last executing test programs:

11.154397573s ago: executing program 4 (id=558):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40040, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x26)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, 0x0)

11.059292616s ago: executing program 4 (id=560):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000180)='./bus\x00', 0x0, &(0x7f0000000440), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='.\x02\x00', 0x4)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x604, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x8}}, 0x20)

7.390230286s ago: executing program 4 (id=568):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f0000000200)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead", 0x51}, {&(0x7f0000000380)="0e592c7f441b547636e705fbd90d76a4fbc17445da0bcd0b66bfd8c9e196c3ae0aacd0bc3418574c9717cc74a6eba99a72a38151c68fa023192b643cd63560d9725752a3196861a3138e3b170932302b10a1993028d4430430cde98d9b7210b5746598ba7e8295f262fec4657430997d0aea3d02b53ef52632b40d9b279f087c0903f13072377a9cef9bcb", 0x8b}, {&(0x7f0000000700)="6f8f1017b5aa786ba8d6625784fd9ece27dd6764ef251d12e1d3383453850cabd6c438f1e9725d18c4b8d8904d4b27e080563f9ed783d237e2ef1d0ce698680a10ed224fd5ec210c1f382c882961c4c7023e0fe744b8bb96557b7ff9fd95a1da96c3cd54be4a0393ccaf2432558a8a7ba8594042996e268b20ac5e7a19cd2d06beb3e6a43a772ece35aac0c5f824ad8f4c968ae1b2b950add02b58d5cafb7e43c12099ae0036ea2ef242a6322d289bf87f503b69cacca2f519b0d5c1eee499f03332f313c4a178db1c32f1bf967aad43924e0e910a6b27c6d201c14657ef82837aa63c0069b9fb65e8f953c1c29ca46b5c3551e07dba223a0b5171ef60b4f06eb195b7beea1b3f6793280bac61399118834066a2e27fa0f1f54884aca4e7e0ec0f74a612e007ca45558f85d7cbe94eaa6aa0cab359d6392c86dbbd0e29675b1f0566a623648b64c3e6151c825d970bd392b2be873eb7bfc67824518106465bfefccf33aab380ffd648417ce7b07678c5f3e75aecb2d38a2af12be1d6522abe3045ce6ff787d4d8b46512a61ced463d4c034fded3a8a144cc0fe9e22348ffb6164b5ccdfe70d31dcfbaf707df436cb6ea0a171a52051685633811869593bf094ba092d2880d3255b89876e4d0111f75b07b428c209209bdcc51521af7ba708723e88d1083d7e576f5d239c19a0f3986453184530cbd9ed252b27f101f3668874d05cfd8d3314449c35e257cd52b36e9514823ec0a620383a10aa6b746c46a6cc14493e2ffd20a54e3f625156d39405af0a183d93ecc5e896037b78d4a3d3f1ae728758b07b60f152f53b990caa95006639c0f699854d7c3df60d6b0e71414f87a62a3c97332b722679cdb7bd67ea41482dc643322d0d193e1a98175d06dbc224f8a2bd8435f0fec4fe3cabc2f227a0b3e86846c467a5a0cbaa4821e8cb555514e39269eb3bfcaad63043c710b850cc7b9545a4411b62c6a724a3af00575e4474cadd76bd89d09aa51135c44db1f1e3bb1a4e1d56bf733bd7565f6f1fd9d3f26346361e6c698c1d7f2771217131b67ffd3b9726fc23d279246212a0e8b968e7c4765cb325342a8ccc59558b13e48d260079e4138a39fd43a637333e66bb9c4271d833b36b1abdadea0d3fc654ec071aefe105224ec6afad127e5b76c6d5dbcc3d497dd8443f8c8c471598b7950e6e2ab761c795508c1d94a2080c4a8f07e99bfb7f953ce53b3933e56076b821221a62c7bbbc945abf2d2a818af218720be5f9023f6827614299a17e8702f5840babb668cef54df321a983c732ba0d8e5967d9a11a52ca8d1d2df1ef3d0c0057c23c028e300f8aedd6b7e90268756bd7851e00ac4888705f892b503b3b4c722a17ceeaa3a3407c41dac27349b7cf4339706dd4e818013d85c3fcfe823870b13de44db8c2a8342348f67dc8de6db59356012d27e4b308771df965af64d3e290a52f84c78865f7f1d3769c70b04d61bee45fe511d019a70c946d6f48dd2d95803f88b2e75a25f0f5cc8ba68a730f2edf320be4795968c20d6fcd2e1efa460a6517ca6e401f558eaea41e1cb1b76f06aaab0b96e30b146f54c874c0b9da845fd99d42768eb08dbe55d3157373448fdbfb1477d8d67710f9dc818b646b69e3ec58fc160184f32a7d0c04372b3fa4fa0fe799680d4a28e017b5b95412fc88f2cbb6b81369ce136210fc4fca895be7ec980a819901c3a8b86ca6be0948de62c01032c3c1d6662e628bbaad5c92597ac3429978f5d9e3e34660d4b232d9877176539235611121cd406ed5a53b64c8a8da6a697c8339529c65021f6f459153f91234d65bb6cda8bd3a57499270c01cd41882f2e80373f99265ecb58ba4113181e611bf70d633a02c2e270dbc17a9469f2c8ca56a137b163d90446d6f48a915b1e420a010f88be1a4f09fbe31324642710ce6f32e80a222c67c18b3d2ceaae90b0cfa2a8f2831a76cef27e99ec5c866e11db2c6853994e866e431297090b36d70844630e71b92b8c77c3348a3312886d9c56aa32ec7d24ece60f2b14b90b372554da1a4f60782c4bbf0857831d6f8b504853d5acea1bf554da89ef637890e6ecc6e94b93c9bfbd97f654cc755eb33da6964e8923ea9bad8a59689ecfd470e00e07dc8d6a514ac42a2e88453f65bc690ba2b83e1eb9d4ab23c100aebe2c32d43f5a4dab23bb885c792abefefe6172ea3bc7e8e0c5b79b779e135aab6c2bdd0fb48108aad0aa6fe17ace2e22e805e275af951395b2feebb1bb83d6bacc1b9163b7f1fedba89b7cc3dbe61b39d63ed017783678786a13e107094ad67adb7a6d1ab2663ad9c12b3483a88be7dec3a7f4f5b367ccbde8a644a11c113ebcc56fe1e959476ade24f3820ef1e57ea0db5172b367caf63883ccb84ec218989a305c14012cce43a827d9d17e1a45d1f96df68426ae16be84cb09cfa8dd92b455dfd0280c339645eda9d35307fe2fc0e720bbafc52fe9859a931056272ea6941de42ca569dce55bdd4a8402ebe0312929e242876a30af065623ea26ed532ca9e4db809584f9385e23c05456b5e144d0c4aa67c2f05208dbf5c4b4d7c3e8fff42ade93ef59173dca141de21dfd5dc6cf0580365174bce9aa9f392e49ad16e0db7946169d598c15ce36ebc4100785c170300e82671bf05d9896a3dc31a6892b07122d30530fa99b84dd33d7ee6cdaafbf6fa2e87b3a5c3a96685af86aceaa07563f9904ba0d141582c4cb4be14663ff811a7d3f034bdc2111c07f5ca4e5e8f52c549465e3ced2aad5f7470c8bd39dcb147cad54c13c12fb3d769032fbfde6dbd00f2657a414d77eb967774f234576cf104e413b57961d0ec2ad414221d976424257f12cf187cd744d930b4c3ce39ff2db1e51f6b4130632908ecac7a9efd2ef5c3ee3ed79acbf0ac955b79b1672ac5b832d014b0be6cd4d0d0a0ddb4aaa906b34343d3a4eafb63b546fbf84716fb93dcb6a8891d095ef65c6edffb990a757c6659ed9f0175f7c997615f184f274db9e261adf0380a9fc4553edf0bf7034c986702e5d4057a7763d09bb512c39abd048290673a01a8fd7917c4994cf4e8c80355a2b9a7ff730bb64e46713c9dae49cd82a3f447b7a6aa327aa35c2b6fc9cca39ba4d350ea3bb3cdbfcba5cfc207fcc042e0293647c5b044a22400b2813951d7446f0f61a6f73a34dd4ffa1c5b6a488cdba93b61a4d587ba33ba10ebbf04056b58cd6bd2225b0de87ede7a1c45112bff4e21da964e05952c3acd160c49afffc378c0b7b66f8e1e149dab7689b46c334a3e9ca34671428c27e8f955f8643f40461b063fe29573f7c123bb7dd61e348da505354efed007e993cd6e78016aba0164d5bb0972dfbac7b4b43107201a470d880f048e1615b470e83ef99ff177145a08483019a758879e25a681341467452799a4b1a962030aaaf5233ce6f29ef21abc572089962f931cca1a6992cb2ccac534f3adb62ecf4b41966041d955d76f0c577527055e2d5067f715d95fad3be825e3a6ac8d09d2a9318d571a0968ea2aaabd3165b33e67425f789285618f995ed44dde3e8d87255cbae39b62ef70c9360acdf0d53987128616dfe6707ecef02543fd7cf0916c16e01d2ef486c4345a93908eb4976828c32b20328bbf4ddec9738cb10b33a603da20bdc1fbf6ae964992c9f05b30f22d87ceba67be506e482ccb9c315aff29e55c0754d3fc07cfaff3a598a1ca74581e174cdf2e6d0e134bdf94a93f16caca64c4101df0bda0ed71bf1766035bed3365b0d1a52d8d9a73416891da124b2844da65c55c6f06476ef8bf104beadce8855e4cfe7e504c1f252e198a95f762ffa9a6af8e997928fa552bc592472b9ee14cb794b714d907bf5a288d1528feb913274d58cd14cd25f4e556a088808ce69c7082744a1d12290c3ccd03973f2d5da89fc4d754cb773d2bd25668615229f097e68d0a3113092a0c9f8d1f13039d61e51cf12dccb8817332abee98bcc8df9250518b97caaddcfaaa56863c5753e37eedcdbfee737fd2669c61df181b4ac1101aa54cfb14558b11e612f9f0922f95a98692a6f30f88ee21df3c2d5c3226f50eb6c14c3069efd3b2661414b12f94d6c3950a9613ac7919fb731a5cebcf58220fde8129e2d224ab9c242aa1ddf261a49fff33b4a83d098e16d382d780a8d7e5287b0aea4e5d96702a742d7d2d4cb551102bd7555626824bbeb4209fe81aef7ba27c62895167334daa201a7f72d31a46201cf7527c15af43d297b0d13ce71d712ed2ca8fc4f6f2bb4e5a094cabd812254e9ffe739d1f4f405f000edbbf2e43864dd73ecf57f41ed5d0dff6ff212d9655d7a6b6a5c85bc7734b036276fc2b6a88c477434a4195b3de6ad2dfd7c6be907f8c1f6a2424c95804e6f41340b0d7049549322c35024dfc0267d81bfb2dec6928ffada1daa9b5f7f0ee0156dc300b50106ad30db52d19df6f6e909e2c52902fa3e59012d82c5d88e46a86aa7eb851ae597e3bcdddb143eef4c93951d3c078706365a5d26b5aa0a410a24aca6434a7f2bcd5821cbb735294c7ee852bbf932cea22d4426056e1a3318287fa141122b5ee8fd57849eea23554ef59d1fff024815a06367cd126a97f57e0fe87a1d986d8d676336372a83411332cde45e929730709689973ad20451165f8f2bd42c85cf7b2ff1dc3fe4b721b7f8b6f742e18565515b685f78dde5de16d37c0260bcc8168593537146e5b6ced24cf32a52bff8c151a139bfbb4ac175652d9c340298050574b870bfca1ee6e41db710123b116d7e004623dd8f6f389cdb5293e3a3e745c801669b0e62abc0bbcbf220d8d8e75ff4398b20587c43b71d59b52a20a7f26e92b7fc204372baaa2da2a738ec10ce6c60c352d474bebbc51312645812b0869ef1b39807e0af2dd7fb02bb606b544caf6543d9c4378391fcb0c40b6971aa277e1ca11f8e9a59ea0c0d186e3f89c0ed540c78cb224e00e6d9b2b4f4062643eebbf7cb359d4c7a6c408ce2af41519298fdbe88d666567182ae54daf4a00512d69d25afc21e3945dfb7deb91806d103a70051248d32af5295471f4573e4f8014163345c0b822e880df45913f1767ea957e9fabbe79423e76da710c20f766f37668d6a98648f6667b89930a01a133cc9cc558728c8a170a703f0dad822a710fff70352b7652397ca84ef7a8a3860925396fa1f2d5fe10678bf307d33ffa357ff47aa159cc5d2948d215c125a4062581e245e5899afbd16e5b5073faef11779201cdcddaa18e5f6370fdfa4d338e2dad2626565834392e2fe59c8377b109b76d9184c64664a87f412d5629aa7bbf5735470518017df798fc8dcafe49b5e16a930ab736ef210aede2bdcfa17a100889b4380f542fe0190fa722f164aceecd4edf8d6e27ce9552f882228b8d8a059ddf3c00c086cc8dd06443fb4f9ebf7e297a81315d25f3921e4b64e3cb89c6e3a1104f7038a78d4bf735041f2a5ead822daf09c41c576611f1ecc4e6aafba438ff4d401ce97fd0022fbc9386c0aaf8f3045e8694e9bd1b719a5e0545e24a7d38e1aeaf1855c54ae1fc49b75af63054e073bc04e1cad7fb281d127ec2f8d02ca2729f516f809fbb7d6858ede4f96c140f67565f12429d3100a6e8834cc9925f6be04528b8e9bdc23cef6746670acbbf7661c85c2182b67cb1f51f58dbe1593299be9745d380c86f086a30438caf3bc50d2dc9c66c202087d3822eb4a720a528cd44b27789d0c37c0c6846d99f0ef0c7bfa133821e272a9db06e240274a2b19062f582839a73b2656ad8db21a1fd97de40acb881a3f29a98b5677", 0x1000}, {&(0x7f0000000440)="c21259366b589567224b2a5b70e59d27ef6d91746154f2b3fb55ae720cedbd827f879919746d889a004d4dc8768f4ffcbe8aafe39506aa9ff346c01f5b41a8f04ac4c89601498f6a9fc05f", 0x4b}, {&(0x7f0000001700)="759c7e6a1bb7861b2b55bab860314e4da9690977f7c486e4173717696747a5b895933f4f124096615ca462a15f463cec46787f36db54333e3146ac519bb27a168b24a771489ecf034a8ee052414766c0f955ea36f457f8701bbc3759c6ac25cab4be3c4893ccf3e8bb084ea84cc31b302594dd4dfcb32afac0c41a9cb73a4e08a052b1b844a34e6b44547bb74fa6bdbb7c7995c2455ed4e59b8648f5ec6ee8e099ef81a62aa1a53140860ca270dea2a0887cba8038d97d1ff86cc0418804e63f3cde305d7070e09c0309d6145bd93a9bc1973e906e190fa5d5e8f5f9573f6c7e1dd3cc4e736d076c436b17e9a37d5199b807d55fe38cd6", 0xf7}, {&(0x7f0000001800)="0bbb23c7639bf6a1db41a6603e155f61cad9e144a017342e39eca52dbb7e1fb6cd8e78d381903f4e54e199d1b52226dcae79888614f323444d82df0715982ff3a263c45b0f755951270f67213c9d8dcd18636b4193cf75b0cc7a006389c089a7e38f7206e3db705d5b393d2f17478cc83ceada97d412f941c0076fbcc209e0c403067ed151fa7fbc561e4472181b1eea972ba626c283d53a77a87648f6d9f9df309e85451a232c28358c2962e397fdc6ed14", 0xb2}], 0x8}], 0x1, 0x0) (async)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f00000002c0)=""/92, 0x5c}], 0x2}, 0x0) (async)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f00000000c0)="5c00000015006b05c84e21000ab16d6e230675f8020002003600020061bc24eeb556b6059367b098fa51f60a64c9f4bcc19ddcdbd0b2409fcd0d33d28a08000000c486a6d0bdd70000b6c0504bb9189d9193e9bd0100000001", 0x59}, {&(0x7f0000000300)="b53820", 0x3}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0) (async)
r3 = syz_usb_connect(0x2, 0x8e, &(0x7f0000000580)=ANY=[@ANYBLOB="12010000002540202338020041860102030109027c0001000010000904de0202f307ab00090502020002024000510bd18e6611f52aa473d32b2db91b9bd482f8292053dc98bdc2ed32d3632c81d084b29739096bf64f2a00c0967e6c0b2784bc854ed62e67e09fe61601a7722bb22f380fa09f448a158a671b2eb829e9640725018309040009058202000200000015ba8e783bdf8dfe"], 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0) (async)
open(&(0x7f0000000340)='./file0\x00', 0x610002, 0x0) (async)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'team_slave_0\x00'})

6.424116696s ago: executing program 1 (id=571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r1 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r1, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e26, 0x80000, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000002900000004000000000000000000000810"], 0x30}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000500)='page_pool_state_release\x00', r3, 0x0, 0x4000000000000}, 0x18)
r4 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000200), 0x40000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0xa, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd50, 0x0, 0x0, 0x0, 0x8}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffffb}]}, &(0x7f0000000180)='GPL\x00', 0xffffffff, 0x92, &(0x7f0000000300)=""/146, 0x41000, 0x37, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[r0, r0, r0], 0x0, 0x10, 0x854}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r5, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

6.327752837s ago: executing program 1 (id=572):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000001380)='./file1\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="636865636b706f696e743d64697361626c652c6261636b67726f756e645f67633d73796e632c61636c2c616c6c6f635f6d6f64653d72657573652c696e6c696e655f78617474722c6e6f666c7573685f6d657267652c6d6f64653d6c66732c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6167655f657874656e745f63616368652c646973636172642c6e6f696e6c696e655f64656e7472792c008bfb3c1e4b1b12ae77c937da8858"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x142ba3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/oops_count', 0x8a883, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xe, 0xfff3}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_TIMER_SLACK={0x8, 0xd, 0x6}, @TCA_FQ_CE_THRESHOLD={0x8, 0xc, 0x667b}]}}]}, 0x40}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x7, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x9]}})
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x6)
io_uring_setup(0x168f, &(0x7f0000000400)={0x0, 0x631d, 0x2, 0x2, 0x2d8})
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x3008003, &(0x7f0000002ac0)=ANY=[], 0x2, 0x20b, &(0x7f0000000540)="$eJzsmT2IE1EQx//vZbOJhxzaWNhYeOCJ3mZ3o3LNCSdYiSCcopbBW4/TvUSSFZKAaLCx0c5CsLWxtLCwsrCytNVCBcHClIKFsPI+dvex2Y3GT/DmB/fuvzOz781MslNkQRDEtuX9u89v755YPnsYwE4soKbtHytZDDfi3zy4fuj+ysmHT14/etGev/Esvx8DEMelx33Ju2wAz1criMAsZYljzGf+BWGQ3BRacg4cB7U+DwZHya8qTl0EYLioY64YurNDizBwLnXC9cubYeCKxROLL5ammZ9IajxiWAdQh0qGZS70BsOrrTAMunlRjZNzJlyzCl7aTp3fKscKku7FsYi/cOf2SFzr3sAFT/vngcPTugmGNa2XUYPjOFlLjPr3Wtn+xlejvP7fLI7Ls+796F2Ppdi99OcTUyJ5Rma5S7Txb7TuPxLVzPLyFPCT+7C8RTzQqWXPOJmBZsyHf1Y7vh9Tn/4wQvsnXK/mwvD0L2RoFzQqFdl8EpP9gDGfLFjp/GhEW9cavcFwaXOrtRFsBG3fbx5zj7juUb8hB5Fap8y/upxPc8b+1ZJYm9not6Ko6/WBqOul175ae+KDlwVg7Wnnk7hlF+T841jcL7eQM1WWXSs+g+k/Lv8LtVgpjrxVWhNBEARBEARBEARBEARBEEQx+8CSV2YM6duzCfwz8hfKbwEAAP//Ez1mrw==")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0)
setuid(0xee01)
utimensat(r6, 0x0, &(0x7f0000000080)={{}, {0x77359400}}, 0x0)

6.04655319s ago: executing program 0 (id=573):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x6040085)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(0xffffffffffffffff, 0x7a9, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000340)={&(0x7f0000000440), &(0x7f0000000480)=[0x0], 0x0, r5, 0x85858584})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f00000000c0)=[0x0], &(0x7f0000000040), 0x0, 0x300})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)

5.562291267s ago: executing program 2 (id=576):
r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b80)=@newtaction={0x11c, 0x30, 0xeaa3ef926154e70d, 0x0, 0x0, {}, [{0x108, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xfffffffffffffd21, 0x8, {0x2}}}}, @m_sample={0xb8, 0x2, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x0, 0x2, {0x3, 0xd, 0x10000000, 0x0, 0x3}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x100008, 0x4d82, 0xffffffffffffffff, 0x7ff, 0x4}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfff, 0x88, 0x6, 0x3, 0x1}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffffffff}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x5}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x9, 0x9e07, 0x5, 0x3, 0x9}}]}, {0x22, 0x6, "b993a266d04d68c578a189161d7b3605ae1ad871dbd78a555343b82aff5a"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x11c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
sendmsg$ETHTOOL_MSG_DEBUG_SET(r6, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e00000000000000000018000280080002001100000004000100080004"], 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x8090)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r8, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="03033d0800000000000000000000a2563d6ca7ffd9c38a52924fe8e318c39663235bf8b8865281f731d6130a04cc15918b73a9a3c7900ed35104ba480cf47195df3229619a02e2a0f6571dd1cb32f4c9109f8916"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r10, &(0x7f0000000200)={0xa, 0x4e27, 0x9828, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x10, 0x0}}}, 0x1c)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$video4linux(&(0x7f00000000c0), 0x39b, 0x0)
syz_genetlink_get_family_id$fou(&(0x7f0000000180), r11)

4.761754541s ago: executing program 1 (id=577):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x6040085)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(0xffffffffffffffff, 0x7a9, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000340)={&(0x7f0000000440), &(0x7f0000000480)=[0x0], 0x0, r5, 0x85858584})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f00000000c0)=[0x0], &(0x7f0000000040), 0x0, 0x300})
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
syz_io_uring_setup(0x241d, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080))

4.342296623s ago: executing program 2 (id=578):
r0 = syz_open_dev$media(&(0x7f00000000c0), 0x1ff, 0x0)
readv(r0, &(0x7f0000000700)=[{0x0}, {&(0x7f0000000380)=""/122, 0x7a}], 0x2)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x20000, &(0x7f0000000000)={[{@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@mblk_io_submit}, {@minixdf}, {@auto_da_alloc}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x45f, &(0x7f0000000880)="$eJzs20tvG1UbAOB3xkn79fYllHLpBQgURMQladICXbABgVQWSEiwKMuQplVp2qAmIFpVNCBUlqi/AFgi8QtYwQYBKxBb2COkCnUBhQUaNPZM6yZ2iGPHTuvnkZycYx/7vO/MHPvMHDuAvjWS/0kitkfEzxExVKve3GCk9u/a1QvTf129MJ1Elr36e1Jt9+fVC9Nl0/J524rKaBqRfpjE3gb9zp87f2pqdnbmbFEfXzj91vj8ufNPnjw9dWLmxMyZycOHDx2ceObpyac6kueOPNY9783t233k9csvTx+9/MZ3X+Txbi8er8+jZrjtPkdi5OZtWeeRtl99Y9lRV04GehgILalERL67BqvjfygqcWPnDcWLH/Q0OGBdZVmWbV52b6UsLGbAbSyJXkcA9Eb5QZ+f/5a3Lk4/eu7Kc7UToDzva8Wt9shApEWbwSXnt500EhFHF//+JL9Fw+sQAACd9VU+/3mi0fwvjbvr2v2/WBsajog7ImJnRNwZEbsi4q6Iatt7IuLeFvsfWVJfPv/5ccuaElulfP73bLG2dfP8r5z9xXClqO2o5j+YHD85O3Og2CajMbg5r0+s0MfXL/z0cbPH6ud/+S3vv5wLFnH8NrDkAt2xqYWpdnKud+X9iD0DjfJPrq9d5f93R8SeNbx+vs1OPvb5vmaP/3f+K+jAOlP2WcSjtf2/GEvyLyUrr0+O/y9mZw6Ml0fFct//cOmVZv23lX8H5Pt/a8Pj/3r+w0n9eu18631c+uWjpuc0az3+NyWvVcubivvenVpYODsRsSlZXH7/5I3nlvWyfZ7/6P7G439nxD+fFs/bGxH5QXxfRNwfEQ8UsT8YEQ9FxP4V8v/2+YffXHv+6yvP/1hL+7/1QuXUN1826391+/9QtTRa3LOa97/VBtjOtgMAAIBbRVr9DnySjl0vp+nYWO07/Ltiazo7N7/w+PG5t88cq31XfjgG0/JK11Dd9dCJ4tpwWZ9cUj9YvW6cZVm2pVofm56bXa81dWB1tjUZ/7lfK72ODlh3La2jNftFG3BL8ntN6F/GP/Qv4x/6l/EP/avR+L8Yca0HoQBdttbP/5c6HAfQfeb/0L9WGP/v/NHNQICu8/kPfamd3/WvVNh5ZL1e+XYrVDZGGC0XIt0QYaytkG6MMGqFzRGx2sYXo1uB9fqdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDP+DQAA//+8+OqP")
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0)

