last executing test programs:

3m0.403561873s ago: executing program 0 (id=165):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x7f6ba000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES16=r0], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
write$binfmt_script(r3, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
write$UHID_INPUT(r2, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
lseek(r4, 0x800000000009a4, 0x0)

3m0.100211621s ago: executing program 0 (id=169):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000440)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042", <r4=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25", <r5=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000780)={"f0878953d152e601ab94c1fb04008c46b9e5d1a31965c61e0df52cd000", r5})
close_range(r1, r4, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m59.996720391s ago: executing program 0 (id=170):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
r3 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
preadv(r2, &(0x7f0000000000)=[{&(0x7f0000000140)=""/198, 0xc6}], 0x1, 0x1a, 0x0)

2m59.011672377s ago: executing program 0 (id=172):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x80700a, 0x0)

2m58.732642916s ago: executing program 0 (id=174):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x4001, 0x3, 0x210, 0x180, 0x0, 0x148, 0x0, 0x148, 0x220, 0x240, 0x240, 0x220, 0x240, 0x7fffffe, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth1_to_batadv\x00', {}, {}, 0x88}, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x270)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000000, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9})
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m56.649198249s ago: executing program 0 (id=183):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

2m56.373338558s ago: executing program 32 (id=183):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x7, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

1m39.637399959s ago: executing program 4 (id=409):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x7f6ba000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
write$binfmt_script(r5, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
write$UHID_INPUT(r4, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
lseek(r6, 0x800000000009a4, 0x0)

1m37.907360153s ago: executing program 4 (id=413):
r0 = memfd_create(0x0, 0x0)
copy_file_range(r0, 0x0, r0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000900)=ANY=[], 0xfeeb, 0x0)
r1 = socket$inet6(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000000440)={'ip6tnl0\x00', 0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=@ipv4_newroute={0x1c, 0x15, 0x0, 0x0, 0x0, {0x2, 0x0, 0x80, 0x0, 0xff}}, 0x1c}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f00000008c0)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000280)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

1m37.700761512s ago: executing program 4 (id=415):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@noheap}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@background_gc_on}, {@nouser_xattr}, {@checkpoint_diasble}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r1 = add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
add_key$fscrypt_v1(&(0x7f0000000100), 0x0, 0x0, 0x0, r1)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000200), 0x106, 0x9}}, 0x20)

1m33.753538269s ago: executing program 4 (id=423):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000080)='./bus\x00', 0x3000002, &(0x7f0000000340)=ANY=[@ANYBLOB='uid=', @ANYRESHEX=0x0, @ANYBLOB="2c66696c655f756d61736b3d30303030303030303030303030303030303030303030312c696f636861727365743d6d6163726f6d616e2c706172743d3078303030303030303030303030613565662c63726561746f723da0a54db32c706172743d3078303030303030303030303030306666662c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0x0, @ANYBLOB=',codepage=macinuit,dir_umask=0000000000000codepage=cp737,func=POLICY_CHECK,\x00'/87], 0x1, 0x2f2, &(0x7f00000006c0)="$eJzs3T9v004cx/HPOUmT9lf15/5BSCygQiVYKgoMiCUVysrOhIAmlSqiItoiAQsFMSIeAHufAkw8ARYQTwAmJh5AN6O7XP44sdM2JHED75fU6Hy+O39PtuP7WoIIwD/rduX7wfWf9s9IOeUk3ZICSSUpL+mMzpaebu9t7dVr1X4D5VwP+2fU6Gl62mxs15K62n6uhxfarbxmO+swGlEUrf/IOghkzt39CQKp6O9Dt7805rhGZV86n3UM49Z5gs2hDvVMcxmGAwA4BfzzP/CPiYKrMgoCacU/9nuf/0Fm4Q4gim0dZhbHSNyo91RFfTt0PP/d6i4y9vz+73a18z2Xwtn9QTNLPE4wha7tKTWuldgC0xyVVbpYgunNrbxWN16pGui1yl5HsyX3WY1fjEdEu5yQm/aRPlpBd2Yas3Erym7NkDa36rWiLSTEv3iyI/4589l8NfdMqPeqttZ/+cjY0+TOVNh1poKCjf9q+oj/uV62lXzaXy6X498N8+4g5/wRvJ5ZRrFrtpSckah5Rc23XxrstyJoxPkxvdeC4q8VGrNbS5+d67WY1CtsbaX0Wor1yvkrYXXjcb3vq5TRMu/MXbOsX/qgSsf6P7Dxreg4d6Zt41r6K6Mxn6nklnnXMuzJHNu3y4VWBF5xsInhJN7qoW5qbvf5i0e5er22YwsPEgpPZneMrym8kRLbDFAoDmkcW9B+uyayXkbRcbtHwwujqO6aK0MauVGw3x+tGnv7JDW2d1mrJkgf8JN6d80NLdRhFEoJEZ6WQuWL1L3roKdmAgr2iZuyK+svKIzDrmmedF8xnXFAGDe77jKRKTVX8n5V51Ik+xH2yUb6J5nxEddaGVx8KbjgPmeSM7j1tGFTM7iOI15LyRldznXxsnSpo9Kob84V+jj/Eqaib7rP+38AAAAAAAAAAAAAAAAAAIBJM45/aZD1HAEAAAAAAAAAAAAAAAAAAAAAmHQD/f5v0v8R737/N+T3f4EJ8jsAAP//Y/x7PA==")
syz_mount_image$fuse(0x0, &(0x7f0000000e80)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
close_range(0xffffffffffffffff, r4, 0x2)
renameat2(r3, 0x0, r4, 0x0, 0x0)

1m30.840805608s ago: executing program 4 (id=432):
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r3, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x0, 0xfe}, 0x9c)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r6, 0xffffffffffffffff, 0x0)

1m27.188035055s ago: executing program 4 (id=441):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5ca601288763"], 0xffdd)
write$cgroup_devices(r0, &(0x7f0000000440)=ANY=[], 0xffdd)

1m12.0692584s ago: executing program 33 (id=441):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_devices(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="1e0308003c5ca601288763"], 0xffdd)
write$cgroup_devices(r0, &(0x7f0000000440)=ANY=[], 0xffdd)

42.758023934s ago: executing program 5 (id=529):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000001600), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000580)={0x1})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
fcntl$setstatus(r1, 0x4, 0x0)
r2 = dup(r1)
pwritev2(r2, &(0x7f0000000500)=[{&(0x7f0000000200)='{', 0x1}], 0x1, 0x0, 0x0, 0x0)
copy_file_range(r1, 0x0, r2, &(0x7f0000000640)=0x2000000, 0x9, 0x0)

