ/U/6Yxf/m/DGL/y35Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvG/M3/M4n9X/pjF/+78MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8X8wf8zi/1D+mMX/4fwxi/8j+WMW/0fzxyz+j+WPWfwfzx+z+D+RP2bxfzJ/zOL/VP6Yxf/p/DGL/zP5Yxb/Z/PHLP7P5Y9Z/J/PH7P4v5A/ZvF/MX/M4v9S/pjF/+X8MYv/K/ljFv9X88cs/q/lj1n8X88fs/i/kT9m8X8zf8zi/1b+mMR//IH8MYv/oPwxi//g/DGL/2j5Yxb/IfljFv/R88cs/mPkj1n8x8wfs/iPlT9m8R87f8ziP07+mMV/3Pwxi/94+WMW//Hzxyz+E+SPWfwnzB+z+E+UP2bxnzh/zOI/Sf6Yxf8D+WMW/w/mj1n8P5Q/ZvH/cP6Yxf8j+WMW/0nzxyz+H80fs/h/LH/M4v/x/DGL/yfyxyz+k+WPWfw/mT9m8Z88f8ziPzR/zOI/Rf6YxX/K/DGL/1T5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4v+p/DGL/6fzxyz+n8kfs/h/Nn/M4v+5/DGL/wz5Yxb/GfPHLP4z5Y9Z/GfOH7P4z5I/ZvGfNX/M4j9b/pjFf/b8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz9m8Z83f8zi//n8MYv/F/LHLP5fzB+z+H8pf8ziP1/+mMV//vwxi/8C+WMW/wXzxyz+X84fs/h/JX/M4r9Q/pjFf+H8MYv/V/PHLP6L5I9Z/L+WP2bxXzR/zOK/WP6Yxf/r+WMW/8Xzxyz+S+SPWfyXzB+z+H8jf8ziv1T+mMV/6fwxi/8y+WMW/2Xzxyz+38wfs/gvlz9m8V8+f8ziv0L+mMV/xfwxi/9K+WMW/2/lj1n8v50/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/v5I9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/t/NH7P4r5c/ZvFfP3/M4r9B/pjFf8P8MYv/RvljFv+N88cs/t/LH7P4b5I/ZvHfNH/M4r9Z/pjF//v5Yxb/H+SPWfw3zx+z+G+RP2bx3zJ/zOK/Vf6Yxf+H+WMW/x/lj1n8f5w/ZvH/Sf6YxX/r/DGL/zb5Yxb/bfPHLP4/zR+z+G+XP2bx/1n+mMV/+/wxi/8O+WMW/5/nj1n8d8wfs/jvlD9m8d85f8zi/4v8MYv/LvljFv9f5o9Z/H+VP2bx3zV/zOK/W/6YxX/3/DGL/6/zxyz+e+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/2/yxyz+++WPWfz3zx+z+P82f8zi/7v8MYv/AfljFv/f549Z/A/MH/tP9B80MLDNwCj+B+WP/Sf60+P/4Pwxi/8f8scs/n/MH7P4H5I/ZvH/U/6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4/zl/zOJ/VP6Yxf8v+WMW/6Pzxyz+x+SPWfz/mj9m8T82f8zif1z+mMX/+Pwxi/8J+WMW/xPzxyz+J+WPWfxPzh+z+J+SP2bxPzV/zOJ/Wv6Yxf/0/DGL/xn5Yxb/M/PHLP5n5Y9Z/M/OH7P4n5M/ZvE/N3/M4n9e/pjF//z8MYv/BfljFv8L88cs/hflj1n8L84fs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfyvzh+z+F+TP2bxvzZ/zOJ/Xf6Yxf/6/DGL/w35Yxb/G/PHLP435Y9Z/G/OH7P435I/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8788cs/nflj1n8784fs/jfkz9m8b83f8zif1/+mMX//vwxi/8D+WMW/wfzxyz+D+WPWfwfzh+z+D+SP2bxfzR/zOL/WP6Yxf/x/DGL/xP5Yxb/J/PHLP5P5Y9Z/J/OH7P4P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMX/9fwxi/8b+WMW/zfzxyz+b+WPSfwnGMgfs/gPyh+z+A/OH7P4j5Y/ZvEfkj9m8R89f8ziP0b+mMV/zPwxi/9Y+WMW/7Hzxyz+4+SPWfzHzR+z+I+XP2bxHz9/zOI/Qf6YxX/C/DGL/0T5Yxb/ifPHLP6T5I9Z/D+QP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bxnzR/zOL/0fwxi//H8scs/h/PH7P4fyJ/zOI/Wf6Yxf+T+WMW/8nzxyz+Q/PHLP5T5I9Z/KfMH7P4T5U/ZvGfOn/M4j9N/pjFf9r8MYv/dPljFv/p88cs/p/KH7P4fzp/zOL/mfwxi/9n88cs/p/LH7P4z5A/ZvGfMX/M4j9T/pjFf+b8MYv/LPljFv9Z88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+n88fs/h/IX/M4v/F/DGL/5fyxyz+8+WPWfznzx+z+C+QP2bxXzB/zOL/5fwxi/9X8scs/gvlj1n8F84fs/h/NX/M4r9I/pjF/2v5Yxb/RfPHLP6L5Y9Z/L+eP2bxXzx/zOK/RP6YxX/J/DGL/zfyxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOL/zfwxi/9y+WMW/+Xzxyz+K+SPWfxXzB+z+K+UP2bx/1b+mMX/2/ljFv+V88cs/qvkj1n8V80fs/ivlj9m8f9O/pjFf/X8MYv/GvljFv8188cs/mvlj1n8184fs/ivkz9m8V83f8zi/938MYv/evljFv/188cs/hvkj1n8N8wfs/hvlD9m8d84f8zi/738MYv/JvljFv9N88cs/pvlj1n8v58/ZvH/Qf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/H+YP2bx/1H+mMX/x/ljFv+f5I9Z/LfOH7P4b5M/ZvHfNn/M4v/T/DGL/3b5Yxb/n+WPWfy3zx+z+O+QP2bx/3n+mMV/x/wxi/9O+WMW/53zxyz+v8gfs/jvkj9m8f9l/pjF/1f5Yxb/XfPHLP675Y9Z/HfPH7P4/zp/zOK/R/6YxX/P/DGL/175Yxb/vfPHLP775I9Z/PfNH7P4/yZ/zOK/X/6YxX///DGL/2/zxyz+v8sfs/gfkD9m8f99/pjF/8D8MYv/QfljFv+D88cs/n/IH7P4/zF/zOJ/SP6Yxf9P+WMW/0Pzxyz+h+WPjeJ/7H+q/+H5Y5bH/xH5Yxb/I/PHLP5/zh+z+B+VP2bx/0v+mMX/6Pwxi/8x+WMW/7/mj1n8j80fs/gflz9m8T8+f8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf/M/DGL/1n5Yxb/s/PHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF/8L8MYv/RfljFv+L88cs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/6vzxyz+1+SPWfyvzR+z+F+XP2bxvz5/zOJ/Q/6Yxf/G/DGL/035Yxb/m/PHLP635I9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/878MYv/XfljFv+788cs/vfkj1n8780fs/jflz9m8b8/f8zi/0D+mMX/wfwxi/9D+WMW/4fzxyz+j+SPWfwfzR+z+D+WP2bxfzx/zOL/RP6Yxf/J/DGL/1P5Yxb/p/PHLP7P5I9Z/J/NH7P4P5c/ZvF/Pn/M4v9C/pjF/8X8MYv/S/ljFv+X88cs/q/kj1n8X80fs/i/lj9m8X89f8zi/0b+mMX/zfwxi/9b+WMS/wkH8scs/oPyxyz+g/PHLP6j5Y9Z/Ifkj1n8R88fs/iPkT9m8R8zf8ziP1b+mMV/7Pwxi/84+WMW/3Hzxyz+4+WPWfzHzx+z+E+QP2bxnzB/zOL/f9i5+3Cv6/qO41/gg5KZN3O10DACUTQVBBXJvEFLPQJHu7GUBCXFmwnKlAJdKdmNtZWzWMXaSvImdaQWzpprOMo5p4tmRbXNxtjMsVa4LCdulew6cA5xTu/O5fny3dcr34/HH5zz+53ev5TndfXid7hOu+kfytJ/d/1DWfr/hv6hLP330D+Upf9v6h/K0v/F+oey9H+J/qEs/X9L/1CW/i/VP5Sl/3D9Q1n676l/KEv/vfQPZen/Mv1DWfqP0D+Upf/e+oey9H+5/qEs/UfqH8rS/xX6h7L0H6V/KEv/0fqHsvTfR/9Qlv5j9A9l6b+v/qEs/ffTP5Sl/1j9Q1n6769/KEv/A/QPZen/Sv1DWfofqH8oS/+D9A9l6X+w/qEs/cfpH8rSf7z+oSz9D9E/lKX/BP1DWfpP1D+Upf+h+oey9D9M/1CW/ofrH8rSf5L+oSz9j9A/lKX/ZP1DWfq/Sv9Qlv5H6h/K0v/V+oey9D9K/1CW/kfrH8rS/xj9Q1n6H6t/KEv/KfqHsvQ/Tv9Qlv7H6x/K0v81+oey9H+t/qEs/U/QP5Sl/4n6h7L0P0n/UJb+HfqHsvQ/Wf9Qlv5T9Q9l6T9N/1CW/tP1D2Xp36l/KEv/U/QPZel/qv6hLP1fp38oS//X6x/K0v8N+oey9H+j/qEs/U/TP5Sl/5v0D2Xp/2b9Q1n6n65/KEv/M/QPZek/Q/9Qlv5v0T+Upf+Z+oey9J+pfyhL/1n6h7L0P0v/UJb+Z+sfytJ/tv6hLP3fqn8oS/9z9A9l6X+u/qEs/efoH8rS/zz9Q1n6n69/KEv/C/QPZel/of6hLP1/W/9Qlv4X6R/K0n+u/qEs/efpH8rS/2L9Q1n6X6J/KEv/+fqHsvT/Hf1DWfpfqn8oS//L9A9l6b9A/1CW/m/TP5Sl/9v1D2Xpv1D/UJb+i/QPZel/uf6hLP2v0D+Upf/v6h/K0v8d+oey9H+n/qEs/a/UP5Sl/1X6h7L0X6x/KEv/d+kfytL/av1DWfq/W/9Qlv7v0T+Upf979Q9l6f8+/UNZ+l+jfyhL//frH8rS/wP6h7L0/z39Q1n6/77+oSz9P6h/KEv/D+kfytL/Wv1DWfr/gf6hLP2v0z+Upf+H9Q9l6f8R/UNZ+i/RP5Sl/x/qH8rS/6P6h7L0/5j+oSz9P65/KEv/pfqHsvT/I/1DWfp/Qv9Qlv5/rH8oS/8/0T+Upf8n9Q9l6f8p/UNZ+l+vfyhL/2X6h7L0/7T+oSz9b9A/lKX/jfqHsvS/Sf9Qlv436x/K0v8z+oey9L9F/1CW/rfqH8rS/zb9Q1n6/6n+oSz9l+sfytL/s/qHsvS/Xf9Qlv536B/K0v9O/UNZ+n9O/1CW/p/XP5Sl/wr9Q1n636V/KEv/P9M/lKX/3fqHsvT/gv6hLP2/qH8oS/8/1z+Upf89+oey9P8L/UNZ+n9J/1CW/n+pfyhL/5X6h7L0v1f/UJb+f6V/KEv/VfqHsvT/sv6hLP2/on8oS//79A9l6f/X+oey9L9f/1CW/n+jfyhL/wf0D2Xp/7f6h7L0f1D/UJb+D+kfytL/7/QPZen/Vf1DWfqv1j+Upf/X9A9l6f/3+oey9H9Y/1CW/l/XP5Sl/zf0D2Xp/039Q1n6r9E/lKX/t/QPZen/bf1DWfp/R/9Qlv7/oH8oS/9/1D+Upf8/6R/K0v8R/UNZ+n9X/1CW/v+sfyhL/7X6h7L0/xf9Q1n6r9M/lKX/v+ofytL/3/QPZen/qP6hLP2/p38oS//H9A9l6f/v+oey9F+vfyhL///QP5Sl//f1D2Xp/5/6h7L0/4H+oSz9f6h/KEv/DfqHsvR/XP9Qlv7/pX8oS/8f6R/K0v8J/UNZ+v9Y/1CW/j/RP5Sl/5P6h7L0/2/9Q1n6P6V/KEv/jfqHsvR/Wv9Qlv7/o38oS///1T+Upf9P9Q9l6f8z/UNZ+v9c/1CW/s/oH8rSf5P+oST9d6v0D2XpP0j/UJb+g/UPZek/RP9Qlv5F/1CW/kP1D2Xpv4P+oSz9d9Q/lKX/MP1DWfq/QP9Qlv476R/K0v+F+oey9N9Z/1CW/i/SP5Sl/y76h7L031X/0POuPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQVR2dUzYMGdTrqSHbPhixes7mj4duPP2Cm2/+wu49H7u/PDV4ycHbPti0adOmwU9WX+1+uGNVVV3/bbt1Px7W97jr9a+asnTslkdl5A1PH7B84dPHve/ONbduPPGWqcuHbn52aHX2eRfOnTN+cFWV0UOrRV0PDhlUVWXfodV1XQ8mdD3Yb2h1a9eDiZsfvKBa1fXg4HMumXtu1xNja/+eAcCvu47OxdWQXotd9frTwLb7f9WUuxb3fOznJXterVTd+3/Pij3e3udrPX7F/ve8fnlF3/0f8L8gAPBLBrb/943s+djPS/7S+//pF39sTfS1X73/Pa9fRtl/AGhe8P3/Xhvd9/v+fb7/H/05YOv9RWct2bFr/2/ZeNqC7qfKs/n+/y9ev4zuu/+De33/f1BVlX16vv+/Y1WVMdv52wEAKXR0vmtDf+//+9//smefm0Hb7v/ut686rWv/1+5050u6nxo6wP3fp7/3/yf0+WcFAJ6djs5Pb+rz/n8A+1/tG7zk1v0/ftGDL+7a/6+v/d7Ibb42kP0f03f/xy2YN3/cZZdfcdCF82afP+f8ORdPnjTpiMMmHT55wrjN3xHY8ut2/qYAwPPc9r3/r3bqczOoqh7bev/BlSMe7Nr/CZ846YLup4YNcP/37ff9/0jv/wGgl1GDqx12qBbNXrDg0kO2/NrzcMKWX7f8x4L9H8Df/4/u+SG6np8ZHFRVL91633nZ+wd37f+No/dc2f3UDgPc//363f9je/+sIgDw7Gzn+/9z+9z02v9dh9w2uWv/Tx6z/zXdTw307//H9rv/y7z/B4A6Ojqr/9c30V37f/XOP7++3nXZ38//AUDz2tj/x0e8e1S963KA/QeA5rWx/3OOedHd9a7LK+0/ADSvjf1/oGPJzHrX5UD7DwDNa2P/p1004qF61+Ug+w8AzWtj/0decc7CetflYPsPAM1rY/+Xn75hXb3rMs7+A0Dz2tj/M4etfaLedRlv/wGgeW3s/3cOOPW8etflEPsPAM1rY/+/dOTBj9S7LhPsPwA0r439Hz982bR612Wi/QeA5rWx/x+55Oib6l2XQ+0/ADSvjf0fPv1zE+tdl8PsPwA0r439f9uZX7u23nU53P4DQPPa2P9nrjx2eL3rMsn+A0Dz2tj/VQ/sPaPedTnC/gNA89rY/6mPXbe63nWZbP8BoHlt7P9+Tz4+v951eZX9B4DmtbH/n/322evrXZcj7T8ANK+N/d9l2TO71rsur7b/ANC8Nvb/vVfPX1rvuhxl/wGgeW3s//eX7DKm3nU52v4DQPPa2P+3fn7xinrX5Rj7DwDNa2P/v/HoxKn1rsux9h8AmtfG/p/x5ZXfrXddpth/AGheG/t/2MP3za53XY6z/wDQvDb2/94fT3+q3nU53v4DQPPa2P+Xveebe9e7Lq+x/wDQvDb2/+OfmfmBetfltfYfAJrXxv7/9IujD613XU6w/wDQvDb2f/5Hb7+x3nU50f4DQPPa2P/OA3+yrt51Ocn+A0Dz2tj/+3d558J616XD/gNA89rY/9tePuShetflZPsPAM1rY/9HHfWhmfWuy1T7DwDNa2P/F0/d4+5612Wa/QeA5rWx/y+88JOj6l2X6fYfAJrXxv6fv+jR6+tdl077DwDNa2P/fzhj3rB61+UU+w8AzWtj//faadbwetflVPsPAM1rY/+vG/vwtfWuy+vsPwA0r439/9nkOybWuy6vt/8A0Lw29n/hXiNvqndd3mD/AaB5bez/t+bdO63edXmj/QeA5rWx/7NOGf9Ivetymv0HgOa1sf8TZnWeV++6vMn+A0Dz2tj/e96x6ol61+XN9h8AmtfG/l9z/6dW1Lsup9t/AGheG/u/8/rdxtS7LmfYfwBoXhv7f/ZTFy+td11m2H8AaF4b+/+DNet2rXdd3mL/AaB5bex/xw1Xrq93Xc60/wDQvDb2/yuLfzS/3nWZaf8BoHlt7P8dH752db3rMsv+A0Dz2tj/MXdVM+pdl7PsPwA077LLr7ho9ty5cy71iU984pOtnzzX/8sEAAA07Rd/6H+u/0kAAAAAAAAAAAAAAAAAAAAgrzb+78Se639HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6PHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAAT5W68wQAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8BQAA//+3E9IO")
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000180)='./file0\x00', &(0x7f00000000c0), &(0x7f0000000100)=ANY=[], 0x1001, 0x0)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=@known='trusted.overlay.upper\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000200)=ANY=[], 0x841, 0x0)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f0000000180), 0xe00f, 0x0)