4.284615141s ago: executing program 4 (id=580):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004006, &(0x7f00000010c0)={[{@jqfmt_vfsold}, {@nouid32}, {@nobh}, {@stripe={'stripe', 0x3d, 0xffff}}, {@block_validity}, {@grpjquota, 0x22}], [], 0x2}, 0xc4, 0x46f, &(0x7f0000000940)="$eJzs3EtvG0UcAPD/rpv0RR6U8ugDaiiIiELSpAUqxAUEUi9ISHCAY0hDFZq2qAkSrSpaECpHxCcAjkh8Ak5wQcAJxBXuCKlCvVA4IKO1d4kT28Gx67qpfz9p45l9eOa/uxPP7ngdwMAqZ3+SiEpE/BIRY7Xs6hXKtZfr1y7O/XXt4lwSlcorfyTV9f68dnGuWLXYbmeemUgj0g+T2Nek3KXzF07NLi7On8vzU8un355aOn/hiYXTsyfnT86fmTl27OiR6aefmnnyhsQ5ktV173tn9+85/vonL81V4o3vv8zqe0e+vD6OmvGuyyxHefW+rBqu/n2k63e/tYzUpZMtfawIG1KKiOxwDVXb/1iUYuXgjcWLH/S1ckBPVSqVytaGuaUicbkC3MaS6HcNgP4oPuiz699iuondj767+lztAiiL+3o+1ZZsiTR72Va7Yh/pUfnliHjt8t+fZlM0vQ/R3LYe1QcAuP19nfV/Hm/W/xtN7qlbbzQfGxqPiEMRsSsi7oqI3RFxd0Rk694bEfdtsPzymnxj/+en7R0F1qas//dsPra1uv+XFquMl/LcSDX+oeTNhcX5w/k+mYihrVl+ep0yvnnh549bLavv/2VTVn7RF8zr8fuWNTfoTswuz3YTc71nFmqvjfGv3BdIImJPROzt4P2zfbbw2Bf7s/Tozsbl/x//Om7AOFPl84hHa/FfjjXxF5JaSa3GJ6e2xeL84anirGj0w49XXq7PD9Wlu4r/Brj6fsSOFse/qmgGxXjt0sbLuPLrRy2vaTo9/4eTV6vp4Xzeu7PLy+emI4bzGavmz6xsW+SL9bP4Jw42i3802RXxz2f5dvsiIjuJ74+IByLiQF73ByPioYg4uE783z3/8Fvr76H+Hv8T6x3/iPGkfry+g0Tp1LdftSq/veN/tJqayOe08/+v3Qp2s+8AAABgs0ir34FP0sn/0mk6OVn7Dv/u2JEunl1aPlSOd86cqH1XfjyG0uJO11jd/dDp/N5wkZ9Zkz8SEXdW7yhur+Yn584u9mpMHWjPzhbtP/Nbqd+1A3puQ+NojU+0AZuY5zVhcGn/MLi0fxhc2j8Mrmbt/1LE9T5UBbjJfP7D4NL+YXBp/zC4tH8YSI2PxBc/t9LJk/4riV3Hu9p8gBKlHr1z1P9oRw8SkfZ913WeSG+FahzIE1sjot2tLvX0mK49fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa/fwMAAP//GCvoLw==")
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0xa2c25)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, 0x0)
writev(r2, &(0x7f000009de80)=[{0x0}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x24, 0x7, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r9}, 0xc)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r10)
quotactl_fd$Q_GETFMT(r3, 0xffffffff80000401, 0x0, 0x0)

4.254903298s ago: executing program 0 (id=581):
r0 = socket$tipc(0x1e, 0x5, 0x0)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="0412090000000000000005e9677458fb4970451f9093f266f70a549194d7202bceeea05e426a7b8c90f763d5f7b96a45b63c155284234ae51cb09bcef7f8f298c0f2a4b52369e307da4e33d13194e8fa5b803f82ec52fb6af9326b1afd59bb27222ffcb8722b10530da0e823046581f522180eac1eb22c5a780d9de2ebcca326"], 0xb)
socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000440)={0x4, &(0x7f0000000400)=[{0x7, 0x1, 0x89, 0x138}, {0x6, 0x25, 0x80, 0x2}, {0x0, 0x8, 0x61, 0x7}, {0x400, 0x3, 0x0, 0x4}]}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mknodat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x40, 0x80000001)
read$msr(r2, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f0000000180))
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$tipc(r4, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x2, {0x41}}, 0x10, 0x0}, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000240)={0x2, 0x6}, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r5, 0xc100565c, &(0x7f0000000140)={0x400, 0x53b9, 0x2, {0x1, @pix_mp={0x8001, 0x8b1, 0x32314d54, 0x9, 0x2, [{0xfffffffa, 0x4}, {0xf, 0x1}, {0x3, 0xffffffff}, {0x0, 0xd9}, {0xb, 0x1}, {0x3, 0x6}, {0x1ff, 0x4}, {0x5, 0x5}], 0x8, 0xa, 0x4, 0x1, 0x6}}})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000000c0)=@userptr={0x7, 0x1, 0x4, 0xec1af57558979226, 0x0, {}, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, "f99fae00"}, 0x0, 0x2, {0x0}, 0x20000})
connect$tipc(r4, &(0x7f0000000200)=@name={0x1e, 0x2, 0x3, {{0x40, 0x2}, 0x2}}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})

4.22341547s ago: executing program 2 (id=582):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x6040085)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(0xffffffffffffffff, 0x7a9, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f00000000c0)=[0x0], &(0x7f0000000040), 0x0, 0x300})
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
syz_io_uring_setup(0x241d, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080))

4.030590212s ago: executing program 0 (id=583):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000880)=0xfbf, 0x4)
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000340)=ANY=[], 0xd, 0x651, &(0x7f0000000840)="$eJzs3c1rHOcdB/DvrN4dUJTGdtwSiIghLRW19YLSqpe6pRQVQgjpoWdhy1h47aSSUpRQGvWNXnvIH5AedOup0EuhYEjP7S1XHQOFXnJST1tmdlYr2bK8sldauf18wuzzPPM888xvfjsv2g1mA/zfWp7J8IMUWZ55a6ts7+4sNHd3Fu516knGkjSS4XaR4n5SfJbcSHvJV8uV9XTFocnf7lY/WVt69/Mvd79ot4brpRrfeGS7E9uul0wnGarLfs1386j5xrrVxhOnK/aPsEzY1U7iYNBGkrQO+dnlbs/xLjzzdQucB0X7ubmvVV/ZU9VlnvHOI2+7vfrJz7xzbnvQAQAAAMAZeHEve9nK5KDjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdJ/fv/1a/+j++vSjGdovP7/6Od/iQvDDDU4432NuxB47QDAQAAAAAAAIDT99pe9rKVyU67VaSR5PWqcbF6fSEfZCOrWc+1bGUlm9nMeuaSTB2YaHRrZXNzfa6HLeeP3HK+x4Annv2YAQAAAAAAAOA5MHLC8b/Ocvf//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHlQJEPtoloudupTaQwnGU8yWo7bTv7ZqZ8LI0+32YN+xwEAAADn0It72ctWJjvtVlF95r9cfe4fzwe5n82sZTPNrOZW9V1A+1N/Y3dnobm7s3CvXB6d9/v/PlEY1Yxpf/dw9J6vVCMmcjtr1ZpruZn30sytNKotS1c68Rwd16/KmIrv1XqM7FZdlkf+h7o8fUM9jJmqMjKyn5HZOrYyGy8dn4nD7872Sfc0l8b+Nz8XTyHnF+qySF74cZ3z8R63PV11Jl5LnYn5A2ff5eMzkXz9L3/66Z3m/bt3bm/MnM1p1GdjrVarU3/4nFg4kIlX/uczcdBslYlL++3l/Cg/yUymJ9/Jetby86xkM6uZzg+r2kp9nZavU8dn6sah1jvV68TjIxmt35f23ePImPK4mF6vtp3MWt7Oe7mV1bxZ/TefuXw7i1nM0oF3+FIPV33jZFf91W/UlfIAf3/8gZ6xMq8v1Xn9uPquuXvPnar6Dq7pZilF+n1vHP5aXSn38Zu6PB8ezsTcgUy8fPz58sfqtrLRvH93/c7K+z3u7426LK+j353Zk7kX5fnylfLNqlqHz46y7+Uj++aqvov7fY1H+i7t9z3pSh2t/4Z7dKb5qu+VI/sWqr4rB/qO+nsLgHPvwjcvjE78a+IfE59O/HbizsRb4z8Y+87Yq6MZ+fvId4dnh95ovFr8OZ/ml93P/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNPb+PCjuyvN5ur6Q5VWq/XxY7qetpL0Ong8yd/+2s+9d36PqF5TJOnbcfWlMn6Swa3zEfNJKv9ptVp9mXD7mJO2b5VW7VykbkCVAd+YgFN3ffPe+9c3PvzoW2udR+Ti4tLs0uKbC9dvrzVXZ9uvAw4SOBXdh/6gIwEAAAAAAAAAAAB6dRb/nGDQxwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA835ZnMvwgReZmr82W7d2dhWa5dOrdkcNJGkmKXyTFZ8mNtJdMHZiueNx+PllbevfzL3e/6M413BnfOG673mzXS6aTDNVlv+a7+czzFftHWCbsaidxMGj/DQAA//+EgQzb")
r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r1, 0x541b, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi1\x00', 0x2, 0x0)
r2 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000100)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x23}, 0x6}, 0x1c)

3.390044204s ago: executing program 4 (id=587):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x4008, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c6163746976655f6c6f67733d362c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c616c6c6f635f6d6f64653d72657573652c6e6f61636c2c686561702c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c636f6d70726573735f63616368652c6a71666d743d7666736f6c642c0059f4bd815bd5269b4f523c9fa8d344a3944fb455fe1b97b3eda5f977db05bfa9d02cc67646849b46fd481fbbd5b0fd213353e4ae7755b4985d63c4a5e13292c6d514d644c884482f93129a82c26ad8f1f7191de0ca75795a5f697573c1828a8ecf4a82e89215d1979fa2738c76683b231a638e5a0d6bd7235d108d564d307b3067ab6ac37a59e50763a2be3d70a1260e"], 0x1, 0x5520, &(0x7f0000000a80)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwCZtuu+it6i5+YJey6sGTpkkasptkSpOmtScPHsWD/4koePLo3+DBszfxoHgTlMxMdOsHKJsmdvv7weSZ982bZ543LAvPTEkAZ9ZS8vOPpbgaFyNiPiKuRGTnpeLIbOThuYi4FhFzjxylYv73iXMRcSkiro6S5zlLxVuf3hheX//hjZ+++ub8wuXPvvx2drsGZu35iOju5ucH3TymrTw+KOZrw3YWu2vDIuZvdB8W4zSPB83tLMNBbbyulsVbrXx9urvfH8WdTq0+iq32Tja/28sv2B+2xnmyDzyo7WXjRnM7i+1+msXWUV7X4VH+f9tRf5DnaRT5PsjSx2Awjvl887CZ72f3YRbrvUExn+dNG83DURwWsbhc1NNOI6tj+3G+6f+3N9u9/cNk2Nzrt9Nesl6pvlCp3i5X99JGc9BcK9e6jdtryXKrM1pWHjRr3Y1WmrY6zUo97a4ky616vVytJst3mtvtWi+pViu3KjfL6yvF2Y3k1XvvJJ1GsjyKL7d7+4N2p5/spHtJ/omVZLVy68WV5Ho1eWtzK9m6f/fu5tbb7915995Lm6+/Uiz6S1nJ8urN1dVy9WZ5tbpyhvb/UVH0BPcPj6U06wIATp8p9P+L4zT6f2Ds5Pr/vfsRJ9//h/5/Ik5V//uf+/+FM75/OGH6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+u7xc9fy06W8vHlYv6pYuqZYlyKiLmI+PVvzMe5YznnizyL/7B+8U81fF2KLMPoGueL41JEbBTHL0+f9LcAAAAAT64vPrz2Sd6t5y9Lsy6Iacpv2sxdeX9C+UoRsbj0/YSyzY1enp1Qsuzf90IcTihbdgPrwoSS5bfcFiaV7V+ZPxYuPBJKeZibajkAAMBUHO8EptuFAAAAME0fz7oAZqMU40eZ42fB2V/e//FA8OKxEQAAAHAKlWZdAAAAAHDisv7f7/8BAADAky3//T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiNnfvJWRoI4wD8tlDBf5EY917FHRzDI7h0aTiAl+AALvAKXoAz4M4jGDDMTBAMC5NO22ieJ+k3bdPvxzsEFjNDBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABjS926/+frp7ee+OadzP3V6AwAAADxy7PabdLLK18/L/Zfl1uty3UREGxGPxu6zeHKXOSs53e/nv9w+3/1Rw7eIlHB5jUU5nkXEu3L8fDX0uwAAAAD/r8N2t86j9fxnNXVBjClP2rQv3lfKayKiW/3oH5K0l9M3FcpKLp/veXyslJYmsJaVwvKU27xW2l9JX/frrN3ypmly0z78t2uR1foOAACMaHbXjDsKAQAAYEwfpi6AaaSl1vJb/LIUuMhNWd57encFAAAA/IOaqQsAAAAABpfG/yPt/3e2/x8AAABMI+//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJCO3X5z2O7WfXNO537q9AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzN79RlGEAwJ+d2dm1qLFW00ON0cSDXqQsCHIzHjSNB/8Ek6YsWFn8gB6EEGMv3kzPXPw4GmOiqTf+B86QcMEbhx4w8ayZr3aARgoNM5v290veeZ+dvMz7vLMJ6TPvtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ23p/J07zw2wZJ9W5m/euruT9rQf63PWN2wt5i4hh7/Gmndl/5lPv1eaH3nx3iQAAAHB4pHV9HxF3ss2lvE9mi/o/q8fkNf9Pz5dxXc8/WPfXfV375+3PP+6+vD3RbDlPftGzq5PxsYdT6T+9VU63Fx45ol/c+eLZS1p8IclH6y9tZcX97H1/48YHgyIctpEtAPAkjtZ9FdQ/D+X9qMvEADg0+o3Cu67/09lucwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABow9Z6PFvHvYhY6O/EuVv3rq7s1l/fuL1Qt1PXrm3EtzvXzC+RRcTZ1cn4WKurmW6XLl85vzyZjC+2H7wWEU/8z4cRsY/Z36uWf/6T/xs8LIOIyfjHrLsbJdhfkFRf9iMH1wOnIOfug47+QwIA4MDKqpbX9XeyzaX8XG8u4t+f76//32zEscf6/+6np24252rW/6PWVjj9FtcufLl46fKVt1cvLJ8bnxt//s7x0bujE6dPnjy9WDwrWfTEBAAAgP0ZVK1Z/ydzD+//H2nEscf6/6sfRt8050rV/7va2fTrOhMAAIDD7cXX//m7t8v53mAQXy+vrV0clcftz8fLYwepPrZh1Zr1fzrXdVYAAABAG7bWe/ft/59pxLHH/f/nfnnlt+Y104iYqfb/j658MTnT3nKmWhu/Ttz1GgEAAOjWTNWa+/9Z8f5/sv3KQxIRb71RxtWfAdxT/Z9++N2vzbma7/+faG+JUymZL+9H0c9H9Oe7zggAAICD7Jmq5cX+X9nm0me/H/l44P1/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLb9FwAA//8NRDj5")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x400, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x4e, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000005c0)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfa, {0x0, 0x0, 0x0, r5, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TTL={0x5, 0x52, 0x20}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
splice(r3, &(0x7f0000000440)=0x4, r1, &(0x7f00000001c0), 0xa, 0x0)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000400)=0x7)
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$inet6(0xa, 0x2, 0x0)
r10 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r10, &(0x7f00000003c0)={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10)
sendmsg$inet6(r9, &(0x7f00000000c0)={&(0x7f0000000080)={0xa, 0x4e21, 0x80000, @dev={0xfe, 0x80, '\x00', 0x14}}, 0x1c, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="24000000000000002900000032000000000000ecffe41e4a11ff0000000000006a63b4969d0d4d94f5219600ff40a4db422d8f01df39031028679438fe837fa521f39b7996f32a4aa652e20bb005dd08795561b39f9c4444c897cc82acf22af3884966a47d4d7619ad8c1be349de2cc7ddc4de61b5f6986c1b54bbf9ec3e5976a4", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x28}, 0x40)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="560a00000000000261119c00000890001800000000000000000c403deb0000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x2000402)
lseek(0xffffffffffffffff, 0x4, 0x4)

3.302552347s ago: executing program 3 (id=588):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000080)='./file0\x00', 0x1400008, &(0x7f0000000a00)={[{@nodecompose}, {@umask={'umask', 0x3d, 0x1}}, {@force}, {@uid}, {@creator={'creator', 0x3d, "42629f57"}}, {@gid}, {@nls={'nls', 0x3d, 'cp866'}}]}, 0x3, 0x63f, &(0x7f0000001440)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7BVYi2koLIqLNQ1kIF8pDKIcVqsqBc9S6jVU3rRIXpRVC4SUOXDhUnMshN05IvUcqZ7igXnOsBOqlB5Sb0YzHiRPn4TxaO/T3q8bzff6++eY/f3terqIJ4J01PxHFjUhifuKL1bS+uT5T21yfGcqbaxGRlgsRxeYskqWI5Hmz+Vr68pX0zbx/ctB6nlTnbrx4vfmyWSu2Fk5KaWn44OWO0lxwLZ9iPCIG8nmnwW5H3TXezQPH289//rh/kM1A022+3Eoc9Fqjw9pxFj/xfgv0j6R53uwwGjGSnaGb1wGRHx0Kbze6s3esoxwAAACcU+9txdZao9HodRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwnuTP/0/yqdAqj0fSev5/qa17qYehnomNXgcAAAAAAAAAACfSGGivfX0rtmI1Lmy3JlGI4fg0q4xlr1+Kh7ESlViOK7EaC1GPeizHVESMtg1UWl2o15enulhyet8lp9/oRgMAAAAAAADA/7vfxPzO//8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEA/SCIGmrNsGmuVR6NQjIjhiCil/dYi/tkqn2cbvQ4AAAAA3oL3tmIrVuNCq95Isnv+j7L7/uF4GEtRj2rUoxaVuJX9FtC86y9srs/UNtdn7qVT57h//m8j02UY2YjR/O1h/zVfynqU43ZUs3euxM24H7Vy+yiXWvHsxJW0Nf/6VTr293NdRnYrYvpreflPsXvA3hrNMjK4nZHJPLY0j+93ZqLdD16dak1TUdj+5Wfs8DWdKOcj+TzZM++9vZmYjkKW79RHh2ci4hvP/vrzxdrS3cXbKxP9s0kn1MxEo9HMxFBWa2Xi43cqE5PZtl/crs/HT+JnMRHjcT2Woxq/iIWoRyXG48dZaSH/Pqevo3syVdg99LVdtetHRVLKP5fmUfR4MX2aLXshqvHTuB+3ohKfZ/+mYyq+E7MxG3Ntn/DFLvb6wvH2+svfzAvpIf0P+bw/pHl9vy2v7cfc0ayt/Z2dLH1w9sfG4lfzQrqO30bEj85wO09nbybSs8SzLzfbPjw8E3/JrhNWakt3lxcXHnS5vs/yebof/b6vzhLp9+WD9MPKaru/HWnbh/u2TWVtY9tthY62i9ttR+2ppfwarnOk6azt433bZrK2S21tHddb6fUQAP1u5FsjpfK/y/8oPy3/rrxY/mL4h0PfHfqkFIN/H/xecXLgs8Inyd/iafxq5/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4uZVHj+8u1GqV5SMLSfbw/4iuOrcVWo9zOrxzkj/I5zgjK9RqleHoizCOVaj9K6LtnaTX8fRDYaj15S/3Rzy13h6XgDfvav3eg6srjx5/u3pv4U7lTmVpcHZ2bnJu9vOZq7ertYFIXyuTvY4SeBN2Tvq9jgQAAAAAAAAAAADo1uF/BjCY9zrdnxP0eBMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAc25+IoobkcTU5JXJtL65PlNLp1Z5p2cxIgoRkfwyInkecS2aU4y2DZcctJ4n1bkbL15vvtwZq9jqXzhsue6s5VOMR8RAPj+r8W6eerxkewvThF0unS44ODP/CwAA///rqwiw")
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='osx.:'], 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) (fail_nth: 5)

2.902062396s ago: executing program 3 (id=589):
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x2a0000a, 0x0, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000004c0)='./file0/file0\x00', 0xc0040, 0x2c)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

2.886933922s ago: executing program 0 (id=590):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000740)=ANY=[@ANYBLOB="18010000210001000000000000000a00fc020000000000000000000000000000ff0200000000000000000000000000014e210000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000009c001100ac14140c000000000000000000000000fc000000000000000000000000000001fe880000000000000000000000000101ffffffff000000000000000800000000ff0000000200000002000a0000"], 0x118}}, 0x44)

2.790420017s ago: executing program 0 (id=591):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x6040085)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(0xffffffffffffffff, 0x7a9, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={r4, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r3, 0xc01064c8, 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r3, 0xc02064b9, &(0x7f0000000340)={&(0x7f0000000440), &(0x7f0000000480)=[0x0], 0x0, r5, 0x85858584})
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x78)
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000380)={0x0, 0x0, 0x0, &(0x7f0000000200), &(0x7f00000000c0)=[0x0], &(0x7f0000000040), 0x0, 0x300})
socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)