41.329772979s ago: executing program 5 (id=536):
syz_mount_image$f2fs(&(0x7f00000000c0), &(0x7f0000000040)='./bus\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRES16, @ANYBLOB="c2b83a83fb121e4e844e5d7a09e7d4a4979f3fdfe200b83e593144c1cf15b5624e3448b3b40065bc381005ed653b2e5aeafdfb38eeddb8c08b04fb2e46eba33d22f32db6a9608832f35ee976140648653030c5a052c7197494046b00916b8f07b5b9f05f77f79225aa4996a01e414c5352def7a6078229384108c95320a4abf33afd65548efaf0b3dc54c4c10995d3e08a9017ae0c8828d59983d23cf29ff4ff4a16908f199ba7"], 0x1, 0x555b, &(0x7f0000006400)="$eJzs3EtvG1UUAOA7TtPSJxFiAauOVCElUm3V6UOwK9CKh0gV8ViwKo7tWG5tTxQ7TsgKCZaoC/4JAokVS34DC9bsEAsQOySQ544JoTyK7MRJ+33S+MzcGZ85d2QlOjOWA/DEWkh/+SkJF8LpEMJcCOFcEvL1pFhyN2N4LoRwMYRQ+tOSFON/DJwMIZwJIVwYJY85k3zX3edjljd//vrbUyfOfv7VdzOaMnAEvBBC6G7E9e1ujFkrxnvFeG3YzmP32rCIcUf3frGdxbjdXMszbNfGx9XyeLUVj882tvqjuN6p1Uex1V7Pxzd68YT9YWucJ3/Dvdpmvt1oruWx3c/y2NqNde3sxr9tu/1BzNMo8n2Ypw+DwTjG8eZOM85n434e671BMR7zZo3mzigOi1icLtSzTiOvY22SK320vdXube2kw+Zmv5310uuV6ouV6o1ydTNrNAfNa+Vat3HjWrrY6owOKw+ate7NVpa1Os1KPesupYuter1craaLt5pr7VovrVYrVytXyteXirXL6Wt33ks7jXRxFF9p97ZOtjv9dD3bTOM7ltLlytWXltJL1fSdldV09e3bt1dW37176/07L6+88Wpx0ENlpYvLV5aXy9Ur5eXq0hGY/+j/7iPOfzDJ/D8piv4f808muzzw7/Y+YA9mWgfAMfJQ/x8Oqv8P4bPLw0vXf9T/A1v7to5j/x+m2f+PWir9/3/3v6XJ+/+J+t+j2v8f4/nDRNxgAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Yn0//8Xr+cpC3D5bjJ8vhp4ptpMQQimE8NvfmAsn9+WcK/LM/8Px83+p4Zsk5BlG5zhVLGdCCDeL5denD/oqAAAAwOPry48uPojdenxZmHVBHKZ406Z07oMp5UtCCPMLP0wpW2n08uyUkuWf7xNhZ0rZ8htYT00pWbzldmJa2R7J3Dh8fH5vMJ9QEkPpUMsBAAAOxdy+cLhdCAAAAIfp01kXwGwkYfwoc/wsOP/m/d6jzdP79gEAAADHUDLrAgAAAIADl/f/fv8PAAAAHm/x9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5n525uEweiAAA/G7zA/mjRau/byt6gjJSQY46BAtIEJZAW0gA1kFtKiCDCHiEZxRIRdqyg75NseMZ68wa4vBnJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpuVjPH+//PTTfMTkrz25/mfZmBAAAAJzaFut5+WZaxT/S9V/p0p8UZxGRR8R7vfsgvtVyDlKeouH+4qSGp4gyw2GMUTq+R8T/dLz+7vpbAAAAgOu1Wa5mVbdenaZ9F8RnqhZt8p83LeXLIqKYvrSULT+c/raUrPx/D+PuGO9HH0xQW+EqF7DGLZVWLbkNzxi2PYPaS5rJeFH+iGWUdzMuAADQp3on0NCFAAAAcAVu+y6AfmTH03GfMe2Kpg3BSS0CAAAAvqCs7wIAAACAzpX9v+f/AQAAwHWrnv8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl7bFer5ZrmZNny/OzLPbX6a9GQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvLE/7ygQAmEQBnvXdyZz/8NKg4bGJlUgfPyNwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxf68pEAIBEEUzBn/O+n7H1YS9AwiREDDo4paNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAxc7988ZRRAEAf7t3e/kDKMYgFwYUJApoiH0JCSmhAFkUfAQkyzkHg0MgcUEiC+QGKuQ6DYISISSQ6fIdUsdSmtClcGEk6qDd27XXiSGnxNq9OL+fNDtvz6uZN3sny8+zNgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ2Xo/Xk3LuJMfJoZx9drt7dWFvN98oM/dXL8znbc8Th410ffvHXzyYyzpxmv185NTtZNvm88HAACAQ2ifYrxT1fcRcTfbmMv7dKKo/7Pqmrzm/+mFvUM8WPdvbq8eLb80XdX/f/5x7+WdiSaG8+SDLi4tD2YfTqV7UMt82px45BXd4s4Xv3vpFG9I+tHaS1tZcT+TH27d+qBXhEeayBYAeBynqr4Mqp+H8r7fZmIAPDO6tcK7qv87E+3mBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCErbV4roqTiJju7sa5ze3Vhf36m+t3pqt27saN9fqY+RBZRCwuLQ+yBtcy7q5eu/75/PLy4ErzwcmIaG/2MvhkhGsi/v+a8uMZ7a3iv4NkPNJoNUjL92dc8tkN7p+IeLJxqs/ewWfY0jckAAAOraxseV1/N9uYy19LJiPu/7y3/n+zFseI9f+9T8/drs9Vr//7ja1w/M2sXPpy5uq1628vXZq/OLg4+OKd0/13+2fOnz17fia/V7Mzi5EOZttOEwAAgKdYr2z1+j+dfHj//3gtjhHr/69+7H9Tn6uj/t/X7qZf25kAAAA8i3o70Yuv//N3ss8VSa8XX8+vrFzpD48756eHx0bTfUxHylav/zuTbWcFAAAANGFrLdmz/3+hFseI+//P//LKb/UxOxFxLOJyRAxOLVxevtDccsZaE3/nXEzUa3ulAAAAtOVY2er7/1nx/H+688hDGhFvvTGMq/91NUr93/nwu1/rc9Wf/z/T3BLHUjo1vB9FPxXRnWo7IwAAAA6zo2XLi/2/so25z34//nHP8/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATfs3AAD//3adNIc=")
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$binfmt_script(r0, &(0x7f00000003c0), 0xb)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pwritev(r0, &(0x7f0000001800)=[{&(0x7f00000002c0)="a7a6ab12ad1a6e590960a841c8191f7ef1ea4478562d432c26ba991a761bb5cfadf8e82f39d80abad58209209f62549ccafcbaa92b393d46af44b3b72d52198010461a5abf3f1ab1f30e7c5f4e7905aff1f94c9fbed798adbf6c05c2116bde6649d1446ff233fc", 0x67}, {&(0x7f0000000340)="062f6a15ba02122873a4f7c73a6ceb4734da682500b2409e3aebd348c2b51a6dcb60d56a354c6ff5720872bff2c1284df02916942114e4c8b79c95e959624417cb6f3f4881ba63c7f246494fefcecd8da0a58d681c6c69678b262541542d804692eaba93269ec3bbdfd7619769e6f572ca0ad77f34b593a9b45ac9", 0x7b}, {&(0x7f00000001c0)="ebe8db99ea2bad72985a1cebbea4043ce4e8d0761d8ace7070d8835124fcb308fd4835680f1e668afc9f3c4181b9b8", 0x2f}, {&(0x7f0000000400)="b7f8fa1c106885b81842bf5eda00013c5ede22d02d16c98ed46084e514ab9a52c24677bbc0b812ed54ea480dd2aee3173b6529b302c14015dc9b560c8412705e197493f0bc90fd1b4d128f0bd305afff0bbd796d4f341f154f0add652c31aa67dc02bd684cd4528078cdb75eb7c359ec88007c846bda393b57c7161970e0aee03dadaa5d4d69eec5e041be9806a6b24c96f217e4f16f6080e0fef16550708870319a1828d5465b6d5d62f7f64f49f2ae30b6412f3621f04648934cd9fe5729949f4e7821a5f62c0117fb62d99b9132a1faf6671b3a6bb5d52b10112e54408fbd10b6b9bc5ac0b7f566884614eecf0d5c6f63b061d2fd9579ebe65a5610dd9cd52bcdb9ba4920839c7bb8ec86249938f721305b27fa1101d3f844d39b8b95bd0485e38b9a0a631eb99010a782718ea83f23dc86f1c7f21a80f33012f52ff973b48029abaf1ba968ec2789b5c4668e7218a0e18eb26ead7b4294a340d237fac0481a82d82e3dfd2d084589e2e72001b3b4887b65110517d10c29a306f4a467070da3b55395057c205395160731ca64ef2a3f8c27b00d3e623b649f195646c612b80ea75ef64a3b41a4efd231ed4a9aeb8ea09bb0d32be76ece12542932633b90268898dc42e176c02b321bdb0e8f19c5f5f575b8ad6e14eb9e098aba549bc3df23ca118b89301f336c71c1fa6b9198575b2d4ffe3b76be87aa3cafd836e3bc5cae02fdcbccce3b6521a01127ae8490232ebfe661df590ddc6374dc50556d1a0b0202f8af90dd8ebbb52dc13922cb767e999d6f0e380da2be3aa54fb5abbf557779b54067546237cb9ed1182cc6fd2c42a91c904812391748a42ea8436ee830182a119afe9e1bf365938553021ad338361e273c520545068b0168c96ff693ba5376fa003725ca170525f772b0d8a2887e4372cd6855574591fceeeb238c433bc3089ed27ce3400b59b04df4aaed5bf5c51e758715ad2a6a5091afcc385d1ef502c8905d04fda77d67e79ccab3e1f5bc271827041d481c1ab117f348344cef3df903a39fd305165cd9cce0c823c0fb4e107515e2f57df9909f146b62264bdb190988f64678d381d22ce50c33a6277fd56a8d64432d01eebe82adb4eceb2606ae25c37d370706d6850ef45ed7b5ebe7a0bb06f96914eafb9263e6c63ff08d625a348e4f572b69f9c59824c3eb64a47bcdb2e7dc65a23952f7b0b6842b6f3ca39a026e76d64b9133bdb3c45d1a2f670721283a5a6cc2f8b01cc75ed758ef8db0913dbc02b2d75c6964c01c12104ce0853cfa765381f1fe18e497f8550a67e0d2163cff6d1e7c83ffbf32b986a4af891ab55463ea2d85ea91bb4dee538ec7e2e71b3edfa04db652aa5872961b92b4585fd2a98b44f56e0915788a908aa2be5748fdcacbcd7a9a22c53c6e472efa79ffb0de673990cb4fe04379983e6bf91e6a860e061e1d74d840b83a358ee69d4f71e6c7a7a924a619a4bbefa13f3936650a630ffcf32541850f77afeab4c990fb7a3fcca41a3936e5761bc224187e192b50afc6c3861784f244092fffd4a8c1aa8126bab662de4e92a228806fd4d49b224761d87bb4e4a7327075b81950c7acdaf4cdc7c9c154d7b5a49e0f2128a0ad709c8212232a320afc9f866bd2f41f107bba032e2adb2b10ebe5ff289e656bc8bb0b36fcb5afb7bad55436e382691082d0650c14bf598fb531b69a48636061c91298ba33e066fee8cba0def74fd34156a89a1a1e3a651cf353fc593659db608a884813b249a48b7b1b38201a9e81033b7b61e0c7403d9835cff16756395d325186bd3b73e6060c0cae90eb9d29e63315e67a5f4c2c7ba6332103aa09cce55b1efa6e66e88f380628a4c02122d73e09ec175bc68b2723f84289a12a29c6ddfdfedceab839d047ba0c3bfcd3f58e04e0a2d9279fbf3cd9680d01ebd5a9436a36ce0c869b2f42aca85722137555657b087bc3a11ccb65e0f812a8212ff766cd3db2d2e0a2f38b46f95cde8c29ad0380ff5699573c3d181d9446f5f831e9529834109ede1538bd7932577ae4aa984d6251d06c36d9e8e391155af4284ce799069580bf74ff0e82362fda4664744e0cc07a913119b9e36d3ad2c1e07cbda555262b30e3592b58da3c18f450bc6019526cebad6b0e840e299d257d7a331db812f38c6b1b4d771dc6ad5b14b9cfb09a10bf01e2dba07390d7d13491f7404c398b7d74faf8ce969e2ccdc95c86cc5b1d9fe77710775a411074d32e7432b939abb362e0c74460589156f59d92654ede9870f5d776fe8dc92072601209ec7f756b34f9feff0c6035a5de594d414eb9260a372a078640f24e43d86752c1fbdd0317949fb26d8526b018bf8a217d2120d019ac2f5d392d11ad470ec47cded2f94e4dc582992ba7491d00c330a1878bfe2831befa59df92c498cb9a9cc8c4faa365196d22fd7317cd0e549dc83948ca69e0653861b26f748c3bc8d0d70ee57fe5749577ad6eea2db32cdd0d9f45cf6067e88f9a7537a7eae7885633054d03d94fe5ff7fbe34a6b9a10a39bde158fbd1b0169f2123755cd02862377656628cca541714fa7289137b96d453f6d6b90032d5379b0ccdd31d9513ecd10448c01c59df02b5f8ff7100588a0c8ab4ff4f4aad53d3d72db79d5c28252799ceef2b6d84cda518f5a3465d333900b0277e6cc199d81d9f51670fe57a6cac6220848c6f44f8c2f3f0934802f5a7dbde7bde8ff6821d00da559e8cc9c84cb1d83cb7cdaa1f4c4996f6a92e3924e64a7d8ec8d1b8daa5eedc52a6247352460959d92c3ea37360a86c9bf5c966662df4db7742f3ead770f8cb95759dc0153499743595dae269fa614732751485501780c70ec934ec71a8927716760307416af145faa2e63ac892503a27ce85d685ff1f45d0655dc8e883e83261d18ea1dd928aedcbd33b4c231e97b0a6b6a434d1cf37e56da531a9f13ea224d47403bb2c3479418ec9979a7cef7a8cc238feb776c06bc70d1c3c10d9b9f95421e3addd0edc983627d97dc97eca0be6cbb922b9aaa042ed472a03e43c3567b5d8f78522fea6c9d8815b106301e611a91dc66107b3100ad82fe9e1133ba01662da67a4c05c36b74fb2aa53c1b0bbc9b43c3666d12a21de08ced94a32f9fee4ba8bcd202cc6ed06bddda1d2bd38501122d651a530d387ece7b3276d8c5d9a6be096a37b0959b470cc42c903efc8db878d6b48e323e7c54d58fe5612fb0339130d7690af4296fd5e8e8b8ba806e6c0f657fab0a1ab515f6ab4769c297239f0c30f3581ae179b1ecbb9e1982a576b4d9d56545f45a56eece627b5051b06b50483cf12592618c10c9708bd7c8ab08f65d419d1435f306e591287e1d398f701647f1401fadfe99efe169fcd5b1f1660beb97913568a667e181656177fd54f79946a2d0a4116f2e20cd7b843a9b7ce38544a6128610a00b9d2fabfae3b5b423938811e77f0e3f61aa0e10e20ef063af23e550e624c67fc4b69c06b4f01f401158493f66bda928ef651baacf7f946cfff9e16da5dd22b5466c79d2e3c4a636c9655f06289e6361f9c7fe90c6c4096b185208d5b73dfa571b03492ecabd2c0850cc8b6dd2bf712ac70999e8910cc0132474cd00ab6a5c9d328e17bed575c4382acd59d49fd1e23f3f25ab943e0b43f9dd3e15d5e04ffe714448ffa42fcd58202c7641833ccf2205ad908601cbc8fe78400174bb64526de762f42d3a6d1f169fc5921ddea90d54aa19a5f9e0c29c80e6189529fa6e386d165e9be43e7042a23079a48f01b4ba1f768f80906e22a53ccf86d114510e4ae76e7c21af2455e7453a80ddb781fd52b1c37353314888845d5d832b4c5445775a759b78667ef2a5dffdff4ec9377f20f2975d9e3a0e845cdca72cb206b5fb08e943d2f383e01d6fbde82046653eed1e2f529fa2f9f1f894cae6452a8ff0d28ebeeea30a75719f64d53d2529b8268c3179f02a768844496fe947041d57df31391c83ccd4ea26d625afffa302c075cd8d7d190c12f9f588f291a7bd3bdf7739aa34ff77bde426d6b4d419c373fc1f4017f0841c9b45c3c0cffc44add4ff1837baf15082027615f73cf8beabe1424c246f56975748ed15f3179f84fbc4f79d79a31809c00051414a8533a48524c61d528929e6c84b478257f2e818f55379f447b90466655df30bbe7455982fdf1e1576a0bc738f45a22afc1e824e20de2f54962355c8b9047baf55c213cd73db1c9c63f365e4657ce25344b4a74609dae66a6cd7d75a88ef03ab8681b1c4407364e75a0c780764a07f182ab8dca16d74ec87b50dce3affcf5ef4e5ae58fe79dd4c676fe0ce2098a12b57808fd884610a7aae5b42a14ea6c68d4d4458b00a9f4d5cce9cda620bf8d87fb9a66a929ff994707642f032b37585f5ddba2f296b1d1c4208159d0c3eb7665ebaeae01ffc6bcc59b35d3a7f1b9765ba1070fcd85d113932c1d7b8d5c86a1bfb0712c7502d3378e1edb6710c89256ef7b29bb75fca424599977f6be2573f6ba49f5c9e8f10e29afab65d410a7e2fc7ef674fb023049f36d6b6b369bea206eb6fbed4b", 0xc8f}, {0x0}], 0x5, 0x1, 0x6)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fchmodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0)