1.048758565s ago: executing program 4:
unshare(0x8040480)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r1, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, 0x0)

985.737043ms ago: executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000880)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100000000000000002b00000008000300", @ANYRES32=r3, @ANYBLOB="050034005e000000080026006c090000080027005e"], 0x34}}, 0x0)

924.363304ms ago: executing program 4:
syz_mount_image$reiserfs(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x2808415, &(0x7f0000001300)={[{@usrquota}, {@jqfmt_vfsold}, {@balloc_notest4}, {@replayonly}, {@jdev={'jdev', 0x3d, './bus'}, 0x3d}], [], 0x2}, 0x1, 0x110e, &(0x7f0000000140)="$eJzs2b9qFFEUB+Df/Mkaq9UR7RwEGyuJCPYWFnkHO7FLZScI8TF8AB9H8gYS8gCCAWtH5s5MJMFFJGtg4fvgzp45d8+9d8tzNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADCpxse9OumWTPO9ZPv+5PAsSb/k73xZTcHtOfG1POtU46iXxbpnj/e759303bkiR0dv311s2Of0vETtVn/IcdJsmtzf5k4AAACwW4ZrW19dsp2vFG5ofwAAAOBvtn2fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCvhvXvuEuyN4UP71ZJ358cniXpN1bfH27giAAAAMA1Vanzev2nfPLiwcXr0JS7garkl/GjSuoc5PNYv7pU/vHS297/Oz8AAADshnb+XG2Y/1S657HfrpM8SZthGI6X2Udp8/RKf/3tZdK8f5WD3JoS5U/+nzk9//BmGVXp6AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+sQMHAgAAAACC/K0HuQAAAAAAAAAAAAAAAADgrQAAAP//o4zYQg==")

820.861505ms ago: executing program 3:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@typedef, @fwd]}}, 0x0, 0x32}, 0x20)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c000000190001000000000000000000021800000000fd000000ed0008000100ac1414000800080004"], 0x2c}}, 0x0)

711.216396ms ago: executing program 3:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0x1, 0x0, 0x0, {}, [{0x58, 0x1, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x4}}, @TCA_MPLS_BOS={0x5}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)

555.756672ms ago: executing program 3:
syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file0\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYBLOB="6e6f6465636f6d706f73652c6465636f6d706f73652c756d61736b3d30313737373737373737373737373737373737373737372c6e6f6465636f6d706f73652c6e6f626172726965722c747970653de5f2875e2c6e6c733d63703836322c00"], 0x3, 0x632, &(0x7f0000000800)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
fdatasync(r0)

479.613199ms ago: executing program 1:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x13}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f7ffff00"})
r3 = syz_open_pts(r2, 0x0)
ioctl$TCSETAF(r3, 0x5408, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, "e85e52f25c40d7cb"})
r4 = dup3(r3, r2, 0x0)
read$watch_queue(r4, &(0x7f0000000e00)=""/4096, 0x1000)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000180))
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x601c2, 0x0)
faccessat(r1, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x44f, 0xb65a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000040)={'batadv_slave_0\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r9, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000002c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000001a0000000c00018008000100", @ANYRES32=r8], 0x20}}, 0x0)

394.669694ms ago: executing program 4:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000140)='GPL\x00', 0x3}, 0x90)
pwritev(r0, 0x0, 0x0, 0x0, 0x0)

341.766762ms ago: executing program 3:
prlimit64(0x0, 0x7, &(0x7f00000000c0), 0x0)
ioperm(0x0, 0x444, 0x1)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

271.547215ms ago: executing program 4:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_CT_DIRECTION={0x5}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0xd}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)
close(r0)

224.173195ms ago: executing program 3:
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x43, 0x0, 0x0, 0x3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net/snmp6\x00')
read$FUSE(r4, &(0x7f0000007700)={0x2020}, 0x2020)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bind$tipc(r0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x2000}})
read$FUSE(r6, &(0x7f0000000200)={0x2020, 0x0, <r7=>0x0}, 0x2092)
write$FUSE_INIT(r6, &(0x7f0000004e40)={0x50, 0xfffffffffffffffe, r7, {0x7, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}}, 0x50)
chown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
write$UHID_INPUT(r5, &(0x7f0000000940)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r5, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r5)

194.84245ms ago: executing program 4:
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_WOWLAN(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x28}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@newlink={0x34, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r5}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x100}]}, 0x34}}, 0x0)
r6 = socket(0x1, 0x803, 0x0)
r7 = socket(0x10, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r8}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_FLAGS={0x8, 0x8, 0x781}]}, 0x34}}, 0x0)

81.251396ms ago: executing program 2:
shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
shmat(0x0, &(0x7f0000ffc000/0x1000)=nil, 0x7000)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, 0x0, 0x0)

0s ago: executing program 4:
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100000000000000000000fc000a20000000000a03000000000000000000070000000900010073797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005"], 0xec}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r1, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be", @ANYRES64], 0x398}}, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