2.233448305s ago: executing program 2 (id=592):
syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f0000004480)='./file0\x00', 0x10040, &(0x7f0000000140)={[{@journal_async_commit}, {@noacl}, {@user_xattr}, {@heartbeat_none}, {@journal_async_commit}, {@data_writeback}]}, 0x1, 0x444c, &(0x7f00000044c0)="$eJzs109vHGcdB/DfjO147dhhAzkYwcESSESAjO0TggMg/kSREI4MQQgjWes/SQxrr7HXyIccQMqRQxCcOHOk554q5Q20Ut9A+wLaHtJD2lO32tlZZ8e7G7vt7jpxP5+DZ+d5npnn5/3OzD6T5uoPdg7ndw7nK3vztc17h8vzf6tVj3a3Ix2Ri56f8xlGTrK/OCs//9Vvf78csf9oea3RaDQiIsrR21LH52dPH252btvSU8c0z9vndAPyx4i40VVX01hE/OH1iCQikvyfSvPtVH5Us+9Pf/32P6M0mGr+vv7WzP+Pb//gtXtvfuPZeyuP+w5MIv5b/fr37+++/62xH7/73cHMDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABfr1urK3TuLS/EkKWf7+4+W1zr7J8v5h1Lv4xuNoZcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzkbq2u3L2zuBRPkih9OBmx/2h5rbN/vJx/KPc+vvGTERTJ0Nz+zcovfrm4lOXeaCRd/T/Mmz742Vhcj4hnTx9uRmH7zmzn+OTUdXL6espHDaz+dn3tecuRpAuF/TRdWIhIjlv7c8l0Wq0d1r93r3a0tzWwMl5ZxfzTrK2QTqvpBfm3tifDz5X/IH2t62rK9ueGO+tl8Tz/mbVGY6zvuP/9I2nnX4oX5D92Afl/XpMDrePVVLz/x7O24v3UCrSZ/7/Gz77/x0eU/7Xmn1JWa6nzCdBcwzTb+61XKCrmP5G19cu/1/P/41P5T/TO/86/h/Yf9Hn+7w9twkulmP+VrK34fbYWAFn+6dn3/5WX5fd/frizXhbF/Fu/iKcizL7O8z7/J0eUf7ld57Wk6wrI2ksRs8OY+JIp5l/q6n/+/peea/1fuqD3v9Kp97/2e8jNpPX+R2/F/Kf6jjvv/T814ud/a/13DhPDrOLVVcx/Omv7Iuv/6RHln61Keqz/P2mv/4+HMevlU8z/atZWfAo8zv5m67+kO/ePTuV/9SVY/2X13xzurJdFMf+ZvuOa+b99jt//mZHnHzH9mY/oXud8WRXzz1fMb3SPy+7/0tn5z444/+8M8+QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADE1abm3LkaQLhf00XViIGMv352I62ahsrW9Ua5t/OYwYz9vn46vJ/Wpto1Jd39mrbW2vV6rV2mbERN5/I0rJYbVWX9+t7F85OddU8mC7clDf2K7UI2Iyb/9mzLbPtbFT363sR0TppO8rae1g/0Flb31r5+BHi4uLizF1UsP1ZPu4vr1Xb83e6o2YPjm2nHQUl3VfPallJvlz7ehgr1LN2mc6jqnWNivVjmNm877/xPWkfnC0t1mpb69Xa/fb8/U2NZigzvDTfJveXv3d6q+XugfM5f3lkZQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCn7MqhDYNgEAXga1PZDTpEddMFQDECjhkYA8kQMACOBWARPJoQ+A0O/33JJfdeHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC3jP9fGxGvIz0jIkvP47xk72Io53dX59++mj7rUjSXDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYpXfVBIIoDMAzkyKXah8j1bKbKm0gIaTJimBl6QtYWlj6uhZ2ViLKLMi6i1po9X3NXs4czoH5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4ye+4mYyqOoQYXnbPIcxXH9PT+luRXxb9/U8P2JH7+ftvvn+qOt97PKt/5l/rr3SsbjfLWeh5tmInJ9085VOXFxvI29B+7dwixFQevnNu32NKZdnX+XrdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPbswIEAAAAAgCB/6xUGKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIClAAAA//8jspyf")
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000080)=0x13b)
read(r0, 0x0, 0x0)
r2 = open(&(0x7f0000002000)='./bus\x00', 0x103042, 0x0)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f0000000040), 0x200000, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
symlink(&(0x7f000000a900)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.032474913s ago: executing program 1 (id=593):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r3 = syz_open_dev$video(&(0x7f0000000180), 0x3, 0x1)
ioctl$VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000002c0)={0x9, @pix={0xb, 0x9, 0x32315258, 0x7, 0xe, 0x8, 0x5, 0xa, 0x0, 0x2, 0x0, 0x3}})

1.899902693s ago: executing program 3 (id=594):
syz_read_part_table(0x1051, &(0x7f0000001080)="$eJzsz80JwkAQBeBnfog5WIEteLaT9BM78WwFVmUJWVmNaAMiwvcdhrfDDMuEnzqkS4Z0+2b30T21tY7rq6kzWR75mqSvoQyv4bn0780uaZ9pu3ZuxymbulBLzmMyZyml1G+ny5fPAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/cA8AAP//gmMN8Q==")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x4, 0x0, 0x0, {{@in=@dev={0xac, 0x14, 0x14, 0x2b}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0xa0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x100000000, 0x2000010000, 0x7, 0x2, 0x401, 0x2}, {}, 0x70cc}}, 0xb8}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
chdir(0x0)
semctl$GETPID(0x0, 0x3, 0xb, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x600000, 0x9)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x4}, 0x8)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000100)={0x54, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x17e5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x54}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)

1.222527555s ago: executing program 4 (id=595):
pipe2(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r2, 0x0, r1, 0x0, 0x6, 0x0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000100)=0x3ff)
readv(r0, &(0x7f0000000680)=[{&(0x7f0000000440)=""/196, 0xc4}], 0x1)
fcntl$setstatus(r1, 0x4, 0x7c00)
r3 = dup3(r2, r1, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r3, 0x0, 0xffffff8d)
memfd_secret(0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000a00)='./bus\x00', 0x0, &(0x7f0000000300)={[{@noauto_da_alloc}, {@resuid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1fe}}, {@noblock_validity}]}, 0x0, 0x47d, &(0x7f0000000ec0)="$eJzs3M9vFOUbAPBnpt0CX+DbiviDH2oVjQ1qSwGVgwc1mnjAxEQPGk9NWwhSqKE1EUIUjMGTMSbejUf/BU96MUYvJl71bkiI6QXw4prZnWl3l90tbXe7yH4+ycD77szs+zw78+6+M+9uA+hbo9k/ScSOiPg9Ioar1foNRqv/3Vi6OH1z6eJ0EuXym38lle2uL12cLjYt9tueV8bSiPTTJPY1aXfh/IXTU3Nzs+fy+sTimfcnFs5feObUmamTsydnzx4+duzokcnnnzv8bPPAh9aWZxbT9b0fze/f89o7X75+/PO6/Bvy6JDRdiufKJc73Fxv7awpJ4M9DIQ1GYiI7HCVKv1/OAZi5eANx6uf9DQ4oKvK5XJ5e+vVl8rAXSyJ+rouD/2i+KDPrn+LpXEQ8GL3hh89d+2l6gVQlveNfKmuGYw036bUcH3bSaMR8falv7/OlujOfQgAgDrfZ+Ofp5uN/9K4v2a7/+dzQyMRcU9E7IqIeyNid0TcF1HZ9oGIeLCyZyyPnVbTOEly6/gnvbqhBFeRjf9eyOe26sd/yxmMDOS1nZX8S8mJU3Ozh/LXZCxKW7L6ZJs2fnjlty9arasd/2VL1n4xFszjuDq4pX6fmanFqY3kXOva5Yi9g0WutfknyzMBSUTsiYi962zj1MFv97dat3r+bXRgnqn8TcST1eN/KZbq8y8k7ecnJ7bG3OyhieKsuNXPv155o1X7lfwPrjP/DsiO//+anv/L+Y8ktfO1C2tv48ofn7W8plnv+T+UvFUpF9PAH04tLp6bjBhKjleDrn388Mq+Rb3YPst/7EDz/r8rVl6JfRGRncQPRcTDEfFIHvujEfFYRBxok/9PLz/+XtMV6QbP/w7I8p9Z0/FfKQxF4yPNCwOnf/yurtGRlWKe/832x/9opTSWP3I773+3E9f6zmYAAAD470kjYkck6fhyOU3Hx6vfl98dkc7NLyw+dWL+g7Mz1d8IjEQpLe50DdfcD53ML+ur9csRUf1qQbH+SH7f+KuBbZX6+PT83Eyvk4c+t71F/8/8OdDr6ICu83st6F/6P/SvZv1/aw/iADafz3/oX036/7ZexAFsvmaf/x+33+WfbsUCbK6G/m/aD/rI2q//f3m3K4EAm65l/7+b//IPUOH+P/SlhW2x+o/k2xaKZ1rn7ndKIYmIjj5hlO6IvDZeKCdND26kWaF0J0So0IVCb9+XAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuXfAAAA//+zott5")
r5 = io_uring_setup(0x4a86, &(0x7f0000000300)={0x0, 0x4178, 0x40, 0x8001002, 0x3d7})
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r6, &(0x7f00000003c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c749707b17399b1d7efad23abb8b40b38704737e15662ae4913a4a001cd3b71c7af75b5ffad9780650c800a40ca80ddc41987919142fd28dbf22db5f4c435415a03455e1d55d1783ccef97d7e4655cf839d06f06e137bbe462a03b3100231914b19739dd57b4f12d026ad0c7fd3"], &(0x7f00002bf000)='GPL\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffc95}, 0x48)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000180)={r6, r7})
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000001380)={<r8=>0xffffffffffffffff})
sendmsg$AUDIT_DEL_RULE(r8, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000500)={0x420, 0x3f4, 0x8, 0x70bd29, 0x25dfdbfc, {0x6, 0x1, 0x1, [0x7fffffff, 0x1aa, 0x7ff, 0xfff, 0x2, 0x7, 0x108, 0x6, 0x1, 0x5, 0x1, 0x4, 0x7fff, 0x6, 0x0, 0x10, 0x4a, 0xc, 0x80000000, 0xba, 0xf, 0x6, 0x8, 0x6, 0x0, 0x4, 0x7, 0xb88, 0x5, 0x81, 0x9, 0x6e3b4520, 0x0, 0x7, 0xfffffffb, 0x2, 0x7, 0x10000, 0x9, 0x4, 0xfff, 0xd3, 0xc, 0x101, 0x10001, 0xfc, 0x0, 0x8, 0x6, 0x9, 0x9, 0x10000000, 0xf, 0x9, 0xf55, 0xa44, 0xffff635e, 0x5, 0x6, 0x7, 0x1, 0x10001, 0xc, 0x81], [0x7, 0xfff, 0xf1, 0x5087, 0x4, 0xfdd0, 0x1, 0x5, 0x7b60, 0x7, 0xe268, 0x92c, 0x9, 0x1ff, 0x3d9, 0x3, 0x1, 0x1, 0x2, 0x5, 0x80, 0x5, 0x1a, 0x8, 0x3, 0x3, 0x4, 0x7ff, 0xe1e5, 0x2, 0x8, 0x1, 0x3, 0x7a, 0x7fffffff, 0xfff, 0xfffffffe, 0x7, 0x9, 0x0, 0x45a0766b, 0x0, 0x3, 0xfffffffd, 0x10, 0xfde4, 0xa2d, 0x81, 0x6, 0x6, 0x163f9f00, 0x8, 0x2, 0x0, 0x8, 0x6, 0x56e, 0xfffffc8e, 0x1, 0x3, 0x200, 0xb08e, 0x3, 0x8], [0x2, 0xb52d, 0x0, 0x0, 0x8, 0x3, 0x7f, 0x3, 0xe2, 0x8000002, 0x0, 0xfffffffa, 0x2, 0x1, 0x80000000, 0xfd, 0xcd, 0x4, 0x1ff, 0x2, 0x2, 0x4, 0x7, 0x80000000, 0x6, 0x6, 0x5, 0x6b000, 0x5, 0x6, 0x1, 0x6, 0x7fffffff, 0xfffffffc, 0x2, 0x8, 0x42, 0x7, 0x2, 0x9, 0x2, 0x1, 0x50, 0x6, 0x2, 0xbc, 0xfffeffff, 0x3, 0x6, 0xe18, 0x1, 0x5, 0xfffffff9, 0x401, 0x4, 0xb, 0x8, 0x7, 0x3, 0x4, 0x9, 0x3, 0x2, 0x4], [0xf9, 0x10, 0x9, 0x8, 0xc90, 0xfff, 0x80, 0x4, 0x4, 0x8f51, 0x7, 0x4, 0x7fff, 0x0, 0x2, 0x400, 0x4, 0x2, 0x1, 0x4, 0x7, 0x228e, 0x80000001, 0x2, 0x2, 0x467525bf, 0x0, 0x400, 0x2, 0x9664, 0x4, 0x643a, 0x2, 0x0, 0x9, 0x7, 0xfffffffc, 0x8, 0x7fffffff, 0xfffff731, 0x2d, 0x569a, 0x7, 0x5, 0x7ff, 0x7ff, 0x7, 0xfffffffb, 0x80000000, 0x3, 0x9, 0x62, 0x3, 0x2, 0x9, 0x3, 0x6, 0x8, 0x1, 0x7, 0x5, 0x1, 0x77]}}, 0x420}, 0x1, 0x0, 0x0, 0xc090}, 0xc000)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r8)
close_range(r5, 0xffffffffffffffff, 0x0)

1.100011269s ago: executing program 0 (id=596):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x1fe, 0x5, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x40, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080)={0xc0, 0x0, 0x12000})
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000001680)=[@text64={0x40, &(0x7f0000001700)="b9230900000f320f30b9400101c0b8e5000000ba000000000f30460f0666baf80cb8be04d785ef66bafc0cb000eec4618d54d266bad104ed0fd22f48b83c4c0000000000000f23c80f21f835000010000f23f866baf80cb8d1d8b28bef66bafc0cb070ee", 0x64}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000003a40), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
socket$kcm(0x1e, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r3, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000000)=@gcm_128={{0x304}, "bd88818314ff7d84", "0b3ea924c47b25d7624cd362581725c7", '\x00', "d5a1d50399459b68"}, 0x28)
shutdown(r2, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f00000000c0)={0x0, 0x1, 0x6, @broadcast}, 0x10)

1.057992371s ago: executing program 1 (id=597):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22004006, &(0x7f00000010c0)={[{@jqfmt_vfsold}, {@nouid32}, {@nobh}, {@stripe={'stripe', 0x3d, 0xffff}}, {@block_validity}, {@grpjquota, 0x22}], [], 0x2}, 0xc4, 0x46f, &(0x7f0000000940)="$eJzs3EtvG0UcAPD/rpv0RR6U8ugDaiiIiELSpAUqxAUEUi9ISHCAY0hDFZq2qAkSrSpaECpHxCcAjkh8Ak5wQcAJxBXuCKlCvVA4IKO1d4kT28Gx67qpfz9p45l9eOa/uxPP7ngdwMAqZ3+SiEpE/BIRY7Xs6hXKtZfr1y7O/XXt4lwSlcorfyTV9f68dnGuWLXYbmeemUgj0g+T2Nek3KXzF07NLi7On8vzU8un355aOn/hiYXTsyfnT86fmTl27OiR6aefmnnyhsQ5ktV173tn9+85/vonL81V4o3vv8zqe0e+vD6OmvGuyyxHefW+rBqu/n2k63e/tYzUpZMtfawIG1KKiOxwDVXb/1iUYuXgjcWLH/S1ckBPVSqVytaGuaUicbkC3MaS6HcNgP4oPuiz699iuondj767+lztAiiL+3o+1ZZsiTR72Va7Yh/pUfnliHjt8t+fZlM0vQ/R3LYe1QcAuP19nfV/Hm/W/xtN7qlbbzQfGxqPiEMRsSsi7oqI3RFxd0Rk694bEfdtsPzymnxj/+en7R0F1qas//dsPra1uv+XFquMl/LcSDX+oeTNhcX5w/k+mYihrVl+ep0yvnnh549bLavv/2VTVn7RF8zr8fuWNTfoTswuz3YTc71nFmqvjfGv3BdIImJPROzt4P2zfbbw2Bf7s/Tozsbl/x//Om7AOFPl84hHa/FfjjXxF5JaSa3GJ6e2xeL84anirGj0w49XXq7PD9Wlu4r/Brj6fsSOFse/qmgGxXjt0sbLuPLrRy2vaTo9/4eTV6vp4Xzeu7PLy+emI4bzGavmz6xsW+SL9bP4Jw42i3802RXxz2f5dvsiIjuJ74+IByLiQF73ByPioYg4uE783z3/8Fvr76H+Hv8T6x3/iPGkfry+g0Tp1LdftSq/veN/tJqayOe08/+v3Qp2s+8AAABgs0ir34FP0sn/0mk6OVn7Dv/u2JEunl1aPlSOd86cqH1XfjyG0uJO11jd/dDp/N5wkZ9Zkz8SEXdW7yhur+Yn584u9mpMHWjPzhbtP/Nbqd+1A3puQ+NojU+0AZuY5zVhcGn/MLi0fxhc2j8Mrmbt/1LE9T5UBbjJfP7D4NL+YXBp/zC4tH8YSI2PxBc/t9LJk/4riV3Hu9p8gBKlHr1z1P9oRw8SkfZ913WeSG+FahzIE1sjot2tLvX0mK49fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa/fwMAAP//GCvoLw==")
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0xa2c25)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, 0x0)
writev(r2, &(0x7f000009de80)=[{0x0}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)={0x24, 0x7, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x7}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40080}, 0x4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r7, <r8=>0xffffffffffffffff}, 0x4)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1f, 0x18, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000000000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r9}, 0xc)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r10)
quotactl_fd$Q_GETFMT(r3, 0xffffffff80000401, 0x0, 0x0)

921.834428ms ago: executing program 2 (id=598):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000004c0)=@bpf_lsm={0x6, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0x0, 0x3, 0x0, 0xe1}]}, &(0x7f0000000180)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)

737.576365ms ago: executing program 3 (id=599):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x7, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x2c}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={0xffffffffffffffff, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x8, 0x8, &(0x7f0000000080)}}, 0x10)

602.556137ms ago: executing program 3 (id=600):
syz_mount_image$jffs2(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000300), 0x1, 0x265, &(0x7f0000000340)="$eJxqlWRW4GFgYNi4Qe5JqyTjA0MGBgbZm01OjAwQwASlOTkYGF7vdv+1074nOS0zJ1UvOT8n5f///62STA9WMDAwzGWNYwGpZWNgYHjbCNGTwoAJUpDEGyZ/1N7jqtpQXFmVnZiTk1pEQwbIb7oMDAxWhr4RIL+BMDPUHawsDAwnFdx68pYf0gf5zQDqLxdQWPz+PoMZqv6tIxYP4QCL3ymVoNsJCh8WmJ0cDAwXWnhu/Jh+NAJkpyHUTj8GBoZKaa/vLDA7oWHJhcUOLiTx5Ed3Gr+l879B+BhkHscDAwYGhg3vDe/C/MzIxsbwlc/q7JoFW8wrEktKigwZIBTYfs4HMgwMDJN1Ov/A7Ae5Oevz0lRks5iQzFoTsedW3R4nPbAhRhCzjLCYBfN76GrHc+jhAgpfVqRw0Ys8+Nbp2JmDoHAxgsWFAgPD3727FrCihYuGMpaAUYBiKJC12f2V+JgbBaNgFIyCUTAKRsEoGAWjYBSMglEwCkbBKBgFo2AUjIJRMApGwSgYBaNgFIyCUTAKRsFgBa2STA9ymBkYph4y/88KXY+Acw2BAgODBjMEw4B4SPM1ujp4FIyCIQrQ1/ewoK3viV5oIXDl2+ltaZk5qcbg9T0I9bC1QGxI6rdNYWBGX5sVx8LAYPUkagEb2nogKRZM94DEYOLForN7l/6Y30qPNWejjFHGKGOoMTDLI1AZww4rj7gYGFx3vNyEvm4zm4GBodRlWQI7tDz6vxCiXh1L+aiOJD7BdJeARNkWRv2S3AL94soq3czcxPTU9NQ8IyNjMwMTAwNTI0i5By39AAEAAP//ayHNAA==")

602.136637ms ago: executing program 2 (id=601):
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x201081, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x0, 0x0)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x80)
socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'pimreg1\x00', <r2=>0x0})
r3 = socket(0xb, 0x1, 0x51)
sendmsg$NFT_MSG_GETOBJ(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB="34000000130a03000000000000e5ffff060000030c0006400000000000002303535ce844000000"], 0x34}, 0x1, 0x0, 0x0, 0x450}, 0x801)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@newtfilter={0x2c, 0x2c, 0x800, 0x34bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xc, 0x5}, {0x0, 0x7}, {0x3, 0x4}}, [@TCA_CHAIN={0x8, 0xb, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8895}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0xa001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
read$fb(r6, 0x0, 0x0)
write$uinput_user_dev(r6, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x8031, 0xffffffffffffffff, 0x97a15000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

601.904814ms ago: executing program 3 (id=602):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x28c0800, &(0x7f00000006c0)={[{@codepage={'codepage', 0x3d, 'macturkish'}}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@type={'type', 0x3d, "67369671"}}]}, 0x5, 0x2db, &(0x7f0000000200)="$eJzs3T9v004cx/HPOUmb/lF//rVFSCygQiVYKgoMiCUIZWVnQkCTShVREW2RgIWCGBEPgJ2nwINgAfEEYGLiAXQzusvZdRrbaUsT98/7JTWyz3fn7+ns+L6WIAJwZt1r/vx887f9M1JFFUl3pEBSXapKOqfz9RfrW2tbnXarqKOKa2H/jLotTV+dlfV2VlPbzrXwQrtX1XS6LM3094xDiqLo7q+yg0Dp3N2fIZDG/X3ojtdHHNewbEsXy45h1NITbHa0o5eaKTEcAMAx4J//gX9MTLsioyCQFv1j/1Q9/3fKDuBo3er0FUWFDVLPf7e6i4yd3//cod18zyVa9ngQZ4n7Caa2Z39M3SurZ4FpBmWVLpZgYnWtqqWVt2oFeqeGl6o27z5b3Us3NiDahYzctEB+bzXdn+yOxq0o94pDWl3rtMftRir+OIK5g53x35mv5rt5aEJ9UitZ/1UjY6fJzVS4Z6aCmo3/en6PU66VrSU/sEajEfRU+d+d5II/gzdglPXsjCTdZ/yCYDuJoChOd+5Z9b5W6I5ueUCruaxWYbKX02q+p1XFXwlLK886ha9ShiMeovloHpgF/dEXNVPr/8DGt6jUnVn0VW9cTX9ldMczll2z6mqGfU+O3dvlUhKBN37gsUHKe1uW44Oe6LZmNl+9flrpdNobduNxxsbz6Q3jS2rvpcw6w9+oqKCOtndLIutNFO2352iYwV870g7t90dSYm+frMr2LktKglFP01nZaH5T0QV5cjaiSMo5NLTvKRwjmyaedLdb1UTZEWHE7LrLdPM/t5L3qzqXoNiPsGCdXpxkqqfH5SSD610KzrrPyQNlcFP5GVzqjDdyckaXc12+Kl1JFRoVnjH0cZ4SpqkfesT7fwAAAAAAAAAAAAAAAAAAgJNmFP/SoOwxAgAAAAAAAAAAAAAAAAAAAABw0h3q93+z/o949/u/4Uh+/xfA0fgbAAD//wA5eM4=")
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioperm(0x7, 0x81, 0x2)
mremap(&(0x7f0000041000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00004c3000/0x2000)=nil)
r3 = socket$kcm(0x29, 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000080)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, 0x0)
write$cgroup_pressure(r3, &(0x7f0000000140)={'full'}, 0xfffffdef)
ioctl$int_in(r3, 0x5452, &(0x7f0000000240)=0x3)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000500)={0xa, 0x2, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r4, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r4, &(0x7f0000000340)='G', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
shutdown(r4, 0x1)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f00004c4000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000380)=""/205, 0xcd, 0x0, &(0x7f0000000000)=""/4, 0x4}, &(0x7f0000000100)=0x40)
sendmsg$kcm(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x20000818)
setsockopt$sock_attach_bpf(r3, 0x1, 0x7, &(0x7f0000000340), 0x4)
read$FUSE(r0, &(0x7f0000003980)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_ATTR(r0, &(0x7f0000000240)={0x78, 0x0, r5, {0x2000000007, 0x0, 0x0, {0x0, 0x0, 0x55, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x4, 0x6000, 0x6, 0x0, 0x0, 0x8000}}}, 0x78)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x48e02, 0x0)
close(r6)