37.597047106s ago: executing program 5 (id=541):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0xb6)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0xe0, 0x4, @loopback}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)

36.478143632s ago: executing program 2 (id=542):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000009c0)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x5}}, {@sysvgroups}, {@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@init_itable_val={'init_itable', 0x3d, 0x1000}}, {@journal_async_commit}, {@nomblk_io_submit}]}, 0x1, 0x58a, &(0x7f0000000ac0)="$eJzs3V9rU+cfAPDvSZv69/ezgsi2i1HwYg5natv9cTDQXY5NJmz3LrSxSFMjTSq2E9SLebObIYMxJoy9gN3vUvYG9iqETZAhZbvYTcZJTzQ2Sf/Gpi6fDxx9nnNO85xvnvM8+Z6chAQwsMbSf3IRr0bEN0nEkZZtw5FtHFvdb+XJzel0SaJe/+zPJJJsXXP/JPv/UFZ5JSJ+/SriVK693erS8lyxXC4tZPXx2vy18erS8ukr88XZ0mzp6uTU1Nl3pibff+/dnsX65sW/v//0wUdnvz6x8t3Pj47eS+J8HM62tcaxA7dbK2Mxlj0n+Ti/ZseJHjS2lyT9PgC2ZSgb5/lI54AjMZSNeuC/71ZE1IEBlRj/MKCaeUDz2r5H18Evjccfrl4Atcc/vPreSOxvXBsdXEmeuzJKr3dHe9B+2sYvf9y/ly6xwfsQt9pX7evBIQAD6vadiDgzPNw+/yXZ/Ld9ZxpvHq9vbRuD9voD/fQgzX/e6pT/5J7mP9Eh/znUYexux8bjP/eoB810leZ/H3TMf59OXaNDWe1/jZwvn1y+Ui6diYj/R8TJyO9L6+vdzzm78rDebVtr/pcuafvNXDA7jkfDa7K8mWKtuJOYWz2+E/Has/w3ibb5f38j113b/+nzcXGTbRwv3X+927aN42/VIQPeofpPEW907P9nd7SS9e9PjjfOh/HmWdHur7vHf+vW/tbi7720/w+uH/9o0nq/trr1Nn7c/0+p27btnv8jyeeN8ki27kaxVluYiBhJPmlfP/nsb5v15v5p/CdPrD//dTr/D0TEF5uM/+6xu1133XL/5zfZ6Cal8c9sqf+3Xnj48Zc/bD/+tP/fbpROZms2M/9t9gB38twBAAAAAADAXpOLiMOR5ApPy7lcobD6+Y5jcTBXrlRrpy5XFq/OROO7sqORzzXvdB9p+TzERPZ52GZ9ck19KiKORsS3Qwca9cJ0pTzT7+ABAAAAAAAAAAAAAAAAAABgjzjU5fv/qd+H+n10wAvnJ79hcG04/nvxS0/AnuT1HwaX8Q+D6/nxX6/Xe/87m8Ae5fUfBpfxD4PL+IfBZfzD4DL+AQAAAAAAAAAAAAAAAAAAAAAAAAAAoKcuXriQLvWVJzen0/rM9aXFucr10zOl6lxhfnG6MF1ZuFaYrVRmy6XCdGV+o8crVyrXJiZj8cZ4rVStjVeXli/NVxav1i5dmS/Oli6V8rsSFQAAAAAAAAAAAAAAAAAAALxcqkvLc8VyubSwK4WRXWxrtVBPInb6OOdid4+514Vko14+l50M22piuP8BKryAQp8nJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo8W8AAAD//5W7NgM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xd30000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semop(0x0, &(0x7f00000002c0)=[{0x0, 0x8, 0x1000}, {0x0, 0xfff}], 0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x46, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x400448e6, &(0x7f0000000080)="fc")
ioctl$sock_bt_hci(r4, 0x400448e7, &(0x7f0000000080))

36.375493401s ago: executing program 5 (id=543):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x125f, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bind$llc(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x1)

35.024963597s ago: executing program 2 (id=544):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x7f6ba000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES16=r0], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
write$binfmt_script(r5, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
write$UHID_INPUT(r4, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
lseek(r6, 0x800000000009a4, 0x0)

34.987752566s ago: executing program 5 (id=545):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x100, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x803})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x12, 0x4, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@call={0x85, 0x0, 0x0, 0xba}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000140)={'syzkaller0\x00', @random="371692e7f7ef"})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="11ce01004002"})
close(0x3)

34.147530013s ago: executing program 2 (id=549):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0xb6)
setsockopt$inet6_buf(r4, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r4, 0x29, 0x37, &(0x7f0000000480)=ANY=[], 0x8)
connect$inet6(r4, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)

33.948646153s ago: executing program 5 (id=550):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$kcm(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000000)={'lo\x00'})

32.228703846s ago: executing program 2 (id=551):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000540)='mnt\x00', 0x0, 0x48)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @c}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='mnt/encrypted_dir\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000006c0)=@v2={0x2, @aes256, 0x0, '\x00', @a})
chdir(&(0x7f00000002c0)='mnt/encrypted_dir\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
unlinkat(r0, 0x0, 0x200)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(r1, 0xc0406619, &(0x7f0000000080)={@id={0x2, 0x0, @a}})

31.191376283s ago: executing program 2 (id=554):
socket$nl_route(0x10, 0x3, 0x0)
r0 = epoll_create1(0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
openat$misdntimer(0xffffff9c, &(0x7f0000000180), 0x2000, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x42b02, 0x0)
socket$inet6(0xa, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000480)={0x68000005})

29.928315948s ago: executing program 2 (id=556):
socket$inet6(0xa, 0x3, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r0], 0x3c}}, 0x0)

18.482012107s ago: executing program 34 (id=550):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000020000000c0000000014"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001280)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$kcm(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000000)={'lo\x00'})

14.514356742s ago: executing program 35 (id=556):
socket$inet6(0xa, 0x3, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r0], 0x3c}}, 0x0)

5.759993271s ago: executing program 3 (id=589):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x402)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x0, {{0x42, 0x4}}}, 0x10)
r2 = syz_io_uring_setup(0x31d9, 0x0, &(0x7f0000000280), &(0x7f0000000140))
io_uring_enter(r2, 0x5f11, 0x0, 0x0, 0x0, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x2}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r6, 0x201, 0x0, 0x0, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10)
close_range(r4, 0xffffffffffffffff, 0x0)

5.68517632s ago: executing program 1 (id=590):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000100)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0xf, {0xf, 0x1, "a7ea3163fd3bc518194b120c1e"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=ANY=[@ANYRES8, @ANYRES32, @ANYBLOB="0000000000000000400012800c0001"], 0x68}}, 0x0)
r1 = socket$igmp6(0xa, 0x3, 0x2)
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0xfdef)

5.412385949s ago: executing program 3 (id=591):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000200)={[{@i_version}, {@mblk_io_submit}, {@dax_never}, {@lazytime}, {@block_validity}, {@data_err_abort}], [{@seclabel}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000680)={[{@fat=@errors_remount}, {@fat=@errors_continue}, {}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@nodots}, {@dots}, {@dots}, {@nodots}, {@nodots}, {@dots}, {@fat=@discard}, {@dots}, {@dots}, {@fat=@tz_utc}, {@fat=@errors_continue}, {@nodots}, {@fat=@sys_immutable}, {@fat=@quiet}, {@dots}]}, 0xfd, 0x1bf, &(0x7f0000000840)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={0x0}, 0x18)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r3, 0x400, 0x0)
r4 = openat$cgroup_ro(r3, 0x0, 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfecc)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
syz_emit_ethernet(0x6d, &(0x7f0000000340)=ANY=[], 0x0)

4.158312265s ago: executing program 3 (id=592):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
getsockname$packet(r0, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r1 = syz_mount_image$reiserfs(&(0x7f0000000080), &(0x7f0000000140)='./file0\x00', 0x120c083, &(0x7f0000000480), 0xfd, 0x1117, &(0x7f00000024c0)="$eJzs2cFq1FAUBuD/JqPtbiTug6ALF1JaxgewC4XZutWNSEGwqw4Iiq/hG/gWvoJ25b50r4uCSyESM3GqDKh0KgjfB8k9OcnJyV3emwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBvknwqyfUqacZclaQkbXs8P03Sjvlr7+sqJQ8P5ov7R7MHiyT198fLo6T0VX1Zmr2b282smTV7zd17+7c+LF6+ev7k8PDgaPmakjYnZxudRRlP9flc2WgPAAAA+G91FzbNmxd/0unqJfUHAAAAfmfT+wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6ubruJmDKokJWnb4/lpknZN3ZV/9H0AAADAxZVUeTxdlx+2AVbu5OO0/Mj345fSx7t5u6YeAAAAWHn27qfLbmsZnP+//rUb9Ovu25kM6/Lt4d6NTLKzM8TLIZ/3kzrJ7i+9Ts5ePx2P0tXJ1uXMCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBv7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAAFwUAAP//YwzhLg==")
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000100)='.\x00', 0x1a484bc, &(0x7f0000000300)=ANY=[@ANYRES8=r1, @ANYBLOB="eea73c3ca047349ab66dff07b1e2bdc61875c6ccebea30ba1b8977c632dd4bd75d3cfd10cce0c88cabf65767e9dbbd7b5841a8ce3eb44c7151dec2b7b8f9cf870af04f1cc951b195c7fd36ffdbd0622cdc14395f095fb0d31f384214d59a0105d577557215473973f3b70178f49f07562f4d21cad59fafb7fbaf76061c56fdd2093329e2ece7cf96435bca11a90ba7f31e69c4b73ba3d172906ffc90f5de134a696a731d20a9cf70009a31f83d4b774b0d99de69f14de9e655b84b646166d979b9cdbde38324510998bba500000000007cf791c3e2fc9c72f920a64e00"/231, @ANYRES16, @ANYRESDEC=r1, @ANYRES8=r1, @ANYRES16, @ANYRESHEX, @ANYRESHEX, @ANYRES16=r1, @ANYRES32], 0x1, 0x0, &(0x7f0000000480))
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
truncate(&(0x7f0000000200)='./file0\x00', 0x3a5ffd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet(0x2, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1}, 0x1c)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x10)
pwrite64(r5, &(0x7f0000000140)='2', 0x1, 0x8080c61)