[  169.010505][ T7258] bridge_slave_0: entered allmulticast mode
[  169.019084][ T7258] bridge_slave_0: entered promiscuous mode
[  169.036551][ T7258] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.044095][ T7258] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.051402][ T7258] bridge_slave_1: entered allmulticast mode
[  169.063520][ T7258] bridge_slave_1: entered promiscuous mode
[  169.105622][ T7327] loop4: detected capacity change from 0 to 32768
[  169.128359][   T29] audit: type=1800 audit(1718091884.649:151): pid=7327 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file2" dev="loop4" ino=5 res=0 errno=0
[  169.180845][ T7241] hsr_slave_0: entered promiscuous mode
[  169.188432][ T7241] hsr_slave_1: entered promiscuous mode
[  169.199237][ T7241] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.206996][ T7241] Cannot create hsr debugfs directory
[  169.234225][ T7258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  169.249728][ T7258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  169.379198][ T7258] team0: Port device team_slave_0 added
[  169.416951][ T7258] team0: Port device team_slave_1 added
[  169.517398][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_0
[  169.520042][ T7333] loop4: detected capacity change from 0 to 256
[  169.524641][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.573621][ T7335] loop1: detected capacity change from 0 to 1024
[  169.581563][ T7258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.586281][ T7333] FAT-fs (loop4): Directory bread(block 64) failed
[  169.603003][ T7333] FAT-fs (loop4): Directory bread(block 65) failed
[  169.611504][ T7333] FAT-fs (loop4): Directory bread(block 66) failed
[  169.627962][ T7333] FAT-fs (loop4): Directory bread(block 67) failed
[  169.637669][ T7333] FAT-fs (loop4): Directory bread(block 68) failed
[  169.649067][ T7258] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.656407][ T7333] FAT-fs (loop4): Directory bread(block 69) failed
[  169.662854][ T7258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.663263][ T7333] FAT-fs (loop4): Directory bread(block 70) failed
[  169.689176][ T7258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.695801][ T7333] FAT-fs (loop4): Directory bread(block 71) failed
[  169.717670][ T7333] FAT-fs (loop4): Directory bread(block 72) failed
[  169.724615][ T7333] FAT-fs (loop4): Directory bread(block 73) failed
[  169.779817][ T6983] 8021q: adding VLAN 0 to HW filter on device bond0
[  169.829931][ T7258] hsr_slave_0: entered promiscuous mode
[  169.849246][ T7258] hsr_slave_1: entered promiscuous mode
[  169.861013][ T7258] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  169.880743][ T7258] Cannot create hsr debugfs directory
[  169.910585][ T6983] 8021q: adding VLAN 0 to HW filter on device team0
[  170.011984][ T5119] Bluetooth: hci4: command tx timeout
[  170.030359][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.037533][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.870572][   T12] kworker/u8:1: attempt to access beyond end of device
[  170.870572][   T12] loop4: rw=1, sector=1224, nr_sectors = 32 limit=256
[  170.886464][   T12] kworker/u8:1: attempt to access beyond end of device
[  170.886464][   T12] loop4: rw=1, sector=1288, nr_sectors = 100 limit=256
[  170.951002][ T5157] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.958175][ T5157] bridge0: port 2(bridge_slave_1) entered forwarding state
[  171.051956][ T5119] Bluetooth: hci3: command tx timeout
[  171.058506][ T7346] Bluetooth: MGMT ver 1.23
[  171.146361][ T7348] loop4: detected capacity change from 0 to 1024
[  171.156856][ T7348] hfsplus: unable to find HFS+ superblock
[  171.300358][ T7351] loop4: detected capacity change from 0 to 64
[  171.319281][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.508371][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.667219][ T7258] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.752716][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  171.760235][ T7358] loop4: detected capacity change from 0 to 2048
[  171.765967][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  171.793734][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  171.797778][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.802008][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  171.822357][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  171.833160][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  171.836436][ T7241] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  171.859260][ T7241] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  171.871456][ T7358] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.893036][ T7358] ext4 filesystem being mounted at /root/syzkaller-testdir1982421966/syzkaller.7g4GTq/174/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.920703][ T7358] CUSE: info not properly terminated
[  171.967153][ T7258] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  171.996288][ T5107] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.016961][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.045484][ T7241] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  172.101338][ T7258] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.111911][   T54] Bluetooth: hci4: command tx timeout
[  172.127270][ T7241] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  172.202730][ T7258] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode
[  172.267052][ T7258] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.350655][ T6983] 8021q: adding VLAN 0 to HW filter on device batadv0
[  172.563799][   T12] bridge_slave_1: left allmulticast mode
[  172.569478][   T12] bridge_slave_1: left promiscuous mode
[  172.575803][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.585618][   T12] bridge_slave_0: left allmulticast mode
[  172.591368][   T12] bridge_slave_0: left promiscuous mode
[  172.597301][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.761812][ T1161] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  172.957364][ T1161] usb 5-1: Using ep0 maxpacket: 32
[  172.966142][ T1161] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.977309][ T1161] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.987398][ T1161] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  172.999333][ T1161] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.012899][ T1161] usb 5-1: config 0 descriptor??
[  173.059962][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  173.071373][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  173.083549][   T12] bond0 (unregistering): Released all slaves
[  173.136883][   T54] Bluetooth: hci3: command tx timeout
[  173.218198][ T7258] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  173.237331][ T7258] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  173.250727][ T7258] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  173.309419][ T7258] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  173.466343][ T1161] usbhid 5-1:0.0: can't add hid device: -71
[  173.472651][ T1161] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  173.489527][ T1161] usb 5-1: USB disconnect, device number 9
[  173.526693][ T6983] veth0_vlan: entered promiscuous mode
[  173.576735][   T12] hsr_slave_0: left promiscuous mode
[  173.582646][   T12] hsr_slave_1: left promiscuous mode
[  173.588406][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  173.596897][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  173.605278][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  173.616269][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  173.638345][   T12] veth1_macvtap: left promiscuous mode
[  173.645016][   T12] veth0_macvtap: left promiscuous mode
[  173.650667][   T12] veth1_vlan: left promiscuous mode
[  173.656096][   T12] veth0_vlan: left promiscuous mode
[  173.856040][   T54] Bluetooth: hci1: command tx timeout
[  174.126919][   T12] team0 (unregistering): Port device team_slave_1 removed
[  174.167115][   T12] team0 (unregistering): Port device team_slave_0 removed
[  174.602617][ T7359] chnl_net:caif_netlink_parms(): no params data found
[  174.690624][ T6983] veth1_vlan: entered promiscuous mode
[  174.786095][ T7241] 8021q: adding VLAN 0 to HW filter on device bond0
[  174.834113][ T7359] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.841289][ T7359] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.848725][ T7359] bridge_slave_0: entered allmulticast mode
[  174.864668][ T7359] bridge_slave_0: entered promiscuous mode
[  174.873408][ T7359] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.880537][ T7359] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.888057][ T7359] bridge_slave_1: entered allmulticast mode
[  174.903168][ T7359] bridge_slave_1: entered promiscuous mode
[  174.946673][ T7359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.975374][ T7241] 8021q: adding VLAN 0 to HW filter on device team0
[  174.984609][ T7359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.992194][ T5157] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  175.017432][ T6983] veth0_macvtap: entered promiscuous mode
[  175.055263][ T7359] team0: Port device team_slave_0 added
[  175.067403][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.075624][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.091045][ T7359] team0: Port device team_slave_1 added
[  175.107189][ T6983] veth1_macvtap: entered promiscuous mode
[  175.135019][  T782] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.142211][  T782] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.158113][ T7359] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.165589][ T7359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.195842][ T5157] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  175.198810][ T7359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.205212][ T5157] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.225367][ T7359] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.225590][ T5157] usb 5-1: Product: syz
[  175.237573][ T5157] usb 5-1: Manufacturer: syz
[  175.237593][ T7359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.242288][ T5157] usb 5-1: SerialNumber: syz
[  175.274907][ T7359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.282728][ T5157] usb 5-1: config 0 descriptor??
[  175.387457][ T7359] hsr_slave_0: entered promiscuous mode
[  175.394145][ T7359] hsr_slave_1: entered promiscuous mode
[  175.401236][ T6983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.416149][ T6983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.426269][ T6983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.437321][ T6983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.449353][ T6983] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.468437][ T7258] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.510030][  T782] usb 5-1: USB disconnect, device number 10
[  175.551391][ T6983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.562257][ T6983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.573840][ T6983] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.584396][ T6983] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.596251][ T6983] batman_adv: batadv0: Interface activated: batadv_slave_1
[  175.647556][ T6983] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  175.660190][ T6983] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  175.669005][ T6983] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  175.678322][ T6983] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  175.743910][ T7258] 8021q: adding VLAN 0 to HW filter on device team0
[  175.853967][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.861122][ T5160] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.914417][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.921573][ T5160] bridge0: port 2(bridge_slave_1) entered forwarding state
[  175.931908][   T54] Bluetooth: hci1: command tx timeout
[  176.001017][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.020305][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.086860][ T7241] 8021q: adding VLAN 0 to HW filter on device batadv0
[  176.130322][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  176.140086][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  176.251125][ T7390] netlink: 'syz-executor.0': attribute type 2 has an invalid length.
[  176.260504][ T7390] netlink: 'syz-executor.0': attribute type 8 has an invalid length.
[  176.269255][ T7390] netlink: 132 bytes leftover after parsing attributes in process `syz-executor.0'.
[  176.508025][ T7359] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  176.527186][ T7241] veth0_vlan: entered promiscuous mode
[  176.537006][ T7359] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  176.576138][ T7359] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  176.610321][ T7359] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  176.675911][ T7241] veth1_vlan: entered promiscuous mode
[  176.741595][ T7258] 8021q: adding VLAN 0 to HW filter on device batadv0
[  177.002249][ T7413] loop4: detected capacity change from 0 to 64
[  177.011040][ T7241] veth0_macvtap: entered promiscuous mode
[  177.049742][ T7241] veth1_macvtap: entered promiscuous mode
[  177.121985][ T7258] veth0_vlan: entered promiscuous mode
[  177.194967][ T7258] veth1_vlan: entered promiscuous mode
[  177.215396][ T7241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.216705][ T7416] loop4: detected capacity change from 0 to 512
[  177.232252][ T7241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.232271][ T7241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.232287][ T7241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.232306][ T7241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  177.232319][ T7241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.238535][ T7241] batman_adv: batadv0: Interface activated: batadv_slave_0
[  177.321493][ T7416] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  177.330983][ T7416] EXT4-fs (loop4): 1 truncate cleaned up
[  177.338158][ T7416] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.365130][ T7241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.385336][ T7241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.400919][ T7241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.425436][ T7241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.439278][ T7241] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  177.455357][ T7241] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  177.470602][ T5107] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.476129][ T7241] batman_adv: batadv0: Interface activated: batadv_slave_1
[  177.559433][ T7241] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  177.581560][ T7241] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  177.590708][ T7241] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  177.606233][ T7241] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  177.634921][ T7426] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[  177.757800][ T7430] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  177.847245][   T29] audit: type=1326 audit(1718091893.359:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x0
[  177.892832][ T7359] 8021q: adding VLAN 0 to HW filter on device bond0
[  177.982140][  T782] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  177.983423][ T7359] 8021q: adding VLAN 0 to HW filter on device team0
[  178.012230][   T54] Bluetooth: hci1: command tx timeout
[  178.028940][ T7258] veth0_macvtap: entered promiscuous mode
[  178.058219][ T7258] veth1_macvtap: entered promiscuous mode
[  178.068711][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.075929][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.143111][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.150246][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.163917][  T782] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  178.184105][  T782] usb 1-1: config 0 has no interfaces?
[  178.191042][  T782] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  178.201070][  T782] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.242121][  T782] usb 1-1: config 0 descriptor??
[  178.256760][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.268796][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.272324][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.287335][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.297917][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.309241][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.319211][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.333432][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.346223][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  178.357445][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.390175][ T7258] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.514446][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.515733][  T782] usb 1-1: USB disconnect, device number 4
[  178.539624][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.560886][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.580813][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.590981][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.601795][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.612476][ T7258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  178.623390][ T7258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  178.643944][ T7258] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.695304][ T7258] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.704345][ T7258] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.714065][ T7258] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.722899][ T7258] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.735499][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.758031][ T7433] loop4: detected capacity change from 0 to 2048
[  178.758221][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.766897][ T7433] EXT4-fs: Ignoring removed nomblk_io_submit option
[  178.805054][ T7433] EXT4-fs: Ignoring removed mblk_io_submit option
[  178.825341][ T7433] EXT4-fs (loop4): unsupported descriptor size 32768