0s ago: executing program 1 (id=603):
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000003a40), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
recvmmsg(r1, &(0x7f0000002280)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000010f40)=""/17, 0x11}, 0x8}], 0x1, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000000, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x9, 0x6ea, &(0x7f0000000b80)="$eJzs3c9vHGf9B/D3rNeON98qX6dNaCSKsBKpIEUkTqwUwiUGIZRDhapy6NlKnMbqJqkSF6UFQQoITkgc+gcUJN84ICTuQeHCpdx69bESUi8RQlEltGhmZ9e79jr2Jv6RwOsVjed55sfzfOYzz8x411ltgP9Zl0+neT9FLp9+/W5ZX1udb6+tzh+qV7eTlOVG0uzOUtxMigfJQrm+GJgyMN/ko+WLb376cO2zbq1ZT9X2E/39pncU8og+7tVTZuv2ZkfuObmj9rttVeHlhSRX6vmwqZ22NbRhmbRT9RwOXGeTe+PsvuX1Djz7qqfTj7+czFTPzU1mksP1k7n6naC+OzT2Ncg9MNZdDgAAAJ5Tn9w66AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg+VOk+v7/op4a9TyzKXrf/z/VW1aXn0ELO97y/p7GAQAAAAAAAAD746uP8ih3c6RX7xTV3/xPVpVj+aKT/F/ey50s5XbO5G4Ws5KV3M65JDMDDU3dXVxZuX2uv2dp9J7nR+55fr+OGAAAAAAAAAD+K/08rfW//wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwLOgSCa6s2o6lvyrnGcmjWbW1+Ve8vckUwcd7xiKDfV/d7oOKBwAAAB4MtNPsM//P8qj3M2R3uvjTlG+5s+Xqvp03svNrGQ5K2lnKVfr19Dlq/7G2up8e211/kY5lfXhOL7z+VhhTNUtTFS1UT2fqLZo5VqWqyVncqUK5moa3b5PJSd68QzENeDDz9fDvHRph5E167SWnf12xLsIu+f+UK3xmC1b68El/YzM1bGVex7tZqCo3qhJNmZi27PTHKrNVK1O9ns6l0b/nZ9j2+c8xaXaNr32HK7n5fH8ak9zPq5+JhqpMnG+N/rKa+bxmUi+9uc/vHW9ffOd69funH52DmkbE1ss3zgm5gcy8fJznYnmmNvPVZk43q9fzvfzw5zObN7I7SznR1nMSpbSe6NxsR7P5c+Zx2dqYaj2xnaRTNXnpXvOdhLTbL5XlRZzstr3SJZT5FauZimvVf/O51y+mQu5kIsDZ/j4lnFXx1Zd9Y2NV33vTP9lZPCnvl4Xyrvbr9fvcguPO+KtRudu6d77y7weHchrd9Q/7G91dOA6mBvI0ou97EyObHy8e+OGt9rLPn6xzXNif83UmSgvoN5TohfdS91MNKtn0eZx/rtOuV/aNzud64vvbtH+vQ31V+t5OaxWv7Ld1j2jT8XuKk/Vi5mu7yTDo6Nc91L/LjOwrrM+lrvrhp+45X7Hq3VF0btSf5Bb1QDYfKVO1b/DbWip38XLI3uZr/Y7MbBu6Pet3Eo7V/chfwA8ib+91S/O5PBU6x+tT1oft37Zut56ffq7h7516JWpTP518tvNuYlXG68Uf8rH+Wn1+h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhKd97/4J3Fdnvp9uhCY+tVQ4VWNi7ZquVDo9sp6i/02UFfz0VhOsnQkup7jnali+YY7bQ2htEtTCSpl3R+lux7fnrfaTV6m9+UheamETWqsDC05I+bG/xwzAiLnV0Xe1hoZH87LcfCqFUHeFMC9sXZlRvvnr3z/gffWL6x+PbS20s3Jy9cuDh38cJr82evLbeX5ro/DzpKYC+sP/QPOhIAAAAAAAAAAABgp0Z9MODkCyM/NDLuZzz8z0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgV1w+neb9FDk3d2aurK+tzrfLqVde37KZpNFIip8kxYNkId0pMwPNFfn9g3RG9PPR8sU3P3249tl6W83u9kmjnm/t8WuT3KunzCaZqOdPYai9K0/dXvHP3jGUCfui0+ksPF18sDv+EwAA//8BQfjb")
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
setpriority(0x2, 0x0, 0x4)
symlink(&(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r2 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000480)={0x60, 0x0, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x7, &(0x7f0000000040)=[{0x0, 0x0, 0x800000000}], 0xaaaaaaaaaaaac67, 0x1, 0x0, 0x2, 0x0, 0x2})
mknod$loop(0x0, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, 0x0)

kernel console output (not intermixed with test programs):