4.045756774s ago: executing program 1 (id=593):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan1\x00'})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r0)
r1 = socket(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
keyctl$join(0x1, 0x0)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
write(r1, &(0x7f0000000100)="1400000052004f7fb3e4", 0xa)
recvmmsg(r1, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r5, 0x0, 0xa0028000}, 0x38)

3.219326772s ago: executing program 3 (id=594):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x7f6ba000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES16=r0], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
write$binfmt_script(r5, &(0x7f00000000c0)={'#! ', './file0'}, 0xb)
write$UHID_INPUT(r4, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
lseek(r6, 0x800000000009a4, 0x0)

3.004594201s ago: executing program 1 (id=595):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mprotect(&(0x7f0000570000/0x4000)=nil, 0x4000, 0x0)
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
write$binfmt_script(r0, &(0x7f00000001c0)={'#! ', './file0'}, 0xb)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0xfff1}, {0x9, 0xffff}, {0x3, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r5, 0x0, 0x15, 0x0, &(0x7f0000000240))

2.059816777s ago: executing program 1 (id=596):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r5, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1e)
connect$pptp(r5, &(0x7f0000000700)={0x18, 0x2, {0x0, @private=0xa010101}}, 0x1e)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/236)
writev(r6, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0x8}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x40004}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1bc81a00}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x3, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {0x4}, {}, {0x4, 0x0, 0x9}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0x2, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

1.996215267s ago: executing program 3 (id=597):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000200)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x11, &(0x7f0000000e00)={@broadcast, @local, @void, {@mpls_uc={0x8847, {[], @llc={@llc={0xdc, 0x80, "1d"}}}}}}, 0x0)

1.010760823s ago: executing program 1 (id=598):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = semget(0x2, 0x1, 0x3)
semctl$GETPID(r0, 0x1, 0xb, &(0x7f0000000180)=""/236)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_emit_ethernet(0x3e, &(0x7f0000000680)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x4, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0xa000, {0x5, 0x4, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, @dev, @local}}}}}}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
rt_sigaction(0x19, &(0x7f0000000000)={0xffffffffffffffff, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x2)
semctl$SEM_STAT_ANY(r0, 0x2, 0x14, &(0x7f0000000040)=""/61)
madvise(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x10)
read$FUSE(0xffffffffffffffff, &(0x7f0000009540)={0x2020}, 0x2020)
write$tcp_congestion(0xffffffffffffffff, 0x0, 0x0)

24.76419ms ago: executing program 3 (id=599):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_procfs(0x0, &(0x7f0000000480)='attr/prev\x00')
preadv(r3, 0x0, 0x0, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
socket$key(0xf, 0x3, 0x2)
write$binfmt_aout(r5, &(0x7f0000000100)=ANY=[], 0xc1)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
lseek(r4, 0x200000002, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_dev$video4linux(0x0, 0x0, 0x800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r6, 0x4020565a, &(0x7f0000000040)={0x3, 0x980902, 0x2023})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r6, 0x80885659, 0x0)

0s ago: executing program 1 (id=600):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0xb6)
setsockopt$inet6_buf(r4, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r4, 0x29, 0x37, &(0x7f0000000480)=ANY=[], 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0xe0, 0x4, @loopback}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000002940), 0x0, 0x0)

kernel console output (not intermixed with test programs):