[  178.991360][ T2424] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.991385][ T2424] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.099810][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  179.108835][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.267759][ T7359] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.565520][ T7452] bridge_slave_1: left allmulticast mode
[  179.571327][ T7452] bridge_slave_1: left promiscuous mode
[  179.580501][ T7452] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.619531][ T7452] bridge_slave_0: left allmulticast mode
[  179.625714][ T7452] bridge_slave_0: left promiscuous mode
[  179.632185][ T7452] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.107612][   T54] Bluetooth: hci1: command tx timeout
[  180.520726][ T7469] loop3: detected capacity change from 0 to 1024
[  180.549532][ T7359] veth0_vlan: entered promiscuous mode
[  180.557046][ T7473] loop0: detected capacity change from 0 to 2048
[  180.603813][ T7473] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.627994][ T7359] veth1_vlan: entered promiscuous mode
[  180.906894][ T6983] UDF-fs: error (device loop0): udf_read_inode: (ino 1317) failed !bh
[  181.037589][ T6983] UDF-fs: error (device loop0): udf_read_inode: (ino 1317) failed !bh
[  181.697507][ T7359] veth0_macvtap: entered promiscuous mode
[  181.773203][ T7359] veth1_macvtap: entered promiscuous mode
[  181.832768][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.861879][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.881693][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.899420][ T7479] loop4: detected capacity change from 0 to 32768
[  181.905936][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.917358][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.930950][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.941156][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.952502][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.965101][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.977671][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.980126][ T7479] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  181.998509][ T7359] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.027536][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.028610][ T7479] XFS (loop4): Ending clean mount
[  182.044788][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.054728][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.065577][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.080700][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.098441][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.121778][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.133764][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.143676][ T7359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.170103][ T7359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.209884][ T7359] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.251381][ T7359] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.291732][ T7359] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.320964][ T7359] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.356046][ T7359] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.393145][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.511595][ T7492] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  183.745891][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.515781][ T7499] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  184.661877][   T29] audit: type=1326 audit(1718091900.169:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7495 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb11a27cf69 code=0x0
[  184.723225][ T5119] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  184.733747][ T5119] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  184.744839][ T5119] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  184.760904][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.774324][ T5119] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  184.792065][ T5119] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  184.801208][ T5119] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  184.805215][ T5107] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.984506][ T7511] loop3: detected capacity change from 0 to 64
[  185.014492][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.263617][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.275285][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.334326][ T7513] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  185.347521][ T7513] netlink: 9344 bytes leftover after parsing attributes in process `syz-executor.2'.
[  185.360879][ T7513] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  185.370088][ T7513] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  185.520280][ T2398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.528484][ T7524] loop2: detected capacity change from 0 to 2048
[  185.535086][ T2398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.585288][ T7524] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  185.643568][   T35] bridge_slave_1: left allmulticast mode
[  185.651837][   T35] bridge_slave_1: left promiscuous mode
[  185.658895][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.687413][ T7524] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 1376) has entry at pos 232 with incorrect tag 0
[  185.709223][   T35] bridge_slave_0: left allmulticast mode
[  185.715060][   T35] bridge_slave_0: left promiscuous mode
[  185.720867][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.164664][ T7547] loop2: detected capacity change from 0 to 64
[  186.366605][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.385386][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.403564][   T35] bond0 (unregistering): Released all slaves
[  186.543110][ T7539] Â: renamed from pim6reg1
[  186.676007][ T7561] loop2: detected capacity change from 0 to 512
[  186.689133][ T7561] ext4: Unknown parameter 'mask'
[  186.758154][ T7563] warning: `syz-executor.4' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  186.892707][ T5119] Bluetooth: hci2: command tx timeout
[  186.979072][   T35] hsr_slave_0: left promiscuous mode
[  187.000064][   T35] hsr_slave_1: left promiscuous mode
[  187.009434][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.020475][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.031390][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.037442][   T51] kernel write not supported for file bpf-prog (pid: 51 comm: kworker/1:1)
[  187.042587][   T29] audit: type=1800 audit(1718091902.559:154): pid=7577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1954 res=0 errno=0
[  187.076059][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.112851][   T35] veth1_macvtap: left promiscuous mode
[  187.118485][   T35] veth0_macvtap: left promiscuous mode
[  187.124664][   T35] veth1_vlan: left promiscuous mode
[  187.130059][   T35] veth0_vlan: left promiscuous mode
[  187.916130][   T29] audit: type=1800 audit(1718091903.439:155): pid=7605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="sda1" ino=1959 res=0 errno=0
[  187.940521][ T5160] kernel write not supported for file bpf-prog (pid: 5160 comm: kworker/1:6)
[  187.962513][   T51] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  188.009509][   T35] team0 (unregistering): Port device team_slave_1 removed
[  188.100311][   T35] team0 (unregistering): Port device team_slave_0 removed
[  188.177079][   T51] usb 4-1: Using ep0 maxpacket: 32
[  188.188141][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.201937][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.221769][   T51] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  188.230911][   T51] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.255610][   T51] usb 4-1: config 0 descriptor??
[  189.181253][ T5119] Bluetooth: hci2: command tx timeout
[  189.574553][   T51] usbhid 4-1:0.0: can't add hid device: -71
[  189.605909][   T51] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  189.671523][   T51] usb 4-1: USB disconnect, device number 8
[  190.314654][ T7505] chnl_net:caif_netlink_parms(): no params data found
[  190.501396][ T7647] loop4: detected capacity change from 0 to 128
[  190.579934][ T7647] VFS: Found a Xenix FS (block size = 512) on device loop4
[  190.658545][ T7647] sysv_count_free_blocks: cannot read free-list block
[  190.989294][ T7647] sysv_count_free_inodes: unable to read inode table
[  191.049135][ T7650] mmap: syz-executor.1 (7650) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  191.261936][   T51] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  191.541910][ T5119] Bluetooth: hci2: command tx timeout
[  191.567627][   T51] usb 5-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  191.586661][   T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.556259][ T7662] loop2: detected capacity change from 0 to 131072
[  195.594164][ T5119] Bluetooth: hci2: command tx timeout
[  195.610914][   T51] usb 5-1: config 0 descriptor??
[  195.622980][   T51] usb 5-1: can't set config #0, error -71
[  195.630133][   T51] usb 5-1: USB disconnect, device number 11
[  195.669110][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  195.680396][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  195.694595][ T5107] sysv_free_block: trying to free block not in datazone
[  195.731257][ T7505] bridge0: port 1(bridge_slave_0) entered blocking state
[  195.785591][ T7505] bridge0: port 1(bridge_slave_0) entered disabled state
[  195.791822][ T5107] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  195.793340][ T7662] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-4)
[  195.823004][ T7505] bridge_slave_0: entered allmulticast mode
[  195.831766][ T7505] bridge_slave_0: entered promiscuous mode
[  195.869172][ T7505] bridge0: port 2(bridge_slave_1) entered blocking state
[  195.881981][ T7505] bridge0: port 2(bridge_slave_1) entered disabled state
[  195.889250][ T7505] bridge_slave_1: entered allmulticast mode
[  195.929175][ T7505] bridge_slave_1: entered promiscuous mode
[  196.088093][ T7683] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  196.101144][ T7685] loop1: detected capacity change from 0 to 2048
[  196.119520][ T7685] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  196.141547][ T7505] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.149122][ T7685] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  196.189235][ T7679] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  196.219924][ T7505] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.233386][ T7687] loop4: detected capacity change from 0 to 128
[  196.462734][ T7505] team0: Port device team_slave_0 added
[  196.492099][ T2398] kworker/u8:7: attempt to access beyond end of device
[  196.492099][ T2398] loop1: rw=2049, sector=2337, nr_sectors = 304 limit=2048
[  196.492657][ T7505] team0: Port device team_slave_1 added
[  196.668505][ T7695] loop3: detected capacity change from 0 to 16
[  196.694685][ T7695] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  196.702594][ T7505] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.726758][ T7505] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.792920][ T7505] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.836074][ T7505] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.919196][ T7685] syz-executor.1: attempt to access beyond end of device
[  196.919196][ T7685] loop1: rw=2049, sector=2641, nr_sectors = 472 limit=2048
[  196.960106][ T7505] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.014690][ T7685] syz-executor.1: attempt to access beyond end of device
[  197.014690][ T7685] loop1: rw=2049, sector=3115, nr_sectors = 200 limit=2048
[  197.037114][ T7505] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.209553][ T7709] loop4: detected capacity change from 0 to 128
[  202.091966][    C0] DEBUG: waiting rtnl_mutex for 504 jiffies.
[  202.098754][    C0] task:kworker/u8:4    state:D stack:22384 pid:61    tgid:61    ppid:2      flags:0x00004000
[  202.109212][    C0] Workqueue: ipv6_addrconf addrconf_dad_work
[  202.115533][    C0] Call Trace:
[  202.118918][    C0]  <TASK>
[  202.122053][    C0]  __schedule+0x17e8/0x4a20
[  202.126718][    C0]  ? __pfx___schedule+0x10/0x10
[  202.131792][    C0]  ? __pfx_lock_release+0x10/0x10
[  202.136950][    C0]  ? __mutex_trylock_common+0x92/0x2e0
[  202.142683][    C0]  ? kthread_data+0x52/0xd0
[  202.147325][    C0]  ? schedule+0x90/0x320
[  202.151824][    C0]  ? wq_worker_sleeping+0x66/0x240
[  202.157028][    C0]  ? schedule+0x90/0x320
[  202.161379][    C0]  schedule+0x14b/0x320
[  202.165792][    C0]  schedule_preempt_disabled+0x13/0x30
[  202.171384][    C0]  __mutex_lock+0x6a4/0xd70
[  202.176139][    C0]  ? mark_lock+0x9a/0x360
[  202.180587][    C0]  ? __mutex_lock+0x527/0xd70
[  202.185516][    C0]  ? addrconf_dad_work+0xd0/0x16f0
[  202.190908][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  202.196213][    C0]  ? rtnl_lock+0xe7/0x130
[  202.200678][    C0]  addrconf_dad_work+0xd0/0x16f0
[  202.205848][    C0]  ? __pfx_addrconf_dad_work+0x10/0x10
[  202.211440][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  202.218034][    C0]  ? process_scheduled_works+0x945/0x1830
[  202.223972][    C0]  process_scheduled_works+0xa2c/0x1830
[  202.229647][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  202.235922][    C0]  ? assign_work+0x364/0x3d0
[  202.240672][    C0]  worker_thread+0x86d/0xd50
[  202.245663][    C0]  ? __kthread_parkme+0x169/0x1d0
[  202.250853][    C0]  ? __pfx_worker_thread+0x10/0x10
[  202.256292][    C0]  kthread+0x2f0/0x390
[  202.260477][    C0]  ? __pfx_worker_thread+0x10/0x10
[  202.265822][    C0]  ? __pfx_kthread+0x10/0x10
[  202.270614][    C0]  ret_from_fork+0x4b/0x80
[  202.275379][    C0]  ? __pfx_kthread+0x10/0x10
[  202.280072][    C0]  ret_from_fork_asm+0x1a/0x30
[  202.285149][    C0]  </TASK>
[  202.288222][    C0] 
[  202.288222][    C0] Showing all locks held in the system:
[  202.296166][    C0] 3 locks held by kworker/u8:4/61:
[  202.302094][    C0]  #0: ffff88802a115148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  202.314052][    C0]  #1: ffffc900015cfd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  202.327148][    C0]  #2: ffffffff8f5ef4c8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x16f0
[  202.336974][    C0] 2 locks held by getty/4840:
[  202.341886][    C0]  #0: ffff88802ab3e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  202.351833][    C0]  #1: ffffc900037cb2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6b5/0x1e10
[  202.362151][    C0] 4 locks held by syz-executor.3/7241:
[  202.367645][    C0] 1 lock held by syz-executor.1/7359:
[  202.373082][    C0] 2 locks held by syz-executor.0/7505:
[  202.378580][    C0]  #0: ffffffff8f5ef4c8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x839/0x1170
[  202.388294][    C0]  #1: ffffffff8e33a878 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  202.399288][    C0] 1 lock held by syz-executor.4/7703:
[  202.404869][    C0] 1 lock held by syz-executor.4/7709:
[  202.410265][    C0]  #0: ffff88807ef500e0 (&type->s_umount_key#96/1){+.+.}-{3:3}, at: alloc_super+0x221/0x9d0
[  202.420487][    C0] 1 lock held by syz-executor.2/7707:
[  202.425915][    C0] 
[  202.428249][    C0] =============================================
[  202.428249][    C0] 
[  202.826693][ T7709] VFS: Found a Xenix FS (block size = 512) on device loop4
[  202.978761][ T5107] sysv_free_block: trying to free block not in datazone
[  202.991560][ T7713] loop3: detected capacity change from 0 to 4096
[  203.008295][ T7713] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  203.012358][ T5107] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  203.078853][ T7713] ntfs3: loop3: Failed to initialize $Extend/$ObjId.
[  203.206610][ T7725] ieee802154 phy0 wpan0: encryption failed: -22
[  204.028549][ T7727] bridge_slave_1: left allmulticast mode
[  204.034639][ T7727] bridge_slave_1: left promiscuous mode
[  204.041886][ T7727] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.111190][ T7727] bridge_slave_0: left allmulticast mode
[  204.117103][ T7727] bridge_slave_0: left promiscuous mode
[  204.122960][ T7727] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.261057][ T7730] loop1: detected capacity change from 0 to 4096
[  204.302408][ T7505] hsr_slave_0: entered promiscuous mode
[  204.372281][ T7505] hsr_slave_1: entered promiscuous mode
[  204.397326][ T7505] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.425705][ T7505] Cannot create hsr debugfs directory
[  204.454536][ T7730] ntfs3: loop1: ino=21, The size of extended attributes must not exceed 64KiB
[  204.470771][ T7742] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  204.496692][ T7744] ntfs3: loop1: ino=21, The size of extended attributes must not exceed 64KiB
[  204.570321][ T7734] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  204.847402][ T7756] loop4: detected capacity change from 0 to 128
[  204.880588][ T5163] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  205.029498][   T29] audit: type=1800 audit(1718091920.549:156): pid=7766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1949 res=0 errno=0
[  205.262875][ T5163] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  205.280860][ T5163] usb 3-1: config 0 has no interfaces?
[  205.286577][ T5163] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  205.295898][ T5163] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.306262][ T5163] usb 3-1: config 0 descriptor??
[  206.087752][   T51] usb 3-1: USB disconnect, device number 4
[  206.111912][ T7771] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  206.220761][   T29] audit: type=1326 audit(1718091921.739:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.273709][   T29] audit: type=1326 audit(1718091921.739:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.312156][   T29] audit: type=1326 audit(1718091921.769:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.380891][   T29] audit: type=1326 audit(1718091921.769:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.423212][   T29] audit: type=1326 audit(1718091921.769:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.475396][   T29] audit: type=1326 audit(1718091921.769:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.508662][   T29] audit: type=1326 audit(1718091921.769:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x7ffc0000