08.656310][ T6859] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  108.701234][ T6859] F2FS-fs (loop1): inject dquot initialize in f2fs_dquot_initialize of f2fs_create+0x14c/0x5c0
[  108.764770][    C0] F2FS-fs (loop1): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  108.775289][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  108.775317][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  108.775328][    C0] Call Trace:
[  108.775335][    C0]  <TASK>
[  108.775342][    C0]  dump_stack_lvl+0x189/0x250
[  108.775370][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.775391][    C0]  ? __pfx_queue_work_on+0x10/0x10
[  108.775410][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  108.775436][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  108.775463][    C0]  ? f2fs_hw_is_readonly+0x39b/0x470
[  108.775486][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  108.775513][    C0]  f2fs_write_end_io+0x886/0xb60
[  108.775535][    C0]  blk_update_request+0x57e/0xe60
[  108.775560][    C0]  blk_mq_end_request+0x3e/0x70
[  108.775580][    C0]  blk_flush_complete_seq+0x678/0xcc0
[  108.775606][    C0]  flush_end_io+0xbaf/0xe60
[  108.775633][    C0]  __blk_mq_end_request+0x423/0x600
[  108.775658][    C0]  blk_done_softirq+0x10a/0x160
[  108.775679][    C0]  handle_softirqs+0x286/0x870
[  108.775699][    C0]  ? run_ksoftirqd+0x9b/0x100
[  108.775721][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  108.775738][    C0]  ? schedule+0x91/0x360
[  108.775761][    C0]  ? rcu_is_watching+0x15/0xb0
[  108.775779][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  108.775797][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  108.775821][    C0]  run_ksoftirqd+0x9b/0x100
[  108.775841][    C0]  ? __pfx_run_ksoftirqd+0x10/0x10
[  108.775864][    C0]  smpboot_thread_fn+0x542/0xa60
[  108.775881][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  108.775902][    C0]  kthread+0x711/0x8a0
[  108.775924][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  108.775942][    C0]  ? __pfx_kthread+0x10/0x10
[  108.775962][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.775986][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  108.776002][    C0]  ? __pfx_kthread+0x10/0x10
[  108.776024][    C0]  ret_from_fork+0x3f9/0x770
[  108.776043][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  108.776062][    C0]  ? __switch_to_asm+0x39/0x70
[  108.776084][    C0]  ? __switch_to_asm+0x33/0x70
[  108.776106][    C0]  ? __pfx_kthread+0x10/0x10
[  108.776125][    C0]  ret_from_fork_asm+0x1a/0x30
[  108.776153][    C0]  </TASK>
[  108.776161][    C0] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  108.997487][ T5867] F2FS-fs (loop1): do_checkpoint failed err:-5, stop checkpoint
[  109.361757][ T6907] loop4: detected capacity change from 0 to 512
[  109.406890][ T6907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.451493][ T6907] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  109.515402][ T6907] EXT4-fs error (device loop4): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.4.224: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[  109.574025][ T6907] EXT4-fs error (device loop4): ext4_get_first_dir_block:3540: inode #12: comm syz.4.224: directory missing '.'
[  109.774130][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.025306][ T6928] tipc: Started in network mode
[  110.030219][ T6928] tipc: Node identity 6efd42b2bf2c, cluster identity 4711
[  110.141436][ T6928] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  110.195159][ T6930] syzkaller0: entered promiscuous mode
[  110.200651][ T6930] syzkaller0: entered allmulticast mode
[  110.365398][ T6928] tipc: Resetting bearer <eth:syzkaller0>
[  110.411877][ T6927] tipc: Resetting bearer <eth:syzkaller0>
[  110.442530][ T6927] tipc: Disabling bearer <eth:syzkaller0>
[  110.652946][ T6936] trusted_key: syz.2.231 sent an empty control message without MSG_MORE.
[  110.912702][ T6886] loop3: detected capacity change from 0 to 131072
[  110.981195][ T6886] F2FS-fs (loop3): invalid crc value
[  111.216476][ T6886] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  111.240193][ T6886] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  111.292363][ T6934] loop4: detected capacity change from 0 to 40427
[  111.311393][ T6934] F2FS-fs: heap/no_heap options were deprecated
[  111.333373][ T6934] F2FS-fs (loop4): build fault injection rate: 19
[  111.362517][ T6934] F2FS-fs (loop4): build fault injection type: 0x77e8c
[  111.388127][ T6934] F2FS-fs (loop4): invalid crc value
[  111.409109][ T6934] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  111.453091][ T6934] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0
[  111.465825][    C0] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  111.560487][ T6934] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  111.586668][ T6934] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  111.608086][ T6965] FAULT_INJECTION: forcing a failure.
[  111.608086][ T6965] name failslab, interval 1, probability 0, space 0, times 1
[  111.636863][ T6965] CPU: 0 UID: 0 PID: 6965 Comm: syz.1.240 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  111.636890][ T6965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  111.636901][ T6965] Call Trace:
[  111.636907][ T6965]  <TASK>
[  111.636915][ T6965]  dump_stack_lvl+0x189/0x250
[  111.636938][ T6965]  ? __pfx____ratelimit+0x10/0x10
[  111.636961][ T6965]  ? __pfx_dump_stack_lvl+0x10/0x10
[  111.636979][ T6965]  ? __pfx__printk+0x10/0x10
[  111.637001][ T6965]  ? __pfx___might_resched+0x10/0x10
[  111.637017][ T6965]  ? lock_acquire+0x5f/0x360
[  111.637040][ T6965]  should_fail_ex+0x414/0x560
[  111.637063][ T6965]  should_failslab+0xa8/0x100
[  111.637085][ T6965]  kmem_cache_alloc_noprof+0x73/0x3c0
[  111.637106][ T6965]  ? __anon_vma_prepare+0x117/0x4a0
[  111.637128][ T6965]  __anon_vma_prepare+0x117/0x4a0
[  111.637151][ T6965]  do_wp_page+0x3938/0x5800
[  111.637174][ T6965]  ? rcu_is_watching+0x15/0xb0
[  111.637190][ T6965]  ? lock_acquire+0x5f/0x360
[  111.637212][ T6965]  ? __pfx_do_wp_page+0x10/0x10
[  111.637230][ T6965]  ? do_raw_spin_lock+0x121/0x290
[  111.637247][ T6965]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  111.637262][ T6965]  ? ___pte_offset_map+0x45/0x250
[  111.637283][ T6965]  __handle_mm_fault+0x1033/0x5440
[  111.637306][ T6965]  ? __pfx___handle_mm_fault+0x10/0x10
[  111.637322][ T6965]  ? lock_release+0x4b/0x3e0
[  111.637343][ T6965]  ? rcu_is_watching+0x15/0xb0
[  111.637356][ T6965]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[  111.637376][ T6965]  handle_mm_fault+0x40a/0x8e0
[  111.637397][ T6965]  do_user_addr_fault+0xa81/0x1390
[  111.637421][ T6965]  ? rcu_is_watching+0x15/0xb0
[  111.637433][ T6965]  ? trace_page_fault_user+0x84/0x1e0
[  111.637447][ T6965]  exc_page_fault+0x76/0xf0
[  111.637462][ T6965]  asm_exc_page_fault+0x26/0x30
[  111.637477][ T6965] RIP: 0033:0x7f6beb050ba3
[  111.637491][ T6965] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  111.637504][ T6965] RSP: 002b:00007f6bebfc84a0 EFLAGS: 00010206
[  111.637519][ T6965] RAX: 00000000000001b1 RBX: 00007f6bebfc8540 RCX: 00007f6be0e00000
[  111.637529][ T6965] RDX: 00007f6bebfc86e0 RSI: 0000000000000003 RDI: 00007f6bebfc85e0
[  111.637540][ T6965] RBP: 00000000000000ae R08: 0000000000000008 R09: 00000000000000aa
[  111.637549][ T6965] R10: 00000000000000b8 R11: 00007f6bebfc8540 R12: 0000000000000001
[  111.637559][ T6965] R13: 00007f6beb22d980 R14: 00000000000000ff R15: 00007f6bebfc85e0
[  111.637576][ T6965]  </TASK>
[  111.640148][ T6965] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  111.940862][ T6965] loop1: detected capacity change from 0 to 1764
[  112.035835][ T6965] isofs_fill_super: get root inode failed
[  112.056009][ T6934] F2FS-fs (loop4): inject dquot initialize in f2fs_dquot_initialize of f2fs_create+0x14c/0x5c0
[  112.120652][    C1] F2FS-fs (loop4): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  112.131180][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  112.131210][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  112.131223][    C1] Call Trace:
[  112.131229][    C1]  <TASK>
[  112.131237][    C1]  dump_stack_lvl+0x189/0x250
[  112.131266][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  112.131287][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  112.131308][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  112.131336][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  112.131363][    C1]  ? f2fs_hw_is_readonly+0x39b/0x470
[  112.131390][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  112.131417][    C1]  f2fs_write_end_io+0x886/0xb60
[  112.131441][    C1]  blk_update_request+0x57e/0xe60
[  112.131469][    C1]  blk_mq_end_request+0x3e/0x70
[  112.131490][    C1]  blk_flush_complete_seq+0x678/0xcc0
[  112.131518][    C1]  flush_end_io+0xbaf/0xe60
[  112.131545][    C1]  __blk_mq_end_request+0x423/0x600
[  112.131570][    C1]  blk_done_softirq+0x10a/0x160
[  112.131589][    C1]  handle_softirqs+0x286/0x870
[  112.131610][    C1]  ? run_ksoftirqd+0x9b/0x100
[  112.131632][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  112.131650][    C1]  ? schedule+0x91/0x360
[  112.131674][    C1]  ? rcu_is_watching+0x15/0xb0
[  112.131693][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  112.131712][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  112.131728][    C1]  run_ksoftirqd+0x9b/0x100
[  112.131756][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  112.131779][    C1]  smpboot_thread_fn+0x542/0xa60
[  112.131797][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  112.131819][    C1]  kthread+0x711/0x8a0
[  112.131842][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  112.131860][    C1]  ? __pfx_kthread+0x10/0x10
[  112.131883][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  112.131909][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  112.131926][    C1]  ? __pfx_kthread+0x10/0x10
[  112.131948][    C1]  ret_from_fork+0x3f9/0x770
[  112.131968][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  112.131989][    C1]  ? __switch_to_asm+0x39/0x70
[  112.132012][    C1]  ? __switch_to_asm+0x33/0x70
[  112.132034][    C1]  ? __pfx_kthread+0x10/0x10
[  112.132056][    C1]  ret_from_fork_asm+0x1a/0x30
[  112.132086][    C1]  </TASK>
[  112.132093][    C1] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  112.133267][ T6967] netlink: 4 bytes leftover after parsing attributes in process `syz.1.241'.
[  112.378076][ T5860] F2FS-fs (loop4): do_checkpoint failed err:-5, stop checkpoint
[  112.424805][ T6969] loop3: detected capacity change from 0 to 512
[  112.453212][ T6970] netlink: 4 bytes leftover after parsing attributes in process `syz.1.241'.
[  112.523954][ T6969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.595285][ T6969] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  112.687973][ T6981] netlink: 44 bytes leftover after parsing attributes in process `syz.1.243'.
[  113.470906][ T6969] EXT4-fs error (device loop3): ext4_get_first_dir_block:3537: inode #12: block 32: comm syz.3.238: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=2048 fake=0
[  113.636960][ T6989] loop4: detected capacity change from 0 to 4096
[  113.650655][ T6969] EXT4-fs error (device loop3): ext4_get_first_dir_block:3540: inode #12: comm syz.3.238: directory missing '.'
[  114.095485][ T6996] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  114.205309][ T6984] hugetlbfs: syz.1.244 (6984): Using mlock ulimits for SHM_HUGETLB is obsolete
[  114.222850][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.780442][ T7012] gtp0: entered promiscuous mode
[  114.789109][ T7012] gtp0: entered allmulticast mode
[  114.855161][ T7010] 9pnet_fd: Insufficient options for proto=fd
[  114.893501][ T7018] loop1: detected capacity change from 0 to 2048
[  114.959341][ T7018] Alternate GPT is invalid, using primary GPT.
[  114.968795][ T7025] netlink: 4 bytes leftover after parsing attributes in process `syz.3.253'.
[  114.978025][ T7018]  loop1: p1 p2 p3
[  116.508816][ T7035] loop1: detected capacity change from 0 to 32768
[  116.530564][ T7035] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.256 (7035)
[  116.566850][ T7035] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  116.587243][ T7035] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  116.666302][ T7035] BTRFS info (device loop1): enabling ssd optimizations
[  116.673274][ T7035] BTRFS info (device loop1): enabling free space tree
[  116.682040][ T7035] BTRFS info (device loop1): use zstd compression, level 3
[  116.727426][   T30] audit: type=1800 audit(1755248387.989:37): pid=7035 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.256" name="file1" dev="loop1" ino=260 res=0 errno=0
[  116.924903][ T7037] loop4: detected capacity change from 0 to 32768
[  116.931960][ T7037] XFS: noikeep mount option is deprecated.
[  116.960982][ T7037] xfs: Unknown parameter 'barrier'
[  117.126011][ T5867] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  119.124651][ T7041] loop3: detected capacity change from 0 to 131072
[  119.148127][ T7041] F2FS-fs (loop3): invalid crc value
[  119.226892][ T7041] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  119.253481][ T7041] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  119.308682][ T7083] loop2: detected capacity change from 0 to 40427
[  119.324947][ T7083] f2fs: Unknown parameter 'econtinue'
[  119.351129][ T7091] [U] �{���t�@�6mjR���!]D���It?6H0Vr$�h�8�s��f��~�E�N��xS�H=��!��(�$8>��h]�
[  119.360179][ T7091] [U] Z�M��i���#}�I� �A}
[  119.370140][ T7091] [U] �ƦGw��+/��[)�/��%�ţgB#D�KD#*��L#�,�3Ss.3[+�/T��/"��ƨW�"�Ofo�Cw�k��\�x=!�਱l�����A���|ZY��	�E+�̴
[  119.382227][ T7091] [U] ���
[  119.385168][ T7091] [U] �‘EMgjfv!��5�!��L��r�D4�'�'b+��M��M���9�R���_��c���P���`3�
[  119.393791][ T7091] [U] �����q����l@�)�1�Ɣo�Xq�
��{uO�L���J��4�4~V�	��D��C��
[  119.401828][    C1] vkms_vblank_simulate: vblank timer overrun
[  119.415592][ T7090] [U] �:�8�
��~EVu3��$��9��v�������9H��,�;G�{P=�u���qWh�P�R��kVcmu�^�9��Q9�m7�TŽQD	Pf3��#%j�w?m�9o�i�z�GQr���}�z�
[  119.577628][ T7083] loop2: detected capacity change from 0 to 256
[  119.602694][ T7083] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  120.288446][ T7094] loop4: detected capacity change from 0 to 32768
[  120.309701][ T7094] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.270 (7094)
[  120.355135][ T7094] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  120.383459][ T7094] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  120.454462][ T7096] loop1: detected capacity change from 0 to 40427
[  120.479984][ T7096] F2FS-fs: heap/no_heap options were deprecated
[  120.501263][ T7096] F2FS-fs (loop1): build fault injection rate: 19
[  120.514681][ T7096] F2FS-fs (loop1): build fault injection type: 0x77e8c
[  120.532639][ T7096] F2FS-fs (loop1): invalid crc value
[  120.538923][ T7094] BTRFS info (device loop4): enabling ssd optimizations
[  120.547671][ T7094] BTRFS info (device loop4): enabling free space tree
[  120.560103][ T7094] BTRFS info (device loop4): use zstd compression, level 3
[  120.629776][   T30] audit: type=1800 audit(1755248391.849:38): pid=7094 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.270" name="file1" dev="loop4" ino=260 res=0 errno=0
[  120.833320][ T6089] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  120.906464][ T7096] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  121.003438][ T6089] usb 3-1: Using ep0 maxpacket: 32
[  121.040533][ T7096] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0
[  121.040719][ T6089] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.108483][ T6089] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.179915][    C0] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  121.199278][ T5860] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  121.231415][ T6089] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  121.347367][ T6089] usb 3-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  121.371800][ T7096] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  121.395011][ T6089] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.417798][ T6089] usb 3-1: config 0 descriptor??
[  121.453244][ T7096] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  121.487796][ T7096] F2FS-fs (loop1): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x509/0x1050
[  121.532730][ T7096] F2FS-fs (loop1): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x11a/0xab0
[  121.599059][ T5867] syz-executor: attempt to access beyond end of device
[  121.599059][ T5867] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  121.616277][ T5867] CPU: 0 UID: 0 PID: 5867 Comm: syz-executor Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  121.616302][ T5867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  121.616312][ T5867] Call Trace:
[  121.616318][ T5867]  <TASK>
[  121.616325][ T5867]  dump_stack_lvl+0x189/0x250
[  121.616350][ T5867]  ? __pfx_dump_stack_lvl+0x10/0x10
[  121.616370][ T5867]  ? __pfx_queue_work_on+0x10/0x10
[  121.616386][ T5867]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  121.616409][ T5867]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  121.616434][ T5867]  f2fs_handle_critical_error+0x37c/0x540
[  121.616458][ T5867]  f2fs_write_end_io+0x886/0xb60
[  121.616478][ T5867]  __submit_merged_bio+0x27a/0x6a0
[  121.616509][ T5867]  __submit_merged_write_cond+0x255/0x530
[  121.616532][ T5867]  f2fs_write_data_pages+0x261d/0x3000
[  121.616566][ T5867]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.616604][ T5867]  ? __mod_zone_page_state+0xd7/0x140
[  121.616628][ T5867]  ? folios_put_refs+0x560/0x640
[  121.616650][ T5867]  ? __pfx_folios_put_refs+0x10/0x10
[  121.616666][ T5867]  ? rcu_is_watching+0x15/0xb0
[  121.616682][ T5867]  ? lru_add+0xa2f/0xd80
[  121.616698][ T5867]  ? lru_add+0x198/0xd80
[  121.616714][ T5867]  ? do_raw_spin_lock+0x121/0x290
[  121.616737][ T5867]  ? do_raw_spin_unlock+0x122/0x240
[  121.616755][ T5867]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  121.616777][ T5867]  do_writepages+0x32b/0x550
[  121.616798][ T5867]  ? rcu_is_watching+0x15/0xb0
[  121.616815][ T5867]  ? do_raw_spin_unlock+0x122/0x240
[  121.616835][ T5867]  filemap_fdatawrite+0x199/0x240
[  121.616857][ T5867]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  121.616892][ T5867]  ? rcu_is_watching+0x15/0xb0
[  121.616909][ T5867]  ? do_raw_spin_unlock+0x122/0x240
[  121.616928][ T5867]  f2fs_sync_dirty_inodes+0x31f/0x830
[  121.616950][ T5867]  f2fs_write_checkpoint+0x95a/0x1df0
[  121.616975][ T5867]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  121.617008][ T5867]  ? kill_f2fs_super+0x298/0x6c0
[  121.617026][ T5867]  kill_f2fs_super+0x2c3/0x6c0
[  121.617044][ T5867]  ? __pfx_kill_f2fs_super+0x10/0x10
[  121.617058][ T5867]  ? radix_tree_delete_item+0x2b6/0x400
[  121.617083][ T5867]  ? shrinker_free+0x2ce/0x3e0
[  121.617100][ T5867]  deactivate_locked_super+0xbc/0x130
[  121.617121][ T5867]  cleanup_mnt+0x425/0x4c0
[  121.617141][ T5867]  task_work_run+0x1d4/0x260
[  121.617162][ T5867]  ? __pfx_task_work_run+0x10/0x10
[  121.617181][ T5867]  ? __x64_sys_umount+0x122/0x160
[  121.617201][ T5867]  ? __pfx___x64_sys_umount+0x10/0x10
[  121.617221][ T5867]  ? rcu_is_watching+0x15/0xb0
[  121.617238][ T5867]  exit_to_user_mode_loop+0xec/0x110
[  121.617259][ T5867]  do_syscall_64+0x2bd/0x3b0
[  121.617277][ T5867]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.617292][ T5867]  ? clear_bhb_loop+0x60/0xb0
[  121.617309][ T5867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.617325][ T5867] RIP: 0033:0x7f6beb18ff17
[  121.617347][ T5867] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  121.617361][ T5867] RSP: 002b:00007ffd370f7008 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  121.617384][ T5867] RAX: 0000000000000000 RBX: 00007f6beb211c05 RCX: 00007f6beb18ff17
[  121.617396][ T5867] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd370f70c0
[  121.617407][ T5867] RBP: 00007ffd370f70c0 R08: 0000000000000000 R09: 0000000000000000
[  121.617418][ T5867] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd370f8150
[  121.617430][ T5867] R13: 00007f6beb211c05 R14: 000000000001dacc R15: 00007ffd370f8190
[  121.617449][ T5867]  </TASK>
[  121.617666][ T5867] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  121.982326][ T6089] usbhid 3-1:0.0: can't add hid device: -71
[  121.989818][ T6089] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  122.001305][ T6089] usb 3-1: USB disconnect, device number 9
[  122.578917][ T7147] loop3: detected capacity change from 0 to 32768
[  122.596835][ T7147] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  122.615425][ T7147] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.715127][ T7147] XFS (loop3): Ending clean mount
[  122.729397][ T7147] XFS (loop3): Quotacheck needed: Please wait.
[  122.740279][ T4463] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_cntbt block 0x10 
[  122.747029][ T7172] x_tables: ip_tables: udp match: only valid for protocol 17
[  122.754621][ T4463] XFS (loop3): Unmount and run xfs_repair
[  123.125874][ T4463] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  123.133809][ T4463] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[  123.143104][ T4463] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  123.152609][ T4463] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  123.162055][ T4463] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[  123.184302][ T4463] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  123.197478][ T4463] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[  123.208368][ T4463] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  123.219656][ T4463] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  123.229019][ T4463] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x10 len 8 error 74
[  123.241941][ T7147] XFS (loop3): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  123.260869][ T7179] loop2: detected capacity change from 0 to 1764
[  123.268973][ T7179] isofs_fill_super: get root inode failed
[  123.421945][ T5861] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  123.442621][ T5861] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair.
[  124.211826][ T7186] loop2: detected capacity change from 0 to 32768
[  124.246386][ T7186] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  124.266008][ T7186] XFS (loop2): Ending clean mount
[  124.289446][ T7186] netlink: 'syz.2.291': attribute type 10 has an invalid length.
[  124.302917][ T7186] 8021q: adding VLAN 0 to HW filter on device batadv0
[  124.320279][ T7186] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  124.348087][ T7186] bond0: entered promiscuous mode
[  124.356972][ T7186] bond_slave_0: entered promiscuous mode
[  124.364645][ T7186] bond_slave_1: entered promiscuous mode
[  124.370605][ T7186] batadv0: entered promiscuous mode
[  124.396017][   T30] audit: type=1326 audit(1755248395.650:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7182 comm="syz.0.289" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdbf378ebe9 code=0x0
[  124.447657][ T7206] loop1: detected capacity change from 0 to 2048
[  124.477691][ T5857] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  124.540355][ T7206] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.654711][ T7215] loop4: detected capacity change from 0 to 512
[  124.675217][ T7213] loop3: detected capacity change from 0 to 4096
[  124.694657][ T7215] EXT4-fs: Ignoring removed nobh option
[  124.714886][ T7213] ntfs3(loop3): ino=4, mi_enum_attr
[  124.720139][ T7213] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  124.744184][ T7213] ntfs3(loop3): Failed to load $AttrDef (-22)
[  124.750600][ T7215] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  124.765041][ T7215] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  124.792994][ T7215] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.297: casefold flag without casefold feature
[  124.855578][ T7215] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.297: couldn't read orphan inode 13 (err -117)
[  124.878365][ T7215] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.555914][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.669168][ T7235] loop3: detected capacity change from 0 to 512
[  125.702219][ T7235] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  125.755376][ T7237] syz_tun: entered promiscuous mode
[  125.763063][ T7237] syz_tun: left promiscuous mode
[  125.797111][ T7235] EXT4-fs (loop3): 1 truncate cleaned up
[  125.805153][ T7235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.248245][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.335002][ T7259] FAULT_INJECTION: forcing a failure.
[  127.335002][ T7259] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  127.350507][ T7259] CPU: 0 UID: 0 PID: 7259 Comm: syz.3.307 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  127.350532][ T7259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  127.350543][ T7259] Call Trace:
[  127.350550][ T7259]  <TASK>
[  127.350559][ T7259]  dump_stack_lvl+0x189/0x250
[  127.350584][ T7259]  ? __pfx____ratelimit+0x10/0x10
[  127.350606][ T7259]  ? __pfx_dump_stack_lvl+0x10/0x10
[  127.350623][ T7259]  ? __pfx__printk+0x10/0x10
[  127.350642][ T7259]  ? __might_fault+0xb0/0x130
[  127.350666][ T7259]  ? rcu_is_watching+0x15/0xb0
[  127.350684][ T7259]  should_fail_ex+0x414/0x560
[  127.350708][ T7259]  _copy_from_user+0x2d/0xb0
[  127.350727][ T7259]  memdup_user+0x5e/0xd0
[  127.350744][ T7259]  strndup_user+0x68/0xd0
[  127.350761][ T7259]  __se_sys_mount+0x9c/0x410
[  127.350784][ T7259]  ? ksys_write+0x22a/0x250
[  127.350805][ T7259]  ? __pfx___se_sys_mount+0x10/0x10
[  127.350825][ T7259]  ? rcu_is_watching+0x15/0xb0
[  127.350842][ T7259]  ? rcu_is_watching+0x15/0xb0
[  127.350857][ T7259]  ? __x64_sys_mount+0x20/0xc0
[  127.350879][ T7259]  do_syscall_64+0xfa/0x3b0
[  127.350897][ T7259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.350913][ T7259]  ? clear_bhb_loop+0x60/0xb0
[  127.350931][ T7259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.350954][ T7259] RIP: 0033:0x7f6e7418ebe9
[  127.350969][ T7259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.350984][ T7259] RSP: 002b:00007f6e75040038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  127.351003][ T7259] RAX: ffffffffffffffda RBX: 00007f6e743b5fa0 RCX: 00007f6e7418ebe9
[  127.351015][ T7259] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000000000000000
[  127.351026][ T7259] RBP: 00007f6e75040090 R08: 0000200000000300 R09: 0000000000000000
[  127.351037][ T7259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.351047][ T7259] R13: 00007f6e743b6038 R14: 00007f6e743b5fa0 R15: 00007fff3133a018
[  127.351066][ T7259]  </TASK>
[  127.625659][ T7211] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[  127.640858][ T7206] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 2048 with error 117
[  127.911918][ T7206] EXT4-fs (loop1): This should not happen!! Data will be lost
[  127.911918][ T7206] 
[  128.007045][ T7216] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 2066 with max blocks 2048 with error 28
[  128.083619][ T7216] EXT4-fs (loop1): This should not happen!! Data will be lost
[  128.083619][ T7216] 
[  128.171006][ T7267] blktrace: Concurrent blktraces are not allowed on sg0
[  128.399504][ T7216] EXT4-fs (loop1): Total free blocks count 0
[  128.474266][ T7216] EXT4-fs (loop1): Free/Dirty block details
[  128.480197][ T7216] EXT4-fs (loop1): free_blocks=0
[  128.493733][ T7268] netlink: 24 bytes leftover after parsing attributes in process `syz.4.311'.
[  128.599135][ T7272] loop4: detected capacity change from 0 to 64
[  128.830293][ T7216] EXT4-fs (loop1): dirty_blocks=5072
[  128.835889][ T7216] EXT4-fs (loop1): Block reservation details
[  129.047279][ T7263] loop2: detected capacity change from 0 to 32768
[  129.074587][ T7263] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.309 (7263)
[  129.233312][ T7263] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  129.244025][ T7263] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  129.637014][ T7263] BTRFS info (device loop2): rebuilding free space tree
[  129.654449][ T7263] BTRFS info (device loop2): allowing degraded mounts
[  129.661852][ T7263] BTRFS info (device loop2): enabling ssd optimizations
[  129.670363][ T7263] BTRFS info (device loop2): enabling free space tree
[  129.678864][ T7263] BTRFS info (device loop2): force clearing of disk cache
[  129.687034][ T7263] BTRFS info (device loop2): use zstd compression, level 3
[  129.694513][ T7263] BTRFS info (device loop2): max_inline set to 0
[  129.696435][ T6089] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  129.729756][   T30] audit: type=1800 audit(1755248400.990:40): pid=7263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.309" name="bus" dev="loop2" ino=263 res=0 errno=0
[  129.882226][ T6089] usb 4-1: Using ep0 maxpacket: 16
[  129.890175][ T6089] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  129.906320][ T6089] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  129.948955][ T7295] loop1: detected capacity change from 0 to 32768
[  129.994149][ T7295] 
[  129.994149][ T7295]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  129.994149][ T7295] 
[  130.007067][ T6089] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  130.024424][ T6089] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  130.039464][ T6089] usb 4-1: New USB device found, idVendor=1608, idProduct=0303, bcdDevice=a1.cb
[  130.049054][ T6089] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.064214][   T30] audit: type=1326 audit(1755248401.330:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7262 comm="syz.2.309" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4b98b8ebe9 code=0x0
[  130.069298][ T6089] usb 4-1: Product: syz
[  130.106687][ T7304] read_mapping_page failed!
[  130.118928][ T6089] usb 4-1: Manufacturer: syz
[  130.126935][ T6089] usb 4-1: SerialNumber: syz
[  130.148854][ T7304] ERROR: (device loop1): txCommit: 
[  130.148854][ T7304] 
[  130.157924][ T6089] usb 4-1: config 0 descriptor??
[  130.222109][ T5937] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  130.236809][ T5867] 
[  130.236809][ T5867]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  130.236809][ T5867] 
[  130.255939][ T5867] 
[  130.255939][ T5867]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  130.255939][ T5867] 
[  130.372094][ T5937] usb 5-1: Using ep0 maxpacket: 32
[  130.378797][ T5937] usb 5-1: config 0 has an invalid interface number: 83 but max is 0
[  130.387186][ T5937] usb 5-1: config 0 has no interface number 0
[  130.433141][ T5937] usb 5-1: config 0 interface 83 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  130.482190][ T5937] usb 5-1: config 0 interface 83 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  130.519974][ T5937] usb 5-1: config 0 interface 83 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  130.673900][ T5937] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=d8.11
[  130.792694][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.916753][ T5937] usb 5-1: Product: syz
[  130.934270][ T5937] usb 5-1: Manufacturer: syz
[  130.947429][ T5937] usb 5-1: SerialNumber: syz
[  130.963620][ T5937] usb 5-1: config 0 descriptor??
[  130.971259][ T5937] redrat3 5-1:0.83: Couldn't find all endpoints
[  131.029273][ T5857] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  132.114810][ T6089] io_ti 4-1:0.0: required endpoints missing
[  132.163930][ T6089] usb 4-1: USB disconnect, device number 7
[  132.166512][ T5937] usb 5-1: USB disconnect, device number 5