   44.718676][  T175] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[   44.726472][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.739101][ T4316] Bluetooth: hci2: command 0x0419 tx timeout
[   44.743991][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.745810][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.783773][  T175] NILFS (loop2): discard dirty page: offset=0, ino=3
[   44.785162][  T175] NILFS (loop2): discard dirty block: blocknr=42, size=1024
[   44.786682][  T175] NILFS (loop2): discard dirty block: blocknr=43, size=1024
[   44.788134][  T175] NILFS (loop2): discard dirty block: blocknr=44, size=1024
[   44.791618][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.793459][  T175] NILFS (loop2): discard dirty page: offset=65536, ino=3
[   44.794873][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.795958][ T4543] loop3: detected capacity change from 0 to 32768
[   44.796779][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.814496][  T175] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[   44.815998][  T175] NILFS (loop2): discard dirty block: blocknr=0, size=1024
[   44.817877][  T175] NILFS (loop2): discard dirty page: offset=196608, ino=3
[   44.818965][ T4306] Bluetooth: hci3: command 0x0419 tx timeout
[   44.820497][ T4306] Bluetooth: hci4: command 0x0419 tx timeout
[   44.821111][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.828125][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.839930][  T175] NILFS (loop2): discard dirty block: blocknr=49, size=1024
[   44.841855][  T175] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.845928][ T4309] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[   44.856644][ T4551] device syzkaller1 entered promiscuous mode
[   44.861868][ T4309] NILFS (loop2): discard dirty page: offset=0, ino=6
[   44.863170][ T4309] NILFS (loop2): discard dirty block: blocknr=35, size=1024
[   44.875263][ T4309] NILFS (loop2): discard dirty block: blocknr=36, size=1024
[   44.876728][ T4309] NILFS (loop2): discard dirty block: blocknr=37, size=1024
[   44.878062][ T4309] NILFS (loop2): discard dirty block: blocknr=38, size=1024
[   44.884635][ T4309] NILFS (loop2): discard dirty page: offset=0, ino=5
[   44.887686][ T4309] NILFS (loop2): discard dirty block: blocknr=41, size=1024
[   44.893039][ T4309] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.895244][ T4309] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.897656][ T4309] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.902823][ T4309] NILFS (loop2): discard dirty page: offset=0, ino=4
[   44.904323][ T4309] NILFS (loop2): discard dirty block: blocknr=40, size=1024
[   44.905965][ T4309] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.907774][ T4309] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   44.911120][ T4309] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[   45.249526][ T4554] loop2: detected capacity change from 0 to 40427
[   45.267923][ T4554] F2FS-fs (loop2): invalid crc value
[   45.292070][ T4554] F2FS-fs (loop2): Found nat_bits in checkpoint
[   45.339501][ T4554] F2FS-fs (loop2): Start checkpoint disabled!
[   45.347329][ T4554] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   45.579720][ T4568] loop0: detected capacity change from 0 to 512
[   45.609844][ T4568] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   45.626034][ T4568] EXT4-fs (loop0): orphan cleanup on readonly fs
[   45.645433][ T4568] Quota error (device loop0): dq_insert_tree: Quota tree root isn't allocated!
[   45.662800][ T4568] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[   45.675351][ T4568] EXT4-fs error (device loop0): ext4_acquire_dquot:6794: comm syz.0.51: Failed to acquire dquot type 1
[   45.709184][ T4568] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.51: bg 0: block 40: padding at end of block bitmap is not set
[   45.739103][ T4568] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6170: Corrupt filesystem
[   45.765431][ T4568] EXT4-fs (loop0): 1 truncate cleaned up
[   45.767450][ T4568] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   45.867541][ T4583] loop4: detected capacity change from 0 to 256
[   45.885206][ T4585] loop3: detected capacity change from 0 to 512
[   45.889497][ T4579] Zero length message leads to an empty skb
[   45.906574][ T4311] EXT4-fs (loop0): unmounting filesystem.
[   45.917673][ T1823] kworker/u4:7: attempt to access beyond end of device
[   45.917673][ T1823] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[   45.933046][ T4585] EXT2-fs (loop3): warning: mounting ext3 filesystem as ext2
[   46.052897][ T4585] EXT2-fs (loop3): error: ext2_valid_block_bitmap: Invalid block bitmap - block_group = 0, block = 252
[   46.064643][ T4585] EXT2-fs (loop3): error: ext2_new_blocks: Allocating block in system zone - blocks from 4, length 1
[   46.067648][ T4585] EXT2-fs (loop3): error: ext2_new_blocks: Allocating block in system zone - blocks from 5, length 1
[   46.077695][ T4585] EXT2-fs (loop3): error: ext2_new_blocks: Allocating block in system zone - blocks from 6, length 1
[   46.082688][ T4585] EXT2-fs (loop3): error: ext2_new_blocks: Allocating block in system zone - blocks from 7, length 1
[   46.086361][ T4585] EXT2-fs (loop3): error: ext2_new_blocks: Allocating block in system zone - blocks from 8, length 1
[   46.097487][ T4585] EXT2-fs (loop3): error: ext2_new_blocks: Allocating block in system zone - blocks from 9, length 1
[   46.556312][ T4618] netlink: 4 bytes leftover after parsing attributes in process `syz.3.72'.
[   46.677309][ T4622] loop4: detected capacity change from 0 to 512
[   46.679117][ T4622] =======================================================
[   46.679117][ T4622] WARNING: The mand mount option has been deprecated and
[   46.679117][ T4622]          and is ignored by this kernel. Remove the mand
[   46.679117][ T4622]          option from the mount to silence this warning.
[   46.679117][ T4622] =======================================================
[   46.706477][ T4622] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   46.725730][ T4622] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[   46.745763][ T4622] EXT4-fs (loop4): Remounting filesystem read-only
[   46.747647][ T4622] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.75: invalid indirect mapped block 4278190080 (level 0)
[   46.775599][ T4622] EXT4-fs (loop4): Remounting filesystem read-only
[   46.812733][ T4622] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.75: invalid indirect mapped block 1 (level 1)
[   46.817541][ T4622] EXT4-fs (loop4): Remounting filesystem read-only
[   46.834131][ T4622] EXT4-fs (loop4): 1 truncate cleaned up
[   46.834176][ T4622] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   46.878099][ T4622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.75'.
[   46.900376][ T4339] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   46.912477][ T4339] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   46.920834][ T4312] EXT4-fs (loop4): unmounting filesystem.
[   46.931262][ T4635] hid-generic 0000:0000:0000.0001: pid 4635 passed too large report
[   47.520947][ T4651] loop0: detected capacity change from 0 to 64
[   47.643766][ T4654] netlink: 316 bytes leftover after parsing attributes in process `syz.4.79'.
[   48.580260][ T4642] loop1: detected capacity change from 0 to 32768
[   48.582021][ T4642] XFS: attr2 mount option is deprecated.
[   48.583221][ T4642] XFS: ikeep mount option is deprecated.
[   48.584336][ T4642] XFS: noikeep mount option is deprecated.
[   48.718164][ T4642] XFS (loop1): Mounting V5 Filesystem
[   48.833880][ T4642] XFS (loop1): Ending clean mount
[   48.843566][ T4642] XFS (loop1): Quotacheck needed: Please wait.
[   48.892844][ T4642] XFS (loop1): Quotacheck: Done.
[   48.976125][ T4302] XFS (loop1): Unmounting Filesystem
[   49.368384][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[   49.807704][ T4692] loop3: detected capacity change from 0 to 32768
[   49.823522][ T4692] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.94 (4692)
[   49.877278][ T4698] loop1: detected capacity change from 0 to 1024
[   49.914436][ T4692] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   49.916492][ T4692] BTRFS info (device loop3): using crc32c (crc32c-generic) checksum algorithm
[   49.919544][ T4692] BTRFS info (device loop3): use zlib compression, level 3
[   49.921090][ T4692] BTRFS info (device loop3): using free space tree
[   49.958032][ T4698] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.91: Invalid block bitmap block 0 in block_group 0
[   49.964212][ T4698] Quota error (device loop1): write_blk: dquota write failed
[   49.965855][ T4698] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   49.967906][ T4698] EXT4-fs error (device loop1): ext4_acquire_dquot:6794: comm syz.1.91: Failed to acquire dquot type 0
[   50.021276][ T4698] EXT4-fs error (device loop1): ext4_free_blocks:6210: comm syz.1.91: Freeing blocks not in datazone - block = 0, count = 4096
[   50.047643][ T4698] EXT4-fs error (device loop1): ext4_read_inode_bitmap:140: comm syz.1.91: Invalid inode bitmap blk 0 in block_group 0
[   50.059194][ T1614] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-8
[   50.061574][ T1614] EXT4-fs error (device loop1): ext4_release_dquot:6817: comm kworker/u4:5: Failed to release dquot type 0
[   50.100634][ T4698] EXT4-fs error (device loop1) in ext4_free_inode:362: Corrupt filesystem
[   50.103734][ T4698] EXT4-fs (loop1): 1 orphan inode deleted
[   50.104972][ T4698] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   50.145064][ T4698] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[   50.152693][ T4692] BTRFS info (device loop3): enabling ssd optimizations
[   50.319714][ T4302] EXT4-fs (loop1): unmounting filesystem.
[   50.404733][ T4307] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   50.613355][ T4694] loop0: detected capacity change from 0 to 32768
[   50.645265][ T4723] loop1: detected capacity change from 0 to 64
[   50.680332][ T4694] XFS (loop0): Mounting V5 Filesystem
[   50.736369][ T4694] XFS (loop0): Ending clean mount
[   51.712178][ T4745] netlink: 316 bytes leftover after parsing attributes in process `syz.2.99'.
[   51.737255][ T4694] overlayfs: failed to resolve './file0': -2
[   51.812779][ T4311] XFS (loop0): Unmounting Filesystem
[   52.034077][ T4751] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input2
[   52.045226][ T4749] loop3: detected capacity change from 0 to 1024
[   52.213368][ T4662] hfsplus: b-tree write err: -5, ino 4
[   52.464081][ T4759] netlink: 24 bytes leftover after parsing attributes in process `syz.0.102'.
[   52.994050][   T27] audit: type=1326 audit(52.820:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.781290][   T27] audit: type=1326 audit(52.830:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.785527][   T27] audit: type=1326 audit(52.840:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.803930][   T27] audit: type=1326 audit(52.840:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.808058][   T27] audit: type=1326 audit(52.840:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.812614][   T27] audit: type=1326 audit(52.850:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.816926][   T27] audit: type=1326 audit(52.850:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.827182][   T27] audit: type=1326 audit(52.850:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.831853][   T27] audit: type=1326 audit(52.850:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   53.835915][   T27] audit: type=1326 audit(52.850:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4761 comm="syz.0.107" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa8f53aa8 code=0x7ffc0000
[   54.331898][ T4774] loop3: detected capacity change from 0 to 2048
[   54.366684][ T4774] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   55.360890][ T4783] netlink: 36 bytes leftover after parsing attributes in process `syz.0.113'.
[   55.401657][ T4789] loop4: detected capacity change from 0 to 64
[   55.840556][ T4787] loop1: detected capacity change from 0 to 32768
[   55.909290][ T4797] loop3: detected capacity change from 0 to 64
[   55.944095][ T4793] loop0: detected capacity change from 0 to 32768
[   55.964773][ T4793] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.116 (4793)
[   55.976179][ T4793] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   55.997878][ T4787] XFS (loop1): Mounting V5 Filesystem
[   56.007816][ T4793] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm
[   56.020238][ T4793] BTRFS info (device loop0): setting nodatacow, compression disabled
[   56.021985][ T4793] BTRFS info (device loop0): max_inline at 23
[   56.067965][ T4807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.119'.
[   56.084692][ T4793] BTRFS info (device loop0): enabling disk space caching
[   56.086865][ T4793] BTRFS info (device loop0): turning off barriers
[   56.089301][ T4793] BTRFS info (device loop0): turning on flush-on-commit
[   56.090776][ T4793] BTRFS info (device loop0): doing ref verification
[   56.092761][ T4793] BTRFS info (device loop0): force clearing of disk cache
[   56.094417][ T4793] BTRFS info (device loop0): enabling ssd optimizations
[   56.095848][ T4793] BTRFS info (device loop0): using spread ssd allocation scheme
[   56.107861][ T4793] BTRFS info (device loop0): force zlib compression, level 3
[   56.109966][ T4793] BTRFS info (device loop0): disk space caching is enabled
[   56.158621][ T4787] XFS (loop1): Ending clean mount
[   56.291039][ T4793] BTRFS info (device loop0): rebuilding free space tree
[   56.313210][ T4787] XFS (loop1): Quotacheck needed: Please wait.
[   56.337862][ T4793] BTRFS info (device loop0): disabling free space tree
[   56.339703][ T4793] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   56.342566][ T4793] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   56.345436][ T4787] XFS (loop1): Quotacheck: Done.
[   56.450504][ T4832] loop4: detected capacity change from 0 to 64
[   57.137045][ T4302] XFS (loop1): Unmounting Filesystem
[   57.337063][ T4311] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   57.676287][ T4848] netlink: 316 bytes leftover after parsing attributes in process `syz.4.127'.
[   58.195917][ T4847] loop0: detected capacity change from 0 to 32768
[   58.229351][ T4847] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.125 (4847)
[   58.255817][ T4844] loop3: detected capacity change from 0 to 32768
[   58.269351][ T4847] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   58.271387][ T4847] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm
[   58.273085][ T4847] BTRFS info (device loop0): using free space tree
[   58.317682][ T4867] loop2: detected capacity change from 0 to 64
[   58.362542][ T4844] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[   58.504595][ T4847] BTRFS info (device loop0): enabling ssd optimizations
[   58.745432][ T4307] ocfs2: Unmounting device (7,3) on (node local)
[   58.756078][ T4866] loop1: detected capacity change from 0 to 32768
[   58.784106][ T4767] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[   58.784376][ T4311] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   58.844080][ T4866] XFS (loop1): Mounting V5 Filesystem
[   59.065568][ T4866] XFS (loop1): Ending clean mount
[   59.410689][ T4302] XFS (loop1): Unmounting Filesystem
[   59.516636][ T4916] loop0: detected capacity change from 0 to 64
[   60.489499][ T4921] netlink: 316 bytes leftover after parsing attributes in process `syz.0.140'.
[   60.709170][   T39] Bluetooth: hci5: Frame reassembly failed (-84)
[   60.966484][ T4937] loop0: detected capacity change from 0 to 64
[   61.049458][ T4939] tipc: Started in network mode
[   61.052813][ T4939] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[   61.061349][ T4939] tipc: Enabled bearer <udp:syz0>, priority 10
[   62.250761][ T4482] tipc: Node number set to 4269801488
[   62.600249][ T4959] loop0: detected capacity change from 0 to 64
[   62.754461][ T4306] Bluetooth: hci5: command 0x1003 tx timeout
[   62.757063][ T4316] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   63.385528][ T4966] loop1: detected capacity change from 0 to 256
[   63.387460][ T4966] exfat: Deprecated parameter 'utf8'
[   63.388613][ T4966] exfat: Deprecated parameter 'utf8'
[   63.389645][ T4966] exfat: Deprecated parameter 'utf8'
[   63.409701][ T4966] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4899f300, utbl_chksum : 0xe619d30d)
[   64.308490][   T27] kauditd_printk_skb: 7 callbacks suppressed
[   64.308503][   T27] audit: type=1326 audit(64.250:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.314006][   T27] audit: type=1326 audit(64.280:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.364213][ T4976] device syzkaller0 entered promiscuous mode