[  206.548661][ T7505] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  206.564723][   T29] audit: type=1326 audit(1718091921.789:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fdec9c7a6e7 code=0x7ffc0000
[  206.592948][   T29] audit: type=1326 audit(1718091921.789:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7774 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fdec9c403d9 code=0x7ffc0000
[  206.668229][ T7505] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  206.718014][ T7505] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  206.741492][ T7505] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  206.748873][ T7763] loop1: detected capacity change from 0 to 40427
[  206.790546][ T7763] F2FS-fs (loop1): Found nat_bits in checkpoint
[  206.794316][ T7793] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  206.900381][ T7795] loop2: detected capacity change from 0 to 128
[  206.923120][ T7795] EXT4-fs: Ignoring removed mblk_io_submit option
[  206.939943][ T7795] EXT4-fs: Ignoring removed nomblk_io_submit option
[  206.960657][ T7795] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  206.978482][ T7763] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  207.486462][ T7800] syz-executor.1: attempt to access beyond end of device
[  207.486462][ T7800] loop1: rw=2049, sector=53248, nr_sectors = 976 limit=40427
[  207.913529][ T7795] EXT4-fs: Ignoring removed mblk_io_submit option
[  207.943203][ T7795] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.036763][ T7359] syz-executor.1: attempt to access beyond end of device
[  208.036763][ T7359] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  208.073266][ T7795] EXT4-fs (sda1): can't mount with journal_async_commit in data=ordered mode
[  208.114572][ T7359] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  208.121977][ T7802] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  208.176556][ T7787] loop4: detected capacity change from 0 to 32768
[  208.237985][ T7787] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  208.283264][ T7809] loop2: detected capacity change from 0 to 2048
[  208.351448][ T7505] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.358338][ T7809] cgroup: noprefix used incorrectly
[  208.425853][ T7787] XFS (loop4): Ending clean mount
[  208.425948][ T7817] loop2: detected capacity change from 0 to 64
[  208.530295][ T7505] 8021q: adding VLAN 0 to HW filter on device team0
[  208.569247][  T782] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.576458][  T782] bridge0: port 1(bridge_slave_0) entered forwarding state
[  208.592691][ T5107] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  208.671604][ T5208] bridge0: port 2(bridge_slave_1) entered blocking state
[  208.678826][ T5208] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.405666][ T5208] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  209.721335][ T5208] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  209.772834][ T5208] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  209.813436][ T5208] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  209.836561][ T5208] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  209.857873][ T5208] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.885297][ T5208] usb 2-1: config 0 descriptor??
[  209.914056][ T7505] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.141075][ T7505] veth0_vlan: entered promiscuous mode
[  210.196553][ T7856] loop4: detected capacity change from 0 to 64
[  210.204406][ T7505] veth1_vlan: entered promiscuous mode
[  210.307402][ T5208] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  210.343225][ T5208] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  210.353978][ T7505] veth0_macvtap: entered promiscuous mode
[  210.389079][ T5208] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  210.431976][ T7505] veth1_macvtap: entered promiscuous mode
[  210.484082][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.499347][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.511066][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.534656][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.545448][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.557464][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.568574][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.581063][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.600989][ T5161] usb 2-1: USB disconnect, device number 3
[  210.616684][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  210.628424][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.672657][ T7505] batman_adv: batadv0: Interface activated: batadv_slave_0
[  210.688643][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.708631][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.720350][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.736661][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.751704][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.768288][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.780572][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.797690][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.811201][ T7505] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  210.824028][ T7505] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  210.864111][ T7505] batman_adv: batadv0: Interface activated: batadv_slave_1
[  210.925325][ T7505] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  210.946448][ T7505] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  210.966538][ T7505] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  210.991733][ T7505] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  211.196526][ T7843] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.220469][ T7843] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.237122][ T7866] loop1: detected capacity change from 0 to 256
[  211.327748][ T7843] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  211.347680][ T7843] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  211.385586][ T7869] loop2: detected capacity change from 0 to 164
[  211.412866][ T7866] loop1: detected capacity change from 256 to 0
[  211.427252][    C1] I/O error, dev loop1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  211.448207][ T7869] loop2: detected capacity change from 0 to 128
[  211.470456][ T7867] FAT-fs (loop1): FAT read failed (blocknr 1)
[  211.493961][ T7867] syz-executor.1: attempt to access beyond end of device
[  211.493961][ T7867] loop1: rw=0, sector=12, nr_sectors = 4 limit=0
[  211.554260][ T7867] FAT-fs (loop1): unable to read inode block for updating (i_pos 203)
[  211.563046][ T7862] loop4: detected capacity change from 0 to 32768
[  211.578478][ T7862] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (7862)
[  211.609295][ T7862] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  211.637834][ T7862] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  211.659785][ T7862] BTRFS info (device loop4): using free-space-tree
[  211.850234][ T7359] syz-executor.1: attempt to access beyond end of device
[  211.850234][ T7359] loop1: rw=0, sector=12, nr_sectors = 4 limit=0
[  211.882477][ T7359] FAT-fs (loop1): Directory bread(block 3) failed
[  211.928294][ T5107] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  212.021511][ T7359] syz-executor.1: attempt to access beyond end of device
[  212.021511][ T7359] loop1: rw=0, sector=0, nr_sectors = 4 limit=0
[  212.065289][ T7359] FAT-fs (loop1): unable to read boot sector to mark fs as dirty
[  212.318280][ T7874] loop3: detected capacity change from 0 to 32768
[  212.336049][ T7874] btrfs: Deprecated parameter 'usebackuproot'
[  212.357663][ T7874] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  212.379186][ T7874] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (7874)
[  212.412199][   T54] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  212.422977][   T54] Bluetooth: hci3: Injecting HCI hardware error event
[  212.436215][ T5119] Bluetooth: hci3: hardware error 0x00
[  212.456654][ T7874] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  212.549355][ T7874] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  212.717542][ T5633] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  212.814186][ T7874] BTRFS info (device loop3): rebuilding free space tree
[  212.915399][ T7930] loop4: detected capacity change from 0 to 1024
[  212.934982][ T7932] input: syz1 as /devices/virtual/input/input9
[  212.973704][ T7930] hfsplus: unable to parse mount options
[  212.981238][ T7874] BTRFS info (device loop3): disabling free space tree
[  213.002789][ T5633] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.013967][ T7874] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  213.035396][ T7874] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  213.055927][ T7930] loop4: detected capacity change from 0 to 256
[  213.156470][ T5633] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.204596][ T7930] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  213.350845][ T5633] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  213.364994][ T4489] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  213.383444][ T4489] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  213.393924][ T4489] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  213.402846][ T4489] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  213.421131][ T4489] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  213.428962][ T4489] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  213.605647][ T7241] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  213.674899][ T5633] bridge_slave_1: left allmulticast mode
[  213.680588][ T5633] bridge_slave_1: left promiscuous mode
[  213.686839][ T5633] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.762632][ T5633] bridge_slave_0: left allmulticast mode
[  213.769146][ T5633] bridge_slave_0: left promiscuous mode
[  213.791479][ T5633] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.067959][ T7949] loop3: detected capacity change from 0 to 8
[  214.450615][ T7956] kvm: emulating exchange as write
[  214.652782][ T5119] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  214.662405][ T5633] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  214.693826][ T5633] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  214.713429][ T5633] bond0 (unregistering): Released all slaves
[  214.949261][ T7961] loop4: detected capacity change from 0 to 16
[  215.025504][ T7961] erofs: (device loop4): mounted with root inode @ nid 36.
[  215.266092][ T5107] erofs: (device loop4): erofs_fill_dentries: bogus dirent @ nid 46
[  215.283937][ T5107] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  215.315198][ T5107] erofs: (device loop4): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  215.441305][ T7967] loop0: detected capacity change from 0 to 64
[  215.498806][ T5633] hsr_slave_0: left promiscuous mode
[  215.534417][ T5119] Bluetooth: hci1: command tx timeout
[  215.554494][ T5633] hsr_slave_1: left promiscuous mode
[  215.566799][ T7967] hfs: bad catalog entry type 0
[  215.578945][ T5633] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  215.589858][ T5633] batman_adv: batadv0: Removing interface: batadv_slave_0
[  215.614809][ T5633] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  215.632259][ T5633] batman_adv: batadv0: Removing interface: batadv_slave_1
[  215.703056][ T5633] veth1_macvtap: left promiscuous mode
[  215.708587][ T5633] veth0_macvtap: left promiscuous mode
[  215.741910][ T5633] veth1_vlan: left promiscuous mode
[  215.747381][ T5633] veth0_vlan: left promiscuous mode
[  216.387695][ T7978] loop2: detected capacity change from 0 to 1024
[  216.440067][ T7978] hfsplus: unable to parse mount options
[  216.535470][ T7978] loop2: detected capacity change from 0 to 256
[  216.576780][ T7978] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  216.810368][ T7984] loop4: detected capacity change from 0 to 1024
[  217.047077][ T7987] loop4: detected capacity change from 0 to 2048
[  217.089719][ T7987]  loop4: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[  217.146149][ T5633] team0 (unregistering): Port device team_slave_1 removed
[  217.351559][ T5633] team0 (unregistering): Port device team_slave_0 removed
[  217.612239][ T5119] Bluetooth: hci1: command tx timeout
[  217.890932][ T7990] loop2: detected capacity change from 0 to 32768
[  218.228928][ T7939] chnl_net:caif_netlink_parms(): no params data found
[  218.395417][ T7993] loop0: detected capacity change from 0 to 4096
[  218.477310][ T7996] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  218.540903][ T5119] Bluetooth: hci4: Malformed HCI Event: 0x22
[  218.752364][ T7939] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.772486][ T7939] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.779775][ T7939] bridge_slave_0: entered allmulticast mode
[  218.831500][ T7939] bridge_slave_0: entered promiscuous mode
[  218.869838][ T7939] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.901557][   T29] kauditd_printk_skb: 15 callbacks suppressed
[  218.901575][   T29] audit: type=1804 audit(1718091934.409:181): pid=8010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir122553832/syzkaller.DYZmCe/9/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  218.907942][ T7939] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.932927][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.020585][   T29] audit: type=1804 audit(1718091934.529:182): pid=7993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir122553832/syzkaller.DYZmCe/9/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  219.045338][    C1] vkms_vblank_simulate: vblank timer overrun
[  219.064484][ T7939] bridge_slave_1: entered allmulticast mode
[  219.089155][ T7939] bridge_slave_1: entered promiscuous mode
[  219.208367][ T8019] loop3: detected capacity change from 0 to 24
[  219.245557][ T7939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.313655][ T7939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.484197][ T7939] team0: Port device team_slave_0 added
[  219.525512][ T7939] team0: Port device team_slave_1 added
[  219.638148][ T7939] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.664345][ T7939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.761847][ T5119] Bluetooth: hci1: command tx timeout
[  219.767526][ T7939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.791312][ T7939] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.802503][ T7939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.326271][ T7939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.543062][ T8044] loop0: detected capacity change from 0 to 1024
[  221.610477][ T7939] hsr_slave_0: entered promiscuous mode
[  221.640873][ T7939] hsr_slave_1: entered promiscuous mode
[  221.688883][ T8048] loop3: detected capacity change from 0 to 24
[  221.771748][ T5119] Bluetooth: hci1: command tx timeout
[  221.797249][ T8052] netlink: 16402 bytes leftover after parsing attributes in process `syz-executor.4'.
[  223.901852][ T5119] Bluetooth: hci1: command tx timeout
[  224.051474][ T8079] loop4: detected capacity change from 0 to 16
[  224.070508][ T8078] loop0: detected capacity change from 0 to 1024
[  224.130717][ T8079] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  225.068294][ T8094] loop4: detected capacity change from 0 to 2048
[  225.132500][ T8094] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  225.161052][ T8094] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  225.255272][ T7939] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  225.263088][ T8103] loop3: detected capacity change from 0 to 1024
[  225.273411][ T8101] loop2: detected capacity change from 0 to 4096
[  225.281853][ T7939] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  225.293175][ T8103] hfsplus: unable to parse mount options
[  225.319668][ T8101] NILFS (loop2): invalid segment: Checksum error in segment payload
[  225.343951][ T8101] NILFS (loop2): trying rollback from an earlier position
[  225.409785][ T8101] NILFS (loop2): recovery complete
[  225.485643][ T8108] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  225.502688][ T7939] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  225.677131][ T7939] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  226.027252][ T8115] loop3: detected capacity change from 0 to 1024
[  226.235253][ T8119] loop3: detected capacity change from 0 to 1024
[  226.338392][ T8121] loop2: detected capacity change from 0 to 16
[  226.354074][ T8121] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  226.426859][ T7939] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.537530][ T7939] 8021q: adding VLAN 0 to HW filter on device team0
[  226.618882][ T5208] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.626091][ T5208] bridge0: port 1(bridge_slave_0) entered forwarding state
[  226.682818][ T5208] bridge0: port 2(bridge_slave_1) entered blocking state
[  226.690036][ T5208] bridge0: port 2(bridge_slave_1) entered forwarding state
[  226.690401][ T2424] kworker/u8:8: attempt to access beyond end of device
[  226.690401][ T2424] loop4: rw=1, sector=3371, nr_sectors = 5376 limit=2048
[  226.776877][ T2424] kworker/u8:8: attempt to access beyond end of device
[  226.776877][ T2424] loop4: rw=1, sector=8747, nr_sectors = 464 limit=2048
[  226.922296][ T8117] loop0: detected capacity change from 0 to 32768
[  226.942869][ T8117] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (8117)
[  226.982822][ T8117] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  227.000634][ T8117] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  227.021352][ T8117] BTRFS info (device loop0): using free-space-tree
[  227.273138][ T7939] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.396763][ T7505] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  227.453459][ T5208] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  227.711435][ T7939] veth0_vlan: entered promiscuous mode
[  227.794644][ T5208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 0, changing to 7
[  227.968881][ T5208] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid wMaxPacketSize 0
[  228.140898][ T5208] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  228.189648][  T782] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  228.366983][ T5208] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  228.383051][ T7939] veth1_vlan: entered promiscuous mode