[  132.562965][ T7325] loop3: detected capacity change from 0 to 256
[  132.679242][ T7331] sctp: [Deprecated]: syz.1.328 (pid 7331) Use of struct sctp_assoc_value in delayed_ack socket option.
[  132.679242][ T7331] Use struct sctp_sack_info instead
[  132.704877][ T7333] loop2: detected capacity change from 0 to 256
[  132.712176][ T7333] exfat: Deprecated parameter 'utf8'
[  132.719530][ T7331] usb usb8: usbfs: process 7331 (syz.1.328) did not claim interface 0 before use
[  132.743926][ T7325] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  132.773935][ T7333] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  132.789236][ T7336] loop4: detected capacity change from 0 to 512
[  132.810440][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  132.816990][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  132.882891][ T7336] EXT4-fs: Ignoring removed nobh option
[  132.974911][ T7336] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  132.984538][ T7336] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  133.000416][ T7336] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.330: casefold flag without casefold feature
[  133.238289][ T7336] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.330: couldn't read orphan inode 13 (err -117)
[  133.407817][ T7336] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.496683][ T7345] loop3: detected capacity change from 0 to 256
[  133.536522][ T7345] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xc5dfab67, utbl_chksum : 0xe619d30d)
[  133.992081][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.121637][ T6087] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  134.143576][ T7348] loop2: detected capacity change from 0 to 32768
[  134.151256][ T7348] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.333 (7348)
[  134.151654][   T43] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  134.184241][ T7348] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  134.204805][ T7348] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  134.280323][ T6087] usb 4-1: Using ep0 maxpacket: 16
[  134.333734][   T43] usb 2-1: unable to get BOS descriptor or descriptor too short
[  134.357724][ T7348] BTRFS info (device loop2): rebuilding free space tree
[  134.368590][   T43] usb 2-1: not running at top speed; connect to a high speed hub
[  134.381405][   T43] usb 2-1: config 12 has an invalid interface number: 187 but max is 0
[  134.391889][   T43] usb 2-1: config 12 has no interface number 0
[  134.401267][   T43] usb 2-1: config 12 interface 187 altsetting 64 endpoint 0xA has invalid maxpacket 1024, setting to 64
[  134.424195][ T7348] BTRFS info (device loop2): enabling ssd optimizations
[  134.430900][ T6087] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.437586][ T7348] BTRFS info (device loop2): turning on sync discard
[  134.443647][ T6087] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.459321][ T6087] usb 4-1: New USB device found, idVendor=0458, idProduct=5012, bcdDevice= 0.00
[  134.460573][   T43] usb 2-1: config 12 interface 187 has no altsetting 0
[  134.468587][ T6087] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.477192][ T7348] BTRFS info (device loop2): enabling free space tree
[  134.484694][ T6087] usb 4-1: config 0 descriptor??
[  134.493886][ T7348] BTRFS info (device loop2): force clearing of disk cache
[  134.502639][   T43] usb 2-1: New USB device found, idVendor=110a, idProduct=1130, bcdDevice=4e.fa
[  134.502818][ T7348] BTRFS info (device loop2): enabling auto defrag
[  134.513077][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.530684][   T43] usb 2-1: Product: syz
[  134.630223][   T43] usb 2-1: Manufacturer: syz
[  134.635909][ T7348] BTRFS info (device loop2): max_inline set to 0
[  134.643733][   T43] usb 2-1: SerialNumber: syz
[  134.684689][ T7351] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  134.878824][ T5857] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  134.914372][   T43] ti_usb_3410_5052 2-1:12.187: TI USB 3410 1 port adapter converter detected
[  134.928986][ T6087] input: HID 0458:5012 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5012.0005/input/input12
[  134.943111][   T43] ti_usb_3410_5052 2-1:12.187: missing endpoints
[  135.026743][ T6087] input: HID 0458:5012 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5012.0005/input/input13
[  135.070849][   T43] usb 2-1: USB disconnect, device number 15
[  135.791085][ T6087] kye 0003:0458:5012.0005: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5012] on usb-dummy_hcd.3-1/input0
[  135.911562][  T959] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  136.073427][  T959] usb 3-1: device descriptor read/64, error -71
[  136.111425][ T6087] usb 4-1: reset high-speed USB device number 8 using dummy_hcd
[  136.251393][ T6087] usb 4-1: device descriptor read/64, error -32
[  136.281987][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  136.321604][  T959] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  136.451398][    T9] usb 2-1: Using ep0 maxpacket: 32
[  136.464550][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  136.472872][  T959] usb 3-1: device descriptor read/64, error -71
[  136.483748][    T9] usb 2-1: config 5 has an invalid interface number: 61 but max is 0
[  136.493533][    T9] usb 2-1: config 5 has no interface number 0
[  136.499669][    T9] usb 2-1: config 5 interface 61 has no altsetting 0
[  136.508683][    T9] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice= 0.0a
[  136.520173][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.528560][    T9] usb 2-1: Product: syz
[  136.534284][    T9] usb 2-1: Manufacturer: syz
[  136.539020][    T9] usb 2-1: SerialNumber: syz
[  136.584868][  T959] usb usb3-port1: attempt power cycle
[  136.720540][   T51] Bluetooth: hci2: connection err: -111
[  136.760755][    T9] ath6kl: Failed to submit usb control message: -71
[  136.773564][    T9] ath6kl: unable to send the bmi data to the device: -71
[  136.789409][    T9] ath6kl: Unable to send get target info: -71
[  136.799580][    T9] ath6kl: Failed to init ath6kl core: -71
[  136.806619][    T9] ath6kl_usb 2-1:5.61: probe with driver ath6kl_usb failed with error -71
[  136.818175][    T9] usb 2-1: USB disconnect, device number 16
[  136.826191][ T7420] netlink: 24 bytes leftover after parsing attributes in process `syz.0.350'.
[  136.912399][ T7415] loop4: detected capacity change from 0 to 32768
[  136.927116][ T7415] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.351 (7415)
[  136.940322][  T959] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  136.979455][ T7415] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  136.990467][  T959] usb 3-1: device descriptor read/8, error -71
[  136.995918][ T7415] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  137.003197][ T7423] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.352'.
[  137.062640][ T7415] BTRFS info (device loop4): enabling ssd optimizations
[  137.069912][ T7415] BTRFS info (device loop4): enabling free space tree
[  137.142257][ T5860] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  137.153918][ T6089] usb 4-1: USB disconnect, device number 8
[  137.182250][ T7444] netlink: 'syz.0.355': attribute type 2 has an invalid length.
[  137.261324][  T959] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  137.301833][  T959] usb 3-1: device descriptor read/8, error -71
[  137.412081][  T959] usb usb3-port1: unable to enumerate USB device
[  138.343327][ T7456] loop4: detected capacity change from 0 to 40427
[  138.357427][ T7456] F2FS-fs (loop4): Image doesn't support compression
[  138.407294][ T7456] F2FS-fs (loop4): build fault injection rate: 690
[  138.407737][ T7472] netlink: 24 bytes leftover after parsing attributes in process `syz.2.362'.
[  138.430287][ T7456] F2FS-fs (loop4): invalid crc value
[  138.450706][ T7466] loop2: detected capacity change from 0 to 512
[  138.477933][ T7466] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  138.538448][ T7466] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.362: Invalid block bitmap block 0 in block_group 0
[  138.543371][ T7456] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  138.564413][ T7466] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  138.574844][ T7466] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.362: attempt to clear invalid blocks 983261 len 1
[  138.601081][ T7456] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  138.611739][ T7466] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.362: Invalid inode table block 0 in block_group 0
[  138.659474][ T7466] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  138.717356][ T7466] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  138.778612][ T7466] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.362: Invalid inode table block 0 in block_group 0
[  138.836096][ T7466] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  138.872845][ T7466] EXT4-fs error (device loop2): ext4_truncate:4666: inode #11: comm syz.2.362: mark_inode_dirty error
[  138.891777][ T7466] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  138.913133][ T7466] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.362: Invalid inode table block 0 in block_group 0
[  138.934199][ T7466] EXT4-fs (loop2): 1 truncate cleaned up
[  138.968636][ T7466] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.132895][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.208195][ T7488] FAULT_INJECTION: forcing a failure.
[  139.208195][ T7488] name failslab, interval 1, probability 0, space 0, times 0
[  139.221256][ T7488] CPU: 1 UID: 0 PID: 7488 Comm: syz.2.369 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  139.221278][ T7488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  139.221287][ T7488] Call Trace:
[  139.221293][ T7488]  <TASK>
[  139.221299][ T7488]  dump_stack_lvl+0x189/0x250
[  139.221321][ T7488]  ? __pfx____ratelimit+0x10/0x10
[  139.221343][ T7488]  ? __pfx_dump_stack_lvl+0x10/0x10
[  139.221357][ T7488]  ? __pfx__printk+0x10/0x10
[  139.221370][ T7488]  ? fs_reclaim_acquire+0x7d/0x100
[  139.221379][ T7488]  ? __pfx___might_resched+0x10/0x10
[  139.221388][ T7488]  ? lock_acquire+0x5f/0x360
[  139.221401][ T7488]  should_fail_ex+0x414/0x560
[  139.221415][ T7488]  should_failslab+0xa8/0x100
[  139.221428][ T7488]  kmem_cache_alloc_noprof+0x73/0x3c0
[  139.221440][ T7488]  ? alloc_empty_file+0x55/0x1d0
[  139.221451][ T7488]  alloc_empty_file+0x55/0x1d0
[  139.221460][ T7488]  alloc_file_pseudo+0x13d/0x210
[  139.221470][ T7488]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  139.221481][ T7488]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  139.221493][ T7488]  sock_alloc_file+0xb8/0x2e0
[  139.221507][ T7488]  do_accept+0x34b/0x680
[  139.221516][ T7488]  ? rcu_is_watching+0x15/0xb0
[  139.221525][ T7488]  ? __pfx_do_accept+0x10/0x10
[  139.221537][ T7488]  __sys_accept4+0x11c/0x1c0
[  139.221546][ T7488]  ? __pfx___sys_accept4+0x10/0x10
[  139.221555][ T7488]  ? __pfx_ksys_write+0x10/0x10
[  139.221568][ T7488]  __x64_sys_accept4+0x9a/0xb0
[  139.221578][ T7488]  do_syscall_64+0xfa/0x3b0
[  139.221587][ T7488]  ? rcu_is_watching+0x15/0xb0
[  139.221596][ T7488]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.221605][ T7488]  ? clear_bhb_loop+0x60/0xb0
[  139.221615][ T7488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.221624][ T7488] RIP: 0033:0x7f4b98b8ebe9
[  139.221633][ T7488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.221641][ T7488] RSP: 002b:00007f4b99a89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  139.221652][ T7488] RAX: ffffffffffffffda RBX: 00007f4b98db5fa0 RCX: 00007f4b98b8ebe9
[  139.221659][ T7488] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  139.221665][ T7488] RBP: 00007f4b99a89090 R08: 0000000000000000 R09: 0000000000000000
[  139.221671][ T7488] R10: 0000000000080800 R11: 0000000000000246 R12: 0000000000000001
[  139.221677][ T7488] R13: 00007f4b98db6038 R14: 00007f4b98db5fa0 R15: 00007ffdbabfec28
[  139.221686][ T7488]  </TASK>
[  139.471848][    C1] vkms_vblank_simulate: vblank timer overrun
[  139.541047][  T959] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  139.693023][  T959] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  139.713223][  T959] usb 4-1: New USB device found, idVendor=1477, idProduct=1022, bcdDevice= 0.40
[  139.728518][  T959] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.738664][  T959] usb 4-1: Product: 㐊
[  139.743369][  T959] usb 4-1: Manufacturer: 㙑묵틠ᔼ溶슊杲齆聴࿙㶛월ʺ낉劻䛶᝕槒㧤勮帐쉰퓖⌣㽼믍脓Ⴄ冒蹌㪹㊴Ә曏맩셧䈄滯㗤┢㶗酨絯嚓줋夎꼵朚쉜ꮿ暿䁴ㅩ䳝箖埵ᥝ艹☳눽㹬ៗ̗뻆벻㡠෫蘠
[  139.778088][  T959] usb 4-1: SerialNumber: 蔒⮐⊪汇鑟ꈦⴕ厃Џ䂭
[  139.893720][ T7499] loop1: detected capacity change from 0 to 32768
[  139.901457][ T7499] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.372 (7499)
[  139.916346][ T7499] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  139.926695][ T7499] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  139.957101][ T7499] BTRFS info (device loop1): enabling ssd optimizations
[  139.965533][ T7499] BTRFS info (device loop1): enabling free space tree
[  139.972813][ T7499] BTRFS info (device loop1): use zstd compression, level 3
[  139.987735][   T30] audit: type=1800 audit(1755248411.252:42): pid=7499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.372" name="file1" dev="loop1" ino=260 res=0 errno=0
[  140.004768][  T959] usbhid 4-1:1.0: can't add hid device: -71
[  140.008092][    C1] vkms_vblank_simulate: vblank timer overrun
[  140.020419][  T959] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  140.032416][  T959] usb 4-1: USB disconnect, device number 9
[  140.230938][ T6087] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  140.310883][ T5937] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  140.380975][ T6087] usb 2-1: Using ep0 maxpacket: 16
[  140.391634][ T7522] sp0: Synchronizing with TNC
[  140.417582][ T6087] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  140.429435][ T6087] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  140.440692][ T6087] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  140.449823][ T6087] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.458913][ T6087] usb 2-1: Product: syz
[  140.463354][ T6087] usb 2-1: Manufacturer: syz
[  140.468168][ T6087] usb 2-1: SerialNumber: syz
[  140.830828][ T5937] usb 5-1: Using ep0 maxpacket: 16
[  140.843219][ T5937] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  140.858628][ T5937] usb 5-1: config 4 interface 0 altsetting 11 endpoint 0x3 has invalid wMaxPacketSize 0
[  140.870040][ T5937] usb 5-1: config 4 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 14
[  140.884598][ T5937] usb 5-1: config 4 interface 0 has no altsetting 0
[  140.952794][ T5937] usb 5-1: New USB device found, idVendor=5fc9, idProduct=0061, bcdDevice=16.64
[  141.035516][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.145133][ T5937] usb 5-1: Product: syz
[  141.214036][ T5937] usb 5-1: Manufacturer: syz
[  141.229317][ T5937] usb 5-1: SerialNumber: syz
[  141.348111][ T6087] usb 2-1: cannot find UAC_HEADER
[  141.364470][ T6087] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  141.377352][ T6087] usb 2-1: USB disconnect, device number 17
[  141.409143][ T7529] loop2: detected capacity change from 0 to 8192
[  141.567235][ T7518] loop4: detected capacity change from 0 to 256
[  141.574349][ T7518] exfat: Deprecated parameter 'utf8'
[  141.579728][ T7518] exfat: Deprecated parameter 'namecase'
[  141.587889][ T7518] exfat: Deprecated parameter 'namecase'
[  141.603446][ T7518] exfat: Deprecated parameter 'utf8'
[  141.623396][ T7518] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[  141.644342][   T30] audit: type=1800 audit(1755248412.912:43): pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.374" name="file1" dev="loop4" ino=1048610 res=0 errno=0
[  141.789730][ T7518] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  141.810392][ T7518] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  141.970847][ T6087] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  142.035983][ T5937] usb 5-1: USB disconnect, device number 6
[  142.065858][ T5867] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  142.143565][ T6087] usb 3-1: unable to get BOS descriptor or descriptor too short
[  142.153840][ T6087] usb 3-1: config 1 interface 0 altsetting 155 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  142.175555][ T6087] usb 3-1: config 1 interface 0 has no altsetting 0
[  142.185330][ T6087] usb 3-1: New USB device found, idVendor=16c0, idProduct=05e1, bcdDevice= 0.40
[  142.196160][ T6087] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.204444][ T6087] usb 3-1: Product: Л
[  142.208733][ T6087] usb 3-1: Manufacturer: 送昏餩垭஄껷䂕촗똍햽䷵禼﫯瓔⢶巟纂⣁ᔰǿ헜첋䩺읹⒜鞱ꀬ髱䶏発딭穫ﮗ꿟깃ᓈ帔窬惦ﵘ忙㲬촼ꡐ‛㱩㰧입먦䟞㰾
[  142.231784][ T6087] usb 3-1: SerialNumber: Ν욇闄맔僞䪄䵢글ⱃ㬙䧶彁薷֛蠎㝹離矾ᡔ㚪┸ਐ麀葈楫ࡹ玮ᩯھ弄㌔
[  142.738251][ T6087] usbhid 3-1:1.0: can't add hid device: -71
[  142.744980][ T6087] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  142.754674][ T6087] usb 3-1: USB disconnect, device number 14
[  142.805866][ T7556] loop4: detected capacity change from 0 to 1024
[  143.352036][ T7559] FAULT_INJECTION: forcing a failure.
[  143.352036][ T7559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  143.365344][ T7559] CPU: 0 UID: 0 PID: 7559 Comm: syz.4.388 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  143.365368][ T7559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  143.365379][ T7559] Call Trace:
[  143.365385][ T7559]  <TASK>
[  143.365391][ T7559]  dump_stack_lvl+0x189/0x250
[  143.365415][ T7559]  ? __pfx____ratelimit+0x10/0x10
[  143.365438][ T7559]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.365453][ T7559]  ? __pfx__printk+0x10/0x10
[  143.365472][ T7559]  ? rcu_is_watching+0x15/0xb0
[  143.365488][ T7559]  should_fail_ex+0x414/0x560
[  143.365509][ T7559]  _copy_to_user+0x31/0xb0
[  143.365525][ T7559]  simple_read_from_buffer+0xe1/0x170
[  143.365547][ T7559]  proc_fail_nth_read+0x1b3/0x220
[  143.365565][ T7559]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  143.365582][ T7559]  ? rw_verify_area+0x2a6/0x4d0
[  143.365599][ T7559]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  143.365616][ T7559]  vfs_read+0x1fd/0xa30
[  143.365633][ T7559]  ? fdget_pos+0x247/0x320
[  143.365647][ T7559]  ? __pfx___mutex_lock+0x10/0x10
[  143.365663][ T7559]  ? __pfx_vfs_read+0x10/0x10
[  143.365683][ T7559]  ? __fget_files+0x3a0/0x420
[  143.365695][ T7559]  ? __fget_files+0x2a/0x420
[  143.365711][ T7559]  ksys_read+0x145/0x250
[  143.365728][ T7559]  ? __pfx_ksys_read+0x10/0x10
[  143.365746][ T7559]  ? rcu_is_watching+0x15/0xb0
[  143.365763][ T7559]  ? rcu_is_watching+0x15/0xb0
[  143.365779][ T7559]  do_syscall_64+0xfa/0x3b0
[  143.365794][ T7559]  ? rcu_is_watching+0x15/0xb0
[  143.365806][ T7559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.365820][ T7559]  ? clear_bhb_loop+0x60/0xb0
[  143.365843][ T7559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.365858][ T7559] RIP: 0033:0x7f7e6478d5fc
[  143.365873][ T7559] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  143.365886][ T7559] RSP: 002b:00007f7e629f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  143.365903][ T7559] RAX: ffffffffffffffda RBX: 00007f7e649b6090 RCX: 00007f7e6478d5fc
[  143.365914][ T7559] RDX: 000000000000000f RSI: 00007f7e629f60a0 RDI: 0000000000000005
[  143.365925][ T7559] RBP: 00007f7e629f6090 R08: 0000000000000000 R09: 0000000000000000
[  143.365934][ T7559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  143.365943][ T7559] R13: 00007f7e649b6128 R14: 00007f7e649b6090 R15: 00007ffd6d17f368
[  143.365961][ T7559]  </TASK>
[  143.601771][    C0] vkms_vblank_simulate: vblank timer overrun
[  143.839115][ T7550] loop1: detected capacity change from 0 to 32768
[  144.272049][ T7550] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  144.824557][ T7579] loop2: detected capacity change from 0 to 512
[  144.856415][ T7579] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  144.867620][ T7579] EXT4-fs (loop2): orphan cleanup on readonly fs
[  144.878193][ T7579] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  144.901780][ T5867] ocfs2: Unmounting device (7,1) on (node local)
[  144.914566][ T7579] EXT4-fs warning (device loop2): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  144.938926][ T7570] loop4: detected capacity change from 0 to 32768
[  144.953269][ T7570] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.392 (7570)
[  144.966315][ T7579] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  144.977425][ T7570] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  144.990149][ T7579] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.393: bg 0: block 40: padding at end of block bitmap is not set
[  145.004586][ T7570] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  145.015968][ T7579] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  145.032343][ T7579] EXT4-fs (loop2): 1 truncate cleaned up
[  145.043148][ T7579] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  145.058129][ T7579] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.127645][ T7570] BTRFS info (device loop4): enabling ssd optimizations
[  145.154254][ T7570] BTRFS info (device loop4): using spread ssd allocation scheme
[  145.187077][ T7570] BTRFS info (device loop4): enabling free space tree
[  145.218088][ T7570] BTRFS info (device loop4): force zlib compression, level 3
[  145.520262][    T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  145.725008][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  145.741178][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  145.752453][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  145.763207][    T9] usb 3-1: SerialNumber: syz
[  145.989190][   T51] Bluetooth: hci0: unknown advertising packet type: 0x20
[  146.536811][ T7603] loop2: detected capacity change from 0 to 164
[  146.711676][ T7603] Unable to read rock-ridge attributes
[  146.834058][    T9] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  146.870231][    T9] usb 3-1: USB disconnect, device number 15
[  146.947910][ T7618] loop3: detected capacity change from 0 to 1764
[  147.452387][ T5860] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  150.191392][ T7637] netlink: 'syz.0.407': attribute type 1 has an invalid length.
[  150.215251][ T7638] netlink: 'syz.0.407': attribute type 1 has an invalid length.
[  150.229291][ T7637] netlink: 'syz.0.407': attribute type 2 has an invalid length.
[  150.260223][ T7638] netlink: 'syz.0.407': attribute type 2 has an invalid length.
[  150.276567][ T7642] netlink: 'syz.0.407': attribute type 1 has an invalid length.
[  150.286290][ T7642] netlink: 'syz.0.407': attribute type 2 has an invalid length.
[  150.298502][ T7628] loop1: detected capacity change from 0 to 40427
[  150.310941][ T7628] F2FS-fs (loop1): build fault injection rate: 771
[  150.331023][ T7628] F2FS-fs (loop1): invalid crc value
[  150.386694][ T7650] loop2: detected capacity change from 0 to 512
[  150.504590][ T7656] netlink: 40 bytes leftover after parsing attributes in process `syz.3.410'.
[  150.550349][ T7658] team_slave_0: entered promiscuous mode
[  150.556221][ T7658] team_slave_1: entered promiscuous mode
[  150.562342][ T7658] vlan2: entered promiscuous mode
[  150.567392][ T7658] team0: entered promiscuous mode
[  150.574474][ T7628] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  151.627062][ T7675] netlink: 'syz.1.416': attribute type 4 has an invalid length.
[  151.741720][ T7679] loop4: detected capacity change from 0 to 512
[  153.342020][ T7697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.424'.
[  153.352551][ T7697] netlink: 28 bytes leftover after parsing attributes in process `syz.0.424'.
[  153.436147][ T7683] loop3: detected capacity change from 0 to 40427
[  153.444382][ T7683] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  153.453813][ T7683] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  153.464016][ T7683] F2FS-fs (loop3): invalid crc value
[  153.808691][ T7701] loop4: detected capacity change from 0 to 4096
[  153.817132][ T7701] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  153.872033][ T7683] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  153.883932][ T7683] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  153.892718][ T7683] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  153.976278][ T7716] loop2: detected capacity change from 0 to 64
[  154.351740][ T7701] ntfs3(loop4): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[  154.502573][ T7729] ntfs3(loop4): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[  154.530021][    C1] vkms_vblank_simulate: vblank timer overrun
[  154.657400][ T7732] netlink: 20 bytes leftover after parsing attributes in process `syz.3.419'.
[  155.185573][ T7731] IPVS: length: 69 != 166129937072
[  155.301660][ T7739] overlayfs: missing 'lowerdir'
[  155.488399][ T7728] loop2: detected capacity change from 0 to 32768
[  155.669822][ T7728] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.432 (7728)
[  155.709946][ T7728] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  155.721222][ T7728] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  155.781354][ T7728] BTRFS info (device loop2): enabling ssd optimizations
[  155.795720][ T7728] BTRFS info (device loop2): enabling free space tree
[  155.867571][ T7739] loop1: detected capacity change from 0 to 40427
[  155.881798][ T7739] F2FS-fs (loop1): Image doesn't support compression
[  155.901781][ T7739] F2FS-fs (loop1): build fault injection rate: 690
[  155.926550][ T7739] F2FS-fs (loop1): invalid crc value
[  156.072860][ T7739] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  156.092078][ T7739] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  156.666709][ T7775] netlink: 32 bytes leftover after parsing attributes in process `syz.4.442'.
[  156.906508][ T5857] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  157.041780][ T7786] netlink: 24 bytes leftover after parsing attributes in process `syz.3.443'.
[  157.067447][ T7778] loop3: detected capacity change from 0 to 512
[  157.075016][ T7778] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  157.107146][ T7778] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.443: Invalid block bitmap block 0 in block_group 0
[  157.153142][ T7778] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  157.192871][ T7778] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #11: comm syz.3.443: attempt to clear invalid blocks 983261 len 1
[  157.239045][ T7778] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.443: Invalid inode table block 0 in block_group 0
[  157.254428][ T7792] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  157.268839][ T7778] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  157.319070][ T7778] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  157.338798][ T7778] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.443: Invalid inode table block 0 in block_group 0
[  157.352361][ T7792] netlink: 8 bytes leftover after parsing attributes in process `syz.2.447'.
[  157.429318][ T7778] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  157.473104][ T7778] EXT4-fs error (device loop3): ext4_truncate:4666: inode #11: comm syz.3.443: mark_inode_dirty error
[  157.537018][ T7778] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  157.593167][ T7778] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.443: Invalid inode table block 0 in block_group 0
[  157.647222][ T7797] could not allocate digest TFM handle sha256-avx2
[  157.664668][ T7778] EXT4-fs (loop3): 1 truncate cleaned up
[  157.691278][ T7778] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.708045][ T7785] loop1: detected capacity change from 0 to 32768
[  157.852368][ T7806] blktrace: Concurrent blktraces are not allowed on sg0
[  158.068894][ T7785] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.165201][ T7785] XFS (loop1): Ending clean mount
[  158.182019][ T7785] XFS (loop1): Quotacheck needed: Please wait.
[  158.196002][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.222242][ T7785] XFS (loop1): Quotacheck: Done.
[  158.255788][ T7794] loop4: detected capacity change from 0 to 32768
[  158.357787][ T7794] XFS: ikeep mount option is deprecated.
[  158.480489][ T7794] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.560222][ T7785] netlink: 20 bytes leftover after parsing attributes in process `syz.1.444'.
[  158.657138][ T7794] XFS (loop4): Ending clean mount
[  158.667882][ T5867] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.681596][ T7794] XFS (loop4): Quotacheck needed: Please wait.
[  158.700196][ T7794] XFS (loop4): Quotacheck: Done.
[  159.660583][   T30] audit: type=1326 audit(1755248430.904:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7793 comm="syz.4.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e6478ebe9 code=0x7ffc0000
[  159.682677][    C1] vkms_vblank_simulate: vblank timer overrun
[  159.696597][   T30] audit: type=1326 audit(1755248430.924:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7793 comm="syz.4.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e6478ebe9 code=0x7ffc0000
[  159.722877][   T30] audit: type=1326 audit(1755248430.924:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7793 comm="syz.4.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f7e6478ebe9 code=0x7ffc0000
[  159.783758][   T30] audit: type=1326 audit(1755248430.934:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7793 comm="syz.4.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e6478ebe9 code=0x7ffc0000
[  159.807800][   T30] audit: type=1326 audit(1755248430.934:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7793 comm="syz.4.448" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e6478ebe9 code=0x7ffc0000
[  159.880560][ T7820] sctp: [Deprecated]: syz.0.454 (pid 7820) Use of struct sctp_assoc_value in delayed_ack socket option.
[  159.880560][ T7820] Use struct sctp_sack_info instead
[  161.005054][ T5860] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  161.008059][ T7859] loop3: detected capacity change from 0 to 4096
[  161.026850][ T7849] loop1: detected capacity change from 0 to 32768
[  161.033507][ T7859] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  161.046967][ T7849] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.459 (7849)
[  161.056900][ T7859] ntfs3(loop3): $Secure::$SII is corrupted.
[  161.076468][ T7849] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  161.086192][ T7859] ntfs3(loop3): Failed to initialize $Secure (-22).
[  161.096077][ T7861] loop2: detected capacity change from 0 to 4096
[  161.112921][ T7849] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  161.114388][ T7861] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  161.222075][ T7861] ntfs3(loop2): ino=1a, mi_enum_attr
[  161.227413][ T7861] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  161.238817][ T7861] ntfs3(loop2): ino=1a, mi_enum_attr
[  161.246311][ T7861] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  161.261733][ T7849] BTRFS info (device loop1): enabling ssd optimizations
[  161.276887][ T7849] BTRFS info (device loop1): enabling free space tree
[  161.389485][ T7884] blktrace: Concurrent blktraces are not allowed on sg0
[  161.435262][   T30] audit: type=1800 audit(1755248432.694:49): pid=7849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.459" name="file1" dev="loop1" ino=261 res=0 errno=0
[  161.514184][   T30] audit: type=1804 audit(1755248432.764:50): pid=7887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.459" name="/newroot/78/file0/file1" dev="loop1" ino=261 res=1 errno=0