[   64.369213][   T27] audit: type=1326 audit(64.280:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.373602][   T27] audit: type=1326 audit(64.280:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.404474][   T27] audit: type=1326 audit(64.280:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.437127][   T27] audit: type=1326 audit(64.320:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.470158][   T27] audit: type=1326 audit(64.320:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.538461][ T2063] ieee802154 phy0 wpan0: encryption failed: -22
[   64.540107][ T2063] ieee802154 phy1 wpan1: encryption failed: -22
[   64.546282][   T27] audit: type=1326 audit(64.320:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.550713][   T27] audit: type=1326 audit(64.320:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=66 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.554933][   T27] audit: type=1326 audit(64.320:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4961 comm="syz.3.155" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   64.800149][ T4983] loop0: detected capacity change from 0 to 64
[   65.445758][ T4986] netlink: 156 bytes leftover after parsing attributes in process `syz.2.164'.
[   65.712360][ T4997] loop2: detected capacity change from 0 to 512
[   65.805281][ T4997] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   66.167186][ T5011] loop1: detected capacity change from 0 to 64
[   66.188525][ T4309] EXT4-fs (loop2): unmounting filesystem.
[   67.038502][ T5015] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   68.155484][ T5031] loop2: detected capacity change from 0 to 64
[   69.622591][   T22] cfg80211: failed to load regulatory.db
[   70.553349][ T4984] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.653287][ T5042] netlink: 32 bytes leftover after parsing attributes in process `syz.2.182'.
[   70.655769][ T5045] netlink: 32 bytes leftover after parsing attributes in process `syz.2.182'.
[   70.721251][ T5055] netlink: 8 bytes leftover after parsing attributes in process `syz.4.186'.
[   70.773555][ T4306] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   70.778823][ T4306] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   70.790420][ T4306] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   70.792637][ T4306] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   70.794782][ T4306] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   70.802814][ T4306] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   70.943894][   T27] kauditd_printk_skb: 3 callbacks suppressed
[   70.943908][   T27] audit: type=1326 audit(70.920:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   70.958981][   T27] audit: type=1326 audit(70.940:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   70.973797][   T27] audit: type=1326 audit(70.950:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   70.999803][   T27] audit: type=1326 audit(70.950:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.001416][ T4984] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.004023][   T27] audit: type=1326 audit(70.950:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.010768][   T27] audit: type=1326 audit(70.950:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.015104][   T27] audit: type=1326 audit(70.950:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.021048][   T27] audit: type=1326 audit(70.960:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=66 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.039093][   T27] audit: type=1326 audit(70.960:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.043240][   T27] audit: type=1326 audit(70.960:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5056 comm="syz.3.187" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   71.394313][ T5077] loop1: detected capacity change from 0 to 64
[   71.521705][ T4984] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.321885][ T4984] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   72.481183][ T5081] device syzkaller1 entered promiscuous mode
[   72.819028][ T4306] Bluetooth: hci3: command 0x0409 tx timeout
[   73.087501][ T5062] chnl_net:caif_netlink_parms(): no params data found
[   73.330304][ T5084] loop1: detected capacity change from 0 to 40427
[   73.385412][ T5084] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff
[   73.426814][ T5084] F2FS-fs (loop1): invalid crc value
[   73.492738][ T5084] F2FS-fs (loop1): Found nat_bits in checkpoint
[   73.610818][ T5084] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   73.664331][ T5062] bridge0: port 1(bridge_slave_0) entered blocking state
[   73.665927][ T5062] bridge0: port 1(bridge_slave_0) entered disabled state
[   73.668177][ T5062] device bridge_slave_0 entered promiscuous mode
[   73.679037][ T5062] bridge0: port 2(bridge_slave_1) entered blocking state
[   73.686220][ T5062] bridge0: port 2(bridge_slave_1) entered disabled state
[   73.705031][ T5062] device bridge_slave_1 entered promiscuous mode
[   73.803210][ T5084] F2FS-fs (loop1) : inject page get in f2fs_pagecache_get_page of generic_perform_write+0x278/0x55c
[   73.869538][ T5084] syz.1.193: attempt to access beyond end of device
[   73.869538][ T5084] loop1: rw=2049, sector=77824, nr_sectors = 8 limit=40427
[   73.946108][ T5062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   73.959676][ T5062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   74.034214][ T5062] team0: Port device team_slave_0 added
[   74.067570][ T5062] team0: Port device team_slave_1 added
[   74.165733][ T4302] syz-executor: attempt to access beyond end of device
[   74.165733][ T4302] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   74.898371][ T4316] Bluetooth: hci3: command 0x041b tx timeout
[   76.066893][ T5138] loop3: detected capacity change from 0 to 64
[   76.675449][ T5062] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.676941][ T5062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.691821][ T5062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   76.695510][ T5062] batman_adv: batadv0: Adding interface: batadv_slave_1
[   76.696949][ T5062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.708596][ T5062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   76.875928][ T5136] loop2: detected capacity change from 0 to 32768
[   76.884494][ T5144] process 'syz.3.205' launched './file0' with NULL argv: empty string added
[   76.973913][ T5136] XFS (loop2): Mounting V5 Filesystem
[   76.978545][ T4306] Bluetooth: hci3: command 0x040f tx timeout
[   76.990936][ T5062] device hsr_slave_0 entered promiscuous mode
[   77.048841][ T5062] device hsr_slave_1 entered promiscuous mode
[   77.068355][ T5062] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   77.069970][ T5062] Cannot create hsr debugfs directory
[   77.085443][ T5136] XFS (loop2): Ending clean mount
[   77.097537][ T5136] XFS (loop2): Quotacheck needed: Please wait.
[   77.141074][ T5136] XFS (loop2): Quotacheck: Done.
[   77.296568][ T5136] Process accounting resumed
[   77.429475][ T4309] XFS (loop2): Unmounting Filesystem
[   77.565667][ T5062] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   77.613745][ T5062] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   78.087800][ T5062] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   78.141461][ T5062] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   78.198655][ T5190] loop1: detected capacity change from 0 to 64
[   78.414556][ T5184] loop4: detected capacity change from 0 to 32768
[   78.416507][ T5184] XFS: attr2 mount option is deprecated.
[   78.440518][ T5184] XFS: ikeep mount option is deprecated.
[   78.441773][ T5184] XFS: noikeep mount option is deprecated.
[   78.516693][ T5184] XFS (loop4): Mounting V5 Filesystem
[   78.774274][ T5211] netlink: 316 bytes leftover after parsing attributes in process `syz.2.213'.
[   78.888371][ T5184] XFS (loop4): Ending clean mount
[   78.903726][ T5184] XFS (loop4): Quotacheck needed: Please wait.
[   78.977998][ T5184] XFS (loop4): Quotacheck: Done.
[   79.058462][ T4316] Bluetooth: hci3: command 0x0419 tx timeout
[   79.253376][ T4984] device hsr_slave_0 left promiscuous mode
[   79.326483][ T4312] XFS (loop4): Unmounting Filesystem
[   79.348393][ T4984] device hsr_slave_1 left promiscuous mode
[   79.753973][ T4984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   79.756266][ T4984] batman_adv: batadv0: Removing interface: batadv_slave_0
[   79.957147][ T4984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   79.961974][ T4984] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.081902][ T4984] device bridge_slave_1 left promiscuous mode
[   80.084857][ T4984] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.211583][ T4984] device bridge_slave_0 left promiscuous mode
[   80.212991][ T4984] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.449770][ T4984] device veth1_macvtap left promiscuous mode
[   80.451396][ T4984] device veth0_macvtap left promiscuous mode
[   80.452690][ T4984] device veth1_vlan left promiscuous mode
[   80.454908][ T4984] device veth0_vlan left promiscuous mode
[   81.447025][   T27] kauditd_printk_skb: 2 callbacks suppressed
[   81.447040][   T27] audit: type=1326 audit(81.420:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.455985][   T27] audit: type=1326 audit(81.430:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.462783][   T27] audit: type=1326 audit(81.430:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.479388][   T27] audit: type=1326 audit(81.430:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.486780][   T27] audit: type=1326 audit(81.430:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.496544][   T27] audit: type=1326 audit(81.430:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.506139][   T27] audit: type=1326 audit(81.430:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.523784][   T27] audit: type=1326 audit(81.430:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=66 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.544768][   T27] audit: type=1326 audit(81.440:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   81.549195][   T27] audit: type=1326 audit(81.440:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.3.220" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   82.804090][ T5253] loop4: detected capacity change from 0 to 512
[   82.810144][ T5253] ext4: Unknown parameter 'uid'
[   82.853837][ T4431] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   82.929010][ T5255] loop2: detected capacity change from 0 to 256
[   82.932864][ T5255] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   82.935002][ T5255] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[   82.973126][ T5255] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   83.249178][ T5261] loop4: detected capacity change from 0 to 64
[   83.968138][ T5266] netlink: 316 bytes leftover after parsing attributes in process `syz.3.227'.
[   84.978229][    C1] sched: RT throttling activated
[   85.313146][ T4984] team0 (unregistering): Port device team_slave_1 removed
[   85.499713][ T4984] team0 (unregistering): Port device team_slave_0 removed
[   85.689074][ T4984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   85.899087][ T4984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   89.166891][ T4984] bond0 (unregistering): Released all slaves
[   89.462045][ T5282] netlink: 12 bytes leftover after parsing attributes in process `syz.4.232'.
[   89.499751][ T5293] netlink: 'syz.3.235': attribute type 4 has an invalid length.
[   89.702826][ T5062] 8021q: adding VLAN 0 to HW filter on device bond0
[   89.712905][ T5062] 8021q: adding VLAN 0 to HW filter on device team0
[   89.729878][   T27] kauditd_printk_skb: 2 callbacks suppressed
[   89.729892][   T27] audit: type=1326 audit(89.650:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   89.735307][   T27] audit: type=1326 audit(89.650:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   89.774483][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   89.776591][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   89.780336][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   89.784940][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   89.791199][  T240] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.792680][  T240] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.800804][   T27] audit: type=1326 audit(89.650:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   90.708418][ T5313] netlink: 316 bytes leftover after parsing attributes in process `syz.3.238'.
[   91.129233][ T5314] loop2: detected capacity change from 0 to 64
[   91.181027][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   91.194304][   T27] audit: type=1326 audit(89.650:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.200915][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   91.213561][  T240] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.215002][  T240] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.225295][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   91.230286][   T27] audit: type=1326 audit(89.650:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.247013][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   91.261556][   T27] audit: type=1326 audit(89.650:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.266709][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   91.299221][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   91.302463][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   91.390968][   T27] audit: type=1326 audit(89.650:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.428982][   T27] audit: type=1326 audit(89.650:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.433337][   T27] audit: type=1326 audit(89.660:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.437664][   T27] audit: type=1326 audit(89.660:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5299 comm="syz.1.236" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[   91.445871][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   91.484259][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   91.487284][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   91.489447][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   91.491590][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   91.493656][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   91.495640][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   91.498859][ T5062] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   92.600378][ T5336] loop1: detected capacity change from 0 to 128
[   92.647372][ T5336] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   92.738859][ T5336] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-ce"
[   92.814554][ T5336] fscrypt: loop1: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13
[   92.966495][ T4302] EXT4-fs (loop1): unmounting filesystem.
[   93.024893][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   93.026603][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   93.034615][ T5062] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.328338][ T5367] netlink: 316 bytes leftover after parsing attributes in process `syz.1.251'.
[   93.363317][ T5374] loop3: detected capacity change from 0 to 64
[   94.471837][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   94.474322][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.533349][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   94.537927][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.416978][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.427704][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.449056][ T5062] device veth0_vlan entered promiscuous mode
[   95.457267][ T5062] device veth1_vlan entered promiscuous mode
[   95.546451][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   95.549154][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   95.556535][ T5062] device veth0_macvtap entered promiscuous mode
[   95.571283][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   95.573607][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.609216][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   95.617396][ T5062] device veth1_macvtap entered promiscuous mode
[   95.668093][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.686046][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.688756][ T5395] loop4: detected capacity change from 0 to 4096
[   95.775518][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.779343][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.781262][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.788183][ T5395] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[   95.806753][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.814371][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.816615][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.835022][   T27] kauditd_printk_skb: 24 callbacks suppressed