[  228.421702][ T5208] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.447436][ T5208] usb 3-1: config 0 descriptor??
[  228.487180][  T782] usb 5-1: device descriptor read/64, error -71
[  228.589692][ T7939] veth0_macvtap: entered promiscuous mode
[  228.626548][ T7939] veth1_macvtap: entered promiscuous mode
[  228.698896][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.728664][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.748858][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.779334][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.791883][  T782] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  228.792042][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.813053][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.830147][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.843870][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.861308][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.889292][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.904813][ T5208] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  228.929369][ T8172] loop3: detected capacity change from 0 to 8
[  228.930378][ T5208] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  228.943553][  T782] usb 5-1: device descriptor read/64, error -71
[  228.957909][ T7939] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.984423][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.001347][ T5208] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  229.016657][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.041282][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.047893][ T8170] SQUASHFS error: lzo decompression failed, data probably corrupt
[  229.057927][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.070147][ T8170] SQUASHFS error: Failed to read block 0x71: -5
[  229.070780][  T782] usb usb5-port1: attempt power cycle
[  229.088170][ T8170] SQUASHFS error: lzo decompression failed, data probably corrupt
[  229.090673][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.109614][ T8170] SQUASHFS error: Failed to read block 0x71: -5
[  229.112376][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.130803][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.149829][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.154847][   T29] audit: type=1800 audit(1718091944.649:183): pid=8170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz-executor.3" name="file0" dev="overlay" ino=3 res=0 errno=0
[  229.159957][ T7939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  229.193302][ T7939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.228801][ T7939] batman_adv: batadv0: Interface activated: batadv_slave_1
[  229.232009][ T5132] usb 3-1: USB disconnect, device number 5
[  229.272980][ T7939] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  229.292316][ T7939] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  229.301478][ T7939] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  229.316162][ T7939] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  229.525970][ T2424] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.544343][ T2424] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.572457][  T782] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  229.614689][  T782] usb 5-1: device descriptor read/8, error -71
[  229.633021][ T2424] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.657187][ T2424] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.678425][ T8174] loop0: detected capacity change from 0 to 256
[  229.734252][ T7241] SQUASHFS error: Unable to read directory block [1d0:22]
[  229.758766][ T7241] SQUASHFS error: Unable to read directory block [1d0:22]
[  229.759775][ T8174] FAT-fs (loop0): Directory bread(block 64) failed
[  229.777629][ T8174] FAT-fs (loop0): Directory bread(block 65) failed
[  229.784367][ T8174] FAT-fs (loop0): Directory bread(block 66) failed
[  229.791015][ T8174] FAT-fs (loop0): Directory bread(block 67) failed
[  229.798639][ T8174] FAT-fs (loop0): Directory bread(block 68) failed
[  229.811811][ T8174] FAT-fs (loop0): Directory bread(block 69) failed
[  229.818552][ T8174] FAT-fs (loop0): Directory bread(block 70) failed
[  229.840620][ T8174] FAT-fs (loop0): Directory bread(block 71) failed
[  229.840679][ T8178] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  229.848501][ T8174] FAT-fs (loop0): Directory bread(block 72) failed
[  229.868139][ T8174] FAT-fs (loop0): Directory bread(block 73) failed
[  229.905481][  T782] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  229.946574][  T782] usb 5-1: device descriptor read/8, error -71
[  230.083649][  T782] usb usb5-port1: unable to enumerate USB device
[  230.127717][ T8192] overlayfs: missing 'lowerdir'
[  230.141763][ T8192] overlayfs: workdir and upperdir must reside under the same mount
[  230.937877][ T8218] loop2: detected capacity change from 0 to 256
[  230.965504][ T8218] FAT-fs (loop2): Directory bread(block 64) failed
[  230.982249][ T8218] FAT-fs (loop2): Directory bread(block 65) failed
[  231.004044][ T8218] FAT-fs (loop2): Directory bread(block 66) failed
[  231.032580][ T8218] FAT-fs (loop2): Directory bread(block 67) failed
[  231.050462][ T8218] FAT-fs (loop2): Directory bread(block 68) failed
[  231.073998][ T8208] loop3: detected capacity change from 0 to 32768
[  231.081872][ T8218] FAT-fs (loop2): Directory bread(block 69) failed
[  231.112843][ T8208] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (8208)
[  231.126146][ T8218] FAT-fs (loop2): Directory bread(block 70) failed
[  231.133147][ T8218] FAT-fs (loop2): Directory bread(block 71) failed
[  231.150051][ T8218] FAT-fs (loop2): Directory bread(block 72) failed
[  231.159509][ T8218] FAT-fs (loop2): Directory bread(block 73) failed
[  231.168863][ T8208] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  231.191908][ T8208] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  231.200614][ T8208] BTRFS info (device loop3): using free-space-tree
[  231.235441][ T8226] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  231.346189][ T8208] BTRFS info (device loop3): rebuilding free space tree
[  231.579865][   T35] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  231.679833][ T8246] loop2: detected capacity change from 0 to 2048
[  231.707626][ T8246] udf: Bad value for 'anchor'
[  232.351265][ T7241] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  233.039675][ T8251] loop2: detected capacity change from 0 to 32768
[  233.395175][ T8260] loop2: detected capacity change from 0 to 2048
[  233.441463][ T8260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.450712][ T8279] netlink: 'syz-executor.0': attribute type 1 has an invalid length.
[  235.462566][ T8279] netlink: 113592 bytes leftover after parsing attributes in process `syz-executor.0'.
[  235.472853][ T8279] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'.
[  235.529613][ T8284] loop4: detected capacity change from 0 to 256
[  235.538436][ T8284] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  235.580951][ T8284] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 324)
[  235.600466][ T8284] FAT-fs (loop4): Filesystem has been set read-only
[  235.607518][ T8284] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 324)
[  235.631152][ T8284] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 324)
[  235.711826][ T5132] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  235.905148][ T5132] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 64, changing to 10
[  235.916965][ T5132] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  235.927217][ T5132] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  235.936622][ T5132] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.948371][ T8280] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  236.152053][    T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  236.174770][   T29] audit: type=1800 audit(1718091951.699:184): pid=8305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1966 res=0 errno=0
[  236.184478][ T8305] loop4: detected capacity change from 0 to 128
[  236.595448][ T7258] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.615999][ T8280] loop3: detected capacity change from 0 to 40427
[  236.624311][    T8] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  236.635316][ T8280] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  236.643137][ T8280] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  236.657451][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.668771][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.678941][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  236.697455][ T8280] F2FS-fs (loop3): Found nat_bits in checkpoint
[  236.738296][ T8280] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  236.754148][    T8] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  236.778580][    T8] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  236.779296][ T8311] loop1: detected capacity change from 0 to 4096
[  236.786754][    T8] usb 1-1: Manufacturer: syz
[  236.797130][ T8280] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  236.805981][ T8280] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  236.822788][    T8] usb 1-1: config 0 descriptor??
[  236.965329][ T8325] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  237.108483][ T8329] trusted_key: syz-executor.2 sent an empty control message without MSG_MORE.
[  237.895788][    T8] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  237.931872][   T29] audit: type=1804 audit(1718091953.419:185): pid=8333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3020687456/syzkaller.YXJDjs/7/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  237.960539][    T8] appleir 0003:05AC:8243.0005: No inputs registered, leaving
[  238.004769][    T8] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  238.028452][   T29] audit: type=1804 audit(1718091953.429:186): pid=8333 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir3020687456/syzkaller.YXJDjs/7/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  238.272541][ T8350] loop1: detected capacity change from 0 to 2048
[  238.303023][ T8353] loop2: detected capacity change from 0 to 2048
[  238.313396][ T8350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.328239][   T29] audit: type=1800 audit(1718091953.849:187): pid=8357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1967 res=0 errno=0
[  238.334115][ T8357] loop4: detected capacity change from 0 to 128
[  238.375810][ T8353]  loop2: p1 < p5 p6 p7 p8 p9 p10 p11 p12 p13 p14 p15 p16 p17 p18 p19 p20 p21 p22 p23 p24 p25 p26 p27 p28 p29 p30 p31 p32 p33 p34 p35 p36 p37 p38 p39 p40 p41 p42 p43 p44 p45 p46 p47 p48 p49 p50 p51 p52 p53 p54 p55 p56 p57 p58 p59 p60 p61 p62 p63 p64 p65 p66 p67 p68 p69 p70 p71 p72 p73 p74 p75 p76 p77 p78 p79 p80 p81 p82 p83 p84 p85 p86 p87 p88 p89 p90 p91 p92 p93 p94 p95 p96 p97 p98 p99 p100 p101 p102 p103 p104 p105 p106 p107 p108 p109 p110 p111 p112 p113 p114 p115 p116 p117 p118 p119 p120 p121 p122 p123 p124 p125 p126 p127 p128 p129 p130 p131 p132 p133 p134 p135 p136 p137 p138 p139 p140 p141 p142 p143 p144 p145 p146 p147 p148 p149 p150 p151 p152 p153 p154 p155 p156 p157 p158 p159 p160 p161 p162 p163 p164 p165 p166 p167 p168 p169 p170 p171 p172 p173 p174 p175 p176 p177 p178 p179 p180 p181 p182 p183 p184 p185 p186 p187 p188 p189 p190 p191 p192 p193 p194 p195 p196 p197 p198 p199 p200 p201 p202 p203 p204 p205 p206 p207 p208 p209 p210 p211 p212 p213 p214 p215 p216 p217 p218 p219 p220 p221 p222 p223 p224 p225 p22
[  238.790331][ T5132] usb 1-1: USB disconnect, device number 5
[  239.361566][  T782] usb 4-1: USB disconnect, device number 9
[  239.504822][ T8369] loop4: detected capacity change from 0 to 164
[  239.568918][ T8369] loop4: detected capacity change from 0 to 128
[  239.896646][ T8372] loop0: detected capacity change from 0 to 512
[  239.924891][ T8372] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  239.975063][ T8372] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it
[  239.997102][ T8372] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended
[  240.050171][ T8372] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  240.090411][ T8372] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #15: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino
[  240.141570][ T8372] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 15 (err -117)
[  240.168818][ T8372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.274018][ T8372] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  240.326341][ T8377] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  240.334134][ T8372] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it
[  240.358846][ T8377] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it
[  240.419626][ T8372] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended
[  240.479885][ T8377] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended
[  240.536800][ T8380] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  240.562546][ T8380] EXT4-fs warning (device loop0): dx_probe:880: Enable large directory feature to access it
[  240.573574][ T8380] EXT4-fs warning (device loop0): dx_probe:965: inode #2: comm syz-executor.0: Corrupt directory, running e2fsck is recommended
[  240.589287][ T8380] EXT4-fs warning (device loop0): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  240.605444][ T8380] EXT4-fs error (device loop0): ext4_find_dest_de:2066: inode #2: block 3: comm syz-executor.0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  240.746196][ T7505] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.774276][ T8386] loop3: detected capacity change from 0 to 256
[  240.817079][ T8386] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  240.984844][   T29] audit: type=1400 audit(1718091956.509:188): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F2630 pid=8393 comm="syz-executor.3"
[  241.364854][ T7939] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.518084][ T8410] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  241.583468][ T8410] overlayfs: failed to set xattr on upper
[  241.589416][ T8410] overlayfs: ...falling back to redirect_dir=nofollow.
[  241.631750][ T8410] overlayfs: ...falling back to index=off.
[  241.656156][ T8410] overlayfs: ...falling back to uuid=null.
[  241.706752][   T29] audit: type=1326 audit(1718091957.229:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  241.771711][   T29] audit: type=1326 audit(1718091957.229:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  241.795049][ T8390] loop4: detected capacity change from 0 to 32768
[  241.830670][ T8390] Only 4K block size supported!
[  241.874037][ T8390] Mount JFS Failure: -22
[  241.876676][   T29] audit: type=1326 audit(1718091957.229:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  241.878553][ T8390] jfs_mount failed w/return code = -22
[  241.958229][   T29] audit: type=1326 audit(1718091957.229:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.009957][   T29] audit: type=1326 audit(1718091957.229:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.079695][   T29] audit: type=1326 audit(1718091957.229:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.172005][   T29] audit: type=1326 audit(1718091957.229:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.231291][   T29] audit: type=1326 audit(1718091957.229:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.300733][   T29] audit: type=1326 audit(1718091957.229:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.367369][   T29] audit: type=1326 audit(1718091957.229:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8414 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=264 compat=0 ip=0x7fb0ce27cf69 code=0x7ffc0000
[  242.493360][ T8413] loop2: detected capacity change from 0 to 32768
[  242.507718][ T8413] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÿÿ" or missing value
[  242.509779][ T8412] loop0: detected capacity change from 0 to 32768
[  242.573538][ T8412] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (8412)
[  242.605772][ T8412] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  242.621891][ T8412] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  242.640966][ T8412] BTRFS info (device loop0): using free-space-tree
[  244.029694][ T7505] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  244.079269][ T8421] loop1: detected capacity change from 0 to 32768
[  244.117086][ T8421] btrfs: Deprecated parameter 'usebackuproot'
[  244.143628][ T8421] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  244.380535][ T8421] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (8421)
[  244.611857][   T51] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  244.704882][ T8421] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  244.745161][ T8421] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  244.779668][ T8467] loop3: detected capacity change from 0 to 128
[  244.953187][ T8421] BTRFS info (device loop1): rebuilding free space tree
[  244.965866][   T51] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  244.981752][   T51] usb 5-1: config 0 has no interfaces?
[  244.991761][   T51] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  245.011742][   T51] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.030059][   T51] usb 5-1: config 0 descriptor??
[  245.035664][ T8421] BTRFS info (device loop1): disabling free space tree
[  245.061795][ T8421] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  245.107418][ T8421] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  245.285209][ T8493] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  245.409009][ T8497] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  245.424786][ T8497] overlayfs: failed to set xattr on upper
[  245.441310][ T8476] loop2: detected capacity change from 0 to 32768
[  245.448283][ T8497] overlayfs: ...falling back to redirect_dir=nofollow.
[  245.470314][ T8497] overlayfs: ...falling back to index=off.
[  245.486206][ T8476] Only 4K block size supported!
[  245.496359][ T8497] overlayfs: ...falling back to uuid=null.
[  245.504618][ T8476] Mount JFS Failure: -22
[  245.523347][ T8476] jfs_mount failed w/return code = -22
[  245.659374][ T7939] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  246.504981][ T8500] loop3: detected capacity change from 0 to 32768
[  246.525721][ T8500] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÿÿ" or missing value