[  161.764984][ T5867] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  161.792120][ T7892] loop3: detected capacity change from 0 to 512
[  161.819204][ T7892] EXT4-fs: Ignoring removed nobh option
[  161.879687][ T7892] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  161.924699][ T7892] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61
[  161.939746][ T7892] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.469: casefold flag without casefold feature
[  162.009755][ T7892] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.469: couldn't read orphan inode 13 (err -117)
[  162.035951][ T7896] loop4: detected capacity change from 0 to 4096
[  162.044173][ T7892] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.208622][ T7896] ntfs3(loop4): ino=b, Correct links count -> 1.
[  162.216064][ T7896] ntfs3(loop4): ino=18, mi_enum_attr
[  162.223761][ T7896] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  162.703636][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.189791][ T7912] netlink: 52 bytes leftover after parsing attributes in process `syz.1.474'.
[  163.433098][ T7915] blktrace: Concurrent blktraces are not allowed on sg0
[  163.800262][ T7908] loop3: detected capacity change from 0 to 32768
[  163.830538][ T7908] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  163.954127][ T7906] loop4: detected capacity change from 0 to 32768
[  163.983793][ T7906] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.471 (7906)
[  164.009415][ T7906] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  164.026972][ T7906] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  164.055193][ T5861] ocfs2: Unmounting device (7,3) on (node local)
[  164.109884][ T7906] BTRFS info (device loop4): enabling ssd optimizations
[  164.124066][ T7906] BTRFS info (device loop4): enabling free space tree
[  164.141139][ T7906] BTRFS info (device loop4): use zstd compression, level 3
[  164.155032][ T7948] netlink: 24 bytes leftover after parsing attributes in process `syz.1.478'.
[  164.170410][ T7950] loop3: detected capacity change from 0 to 64
[  164.178026][ T6087] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  164.187458][ T7950] bridge2: entered promiscuous mode
[  164.206363][ T7927] loop1: detected capacity change from 0 to 512
[  164.213693][ T7927] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  164.225834][   T30] audit: type=1800 audit(1755248435.495:51): pid=7906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.471" name="file1" dev="loop4" ino=260 res=0 errno=0
[  164.246216][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.254317][ T5861] hfs: node 4:3 still has 1 user(s)!
[  164.261580][ T7927] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.478: Invalid block bitmap block 0 in block_group 0
[  164.395072][ T7954] netlink: 'syz.3.480': attribute type 10 has an invalid length.
[  164.447100][ T7927] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  164.572573][ T6087] usb 3-1: Using ep0 maxpacket: 32
[  164.587785][ T6087] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  164.605139][ T6087] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  164.692679][ T7927] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #11: comm syz.1.478: attempt to clear invalid blocks 983261 len 1
[  164.745481][ T6087] usb 3-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=bf.99
[  164.831173][ T7927] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.478: Invalid inode table block 0 in block_group 0
[  165.223856][ T7927] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  165.644356][ T7927] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  165.714915][ T6087] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  165.746980][ T6087] usb 3-1: Product: syz
[  165.751231][ T6087] usb 3-1: SerialNumber: syz
[  165.757093][ T6087] usb 3-1: config 0 descriptor??
[  165.783663][ T7927] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.478: Invalid inode table block 0 in block_group 0
[  165.796921][ T7927] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  165.823418][ T7970] loop3: detected capacity change from 0 to 512
[  165.832603][ T7927] EXT4-fs error (device loop1): ext4_truncate:4666: inode #11: comm syz.1.478: mark_inode_dirty error
[  165.833147][ T7970] EXT4-fs: Ignoring removed nobh option
[  165.862976][ T7970] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  165.871717][ T7970] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61
[  165.882957][ T7970] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #13: comm syz.3.484: casefold flag without casefold feature
[  165.895664][ T7927] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  165.905775][ T7927] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.478: Invalid inode table block 0 in block_group 0
[  165.916409][ T7970] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.484: couldn't read orphan inode 13 (err -117)
[  165.919529][ T7927] EXT4-fs (loop1): 1 truncate cleaned up
[  165.937098][ T7927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.940886][ T5860] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  165.951675][ T7970] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.060666][ T7922] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  166.077194][ T7922] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  166.467029][    T9] usb 3-1: USB disconnect, device number 16
[  166.475717][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.602364][ T7981] blktrace: Concurrent blktraces are not allowed on sg0
[  166.824681][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.207694][ T7996] loop3: detected capacity change from 0 to 32768
[  167.251058][ T7996] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  167.259349][ T7996] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  167.273451][ T7996] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  167.281850][ T5906] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  167.288869][ T5906] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  168.123538][ T8002] loop1: detected capacity change from 0 to 256
[  168.151244][ T8002] exfat: Deprecated parameter 'namecase'
[  168.177751][ T8004] loop4: detected capacity change from 0 to 512
[  168.215600][ T8002] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011fc0, chksum : 0xea22d69b, utbl_chksum : 0xe619d30d)
[  168.229334][ T5906] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 940ms
[  168.237046][ T5906] gfs2: fsid=syz:syz.0: jid=0: Done
[  168.237057][ T8004] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.495: invalid indirect mapped block 11 (level 0)
[  168.257832][ T7996] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  168.326826][   T30] audit: type=1800 audit(1755248439.595:52): pid=7996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.493" name="file1" dev="loop3" ino=9378 res=0 errno=0
[  168.355006][ T8004] EXT4-fs (loop4): Remounting filesystem read-only
[  168.647216][ T8004] EXT4-fs (loop4): 1 truncate cleaned up
[  168.678983][ T8004] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.903319][ T8029] can0: slcan on ptm0.
[  168.941961][ T8032] netlink: 24 bytes leftover after parsing attributes in process `syz.2.496'.
[  168.951501][ T8019] can0 (unregistered): slcan off ptm0.
[  169.006196][ T8013] loop2: detected capacity change from 0 to 512
[  169.014395][ T8013] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  169.047452][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  169.115191][ T8036] loop3: detected capacity change from 0 to 164
[  169.536458][ T8036] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  169.582408][    T9] usb 5-1: Using ep0 maxpacket: 32
[  169.602710][ T8013] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.496: Invalid block bitmap block 0 in block_group 0
[  169.836823][    T9] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[  169.843695][ T8013] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  169.957453][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.967001][    T9] usb 5-1: Product: syz
[  169.977137][    T9] usb 5-1: Manufacturer: syz
[  169.982197][ T8013] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.496: attempt to clear invalid blocks 983261 len 1
[  169.982240][    T9] usb 5-1: SerialNumber: syz
[  170.008521][ T8013] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.496: Invalid inode table block 0 in block_group 0
[  170.027585][    T9] usb 5-1: config 0 descriptor??
[  170.043775][    T9] rtl8150 5-1:0.0: couldn't find required endpoints
[  170.059839][ T8013] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  170.079052][    T9] rtl8150 5-1:0.0: probe with driver rtl8150 failed with error -5
[  170.096378][ T8013] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  170.110467][ T8013] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.496: Invalid inode table block 0 in block_group 0
[  170.129772][ T8013] EXT4-fs error (device loop2) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  170.141329][ T8013] EXT4-fs error (device loop2): ext4_truncate:4666: inode #11: comm syz.2.496: mark_inode_dirty error
[  170.169913][ T8013] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  170.180750][ T8013] EXT4-fs error (device loop2): __ext4_get_inode_loc:4861: comm syz.2.496: Invalid inode table block 0 in block_group 0
[  170.200715][ T8013] EXT4-fs (loop2): 1 truncate cleaned up
[  170.209190][ T8013] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.255816][    T9] usb 5-1: USB disconnect, device number 7
[  170.294650][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.324430][ T8046] loop3: detected capacity change from 0 to 32768
[  170.374757][ T8046] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.506 (8046)
[  170.413359][ T8046] BTRFS info (device loop3): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  170.420886][ T8054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.509'.
[  170.432486][ T8046] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  170.571545][ T8073] loop1: detected capacity change from 0 to 512
[  170.580297][ T8073] EXT4-fs: Ignoring removed oldalloc option
[  170.603080][ T8073] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.513: Parent and EA inode have the same ino 15
[  170.623412][ T8073] EXT4-fs (loop1): Remounting filesystem read-only
[  170.631407][ T8046] BTRFS info (device loop3): enabling ssd optimizations
[  170.643563][ T8046] BTRFS info (device loop3): enabling free space tree
[  170.651879][ T8073] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -30)
[  170.662530][ T8046] BTRFS info (device loop3): use zstd compression, level 3
[  170.662829][ T8062] (unnamed net_device) (uninitialized): option ad_select: invalid value (7)
[  170.683754][ T8073] EXT4-fs (loop1): 1 orphan inode deleted
[  170.690336][ T8073] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.695813][   T30] audit: type=1800 audit(1755248441.965:53): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.506" name="file1" dev="loop3" ino=260 res=0 errno=0
[  171.027553][    T9] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  171.301574][    T9] usb 2-1: config 0 has an invalid interface number: 124 but max is 0
[  171.332190][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.345461][    T9] usb 2-1: config 0 has no interface number 0
[  171.363762][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=0901, bcdDevice=5d.86
[  171.402839][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.420108][ T5861] BTRFS info (device loop3): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  171.434769][    T9] usb 2-1: Product: syz
[  171.453402][    T9] usb 2-1: Manufacturer: syz
[  171.467621][    T9] usb 2-1: SerialNumber: syz
[  171.473693][    T9] usb 2-1: config 0 descriptor??
[  171.632255][ T8089] loop4: detected capacity change from 0 to 4096
[  171.890413][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.983474][    T9] gspca_main: spca500-2.14.0 probing 046d:0901
[  172.269262][    T9] usb 2-1: USB disconnect, device number 18
[  172.400845][ T8105] loop2: detected capacity change from 0 to 512
[  172.409778][ T8105] EXT4-fs: Ignoring removed nobh option
[  172.422359][ T8105] fscrypt (loop2, inode 2): Error -61 getting encryption context
[  172.430221][ T8105] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61
[  172.445689][ T8105] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #13: comm syz.2.519: casefold flag without casefold feature
[  172.460892][ T8105] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.519: couldn't read orphan inode 13 (err -117)
[  172.476424][ T8105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.166910][ T5937] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  173.317800][ T8102] loop1: detected capacity change from 0 to 32768
[  173.353130][ T8102] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.518 (8102)
[  173.370955][ T5857] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.382992][ T8102] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  173.393454][ T8102] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  173.428314][ T5937] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  173.732728][ T5937] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  173.744132][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.761812][ T8102] BTRFS info (device loop1): enabling ssd optimizations
[  173.765363][ T5937] usb 5-1: config 0 descriptor??
[  173.769197][ T8102] BTRFS info (device loop1): enabling free space tree
[  173.778040][ T5937] pwc: Askey VC010 type 2 USB webcam detected.
[  174.658453][ T5867] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  174.743457][ T8149] loop3: detected capacity change from 0 to 256
[  174.848287][ T5937] pwc: recv_control_msg error -32 req 02 val 2b00
[  174.872245][ T8149] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[  174.891818][ T5937] pwc: recv_control_msg error -32 req 02 val 2700
[  174.900140][ T5937] pwc: recv_control_msg error -32 req 02 val 2c00
[  174.901072][ T8109] /dev/nullb0: Can't open blockdev
[  174.908582][ T8149] FAULT_INJECTION: forcing a failure.
[  174.908582][ T8149] name failslab, interval 1, probability 0, space 0, times 0
[  174.924887][ T5937] pwc: recv_control_msg error -32 req 04 val 1000
[  174.932324][ T8149] CPU: 1 UID: 0 PID: 8149 Comm: syz.3.528 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  174.932349][ T8149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  174.932360][ T8149] Call Trace:
[  174.932366][ T8149]  <TASK>
[  174.932374][ T8149]  dump_stack_lvl+0x189/0x250
[  174.932398][ T8149]  ? __pfx____ratelimit+0x10/0x10
[  174.932431][ T8149]  ? __pfx_dump_stack_lvl+0x10/0x10
[  174.932448][ T8149]  ? __pfx__printk+0x10/0x10
[  174.932471][ T8149]  ? fs_reclaim_acquire+0x7d/0x100
[  174.932486][ T8149]  ? __pfx___might_resched+0x10/0x10
[  174.932501][ T8149]  ? lock_acquire+0x5f/0x360
[  174.932523][ T8149]  should_fail_ex+0x414/0x560
[  174.932547][ T8149]  should_failslab+0xa8/0x100
[  174.932570][ T8149]  kmem_cache_alloc_noprof+0x73/0x3c0
[  174.932590][ T8149]  ? getname_flags+0xb8/0x540
[  174.932607][ T8149]  getname_flags+0xb8/0x540
[  174.932624][ T8149]  do_sys_openat2+0xbc/0x1c0
[  174.932644][ T8149]  ? __pfx_do_sys_openat2+0x10/0x10
[  174.932661][ T8149]  ? ksys_write+0x22a/0x250
[  174.932681][ T8149]  ? __pfx_ksys_write+0x10/0x10
[  174.932700][ T8149]  ? rcu_is_watching+0x15/0xb0
[  174.932717][ T8149]  __x64_sys_openat+0x138/0x170
[  174.932737][ T8149]  do_syscall_64+0xfa/0x3b0
[  174.932754][ T8149]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.932770][ T8149]  ? clear_bhb_loop+0x60/0xb0
[  174.932787][ T8149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.932803][ T8149] RIP: 0033:0x7f6e7418ebe9
[  174.932818][ T8149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.932833][ T8149] RSP: 002b:00007f6e75040038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  174.932852][ T8149] RAX: ffffffffffffffda RBX: 00007f6e743b5fa0 RCX: 00007f6e7418ebe9
[  174.932866][ T8149] RDX: 000000000000275a RSI: 0000200000000100 RDI: ffffffffffffff9c
[  174.932878][ T8149] RBP: 00007f6e75040090 R08: 0000000000000000 R09: 0000000000000000
[  174.932889][ T8149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  174.932899][ T8149] R13: 00007f6e743b6038 R14: 00007f6e743b5fa0 R15: 00007fff3133a018
[  174.932918][ T8149]  </TASK>
[  175.144407][ T5937] pwc: recv_control_msg error -32 req 04 val 1300
[  175.153825][ T5937] pwc: recv_control_msg error -32 req 04 val 1400
[  175.168745][ T5937] pwc: recv_control_msg error -32 req 02 val 2000
[  175.238251][ T5937] pwc: recv_control_msg error -32 req 02 val 2100
[  175.295340][ T8158] loop3: detected capacity change from 0 to 64
[  175.302720][ T8158] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  175.370365][ T8160] loop3: detected capacity change from 0 to 512
[  175.378845][ T8160] EXT4-fs: Ignoring removed orlov option
[  175.395376][ T8160] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.409557][ T8160] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  175.740383][ T8174] netlink: 24 bytes leftover after parsing attributes in process `syz.0.533'.
[  175.787801][ T8176] loop2: detected capacity change from 0 to 164
[  175.796014][ T8176] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  175.986022][ T5870] Bluetooth: hci4: command 0x0406 tx timeout
[  175.992864][ T5870] Bluetooth: hci1: command 0x0406 tx timeout
[  175.993032][ T5874] Bluetooth: hci3: command 0x0406 tx timeout
[  175.999952][ T5870] Bluetooth: hci0: command 0x0406 tx timeout
[  176.006316][ T5874] Bluetooth: hci2: command 0x0406 tx timeout
[  176.281739][ T8109] loop4: detected capacity change from 0 to 32768
[  176.312746][ T8109] btrfs: Unknown parameter 'mask'
[  177.558969][ T5937] pwc: recv_control_msg error -71 req 02 val 2500
[  177.576739][ T5937] pwc: recv_control_msg error -71 req 02 val 2400
[  177.586985][ T5937] pwc: recv_control_msg error -71 req 02 val 2600
[  177.597595][ T5937] pwc: recv_control_msg error -71 req 02 val 2900
[  177.613103][ T5937] pwc: recv_control_msg error -71 req 02 val 2800
[  177.626777][ T5937] pwc: recv_control_msg error -71 req 04 val 1100
[  177.636815][ T5937] pwc: recv_control_msg error -71 req 04 val 1200
[  177.656543][ T5937] pwc: Registered as video103.
[  177.708008][ T5937] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input14
[  177.902681][ T5937] usb 5-1: USB disconnect, device number 8
[  178.124142][ T5861] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.137400][ T8193] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:257
[  178.346974][ T5937] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  178.526297][ T5937] usb 5-1: Using ep0 maxpacket: 16
[  178.535729][ T5937] usb 5-1: unable to get BOS descriptor or descriptor too short
[  178.543953][ T8197] loop2: detected capacity change from 0 to 32768
[  178.546082][ T5937] usb 5-1: config 2 has an invalid interface number: 119 but max is 0
[  178.557068][ T8197] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  178.572238][ T5937] usb 5-1: config 2 has no interface number 0
[  178.648419][ T5937] usb 5-1: config 2 interface 119 has no altsetting 0
[  178.659878][ T5937] usb 5-1: New USB device found, idVendor=093b, idProduct=a104, bcdDevice= 0.01
[  178.671089][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.681290][ T5937] usb 5-1: Product: syz
[  178.689119][ T5937] usb 5-1: Manufacturer: syz
[  178.694625][ T5937] usb 5-1: SerialNumber: syz
[  178.824060][ T5857] ocfs2: Unmounting device (7,2) on (node local)
[  178.932603][ T5937] go7007 5-1:2.119: probe with driver go7007 failed with error -12
[  178.960183][ T5937] usb 5-1: USB disconnect, device number 9
[  179.638865][ T8217] loop1: detected capacity change from 0 to 32768
[  179.661999][ T8217] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  179.670243][ T8217] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  179.687274][ T8217] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  179.700110][ T6089] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  179.711148][ T6089] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  179.851202][ T6089] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 140ms
[  179.861310][ T6089] gfs2: fsid=syz:syz.0: jid=0: Done
[  179.870654][ T8217] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  179.890892][ T8227] loop4: detected capacity change from 0 to 128
[  179.901465][ T8227] ufs: You didn't specify the type of your ufs filesystem
[  179.901465][ T8227] 
[  179.901465][ T8227] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  179.901465][ T8227] 
[  179.901465][ T8227] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  179.932225][    C0] vkms_vblank_simulate: vblank timer overrun
[  179.961503][ T8227] ufs: ufstype=old is supported read-only
[  179.984002][ T8227] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[  180.050266][ T8231] tipc: Started in network mode
[  180.055170][ T8231] tipc: Node identity 4, cluster identity 4711
[  180.061540][ T8231] tipc: Node number set to 4
[  180.292431][   T30] audit: type=1800 audit(1755248451.567:54): pid=8217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.549" name="file1" dev="loop1" ino=9378 res=0 errno=0
[  181.153274][ T8248] loop4: detected capacity change from 0 to 32768
[  181.163922][ T8248] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.560 (8248)
[  181.267899][ T8256] loop2: detected capacity change from 0 to 40427
[  181.283854][ T8256] F2FS-fs (loop2): invalid crc value
[  181.302646][ T8248] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  181.319097][ T8248] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  181.346538][ T8256] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  181.356676][ T8256] F2FS-fs (loop2): Start checkpoint disabled!
[  181.430845][ T8256] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  181.447232][ T8261] loop1: detected capacity change from 0 to 64
[  182.528151][ T8261] BFS-fs: bfs_fill_super(): Impossible last inode number 63507505 > 513 on loop1
[  182.563722][   T36] kworker/u8:2: attempt to access beyond end of device
[  182.563722][   T36] loop2: rw=2049, sector=45096, nr_sectors = 40 limit=40427
[  182.587576][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  182.587603][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  182.587615][   T36] Workqueue: writeback wb_workfn (flush-7:2)
[  182.587643][   T36] Call Trace:
[  182.587649][   T36]  <TASK>
[  182.587657][   T36]  dump_stack_lvl+0x189/0x250
[  182.587680][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.587698][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  182.587714][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  182.587736][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  182.587763][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  182.587792][   T36]  f2fs_write_end_io+0x886/0xb60
[  182.587816][   T36]  __submit_merged_bio+0x27a/0x6a0
[  182.587839][   T36]  __submit_merged_write_cond+0x255/0x530
[  182.587863][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  182.587901][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.587927][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  182.587960][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  182.587987][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  182.588007][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  182.588024][   T36]  ? xa_load+0x60/0x210
[  182.588044][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  182.588061][   T36]  ? do_raw_spin_lock+0x121/0x290
[  182.588085][   T36]  ? rcu_qs+0xc4/0x170
[  182.588099][   T36]  ? __pfx_rcu_qs+0x10/0x10
[  182.588112][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.588134][   T36]  do_writepages+0x32b/0x550
[  182.588154][   T36]  ? do_raw_spin_lock+0x121/0x290
[  182.588178][   T36]  __writeback_single_inode+0x145/0xff0
[  182.588197][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  182.588217][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  182.588239][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  182.588263][   T36]  ? fprop_reflect_period_percpu+0x205/0x330
[  182.588287][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  182.588326][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.588345][   T36]  wb_writeback+0x43b/0xaf0
[  182.588374][   T36]  ? queue_io+0x3a1/0x590
[  182.588394][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  182.588416][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.588434][   T36]  wb_workfn+0x409/0xef0
[  182.588457][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  182.588473][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.588490][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.588508][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  182.588523][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.588539][   T36]  ? lock_acquire+0x5f/0x360
[  182.588562][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.588577][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  182.588592][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  182.588608][   T36]  process_scheduled_works+0xae1/0x17b0
[  182.588637][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  182.588661][   T36]  worker_thread+0x8a0/0xda0
[  182.588691][   T36]  kthread+0x711/0x8a0
[  182.588711][   T36]  ? __pfx_worker_thread+0x10/0x10
[  182.588726][   T36]  ? __pfx_kthread+0x10/0x10
[  182.588749][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  182.588769][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.588784][   T36]  ? __pfx_kthread+0x10/0x10
[  182.588802][   T36]  ret_from_fork+0x3f9/0x770
[  182.588820][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  182.588839][   T36]  ? __switch_to_asm+0x39/0x70
[  182.588858][   T36]  ? __switch_to_asm+0x33/0x70
[  182.588875][   T36]  ? __pfx_kthread+0x10/0x10
[  182.588893][   T36]  ret_from_fork_asm+0x1a/0x30
[  182.588920][   T36]  </TASK>
[  182.588927][   T36] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  182.664909][ T8248] BTRFS info (device loop4): enabling ssd optimizations
[  182.944568][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  182.944595][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  182.944607][   T36] Workqueue: writeback wb_workfn (flush-7:2)
[  182.944644][   T36] Call Trace:
[  182.944651][   T36]  <TASK>
[  182.944660][   T36]  dump_stack_lvl+0x189/0x250
[  182.944683][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  182.944702][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  182.944719][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  182.944741][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  182.944774][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  182.944799][   T36]  f2fs_write_end_io+0x886/0xb60
[  182.944823][   T36]  __submit_merged_bio+0x27a/0x6a0
[  182.944847][   T36]  __submit_merged_write_cond+0x255/0x530
[  182.944870][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  182.944910][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.944939][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  182.944974][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  182.945001][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  182.945022][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  182.945040][   T36]  ? xa_load+0x60/0x210
[  182.945056][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  182.945071][   T36]  ? do_raw_spin_lock+0x121/0x290
[  182.945094][   T36]  ? rcu_qs+0xc4/0x170
[  182.945109][   T36]  ? __pfx_rcu_qs+0x10/0x10
[  182.945123][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  182.945145][   T36]  do_writepages+0x32b/0x550
[  182.945166][   T36]  ? do_raw_spin_lock+0x121/0x290
[  182.945192][   T36]  __writeback_single_inode+0x145/0xff0
[  182.945212][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  182.945233][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  182.945256][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  182.945282][   T36]  ? fprop_reflect_period_percpu+0x205/0x330
[  182.945309][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  182.945348][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.945368][   T36]  wb_writeback+0x43b/0xaf0
[  182.945391][   T36]  ? queue_io+0x3a1/0x590
[  182.945411][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  182.945434][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.945453][   T36]  wb_workfn+0x409/0xef0
[  182.945476][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  182.945493][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.945510][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.945529][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  182.945545][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.945561][   T36]  ? lock_acquire+0x5f/0x360
[  182.945584][   T36]  ? rcu_is_watching+0x15/0xb0
[  182.945599][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  182.945621][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  182.945642][   T36]  process_scheduled_works+0xae1/0x17b0
[  182.945667][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  182.945688][   T36]  worker_thread+0x8a0/0xda0
[  182.945713][   T36]  kthread+0x711/0x8a0
[  182.945732][   T36]  ? __pfx_worker_thread+0x10/0x10
[  182.945745][   T36]  ? __pfx_kthread+0x10/0x10
[  182.945762][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  182.945781][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  182.945795][   T36]  ? __pfx_kthread+0x10/0x10
[  182.945813][   T36]  ret_from_fork+0x3f9/0x770
[  182.945830][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  182.945848][   T36]  ? __switch_to_asm+0x39/0x70
[  182.945864][   T36]  ? __switch_to_asm+0x33/0x70
[  182.945880][   T36]  ? __pfx_kthread+0x10/0x10
[  182.945898][   T36]  ret_from_fork_asm+0x1a/0x30
[  182.945921][   T36]  </TASK>
[  183.286969][ T8248] BTRFS info (device loop4): enabling free space tree
[  183.294232][   T36] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  183.354772][ T8283] loop1: detected capacity change from 0 to 128
[  183.366006][ T8283] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  183.420318][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  183.420344][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  183.420355][   T36] Workqueue: writeback wb_workfn (flush-7:2)
[  183.420381][   T36] Call Trace:
[  183.420387][   T36]  <TASK>
[  183.420393][   T36]  dump_stack_lvl+0x189/0x250
[  183.420414][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.420432][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  183.420449][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.420473][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.420496][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  183.420516][   T36]  f2fs_write_end_io+0x886/0xb60
[  183.420535][   T36]  __submit_merged_bio+0x27a/0x6a0
[  183.420555][   T36]  __submit_merged_write_cond+0x255/0x530
[  183.420577][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  183.420620][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.420646][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  183.420674][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  183.420705][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  183.420725][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  183.420741][   T36]  ? xa_load+0x60/0x210
[  183.420757][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  183.420774][   T36]  ? do_raw_spin_lock+0x121/0x290
[  183.420792][   T36]  ? rcu_qs+0xc4/0x170
[  183.420806][   T36]  ? __pfx_rcu_qs+0x10/0x10