[   95.835037][   T27] audit: type=1326 audit(95.810:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   95.841710][   T27] audit: type=1326 audit(95.810:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   95.862465][ T5062] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.865751][   T27] audit: type=1326 audit(95.810:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   95.942602][   T27] audit: type=1326 audit(95.810:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   95.955830][   T27] audit: type=1326 audit(95.810:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   95.984194][   T27] audit: type=1326 audit(95.820:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   96.002499][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   96.004590][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   96.006782][  T240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   96.018399][   T27] audit: type=1326 audit(95.820:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   96.026511][   T27] audit: type=1326 audit(95.820:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   96.032768][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.034886][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.043212][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.046657][   T27] audit: type=1326 audit(95.820:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   96.051490][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.055849][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.059319][   T27] audit: type=1326 audit(95.820:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5400 comm="syz.3.261" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[   96.064928][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.068198][ T5062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.073187][ T5062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.104670][ T5062] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.113681][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   96.116095][ T4835] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   96.121126][ T5062] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.123049][ T5062] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.136693][ T5062] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.148566][ T5062] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.554776][ T5426] loop3: detected capacity change from 0 to 64
[   97.321945][ T4984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.323973][ T4984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.328623][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   97.361099][ T5434] netlink: 316 bytes leftover after parsing attributes in process `syz.4.266'.
[   97.367437][ T4984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.373182][ T4984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.393229][ T4984] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   97.591053][ T4316] Bluetooth: hci5: command 0x1003 tx timeout
[   97.593970][ T4306] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   99.426604][ T5452] loop5: detected capacity change from 0 to 64
[  100.390725][ T5456] tipc: Failed to remove unknown binding: 66,1,1/0:1904520742/1904520744
[  101.984185][ T5490] loop2: detected capacity change from 0 to 64
[  102.036815][ T5469] loop5: detected capacity change from 0 to 40427
[  102.089946][ T5469] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x3ffff
[  102.097641][ T5469] F2FS-fs (loop5): invalid crc value
[  102.271981][ T5469] F2FS-fs (loop5): Found nat_bits in checkpoint
[  102.302095][ T5502] netlink: 316 bytes leftover after parsing attributes in process `syz.3.281'.
[  102.332305][ T5469] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  102.386771][ T5469] F2FS-fs (loop5) : inject dquot initialize in f2fs_dquot_initialize of f2fs_rename2+0x93c/0x1fd8
[  102.471869][ T5062] syz-executor: attempt to access beyond end of device
[  102.471869][ T5062] loop5: rw=2049, sector=45096, nr_sectors = 32 limit=40427
[  103.339484][ T5524] loop4: detected capacity change from 0 to 64
[  104.980857][ T5538] loop4: detected capacity change from 0 to 1024
[  105.185509][ T5538] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  105.188793][ T5538] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  105.270646][ T5547] loop3: detected capacity change from 0 to 64
[  105.529453][ T5538] EXT4-fs error (device loop4): ext4_get_journal_inode:5722: inode #5: comm syz.4.290: unexpected bad inode w/o EXT4_IGET_BAD
[  105.637321][ T5538] EXT4-fs (loop4): no journal found
[  105.638853][ T5538] EXT4-fs (loop4): can't get journal size
[  105.771137][ T5538] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  106.858398][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  106.858420][   T27] audit: type=1326 audit(106.800:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  106.872225][   T27] audit: type=1326 audit(106.800:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  106.916978][   T27] audit: type=1326 audit(106.800:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  106.977897][   T27] audit: type=1326 audit(106.800:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  106.993903][   T27] audit: type=1326 audit(106.800:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  106.998021][   T27] audit: type=1326 audit(106.800:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  107.174425][   T27] audit: type=1326 audit(106.800:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  107.179322][   T27] audit: type=1326 audit(106.800:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  107.183537][   T27] audit: type=1326 audit(106.800:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  107.187866][   T27] audit: type=1326 audit(106.800:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5549 comm="syz.1.293" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  107.215218][ T5568] netlink: 316 bytes leftover after parsing attributes in process `syz.2.296'.
[  108.343629][ T5597] loop2: detected capacity change from 0 to 64
[  109.178822][ T4312] EXT4-fs (loop4): unmounting filesystem.
[  109.227363][ T5575] loop1: detected capacity change from 0 to 65536
[  110.759005][ T5622] netlink: 12 bytes leftover after parsing attributes in process `syz.5.306'.
[  112.329148][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  112.329164][   T27] audit: type=1326 audit(112.210:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5625 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffba553aa8 code=0x7ffc0000
[  112.343811][   T27] audit: type=1326 audit(112.210:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5625 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffba553aa8 code=0x7ffc0000
[  112.354936][   T27] audit: type=1326 audit(112.290:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5625 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffba553aa8 code=0x7ffc0000
[  112.385275][   T27] audit: type=1326 audit(112.290:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5625 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffba553aa8 code=0x7ffc0000
[  112.470562][   T27] audit: type=1326 audit(112.290:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5625 comm="syz.4.309" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffba553aa8 code=0x7ffc0000
[  112.608459][ T5634] loop2: detected capacity change from 0 to 64
[  113.128320][ T5640] netlink: 316 bytes leftover after parsing attributes in process `syz.5.311'.
[  115.449052][   T27] audit: type=1326 audit(115.430:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5671 comm="syz.1.320" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  115.454060][   T27] audit: type=1326 audit(115.430:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5671 comm="syz.1.320" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  115.468337][   T27] audit: type=1326 audit(115.430:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5671 comm="syz.1.320" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  115.472686][   T27] audit: type=1326 audit(115.430:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5671 comm="syz.1.320" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  115.477008][   T27] audit: type=1326 audit(115.430:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5671 comm="syz.1.320" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  115.536463][ T5679] loop3: detected capacity change from 0 to 64
[  116.194019][ T5699] netlink: 4 bytes leftover after parsing attributes in process `syz.2.322'.
[  116.279809][ T5699] netlink: 72 bytes leftover after parsing attributes in process `syz.2.322'.
[  116.616372][ T5708] loop2: detected capacity change from 0 to 64
[  117.774179][ T5721] netlink: 316 bytes leftover after parsing attributes in process `syz.2.326'.
[  118.998793][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  118.998807][   T27] audit: type=1326 audit(118.970:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.033853][   T27] audit: type=1326 audit(119.010:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.046231][   T27] audit: type=1326 audit(119.020:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.064994][ T5727] tipc: Started in network mode
[  119.066022][ T5727] tipc: Node identity ac1414aa, cluster identity 4711
[  119.067684][ T5727] tipc: New replicast peer: 100.1.1.1
[  119.071391][   T27] audit: type=1326 audit(119.020:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.086547][ T5727] tipc: Enabled bearer <udp:syz2>, priority 10
[  119.104181][   T27] audit: type=1326 audit(119.020:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.549510][   T27] audit: type=1326 audit(119.020:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.775622][   T27] audit: type=1326 audit(119.020:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.921363][   T27] audit: type=1326 audit(119.020:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=41 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.992092][   T27] audit: type=1326 audit(119.020:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  119.996197][   T27] audit: type=1326 audit(119.020:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5724 comm="syz.5.331" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9b15604c code=0x7ffc0000
[  120.078564][ T4478] tipc: Node number set to 2886997162
[  120.384364][ T5754] loop1: detected capacity change from 0 to 64
[  121.564666][ T5753] loop4: detected capacity change from 0 to 40427
[  121.576224][ T5753] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  121.581777][ T5753] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  122.324992][ T5753] F2FS-fs (loop4): Found nat_bits in checkpoint
[  122.431567][ T5753] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  122.433029][ T5753] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  122.507450][ T5753] syz.4.339: attempt to access beyond end of device
[  122.507450][ T5753] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  122.867444][ T5794] netlink: 316 bytes leftover after parsing attributes in process `syz.1.345'.
[  123.727749][ T5753] syz.4.339: attempt to access beyond end of device
[  123.727749][ T5753] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  123.871497][ T5801] netlink: 32 bytes leftover after parsing attributes in process `syz.2.348'.
[  123.893656][ T5801] netlink: 32 bytes leftover after parsing attributes in process `syz.2.348'.
[  124.185640][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.185690][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.191889][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.196820][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.201329][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.206019][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.209945][ T4312] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  124.255394][  T175] kworker/u4:3: attempt to access beyond end of device
[  124.255394][  T175] loop4: rw=1, sector=45112, nr_sectors = 8 limit=40427
[  125.381906][ T5823] loop1: detected capacity change from 0 to 64
[  125.431453][   T27] kauditd_printk_skb: 35 callbacks suppressed
[  125.437297][   T27] audit: type=1326 audit(125.410:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.442901][   T27] audit: type=1326 audit(125.410:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.446642][   T27] audit: type=1326 audit(125.410:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.450953][   T27] audit: type=1326 audit(125.410:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.452756][   T27] audit: type=1326 audit(125.410:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.456987][   T27] audit: type=1326 audit(125.410:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.464441][   T27] audit: type=1326 audit(125.410:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.473031][   T27] audit: type=1326 audit(125.410:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.475611][   T27] audit: type=1326 audit(125.410:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.477110][   T27] audit: type=1326 audit(125.410:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5818 comm="syz.2.353" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  125.939225][ T2063] ieee802154 phy0 wpan0: encryption failed: -22
[  125.939319][ T2063] ieee802154 phy1 wpan1: encryption failed: -22
[  127.418668][ T5849] netlink: 316 bytes leftover after parsing attributes in process `syz.5.357'.
[  131.434177][ T5886] loop5: detected capacity change from 0 to 64
[  133.290527][ T5905] netlink: 316 bytes leftover after parsing attributes in process `syz.2.372'.
[  135.720559][ T5948] loop3: detected capacity change from 0 to 64
[  137.776465][ T5967] netlink: 316 bytes leftover after parsing attributes in process `syz.3.385'.
[  138.499163][ T5975] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.508821][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  138.508833][   T27] audit: type=1326 audit(138.490:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.514651][   T27] audit: type=1326 audit(138.490:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.540272][ T5975] device batadv_slave_1 entered promiscuous mode
[  138.548380][   T27] audit: type=1326 audit(138.490:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.552702][   T27] audit: type=1326 audit(138.490:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.556926][   T27] audit: type=1326 audit(138.490:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.566103][   T27] audit: type=1326 audit(138.490:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.588307][   T27] audit: type=1326 audit(138.490:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.608737][   T27] audit: type=1326 audit(138.490:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.623939][   T27] audit: type=1326 audit(138.500:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  138.628165][   T27] audit: type=1326 audit(138.500:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5973 comm="syz.3.388" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe953aa8 code=0x7ffc0000
[  141.749806][ T6023] loop1: detected capacity change from 0 to 8192
[  141.818039][ T6035] loop3: detected capacity change from 0 to 512
[  141.848438][ T6035] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  141.946773][ T6035] EXT4-fs (loop3): 1 truncate cleaned up
[  141.948178][ T6035] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  141.962012][ T6038] loop4: detected capacity change from 0 to 16
[  141.972341][ T6038] erofs: (device loop4): mounted with root inode @ nid 36.
[  142.158261][ T4307] EXT4-fs (loop3): unmounting filesystem.
[  142.665344][ T6059] netlink: 316 bytes leftover after parsing attributes in process `syz.3.402'.
[  143.551536][ T6068] loop2: detected capacity change from 0 to 128
[  143.564228][ T6068] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  146.008839][ T6068] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 81: 0xc9 != 0xba
[  146.421539][ T6089] loop1: detected capacity change from 0 to 64
[  148.012744][ T6103] netlink: 'syz.4.413': attribute type 4 has an invalid length.
[  148.162320][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  148.728491][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  148.728534][   T27] audit: type=1326 audit(148.660:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  148.749801][   T27] audit: type=1326 audit(148.660:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.028941][   T27] audit: type=1326 audit(148.660:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.202253][   T27] audit: type=1326 audit(148.660:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.345549][   T27] audit: type=1326 audit(148.660:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.350017][   T27] audit: type=1326 audit(148.660:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.358312][   T27] audit: type=1326 audit(148.660:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.362737][   T27] audit: type=1326 audit(148.660:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.367068][   T27] audit: type=1326 audit(148.660:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.435357][   T27] audit: type=1326 audit(148.660:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6119 comm="syz.1.416" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  149.595973][ T6131] loop2: detected capacity change from 0 to 1024