[  246.916605][ T8513] loop1: detected capacity change from 0 to 256
[  246.932039][  T782] usb 5-1: USB disconnect, device number 16
[  246.990599][ T8513] exfat: Deprecated parameter 'utf8'
[  247.101300][ T8513] exFAT-fs (loop1): failed to load upcase table (idx : 0x00017f3e, chksum : 0x0b83170a, utbl_chksum : 0xe619d30d)
[  247.143918][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  247.143935][   T29] audit: type=1326 audit(1718091962.669:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.195917][   T29] audit: type=1326 audit(1718091962.699:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.240840][   T29] audit: type=1326 audit(1718091962.699:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.311898][   T29] audit: type=1326 audit(1718091962.699:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.358138][   T29] audit: type=1326 audit(1718091962.709:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.407494][   T29] audit: type=1326 audit(1718091962.709:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.486285][   T29] audit: type=1326 audit(1718091962.709:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.556322][   T29] audit: type=1326 audit(1718091962.709:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.595124][   T29] audit: type=1326 audit(1718091962.709:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.613185][ T8536] syz-executor.1 uses obsolete (PF_INET,SOCK_PACKET)
[  247.638893][   T29] audit: type=1326 audit(1718091962.709:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8515 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b8927cf69 code=0x7ffc0000
[  247.670386][ T8536] netlink: 'syz-executor.1': attribute type 9 has an invalid length.
[  247.675757][ T8539] netlink: 'syz-executor.2': attribute type 2 has an invalid length.
[  247.699612][ T8536] netlink: 'syz-executor.1': attribute type 7 has an invalid length.
[  247.700986][ T8539] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  247.716892][ T8539] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  247.741888][ T5163] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  247.749756][ T8536] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
[  247.951746][ T5163] usb 4-1: Using ep0 maxpacket: 8
[  247.979466][ T5163] usb 4-1: config 252 has an invalid interface number: 75 but max is 0
[  248.001773][ T5163] usb 4-1: config 252 has no interface number 0
[  248.034697][ T5163] usb 4-1: New USB device found, idVendor=08e3, idProduct=0100, bcdDevice=7b.f1
[  248.070986][ T8557] loop4: detected capacity change from 0 to 512
[  248.080383][ T5163] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.092184][ T5163] usb 4-1: Product: syz
[  248.109628][ T5163] usb 4-1: Manufacturer: syz
[  248.115951][ T8557] EXT4-fs: Ignoring removed nomblk_io_submit option
[  248.119753][ T5163] usb 4-1: SerialNumber: syz
[  248.188196][ T8557] EXT4-fs (loop4): orphan cleanup on readonly fs
[  248.223583][ T8557] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor.4: bg 0: block 248: padding at end of block bitmap is not set
[  248.261495][ T8557] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz-executor.4: Failed to acquire dquot type 1
[  248.370441][ T8557] EXT4-fs (loop4): 1 truncate cleaned up
[  248.393955][ T8557] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  248.548219][ T5107] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.563413][ T5163] cxacru 4-1:252.75: usbatm_usb_probe: bind failed: -19!
[  248.583135][ T5163] usb 4-1: USB disconnect, device number 10
[  248.600328][ T8569] loop2: detected capacity change from 0 to 2048
[  248.631059][ T4489] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  248.648258][ T4489] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  248.666603][ T8569] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.677716][ T4489] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  248.699956][ T4489] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  248.722068][ T4489] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  248.733053][ T4489] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  248.824864][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.978133][ T8579] netlink: 'syz-executor.4': attribute type 9 has an invalid length.
[  248.996670][ T8579] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  249.015229][ T8579] netlink: 'syz-executor.4': attribute type 8 has an invalid length.
[  249.036088][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  249.159177][ T8562] loop0: detected capacity change from 0 to 32768
[  249.209643][ T8562] jfs_rename did not expect dtDelete to return rc = -2
[  249.226374][ T8562] ERROR: (device loop0): jfs_rename: 
[  249.226374][ T8562] 
[  249.243855][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.346534][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.411913][ T8589] loop3: detected capacity change from 0 to 256
[  250.450759][ T7258] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.614983][ T8589] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  250.812066][ T5119] Bluetooth: hci1: command tx timeout
[  251.077558][   T12] bridge_slave_1: left allmulticast mode
[  251.106968][   T12] bridge_slave_1: left promiscuous mode
[  251.129971][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.201398][   T12] bridge_slave_0: left allmulticast mode
[  251.223743][   T12] bridge_slave_0: left promiscuous mode
[  251.229559][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.476635][ T8581] loop4: detected capacity change from 0 to 32768
[  251.701498][ T8581] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  251.787159][ T8619] loop3: detected capacity change from 0 to 64
[  251.837548][ T8619] hfs: invalid catalog max_key_len 7
[  251.846243][ T8619] hfs: unable to open catalog tree
[  252.537117][ T8618] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'.
[  252.548160][ T8581] workqueue: Failed to create a rescuer kthread for wq "xfs-log/loop4": -EINTR
[  252.558607][ T8581] XFS (loop4): log mount failed
[  252.565536][ T8622] loop3: detected capacity change from 0 to 512
[  252.582430][ T8623] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.0'.
[  252.620651][ T8622] EXT4-fs: Ignoring removed nomblk_io_submit option
[  252.664464][ T8622] EXT4-fs (loop3): orphan cleanup on readonly fs
[  252.700353][ T8622] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 248: padding at end of block bitmap is not set
[  252.817491][ T8622] __quota_error: 42 callbacks suppressed
[  252.817507][ T8622] Quota error (device loop3): write_blk: dquota write failed
[  252.857448][ T8622] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  252.891422][ T8622] EXT4-fs error (device loop3): ext4_acquire_dquot:6858: comm syz-executor.3: Failed to acquire dquot type 1
[  252.915966][ T8622] EXT4-fs (loop3): 1 truncate cleaned up
[  252.919432][ T5119] Bluetooth: hci1: command tx timeout
[  252.957471][ T8622] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  253.110981][ T7241] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.245971][ T8632] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  253.264655][ T8632] overlayfs: failed to set xattr on upper
[  253.271701][ T8632] overlayfs: ...falling back to redirect_dir=nofollow.
[  253.279993][ T8632] overlayfs: ...falling back to index=off.
[  253.294567][ T8632] overlayfs: ...falling back to uuid=null.
[  253.295041][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  253.325276][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  253.338243][   T12] bond0 (unregistering): Released all slaves
[  253.418568][ T8571] chnl_net:caif_netlink_parms(): no params data found
[  253.499998][ T8635] loop2: detected capacity change from 0 to 128
[  253.584091][ T8639] loop4: detected capacity change from 0 to 64
[  253.973876][ T8633] loop3: detected capacity change from 0 to 32768
[  253.988122][ T8633] jfs: Unrecognized mount option "ÿÿÿÿÿÿÿÿÿÿÿÿ" or missing value
[  254.005548][ T8571] bridge0: port 1(bridge_slave_0) entered blocking state
[  254.038198][ T8571] bridge0: port 1(bridge_slave_0) entered disabled state
[  254.064443][ T8571] bridge_slave_0: entered allmulticast mode
[  254.087310][ T8571] bridge_slave_0: entered promiscuous mode
[  254.285894][ T8571] bridge0: port 2(bridge_slave_1) entered blocking state
[  254.311147][ T8571] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.335195][ T8571] bridge_slave_1: entered allmulticast mode
[  254.355973][ T8571] bridge_slave_1: entered promiscuous mode
[  254.370797][ T8655] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  254.558708][   T29] audit: type=1800 audit(1718091970.079:261): pid=8665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  254.693054][ T8667] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  254.716784][   T12] hsr_slave_0: left promiscuous mode
[  254.733574][   T12] hsr_slave_1: left promiscuous mode
[  254.752823][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  254.761778][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  254.772952][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.781064][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.814219][ T8672] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.3'.
[  254.833436][   T12] veth1_macvtap: left promiscuous mode
[  254.849162][   T12] veth0_macvtap: left promiscuous mode
[  254.857972][   T12] veth1_vlan: left promiscuous mode
[  254.868580][   T12] veth0_vlan: left promiscuous mode
[  254.972022][ T5119] Bluetooth: hci1: command tx timeout
[  255.430164][ T8671] loop0: detected capacity change from 0 to 32768
[  255.576463][ T8671] jfs_strtoUCS: char2uni returned -36.
[  255.593546][ T8671] charset = cp932, char = 0xe6
[  255.918846][   T12] team0 (unregistering): Port device team_slave_1 removed
[  256.023916][   T12] team0 (unregistering): Port device team_slave_0 removed
[  256.101536][ T1248] ieee802154 phy0 wpan0: encryption failed: -22
[  256.108365][ T1248] ieee802154 phy1 wpan1: encryption failed: -22
[  256.581496][ T8571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.620181][ T8678] pimreg: entered allmulticast mode
[  256.650600][ T8571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.654020][ T8686] loop4: detected capacity change from 0 to 512
[  256.681334][ T8686] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  256.778968][ T8686] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz-executor.4: bg 0: block 248: padding at end of block bitmap is not set
[  256.805442][ T8571] team0: Port device team_slave_0 added
[  256.838446][ T8571] team0: Port device team_slave_1 added
[  256.876749][ T8686] Quota error (device loop4): write_blk: dquota write failed
[  256.897137][ T8686] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  256.930143][ T8686] EXT4-fs error (device loop4): ext4_acquire_dquot:6858: comm syz-executor.4: Failed to acquire dquot type 1
[  256.999581][ T8571] batman_adv: batadv0: Adding interface: batadv_slave_0
[  257.018481][ T8686] EXT4-fs (loop4): 1 truncate cleaned up
[  257.024605][ T8571] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.060287][ T5119] Bluetooth: hci1: command tx timeout
[  257.062986][ T8686] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  257.100286][ T8571] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  257.124839][ T8686] ext4 filesystem being mounted at /root/syzkaller-testdir1982421966/syzkaller.7g4GTq/309/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.191096][ T8571] batman_adv: batadv0: Adding interface: batadv_slave_1
[  257.219015][ T8571] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  257.281992][ T8571] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  257.338883][ T8686] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  257.361409][ T8711] loop2: detected capacity change from 0 to 2048
[  257.397702][ T8711] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.477813][ T8571] hsr_slave_0: entered promiscuous mode
[  257.493007][ T5107] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.512091][ T8571] hsr_slave_1: entered promiscuous mode
[  257.618883][ T8715] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  257.725555][ T8717] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.4'.
[  257.968383][ T8705] loop0: detected capacity change from 0 to 32768
[  258.057135][ T8705] jfs_rename did not expect dtDelete to return rc = -2
[  258.075085][ T8705] ERROR: (device loop0): jfs_rename: 
[  258.075085][ T8705] 
[  258.298200][ T7258] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.683987][ T8571] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  258.763482][ T8571] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  258.842070][ T8571] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  258.859644][ T8571] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  258.875509][ T8733] overlay: Unknown parameter 'appraise'
[  258.990210][ T8739] loop0: detected capacity change from 0 to 2048
[  259.070046][ T8739] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  259.114137][ T8739] netlink: 'syz-executor.0': attribute type 5 has an invalid length.
[  259.132138][ T5119] Bluetooth: hci1: command tx timeout
[  259.313397][ T8753] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  259.402858][ T8571] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.548005][ T8571] 8021q: adding VLAN 0 to HW filter on device team0
[  259.605265][ T5161] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.612469][ T5161] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.712631][ T5161] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.719792][ T5161] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.941290][ T8782] loop2: detected capacity change from 0 to 512
[  260.004210][ T8782] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.026580][ T8782] ext4 filesystem being mounted at /root/syzkaller-testdir2632439477/syzkaller.EHZSFJ/109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.552964][ T7258] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.589604][ T8571] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.720442][   T29] audit: type=1326 audit(1718091976.239:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8803 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdec9c7cf69 code=0x0
[  260.866383][ T8571] veth0_vlan: entered promiscuous mode
[  261.032284][ T8571] veth1_vlan: entered promiscuous mode
[  261.121839][ T8816] loop0: detected capacity change from 0 to 64
[  261.146526][ T8816] hfs: invalid catalog max_key_len 7
[  261.152449][ T8816] hfs: unable to open catalog tree
[  262.732919][ T8571] veth0_macvtap: entered promiscuous mode
[  262.794093][ T8827] loop0: detected capacity change from 0 to 512
[  262.838930][ T8571] veth1_macvtap: entered promiscuous mode
[  262.848522][ T8827] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.902003][ T8827] ext4 filesystem being mounted at /root/syzkaller-testdir122553832/syzkaller.DYZmCe/65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.005401][ T8836] loop4: detected capacity change from 0 to 64
[  263.115349][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.149573][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.165020][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.177877][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.191847][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.212596][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.230802][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.241867][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.256844][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  263.267572][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.284035][ T8571] batman_adv: batadv0: Interface activated: batadv_slave_0
[  263.320370][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.341929][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.343063][ T7505] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.372730][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.383593][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.394299][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.410730][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.426014][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.437853][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.448784][ T8571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  263.481966][ T8571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  263.494382][ T8571] batman_adv: batadv0: Interface activated: batadv_slave_1
[  263.603532][ T8571] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.623523][ T8571] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  263.643467][ T8571] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.660141][ T8571] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.900426][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.910673][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.975039][ T2398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.000751][ T2398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.617784][ T8898] loop2: detected capacity change from 0 to 128
[  264.628772][ T8897] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.3'.
[  264.933137][ T8913] loop4: detected capacity change from 0 to 256
[  264.944116][ T8913] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  264.972027][ T4489] Bluetooth: hci4: command 0x0406 tx timeout
[  265.025474][ T8913] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  265.160247][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  265.190776][   T29] audit: type=1804 audit(1718091980.709:263): pid=8913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1982421966/syzkaller.7g4GTq/333/file0/bus" dev="loop4" ino=1048749 res=1 errno=0
[  265.471243][ T8944] loop1: detected capacity change from 0 to 128
[  265.733940][   T29] audit: type=1804 audit(1718091981.259:264): pid=8961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/file0/file0/root/syzkaller-testdir2048468296/syzkaller.uSdTa0/137/bus" dev="sda1" ino=1956 res=1 errno=0
[  265.962028][    T8] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  266.164951][    T8] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  266.190734][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.329049][    T8] usb 3-1: config 0 descriptor??