[  183.420819][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.420842][   T36]  do_writepages+0x32b/0x550
[  183.420863][   T36]  ? do_raw_spin_lock+0x121/0x290
[  183.420884][   T36]  __writeback_single_inode+0x145/0xff0
[  183.420905][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  183.420924][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  183.420946][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.420970][   T36]  ? fprop_reflect_period_percpu+0x205/0x330
[  183.420994][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  183.421027][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.421045][   T36]  wb_writeback+0x43b/0xaf0
[  183.421065][   T36]  ? queue_io+0x3a1/0x590
[  183.421084][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  183.421107][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.421124][   T36]  wb_workfn+0x409/0xef0
[  183.421147][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  183.421164][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.421181][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.421198][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  183.421213][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.421228][   T36]  ? lock_acquire+0x5f/0x360
[  183.421250][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.421264][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  183.421279][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  183.421295][   T36]  process_scheduled_works+0xae1/0x17b0
[  183.421322][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  183.421343][   T36]  worker_thread+0x8a0/0xda0
[  183.421368][   T36]  kthread+0x711/0x8a0
[  183.421387][   T36]  ? __pfx_worker_thread+0x10/0x10
[  183.421403][   T36]  ? __pfx_kthread+0x10/0x10
[  183.421420][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  183.421440][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.421454][   T36]  ? __pfx_kthread+0x10/0x10
[  183.421472][   T36]  ret_from_fork+0x3f9/0x770
[  183.421490][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  183.421508][   T36]  ? __switch_to_asm+0x39/0x70
[  183.421527][   T36]  ? __switch_to_asm+0x33/0x70
[  183.421545][   T36]  ? __pfx_kthread+0x10/0x10
[  183.421563][   T36]  ret_from_fork_asm+0x1a/0x30
[  183.421594][   T36]  </TASK>
[  183.421602][   T36] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  183.455483][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  183.455509][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  183.455521][   T36] Workqueue: writeback wb_workfn (flush-7:2)
[  183.455546][   T36] Call Trace:
[  183.455553][   T36]  <TASK>
[  183.455562][   T36]  dump_stack_lvl+0x189/0x250
[  183.455597][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.455615][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  183.455632][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.455654][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.455681][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  183.455706][   T36]  f2fs_write_end_io+0x886/0xb60
[  183.455729][   T36]  __submit_merged_bio+0x27a/0x6a0
[  183.455751][   T36]  __submit_merged_write_cond+0x255/0x530
[  183.455774][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  183.455812][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.455839][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  183.455872][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  183.455898][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  183.455918][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  183.455935][   T36]  ? xa_load+0x60/0x210
[  183.455954][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  183.455972][   T36]  ? do_raw_spin_lock+0x121/0x290
[  183.455995][   T36]  ? rcu_qs+0xc4/0x170
[  183.456009][   T36]  ? __pfx_rcu_qs+0x10/0x10
[  183.456021][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.456044][   T36]  do_writepages+0x32b/0x550
[  183.456064][   T36]  ? do_raw_spin_lock+0x121/0x290
[  183.456088][   T36]  __writeback_single_inode+0x145/0xff0
[  183.456108][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  183.456128][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  183.456150][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.456174][   T36]  ? fprop_reflect_period_percpu+0x205/0x330
[  183.456200][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  183.456238][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.456257][   T36]  wb_writeback+0x43b/0xaf0
[  183.456279][   T36]  ? queue_io+0x3a1/0x590
[  183.456299][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  183.456320][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.456338][   T36]  wb_workfn+0x409/0xef0
[  183.456361][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  183.456376][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.456392][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.456410][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  183.456425][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.456440][   T36]  ? lock_acquire+0x5f/0x360
[  183.456462][   T36]  ? rcu_is_watching+0x15/0xb0
[  183.456476][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  183.456491][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  183.456507][   T36]  process_scheduled_works+0xae1/0x17b0
[  183.456536][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  183.456560][   T36]  worker_thread+0x8a0/0xda0
[  183.456595][   T36]  kthread+0x711/0x8a0
[  183.456614][   T36]  ? __pfx_worker_thread+0x10/0x10
[  183.456630][   T36]  ? __pfx_kthread+0x10/0x10
[  183.456648][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  183.456668][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  183.456682][   T36]  ? __pfx_kthread+0x10/0x10
[  183.456700][   T36]  ret_from_fork+0x3f9/0x770
[  183.456717][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  183.456735][   T36]  ? __switch_to_asm+0x39/0x70
[  183.456753][   T36]  ? __switch_to_asm+0x33/0x70
[  183.456771][   T36]  ? __pfx_kthread+0x10/0x10
[  183.456789][   T36]  ret_from_fork_asm+0x1a/0x30
[  183.456815][   T36]  </TASK>
[  183.457431][   T36] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  184.128503][ T8284] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  184.190345][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  184.190373][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  184.190383][   T36] Workqueue: writeback wb_workfn (flush-7:2)
[  184.190409][   T36] Call Trace:
[  184.190416][   T36]  <TASK>
[  184.190424][   T36]  dump_stack_lvl+0x189/0x250
[  184.190446][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[  184.190464][   T36]  ? __pfx_queue_work_on+0x10/0x10
[  184.190480][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  184.190502][   T36]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  184.190525][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  184.190550][   T36]  f2fs_write_end_io+0x886/0xb60
[  184.190570][   T36]  __submit_merged_bio+0x27a/0x6a0
[  184.190593][   T36]  __submit_merged_write_cond+0x255/0x530
[  184.190615][   T36]  f2fs_write_data_pages+0x261d/0x3000
[  184.190649][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  184.190676][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  184.190705][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  184.190731][   T36]  ? trace_f2fs_writepages+0x7f/0x200
[  184.190751][   T36]  ? f2fs_write_node_pages+0x478/0x6e0
[  184.190769][   T36]  ? xa_load+0x60/0x210
[  184.190787][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  184.190805][   T36]  ? do_raw_spin_lock+0x121/0x290
[  184.190828][   T36]  ? rcu_qs+0xc4/0x170
[  184.190843][   T36]  ? __pfx_rcu_qs+0x10/0x10
[  184.190857][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  184.190879][   T36]  do_writepages+0x32b/0x550
[  184.190900][   T36]  ? do_raw_spin_lock+0x121/0x290
[  184.190923][   T36]  __writeback_single_inode+0x145/0xff0
[  184.190944][   T36]  ? do_raw_spin_unlock+0x122/0x240
[  184.190963][   T36]  writeback_sb_inodes+0x6c7/0x1010
[  184.190986][   T36]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  184.191010][   T36]  ? fprop_reflect_period_percpu+0x205/0x330
[  184.191036][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  184.191070][   T36]  ? rcu_is_watching+0x15/0xb0
[  184.191090][   T36]  wb_writeback+0x43b/0xaf0
[  184.191111][   T36]  ? queue_io+0x3a1/0x590
[  184.191128][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  184.191148][   T36]  ? rcu_is_watching+0x15/0xb0
[  184.191163][   T36]  wb_workfn+0x409/0xef0
[  184.191185][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  184.191199][   T36]  ? rcu_is_watching+0x15/0xb0
[  184.191211][   T36]  ? rcu_is_watching+0x15/0xb0
[  184.191225][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  184.191239][   T36]  ? rcu_is_watching+0x15/0xb0
[  184.191251][   T36]  ? lock_acquire+0x5f/0x360
[  184.191272][   T36]  ? rcu_is_watching+0x15/0xb0
[  184.191285][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  184.191299][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[  184.191319][   T36]  process_scheduled_works+0xae1/0x17b0
[  184.191343][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  184.191363][   T36]  worker_thread+0x8a0/0xda0
[  184.191385][   T36]  kthread+0x711/0x8a0
[  184.191404][   T36]  ? __pfx_worker_thread+0x10/0x10
[  184.191418][   T36]  ? __pfx_kthread+0x10/0x10
[  184.191435][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  184.191454][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[  184.191469][   T36]  ? __pfx_kthread+0x10/0x10
[  184.191488][   T36]  ret_from_fork+0x3f9/0x770
[  184.191506][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  184.191525][   T36]  ? __switch_to_asm+0x39/0x70
[  184.191544][   T36]  ? __switch_to_asm+0x33/0x70
[  184.191562][   T36]  ? __pfx_kthread+0x10/0x10
[  184.191579][   T36]  ret_from_fork_asm+0x1a/0x30
[  184.191599][   T36]  </TASK>
[  184.191712][   T36] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  184.542827][ T5860] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  184.918271][ T8290] netlink: 'syz.4.568': attribute type 2 has an invalid length.
[  184.958330][ T8290] netlink: 12 bytes leftover after parsing attributes in process `syz.4.568'.
[  185.157193][ T8293] loop2: detected capacity change from 0 to 4096
[  185.173978][ T8293] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  185.215651][  T959] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  185.426772][  T959] usb 5-1: config 0 has an invalid interface number: 222 but max is 0
[  185.437826][  T959] usb 5-1: config 0 has no interface number 0
[  185.464561][  T959] usb 5-1: config 0 interface 222 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  185.547707][  T959] usb 5-1: config 0 interface 222 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  185.559041][  T959] usb 5-1: config 0 interface 222 has no altsetting 0
[  185.572043][  T959] usb 5-1: New USB device found, idVendor=3823, idProduct=0002, bcdDevice=86.41
[  185.582685][  T959] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.598450][ T8293] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  185.608630][  T959] usb 5-1: Product: syz
[  185.612828][  T959] usb 5-1: Manufacturer: syz
[  185.622567][  T959] usb 5-1: SerialNumber: syz
[  185.675962][  T959] usb 5-1: config 0 descriptor??
[  185.691451][ T8291] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  185.699079][ T8291] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  185.774253][ T8299] loop1: detected capacity change from 0 to 40427
[  186.173247][  T959] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.222/input/input15
[  186.305070][   T43] usb 5-1: USB disconnect, device number 10
[  186.309833][ T8299] F2FS-fs (loop1): invalid crc value
[  186.311157][    C1] usbtouchscreen 5-1:0.222: usbtouch_irq - usb_submit_urb failed with result: -19
[  186.333747][ T8310] netlink: 12 bytes leftover after parsing attributes in process `syz.2.576'.
[  186.342781][ T8310] netlink: 60 bytes leftover after parsing attributes in process `syz.2.576'.
[  186.352347][ T8310] netlink: 12 bytes leftover after parsing attributes in process `syz.2.576'.
[  186.361999][ T8310] netlink: 60 bytes leftover after parsing attributes in process `syz.2.576'.
[  186.366206][ T8299] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  186.371022][ T8310] netlink: 104 bytes leftover after parsing attributes in process `syz.2.576'.
[  186.382429][ T8299] F2FS-fs (loop1): Start checkpoint disabled!
[  186.399890][ T8299] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  186.495654][ T8299] loop7: detected capacity change from 0 to 7
[  186.502473][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.511704][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.520377][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.529605][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.540184][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.549403][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.605414][ T8315] Invalid logical block size (6)
[  186.611027][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.620225][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.629026][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.638277][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.646941][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.656146][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.666953][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.676311][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.684332][ T8299] ldm_validate_partition_table(): Disk read failed.
[  186.691680][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.700877][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.709371][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.718546][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.726836][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  186.736076][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  186.744563][ T8299] Dev loop7: unable to read RDB block 0
[  186.750712][ T8299]  loop7: unable to read partition table
[  186.757569][ T8299] loop7: partition table beyond EOD, truncated
[  186.763816][ T8299] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  186.817333][ T4463] kworker/u8:7: attempt to access beyond end of device
[  186.817333][ T4463] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  186.831671][ T4463] CPU: 0 UID: 0 PID: 4463 Comm: kworker/u8:7 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  186.831696][ T4463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  186.831707][ T4463] Workqueue: writeback wb_workfn (flush-7:1)
[  186.831733][ T4463] Call Trace:
[  186.831738][ T4463]  <TASK>
[  186.831745][ T4463]  dump_stack_lvl+0x189/0x250
[  186.831768][ T4463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.831786][ T4463]  ? __pfx_queue_work_on+0x10/0x10
[  186.831802][ T4463]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  186.831825][ T4463]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  186.831852][ T4463]  f2fs_handle_critical_error+0x37c/0x540
[  186.831878][ T4463]  f2fs_write_end_io+0x886/0xb60
[  186.831902][ T4463]  __submit_merged_bio+0x27a/0x6a0
[  186.831926][ T4463]  __submit_merged_write_cond+0x255/0x530
[  186.831949][ T4463]  f2fs_write_data_pages+0x261d/0x3000
[  186.831988][ T4463]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  186.832016][ T4463]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  186.832047][ T4463]  ? bpf_send_signal_common+0x407/0x540
[  186.832071][ T4463]  ? __pfx_bpf_send_signal_common+0x10/0x10
[  186.832099][ T4463]  ? lock_release+0x4b/0x3e0
[  186.832124][ T4463]  ? bpf_trace_run4+0x322/0x4a0
[  186.832148][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832164][ T4463]  ? lock_release+0x4b/0x3e0
[  186.832185][ T4463]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  186.832208][ T4463]  do_writepages+0x32b/0x550
[  186.832249][ T4463]  __writeback_single_inode+0x145/0xff0
[  186.832270][ T4463]  ? do_raw_spin_unlock+0x122/0x240
[  186.832291][ T4463]  writeback_sb_inodes+0x6c7/0x1010
[  186.832310][ T4463]  ? finish_task_switch+0x26b/0x950
[  186.832343][ T4463]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  186.832384][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832405][ T4463]  wb_writeback+0x43b/0xaf0
[  186.832431][ T4463]  ? queue_io+0x3a1/0x590
[  186.832451][ T4463]  ? __pfx_wb_writeback+0x10/0x10
[  186.832473][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832490][ T4463]  wb_workfn+0x409/0xef0
[  186.832514][ T4463]  ? __pfx_wb_workfn+0x10/0x10
[  186.832534][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832553][ T4463]  ? process_scheduled_works+0x9ef/0x17b0
[  186.832568][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832584][ T4463]  ? lock_acquire+0x5f/0x360
[  186.832607][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832622][ T4463]  ? process_scheduled_works+0x9ef/0x17b0
[  186.832636][ T4463]  ? process_scheduled_works+0x9ef/0x17b0
[  186.832653][ T4463]  process_scheduled_works+0xae1/0x17b0
[  186.832684][ T4463]  ? __pfx_process_scheduled_works+0x10/0x10
[  186.832710][ T4463]  worker_thread+0x8a0/0xda0
[  186.832727][ T4463]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  186.832752][ T4463]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  186.832773][ T4463]  ? __kthread_parkme+0x7b/0x200
[  186.832795][ T4463]  kthread+0x711/0x8a0
[  186.832815][ T4463]  ? __pfx_worker_thread+0x10/0x10
[  186.832831][ T4463]  ? __pfx_kthread+0x10/0x10
[  186.832850][ T4463]  ? rcu_is_watching+0x15/0xb0
[  186.832866][ T4463]  ? __pfx_kthread+0x10/0x10
[  186.832885][ T4463]  ret_from_fork+0x3f9/0x770
[  186.832904][ T4463]  ? __pfx_ret_from_fork+0x10/0x10
[  186.832923][ T4463]  ? __switch_to_asm+0x39/0x70
[  186.832942][ T4463]  ? __switch_to_asm+0x33/0x70
[  186.832960][ T4463]  ? __pfx_kthread+0x10/0x10
[  186.832979][ T4463]  ret_from_fork_asm+0x1a/0x30
[  186.833006][ T4463]  </TASK>
[  187.155777][ T4463] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  187.262990][ T8320] openvswitch: netlink: Missing valid actions attribute.
[  187.274610][ T8320] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  187.286220][ T8320] loop3: detected capacity change from 0 to 8
[  187.332225][ T8322] loop2: detected capacity change from 0 to 512
[  187.342157][ T8323] loop4: detected capacity change from 0 to 512
[  187.353388][ T8320] SQUASHFS error: lzo decompression failed, data probably corrupt
[  187.366389][ T8323] EXT4-fs: Ignoring removed nobh option
[  187.373615][ T8320] SQUASHFS error: Failed to read block 0x91: -5
[  187.380653][ T8320] SQUASHFS error: Unable to read metadata cache entry [8f]
[  187.392659][ T8320] SQUASHFS error: Unable to read inode 0x11f
[  187.455861][ T8323] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  187.463863][ T8323] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  187.474866][ T8323] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #13: comm syz.4.580: casefold flag without casefold feature
[  187.505709][ T8323] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.580: couldn't read orphan inode 13 (err -117)
[  187.528220][ T8323] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.101509][ T5860] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.117204][ T8342] netlink: 'syz.3.585': attribute type 10 has an invalid length.
[  188.139701][ T8342] team0: Device veth1_macvtap failed to register rx_handler
[  188.204025][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.3.586'.
[  188.257961][ T8349] loop3: detected capacity change from 0 to 1024
[  188.719099][ T8353] netlink: 44 bytes leftover after parsing attributes in process `syz.0.590'.
[  189.413262][ T8347] loop4: detected capacity change from 0 to 40427
[  189.422262][ T8347] F2FS-fs: heap/no_heap options were deprecated
[  189.429771][ T8347] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(0) root(83886083)
[  189.438709][ T8347] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  189.447411][ T8347] F2FS-fs (loop4): Image doesn't support compression
[  189.454211][ T8347] F2FS-fs (loop4): build fault injection rate: 690
[  189.465868][ T8347] F2FS-fs (loop4): invalid crc value
[  189.536779][ T8361] loop2: detected capacity change from 0 to 32768
[  189.640609][ T8347] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  189.657070][ T8361] JBD2: Ignoring recovery information on journal
[  189.684152][ T8347] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  189.706845][ T8347] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  189.716822][ T8361] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  189.741968][ T8370] loop3: detected capacity change from 0 to 8192
[  190.024013][ T8375] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  190.668839][ T5857] ocfs2: Unmounting device (7,2) on (node local)
[  190.723211][ T8380] loop1: detected capacity change from 0 to 512
[  190.743952][ T8380] EXT4-fs: Ignoring removed nobh option
[  190.766788][ T8380] fscrypt (loop1, inode 2): Error -61 getting encryption context
[  190.780018][ T8380] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -61
[  190.814480][ T8376] Set syz1 is full, maxelem 6117 reached
[  190.849476][ T8380] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.597: casefold flag without casefold feature
[  190.894157][ T8380] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.597: couldn't read orphan inode 13 (err -117)
[  190.957237][ T8380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  191.005551][ T8395] loop3: detected capacity change from 0 to 64
[  191.577686][ T5867] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.752167][ T8403] ==================================================================
[  191.760286][ T8403] BUG: KASAN: slab-use-after-free in __se_sys_mremap+0xb33/0x1150
[  191.768099][ T8403] Read of size 8 at addr ffff888076294698 by task syz.3.602/8403
[  191.775813][ T8403] 
[  191.778128][ T8403] CPU: 1 UID: 0 PID: 8403 Comm: syz.3.602 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  191.778143][ T8403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.778150][ T8403] Call Trace:
[  191.778155][ T8403]  <TASK>
[  191.778160][ T8403]  dump_stack_lvl+0x189/0x250
[  191.778177][ T8403]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.778187][ T8403]  ? lock_release+0x4b/0x3e0
[  191.778202][ T8403]  ? __virt_addr_valid+0x4a5/0x5c0
[  191.778216][ T8403]  print_report+0xca/0x240
[  191.778226][ T8403]  ? __se_sys_mremap+0xb33/0x1150
[  191.778236][ T8403]  kasan_report+0x118/0x150
[  191.778250][ T8403]  ? __se_sys_mremap+0xb33/0x1150
[  191.778261][ T8403]  __se_sys_mremap+0xb33/0x1150
[  191.778276][ T8403]  ? __pfx___se_sys_mremap+0x10/0x10
[  191.778291][ T8403]  ? rcu_is_watching+0x15/0xb0
[  191.778299][ T8403]  ? __x64_sys_mremap+0x20/0xc0
[  191.778309][ T8403]  do_syscall_64+0xfa/0x3b0
[  191.778320][ T8403]  ? rcu_is_watching+0x15/0xb0
[  191.778328][ T8403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.778337][ T8403]  ? clear_bhb_loop+0x60/0xb0
[  191.778347][ T8403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.778357][ T8403] RIP: 0033:0x7f6e7418ebe9
[  191.778367][ T8403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.778375][ T8403] RSP: 002b:00007f6e7501f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  191.778386][ T8403] RAX: ffffffffffffffda RBX: 00007f6e743b6090 RCX: 00007f6e7418ebe9
[  191.778394][ T8403] RDX: 0000000000002000 RSI: 0000000000002000 RDI: 0000200000041000
[  191.778400][ T8403] RBP: 00007f6e74211e19 R08: 00002000004c3000 R09: 0000000000000000
[  191.778407][ T8403] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  191.778413][ T8403] R13: 00007f6e743b6128 R14: 00007f6e743b6090 R15: 00007fff3133a018
[  191.778424][ T8403]  </TASK>
[  191.778427][ T8403] 
[  191.967342][ T8403] Allocated by task 5861:
[  191.971648][ T8403]  kasan_save_track+0x3e/0x80
[  191.976309][ T8403]  __kasan_slab_alloc+0x6c/0x80
[  191.981142][ T8403]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  191.986665][ T8403]  vm_area_dup+0x2b/0x680
[  191.990969][ T8403]  dup_mmap+0x90c/0x1ac0
[  191.995196][ T8403]  copy_mm+0x13c/0x4b0
[  191.999242][ T8403]  copy_process+0x1706/0x3c00
[  192.003894][ T8403]  kernel_clone+0x21e/0x840
[  192.008403][ T8403]  __x64_sys_clone+0x18b/0x1e0
[  192.013319][ T8403]  do_syscall_64+0xfa/0x3b0
[  192.017798][ T8403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.023660][ T8403] 
[  192.025959][ T8403] Freed by task 0:
[  192.029655][ T8403]  kasan_save_track+0x3e/0x80
[  192.034315][ T8403]  __kasan_save_free_info+0x46/0x50
[  192.039487][ T8403]  __kasan_slab_free+0x5b/0x80
[  192.044225][ T8403]  slab_free_after_rcu_debug+0x129/0x2a0
[  192.049832][ T8403]  rcu_core+0xca8/0x1770
[  192.054055][ T8403]  handle_softirqs+0x286/0x870
[  192.058805][ T8403]  __irq_exit_rcu+0xca/0x1f0
[  192.063369][ T8403]  irq_exit_rcu+0x9/0x30
[  192.067595][ T8403]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  192.073207][ T8403]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  192.079164][ T8403] 
[  192.081467][ T8403] Last potentially related work creation:
[  192.087155][ T8403]  kasan_save_stack+0x3e/0x60
[  192.091809][ T8403]  kasan_record_aux_stack+0xbd/0xd0
[  192.097011][ T8403]  kmem_cache_free+0x2f6/0x400
[  192.101749][ T8403]  vms_complete_munmap_vmas+0x626/0x8a0
[  192.107272][ T8403]  do_vmi_align_munmap+0x358/0x420
[  192.112357][ T8403]  do_vmi_munmap+0x253/0x2e0
[  192.116921][ T8403]  do_munmap+0xe1/0x140
[  192.121052][ T8403]  mremap_to+0x2df/0x7a0
[  192.125270][ T8403]  __se_sys_mremap+0xadf/0x1150
[  192.130094][ T8403]  do_syscall_64+0xfa/0x3b0
[  192.134666][ T8403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.140558][ T8403] 
[  192.142859][ T8403] The buggy address belongs to the object at ffff888076294640
[  192.142859][ T8403]  which belongs to the cache vm_area_struct of size 256
[  192.157147][ T8403] The buggy address is located 88 bytes inside of
[  192.157147][ T8403]  freed 256-byte region [ffff888076294640, ffff888076294740)
[  192.170843][ T8403] 
[  192.173176][ T8403] The buggy address belongs to the physical page:
[  192.179574][ T8403] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x76294
[  192.188330][ T8403] memcg:ffff888020333101
[  192.192546][ T8403] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  192.199726][ T8403] page_type: f5(slab)
[  192.203689][ T8403] raw: 00fff00000000000 ffff88801bad5b40 ffffea00009c7a40 dead000000000002
[  192.212246][ T8403] raw: 0000000000000000 00000000000c000c 00000000f5000000 ffff888020333101
[  192.220814][ T8403] page dumped because: kasan: bad access detected
[  192.227210][ T8403] page_owner tracks the page as allocated
[  192.232899][ T8403] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5867, tgid 5867 (syz-executor), ts 64713305907, free_ts 64696845928
[  192.252145][ T8403]  post_alloc_hook+0x240/0x2a0
[  192.256896][ T8403]  get_page_from_freelist+0x21e4/0x22c0
[  192.262480][ T8403]  __alloc_frozen_pages_noprof+0x181/0x370
[  192.268273][ T8403]  alloc_pages_mpol+0x232/0x4a0
[  192.273108][ T8403]  allocate_slab+0x8a/0x370
[  192.277595][ T8403]  ___slab_alloc+0xbeb/0x1410
[  192.282251][ T8403]  kmem_cache_alloc_noprof+0x283/0x3c0
[  192.287691][ T8403]  vm_area_dup+0x2b/0x680
[  192.291996][ T8403]  dup_mmap+0x90c/0x1ac0
[  192.296218][ T8403]  copy_mm+0x13c/0x4b0
[  192.300261][ T8403]  copy_process+0x1706/0x3c00
[  192.304909][ T8403]  kernel_clone+0x21e/0x840
[  192.309389][ T8403]  __x64_sys_clone+0x18b/0x1e0
[  192.314126][ T8403]  do_syscall_64+0xfa/0x3b0
[  192.318604][ T8403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.324470][ T8403] page last free pid 5971 tgid 5971 stack trace:
[  192.330780][ T8403]  __free_frozen_pages+0xbc4/0xd30
[  192.335870][ T8403]  vfree+0x25a/0x400
[  192.339742][ T8403]  delayed_vfree_work+0x55/0x80
[  192.344564][ T8403]  process_scheduled_works+0xae1/0x17b0
[  192.350090][ T8403]  worker_thread+0x8a0/0xda0
[  192.354678][ T8403]  kthread+0x711/0x8a0
[  192.358740][ T8403]  ret_from_fork+0x3f9/0x770
[  192.363307][ T8403]  ret_from_fork_asm+0x1a/0x30
[  192.368060][ T8403] 
[  192.370371][ T8403] Memory state around the buggy address:
[  192.375980][ T8403]  ffff888076294580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  192.384027][ T8403]  ffff888076294600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb
[  192.392092][ T8403] >ffff888076294680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  192.400132][ T8403]                             ^
[  192.404963][ T8403]  ffff888076294700: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
[  192.413024][ T8403]  ffff888076294780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  192.421061][ T8403] ==================================================================
[  192.429177][    C1] vkms_vblank_simulate: vblank timer overrun
[  192.487747][ T8408] netlink: 24 bytes leftover after parsing attributes in process `syz.4.595'.
[  192.512513][ T8403] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  192.519741][ T8403] CPU: 1 UID: 0 PID: 8403 Comm: syz.3.602 Not tainted 6.17.0-rc1-next-20250814-syzkaller #0 PREEMPT(full) 
[  192.531104][ T8403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  192.541158][ T8403] Call Trace:
[  192.544445][ T8403]  <TASK>
[  192.547367][ T8403]  dump_stack_lvl+0x99/0x250
[  192.551949][ T8403]  ? __asan_memcpy+0x40/0x70
[  192.556529][ T8403]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.561716][ T8403]  ? __pfx__printk+0x10/0x10
[  192.566299][ T8403]  vpanic+0x281/0x750
[  192.570268][ T8403]  ? rcu_is_watching+0x15/0xb0
[  192.575017][ T8403]  ? __pfx_vpanic+0x10/0x10
[  192.579508][ T8403]  ? preempt_schedule_irq+0xde/0x150
[  192.584785][ T8403]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  192.590492][ T8403]  ? preempt_schedule+0xae/0xc0
[  192.595335][ T8403]  ? __pfx_preempt_schedule+0x10/0x10
[  192.600703][ T8403]  panic+0xb9/0xc0
[  192.604426][ T8403]  ? __pfx_panic+0x10/0x10
[  192.608836][ T8403]  ? __se_sys_mremap+0xb33/0x1150
[  192.613849][ T8403]  check_panic_on_warn+0x89/0xb0
[  192.618775][ T8403]  ? __se_sys_mremap+0xb33/0x1150
[  192.623781][ T8403]  end_report+0x78/0x160
[  192.628015][ T8403]  kasan_report+0x129/0x150
[  192.632509][ T8403]  ? __se_sys_mremap+0xb33/0x1150
[  192.637523][ T8403]  __se_sys_mremap+0xb33/0x1150
[  192.642368][ T8403]  ? __pfx___se_sys_mremap+0x10/0x10
[  192.647741][ T8403]  ? rcu_is_watching+0x15/0xb0
[  192.652505][ T8403]  ? __x64_sys_mremap+0x20/0xc0
[  192.657415][ T8403]  do_syscall_64+0xfa/0x3b0
[  192.661915][ T8403]  ? rcu_is_watching+0x15/0xb0
[  192.666664][ T8403]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.672723][ T8403]  ? clear_bhb_loop+0x60/0xb0
[  192.677399][ T8403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.683280][ T8403] RIP: 0033:0x7f6e7418ebe9
[  192.687683][ T8403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.707314][ T8403] RSP: 002b:00007f6e7501f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  192.715806][ T8403] RAX: ffffffffffffffda RBX: 00007f6e743b6090 RCX: 00007f6e7418ebe9
[  192.723766][ T8403] RDX: 0000000000002000 RSI: 0000000000002000 RDI: 0000200000041000
[  192.731723][ T8403] RBP: 00007f6e74211e19 R08: 00002000004c3000 R09: 0000000000000000
[  192.739677][ T8403] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  192.747645][ T8403] R13: 00007f6e743b6128 R14: 00007f6e743b6090 R15: 00007fff3133a018
[  192.755606][ T8403]  </TASK>
[  192.758910][ T8403] Kernel Offset: disabled
[  192.763219][ T8403] Rebooting in 86400 seconds..