[  266.344496][    T8] cp210x 3-1:0.0: cp210x converter detected
[  266.483726][   T29] audit: type=1326 audit(1718091981.999:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8975 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f17f467cf69 code=0x0
[  266.827759][    T8] usb 3-1: cp210x converter now attached to ttyUSB0
[  267.051467][    T8] usb 3-1: USB disconnect, device number 6
[  267.061497][    T8] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  267.118963][    T8] cp210x 3-1:0.0: device disconnected
[  267.306410][ T8996] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[  267.500618][ T9003] loop1: detected capacity change from 0 to 256
[  267.568013][ T9003] FAT-fs (loop1): Directory bread(block 64) failed
[  267.583911][ T9005] loop0: detected capacity change from 0 to 128
[  267.592002][ T9003] FAT-fs (loop1): Directory bread(block 65) failed
[  267.606413][ T9003] FAT-fs (loop1): Directory bread(block 66) failed
[  267.623118][ T9005] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  267.651390][ T9003] FAT-fs (loop1): Directory bread(block 67) failed
[  267.658405][ T9003] FAT-fs (loop1): Directory bread(block 68) failed
[  267.665776][ T9003] FAT-fs (loop1): Directory bread(block 69) failed
[  267.678036][ T9005] ext4 filesystem being mounted at /root/syzkaller-testdir122553832/syzkaller.DYZmCe/80/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  267.701955][ T9003] FAT-fs (loop1): Directory bread(block 70) failed
[  267.726495][ T9003] FAT-fs (loop1): Directory bread(block 71) failed
[  267.739768][ T9003] FAT-fs (loop1): Directory bread(block 72) failed
[  267.752069][ T9003] FAT-fs (loop1): Directory bread(block 73) failed
[  267.995170][ T7505] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  268.197038][ T9029] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.2'.
[  268.346370][ T9032] sctp: [Deprecated]: syz-executor.3 (pid 9032) Use of int in max_burst socket option.
[  268.346370][ T9032] Use struct sctp_assoc_value instead
[  268.373256][ T9035] netlink: 'syz-executor.2': attribute type 9 has an invalid length.
[  268.383788][ T9035] netlink: 'syz-executor.2': attribute type 7 has an invalid length.
[  268.399538][ T9035] netlink: 'syz-executor.2': attribute type 8 has an invalid length.
[  268.716203][ T9056] loop0: detected capacity change from 0 to 512
[  268.756349][ T9057] loop4: detected capacity change from 0 to 256
[  268.771239][ T9056] EXT4-fs (loop0): Test dummy encryption mode enabled
[  268.780128][ T9057] exfat: Deprecated parameter 'utf8'
[  268.805072][ T9056] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2234: inode #12: comm syz-executor.0: corrupted in-inode xattr: invalid ea_ino
[  268.836032][ T9056] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 12 (err -117)
[  268.870348][ T9057] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xba7df490, utbl_chksum : 0xe619d30d)
[  268.873076][ T9056] EXT4-fs (loop0): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.968770][ T9069] €: renamed from bond0 (while UP)
[  268.994205][ T9066] sctp: [Deprecated]: syz-executor.2 (pid 9066) Use of int in max_burst socket option.
[  268.994205][ T9066] Use struct sctp_assoc_value instead
[  269.124028][ T9056] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  269.258111][    T8] IPVS: starting estimator thread 0...
[  269.285863][ T7505] EXT4-fs (loop0): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  269.362052][ T9084] IPVS: using max 25 ests per chain, 60000 per kthread
[  269.494155][ T9089] loop0: detected capacity change from 0 to 256
[  269.777208][ T9098] loop0: detected capacity change from 0 to 4096
[  269.794707][ T9098] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  269.895049][   T29] audit: type=1800 audit(1718091985.419:266): pid=9098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=33 res=0 errno=0
[  270.244301][ T9118] loop0: detected capacity change from 0 to 512
[  270.286927][ T9118] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.316849][ T9118] ext4 filesystem being mounted at /root/syzkaller-testdir122553832/syzkaller.DYZmCe/90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.505540][ T7505] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.848297][ T5161] IPVS: starting estimator thread 0...
[  270.966471][ T9131] loop2: detected capacity change from 0 to 32768
[  271.073737][ T9149] IPVS: using max 21 ests per chain, 50400 per kthread
[  271.307097][ T9131] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  271.748466][ T9162] loop1: detected capacity change from 0 to 512
[  271.849937][ T9131] XFS (loop2): Ending clean mount
[  271.865449][ T9162] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent
[  272.029724][ T9170] loop4: detected capacity change from 0 to 1024
[  272.068271][ T9170] EXT4-fs (loop4): stripe (205) is not aligned with cluster size (16), stripe is disabled
[  272.182419][ T9170] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.312896][ T7258] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  272.361389][ T9194] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8
[  272.388334][ T9198] input: syz1 as /devices/virtual/input/input11
[  272.493007][ T9202] loop1: detected capacity change from 0 to 128
[  272.524813][ T9202] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  272.661840][    T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  272.683302][ T8571] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  272.884490][    T8] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 64, changing to 10
[  272.915558][    T8] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  272.933553][    T8] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  272.959292][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.995210][ T9196] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  273.115801][ T5107] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.631154][ T9196] loop0: detected capacity change from 0 to 40427
[  273.643700][ T9196] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  273.651478][ T9196] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  273.745526][ T9196] F2FS-fs (loop0): Found nat_bits in checkpoint
[  273.779936][ T9224] openvswitch: netlink: nsh attr 1 has unexpected len 0 expected 8
[  273.785743][ T9196] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  273.821615][ T9196] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  273.829316][ T9196] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  274.168655][ T9231] loop4: detected capacity change from 0 to 256
[  274.493409][ T9234] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  275.040406][ T9215] loop1: detected capacity change from 0 to 40427
[  275.075195][ T9215] F2FS-fs (loop1): Found nat_bits in checkpoint
[  275.156387][ T9243] IPv6: sit1: Disabled Multicast RS
[  275.243549][ T9215] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  275.422301][ T8571] syz-executor.1: attempt to access beyond end of device
[  275.422301][ T8571] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  275.483304][ T8571] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  275.528779][ T9254] loop4: detected capacity change from 0 to 512
[  275.946709][ T9254] EXT4-fs (loop4): blocks per group (71) and clusters per group (20800) inconsistent
[  276.222887][ T9259] nfs4: Unknown parameter '/proc/bus/input/devices'
[  276.384540][ T5163] usb 1-1: USB disconnect, device number 6
[  276.888249][   T29] audit: type=1326 audit(276.843:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9281 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff51327cf69 code=0x0
[  278.232019][ T5161] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  278.429273][ T5161] usb 5-1: Using ep0 maxpacket: 16
[  278.447259][ T5161] usb 5-1: config 55 has an invalid descriptor of length 0, skipping remainder of the config
[  278.485394][ T5161] usb 5-1: config 55 has 0 interfaces, different from the descriptor's value: 3
[  278.528766][ T5161] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  278.561571][ T5161] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.597431][ T5161] usb 5-1: Product: syz
[  278.615427][ T5161] usb 5-1: Manufacturer: syz
[  278.633996][ T5161] usb 5-1: SerialNumber: syz
[  278.888445][ T5161] usb 5-1: USB disconnect, device number 17
[  279.316453][ T9331] loop0: detected capacity change from 0 to 64
[  279.350007][ T9329] loop2: detected capacity change from 0 to 8192
[  279.800980][ T9344] Bluetooth: MGMT ver 1.23
[  280.103192][ T9358] Bluetooth: MGMT ver 1.23
[  280.192487][ T9361] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  280.236319][ T9361] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  280.373278][ T9363] loop2: detected capacity change from 0 to 8192
[  280.725949][ T9376] loop4: detected capacity change from 0 to 1024
[  281.523615][ T9381] loop1: detected capacity change from 0 to 256
[  281.646197][ T9381] FAT-fs (loop1): Directory bread(block 64) failed
[  281.671789][ T9381] FAT-fs (loop1): Directory bread(block 65) failed
[  281.688635][ T9381] FAT-fs (loop1): Directory bread(block 66) failed
[  281.702026][ T9381] FAT-fs (loop1): Directory bread(block 67) failed
[  281.726301][ T9381] FAT-fs (loop1): Directory bread(block 68) failed
[  281.756150][ T9381] FAT-fs (loop1): Directory bread(block 69) failed
[  281.791931][ T9381] FAT-fs (loop1): Directory bread(block 70) failed
[  281.798521][ T9381] FAT-fs (loop1): Directory bread(block 71) failed
[  281.820796][ T9381] FAT-fs (loop1): Directory bread(block 72) failed
[  281.837768][ T9381] FAT-fs (loop1): Directory bread(block 73) failed
[  282.284630][ T9405] loop4: detected capacity change from 0 to 8192
[  282.506199][ T9388] loop2: detected capacity change from 0 to 40427
[  282.549712][ T9388] F2FS-fs (loop2): Found nat_bits in checkpoint
[  282.649870][ T9390] loop0: detected capacity change from 0 to 32768
[  282.670093][ T9388] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  282.712062][ T9390] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  282.861871][ T5158] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  282.879985][ T7258] syz-executor.2: attempt to access beyond end of device
[  282.879985][ T7258] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  282.918081][ T9390] XFS (loop0): Ending clean mount
[  282.964224][ T7258] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  283.002100][ T9439] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  283.102945][ T9440] fuse: Bad value for 'fd'
[  283.195447][   T35] ------------[ cut here ]------------
[  283.201563][   T35] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[  283.212000][   T35] WARNING: CPU: 0 PID: 35 at net/mac80211/rate.c:385 __rate_control_send_low+0x659/0x890
[  283.212040][   T35] Modules linked in:
[  283.212067][   T35] CPU: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.10.0-rc3-next-20240611-syzkaller #0
[  283.212089][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  283.212106][   T35] Workqueue: events_unbound cfg80211_wiphy_work
[  283.212133][   T35] RIP: 0010:__rate_control_send_low+0x659/0x890
[  283.212157][   T35] Code: 8b 14 24 0f 85 de 01 00 00 8b 0a 48 c7 c7 20 0f e2 8c 48 8b 74 24 10 44 89 f2 44 8b 44 24 1c 44 8b 4c 24 0c e8 e8 1b 59 f6 90 <0f> 0b 90 90 e9 71 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c db
[  283.212174][   T35] RSP: 0018:ffffc90000ab74c0 EFLAGS: 00010246
[  283.212190][   T35] RAX: 6253f414fa599300 RBX: 000000000000000c RCX: ffff88801b6abc00
[  283.212206][   T35] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  283.212218][   T35] RBP: ffff88805cd508e8 R08: ffffffff81552c42 R09: fffffbfff1c39b10
[  283.212234][   T35] R10: dffffc0000000000 R11: fffffbfff1c39b10 R12: 0000000000000800
[  283.212248][   T35] R13: 000000000000000c R14: 00000000ffffffff R15: dffffc0000000000
[  283.212263][   T35] FS:  0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
[  283.212281][   T35] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  283.212295][   T35] CR2: 0000001b32b2a000 CR3: 000000007f3fa000 CR4: 00000000003506f0
[  283.212311][   T35] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  283.212324][   T35] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  283.212337][   T35] Call Trace:
[  283.212345][   T35]  <TASK>
[  283.212354][   T35]  ? __warn+0x168/0x4e0
[  283.212380][   T35]  ? __rate_control_send_low+0x659/0x890
[  283.212408][   T35]  ? report_bug+0x2b3/0x500
[  283.212432][   T35]  ? __rate_control_send_low+0x659/0x890
[  283.212461][   T35]  ? handle_bug+0x3e/0x70
1970/01/01 00:04:43 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  283.212481][   T35]  ? exc_invalid_op+0x1a/0x50
[  283.212501][   T35]  ? asm_exc_invalid_op+0x1a/0x20
[  283.212529][   T35]  ? __warn_printk+0x292/0x360
[  283.212564][   T35]  ? __rate_control_send_low+0x659/0x890
[  283.212606][   T35]  rate_control_send_low+0x1a8/0x770
[  283.212636][   T35]  rate_control_get_rate+0x20e/0x5e0
[  283.212669][   T35]  ieee80211_tx_h_rate_ctrl+0xc88/0x1a10
[  283.212694][   T35]  ? __pfx_validate_chain+0x10/0x10
[  283.212738][   T35]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  283.212782][   T35]  invoke_tx_handlers_late+0xb3/0x18e0
[  283.212815][   T35]  ? invoke_tx_handlers_early+0xa0d/0x1f40
[  283.212840][   T35]  ? ieee80211_skb_resize+0x58/0x650
[  283.212874][   T35]  ieee80211_tx+0x2e3/0x470
[  283.212898][   T35]  ? __pfx_ieee80211_tx+0x10/0x10
[  283.212942][   T35]  ? ieee80211_xmit+0x30f/0x3f0
[  283.212971][   T35]  ? __ieee80211_tx_skb_tid_band+0x49e/0x610
[  283.212995][   T35]  __ieee80211_tx_skb_tid_band+0x4e2/0x610
[  283.213028][   T35]  ieee80211_handle_roc_started+0x267/0x440
[  283.213051][   T35]  ? ieee80211_handle_roc_started+0x14f/0x440
[  283.213080][   T35]  _ieee80211_start_next_roc+0x7a1/0xb00
[  283.213114][   T35]  cfg80211_wiphy_work+0x2db/0x490
[  283.213144][   T35]  ? process_scheduled_works+0x945/0x1830
[  283.213166][   T35]  process_scheduled_works+0xa2c/0x1830
[  283.213221][   T35]  ? __pfx_process_scheduled_works+0x10/0x10
[  283.213255][   T35]  ? assign_work+0x364/0x3d0
[  283.213283][   T35]  worker_thread+0x86d/0xd50
[  283.213321][   T35]  ? __kthread_parkme+0x169/0x1d0
[  283.213350][   T35]  ? __pfx_worker_thread+0x10/0x10
[  283.213371][   T35]  kthread+0x2f0/0x390
[  283.213395][   T35]  ? __pfx_worker_thread+0x10/0x10
[  283.213416][   T35]  ? __pfx_kthread+0x10/0x10
[  283.213441][   T35]  ret_from_fork+0x4b/0x80
[  283.213465][   T35]  ? __pfx_kthread+0x10/0x10
[  283.213489][   T35]  ret_from_fork_asm+0x1a/0x30
[  283.213533][   T35]  </TASK>
[  283.213542][   T35] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  283.580873][   T35] CPU: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.10.0-rc3-next-20240611-syzkaller #0
[  283.590408][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  283.600454][   T35] Workqueue: events_unbound cfg80211_wiphy_work
[  283.606701][   T35] Call Trace:
[  283.609971][   T35]  <TASK>
[  283.612899][   T35]  dump_stack_lvl+0x241/0x360
[  283.617574][   T35]  ? __pfx_dump_stack_lvl+0x10/0x10
[  283.622771][   T35]  ? __pfx__printk+0x10/0x10
[  283.627363][   T35]  ? vscnprintf+0x5d/0x90
[  283.631690][   T35]  panic+0x349/0x870
[  283.635582][   T35]  ? __warn+0x177/0x4e0
[  283.639733][   T35]  ? __pfx_panic+0x10/0x10
[  283.644154][   T35]  ? ret_from_fork_asm+0x1a/0x30
[  283.649105][   T35]  __warn+0x34b/0x4e0
[  283.653082][   T35]  ? __rate_control_send_low+0x659/0x890
[  283.658710][   T35]  report_bug+0x2b3/0x500
[  283.663035][   T35]  ? __rate_control_send_low+0x659/0x890
[  283.668663][   T35]  handle_bug+0x3e/0x70
[  283.672809][   T35]  exc_invalid_op+0x1a/0x50
[  283.677303][   T35]  asm_exc_invalid_op+0x1a/0x20
[  283.682146][   T35] RIP: 0010:__rate_control_send_low+0x659/0x890
[  283.688403][   T35] Code: 8b 14 24 0f 85 de 01 00 00 8b 0a 48 c7 c7 20 0f e2 8c 48 8b 74 24 10 44 89 f2 44 8b 44 24 1c 44 8b 4c 24 0c e8 e8 1b 59 f6 90 <0f> 0b 90 90 e9 71 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c db
[  283.708001][   T35] RSP: 0018:ffffc90000ab74c0 EFLAGS: 00010246
[  283.714067][   T35] RAX: 6253f414fa599300 RBX: 000000000000000c RCX: ffff88801b6abc00
[  283.722032][   T35] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  283.729992][   T35] RBP: ffff88805cd508e8 R08: ffffffff81552c42 R09: fffffbfff1c39b10
[  283.737956][   T35] R10: dffffc0000000000 R11: fffffbfff1c39b10 R12: 0000000000000800
[  283.745918][   T35] R13: 000000000000000c R14: 00000000ffffffff R15: dffffc0000000000
[  283.753973][   T35]  ? __warn_printk+0x292/0x360
[  283.758757][   T35]  rate_control_send_low+0x1a8/0x770
[  283.764038][   T35]  rate_control_get_rate+0x20e/0x5e0
[  283.769328][   T35]  ieee80211_tx_h_rate_ctrl+0xc88/0x1a10
[  283.774953][   T35]  ? __pfx_validate_chain+0x10/0x10
[  283.780156][   T35]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  283.786234][   T35]  invoke_tx_handlers_late+0xb3/0x18e0
[  283.791700][   T35]  ? invoke_tx_handlers_early+0xa0d/0x1f40
[  283.797501][   T35]  ? ieee80211_skb_resize+0x58/0x650
[  283.802783][   T35]  ieee80211_tx+0x2e3/0x470
[  283.807299][   T35]  ? __pfx_ieee80211_tx+0x10/0x10
[  283.812511][   T35]  ? ieee80211_xmit+0x30f/0x3f0
[  283.817357][   T35]  ? __ieee80211_tx_skb_tid_band+0x49e/0x610
[  283.823333][   T35]  __ieee80211_tx_skb_tid_band+0x4e2/0x610
[  283.829138][   T35]  ieee80211_handle_roc_started+0x267/0x440
[  283.835022][   T35]  ? ieee80211_handle_roc_started+0x14f/0x440
[  283.841082][   T35]  _ieee80211_start_next_roc+0x7a1/0xb00
[  283.846710][   T35]  cfg80211_wiphy_work+0x2db/0x490
[  283.851822][   T35]  ? process_scheduled_works+0x945/0x1830
[  283.857530][   T35]  process_scheduled_works+0xa2c/0x1830
[  283.863091][   T35]  ? __pfx_process_scheduled_works+0x10/0x10
[  283.869069][   T35]  ? assign_work+0x364/0x3d0
[  283.873654][   T35]  worker_thread+0x86d/0xd50
[  283.878257][   T35]  ? __kthread_parkme+0x169/0x1d0
[  283.883276][   T35]  ? __pfx_worker_thread+0x10/0x10
[  283.888379][   T35]  kthread+0x2f0/0x390
[  283.892442][   T35]  ? __pfx_worker_thread+0x10/0x10
[  283.897545][   T35]  ? __pfx_kthread+0x10/0x10
[  283.902129][   T35]  ret_from_fork+0x4b/0x80
[  283.906537][   T35]  ? __pfx_kthread+0x10/0x10
[  283.911121][   T35]  ret_from_fork_asm+0x1a/0x30
[  283.915897][   T35]  </TASK>
[  283.919015][   T35] Kernel Offset: disabled
[  283.923422][   T35] Rebooting in 86400 seconds..