[  149.771061][ T6138] netlink: 316 bytes leftover after parsing attributes in process `syz.1.417'.
[  150.487905][ T6112] loop4: detected capacity change from 0 to 40427
[  150.494140][ T6131] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  150.502173][ T6112] F2FS-fs (loop4): invalid crc value
[  150.545303][ T6112] F2FS-fs (loop4): Found nat_bits in checkpoint
[  150.588616][ T6112] F2FS-fs (loop4): Start checkpoint disabled!
[  150.602130][ T6112] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  152.077834][ T4833] kworker/u4:11: attempt to access beyond end of device
[  152.077834][ T4833] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  152.226901][ T6142] loop1: detected capacity change from 0 to 32768
[  152.259421][ T6142] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.419 (6142)
[  152.384778][ T6142] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  152.386920][ T6142] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm
[  153.181359][ T6142] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  153.183779][ T6142] BTRFS info (device loop1): use zstd compression, level 3
[  153.185239][ T6142] BTRFS info (device loop1): using free space tree
[  153.983434][   T14] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  154.005795][   T14] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  154.142956][ T6142] BTRFS error (device loop1): open_ctree failed
[  154.257473][ T6192] loop4: detected capacity change from 0 to 64
[  155.219035][ T6198] netlink: 316 bytes leftover after parsing attributes in process `syz.3.430'.
[  156.207559][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  156.207573][   T27] audit: type=1326 audit(155.520:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.212951][   T27] audit: type=1326 audit(155.520:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.217255][   T27] audit: type=1326 audit(155.520:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.288169][   T27] audit: type=1326 audit(155.520:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.331446][   T27] audit: type=1326 audit(155.520:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.335832][   T27] audit: type=1326 audit(155.520:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.526556][   T27] audit: type=1326 audit(155.520:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  156.548749][   T27] audit: type=1326 audit(155.520:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  157.812663][ T6209] binder: 6208:6209 tried to acquire reference to desc 0, got 1 instead
[  157.844310][   T27] audit: type=1326 audit(155.520:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  157.868696][ T6209] binder: 6208:6209 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  157.891923][ T6209] binder: 6209 RLIMIT_NICE not set
[  157.893235][ T6209] binder: 6209 RLIMIT_NICE not set
[  157.901800][   T27] audit: type=1326 audit(155.520:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6194 comm="syz.2.428" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb1b53aa8 code=0x7ffc0000
[  157.906620][ T6209] binder: release 6208:6209 transaction 9 out, still active
[  157.935278][ T6209] binder: undelivered TRANSACTION_COMPLETE
[  157.937112][ T6209] binder_alloc: 6208: binder_alloc_buf, no vma
[  157.975043][ T6216] binder: 6214:6216 tried to acquire reference to desc 0, got 1 instead
[  157.976904][ T6209] binder: cannot allocate buffer: vma cleared, target dead or dying
[  157.976944][ T6209] binder: 6208:6209 transaction call to 6208:0 failed 16/29189/-3, size 0-0 line 3239
[  158.323375][ T6216] binder: 6214:6216 parent offset not aligned correctly.
[  158.324913][ T6216] binder: 6216:6214 translate fd array failed
[  158.326253][ T6216] binder: 6214:6216 transaction call to 6214:0 failed 21/29201/-22, size 96-24 line 3495
[  158.415188][   T24] binder: release 6208:6209 transaction 9 in, still active
[  158.416969][   T24] binder: send failed reply for transaction 9, target dead
[  158.434942][   T24] binder: undelivered TRANSACTION_ERROR: 29189
[  158.436741][   T24] binder: undelivered TRANSACTION_ERROR: 29201
[  158.477211][ T6223] loop2: detected capacity change from 0 to 512
[  158.505704][ T6217] loop5: detected capacity change from 0 to 2048
[  158.535844][ T6223] EXT4-fs (loop2): Unsupported encryption level 9
[  158.611586][ T6217] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  158.728391][ T4653] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  158.736166][ T6223] loop2: detected capacity change from 0 to 512
[  158.738890][ T6223] EXT4-fs: Ignoring removed nomblk_io_submit option
[  159.489251][ T6223] EXT4-fs (loop2): orphan cleanup on readonly fs
[  159.491611][ T6223] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  159.536588][ T6223] EXT4-fs (loop2): 1 truncate cleaned up
[  159.537760][ T6223] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  159.574722][    T7] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  159.576832][    T7] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  159.601580][ T6230] device syzkaller0 entered promiscuous mode
[  159.704234][ T4304] Bluetooth: hci2: command 0x0406 tx timeout
[  159.705511][ T4304] Bluetooth: hci0: command 0x0406 tx timeout
[  159.750380][ T4316] Bluetooth: hci1: command 0x0406 tx timeout
[  160.467196][ T4309] EXT4-fs (loop2): unmounting filesystem.
[  161.065380][ T6227] loop3: detected capacity change from 0 to 32768
[  161.478284][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  161.478299][   T27] audit: type=1326 audit(161.120:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.483685][   T27] audit: type=1326 audit(161.130:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.487977][   T27] audit: type=1326 audit(161.140:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.493284][   T27] audit: type=1326 audit(161.140:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.497670][   T27] audit: type=1326 audit(161.140:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.502298][   T27] audit: type=1326 audit(161.150:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.507642][   T27] audit: type=1326 audit(161.150:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.512172][   T27] audit: type=1326 audit(161.150:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.516546][   T27] audit: type=1326 audit(161.160:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  161.914851][   T27] audit: type=1326 audit(161.160:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6242 comm="syz.1.446" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  163.358462][ T4432] I/O error, dev loop3, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  163.741039][ T6258] xt_TCPMSS: Only works on TCP SYN packets
[  166.869783][ T6278] loop3: detected capacity change from 0 to 64
[  167.586986][ T4487] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  167.589227][ T4487] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  168.669539][ T6289] syz.1.457 sent an empty control message without MSG_MORE.
[  170.809471][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  170.809639][   T27] audit: type=1326 audit(170.100:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  170.816037][   T27] audit: type=1326 audit(170.100:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.170513][   T27] audit: type=1326 audit(170.140:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.182286][   T27] audit: type=1326 audit(170.150:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.198079][   T27] audit: type=1326 audit(170.150:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.221194][   T27] audit: type=1326 audit(170.170:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.253673][   T27] audit: type=1326 audit(170.170:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.287128][   T27] audit: type=1326 audit(170.190:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.311763][   T27] audit: type=1326 audit(170.200:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.338746][   T27] audit: type=1326 audit(170.200:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6290 comm="syz.5.458" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b153aa8 code=0x7ffc0000
[  171.514315][ T6302] loop1: detected capacity change from 0 to 32768
[  171.520892][ T6302] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.461 (6302)
[  171.614007][ T6302] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  171.616425][ T6302] BTRFS info (device loop1): using crc32c (crc32c-generic) checksum algorithm
[  171.622605][ T6302] BTRFS info (device loop1): use zlib compression, level 3
[  171.626614][ T6302] BTRFS info (device loop1): using free space tree
[  171.676148][ T6302] BTRFS info (device loop1): enabling ssd optimizations
[  171.963691][ T4302] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.794587][ T6365] loop2: detected capacity change from 0 to 2048
[  173.821245][ T6365] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  173.822901][ T6365] UDF-fs: Scanning with blocksize 512 failed
[  173.857968][ T6365] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  173.905556][ T4316] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  173.918889][ T4316] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  173.921268][ T4316] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  173.923294][ T4316] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  173.925121][ T4316] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  173.928069][ T4316] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  175.938554][ T4304] Bluetooth: hci5: command 0x0409 tx timeout
[  177.010158][ T6379] loop2: detected capacity change from 0 to 32768
[  177.012360][ T6379] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.473 (6379)
[  177.016362][ T6379] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  177.020173][ T6379] BTRFS info (device loop2): using crc32c (crc32c-generic) checksum algorithm
[  177.021998][ T6379] BTRFS info (device loop2): use zlib compression, level 3
[  177.023482][ T6379] BTRFS info (device loop2): using free space tree
[  177.060937][ T6379] BTRFS info (device loop2): enabling ssd optimizations
[  177.119359][ T4309] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  178.019702][ T4304] Bluetooth: hci5: command 0x041b tx timeout
[  180.098352][ T4304] Bluetooth: hci5: command 0x040f tx timeout
[  182.188331][ T4304] Bluetooth: hci5: command 0x0419 tx timeout
[  184.171135][ T6426] input: syz0 as /devices/virtual/input/input3
[  184.384911][ T6437] binder: 6436:6437 tried to acquire reference to desc 0, got 1 instead
[  184.394493][ T4478] binder: undelivered TRANSACTION_COMPLETE
[  184.395717][ T4478] binder: undelivered TRANSACTION_COMPLETE
[  184.426527][ T4478] binder: undelivered transaction 29, process died.
[  184.427939][ T4478] binder: undelivered transaction 28, process died.
[  184.522258][ T6366] chnl_net:caif_netlink_parms(): no params data found
[  184.550178][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.551756][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.553237][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.554747][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.569051][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.570644][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.572124][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.573570][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.585068][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.589525][ T6444] loop2: detected capacity change from 0 to 1024
[  184.592354][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.593981][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.601924][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.606596][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.611457][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.615326][ T6444] EXT4-fs (loop2): can't mount with journal_async_commit, fs mounted w/o journal
[  184.617647][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.622619][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.627725][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.633672][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.635217][ T4984] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.640624][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.645032][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.651983][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.656535][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.661284][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.665733][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.670411][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.675274][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.680097][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.684697][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.689409][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.694169][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.699260][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.703700][ T4478] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  184.717460][ T4478] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  184.783146][ T4984] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.802780][ T6366] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.804465][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state
[  184.811503][ T6366] device bridge_slave_0 entered promiscuous mode
[  184.930582][ T4984] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.952378][ T6366] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.954125][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.956240][ T6366] device bridge_slave_1 entered promiscuous mode
[  184.994187][ T6366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.002382][ T6366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.030248][ T6366] team0: Port device team_slave_0 added
[  185.039485][ T6366] team0: Port device team_slave_1 added
[  185.150130][ T4984] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.161233][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  185.162708][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.168388][ T6366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  185.813504][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  185.814918][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  185.864705][ T6366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.092254][ T6464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.094379][ T6464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.124994][ T6466] binder: 6457:6466 tried to acquire reference to desc 0, got 1 instead
[  186.152746][ T6366] device hsr_slave_0 entered promiscuous mode
[  186.334796][ T6466] binder: 6457:6466 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  186.547995][ T6466] binder: 6466 RLIMIT_NICE not set
[  186.685867][ T6366] device hsr_slave_1 entered promiscuous mode
[  186.745131][ T6466] binder: 6466 RLIMIT_NICE not set
[  186.865291][ T6466] binder: send failed reply for transaction 34 to 6457:6461
[  186.867251][ T6464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.875392][ T6466] binder: 6457:6466 ioctl c0306201 20000140 returned -14
[  186.885777][ T6464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.958859][ T6366] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  186.960459][ T6366] Cannot create hsr debugfs directory
[  187.048987][   T22] binder: undelivered TRANSACTION_COMPLETE
[  187.050289][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[  187.091065][ T6464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.092999][ T6464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.215385][ T6366] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  188.118719][ T2063] ieee802154 phy0 wpan0: encryption failed: -22
[  188.120048][ T2063] ieee802154 phy1 wpan1: encryption failed: -22
[  188.298296][ T6366] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  188.391676][ T6366] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  189.934924][ T6366] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  191.013676][ T6508] loop3: detected capacity change from 0 to 40427
[  191.016993][ T6508] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  191.019215][ T6508] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  191.085388][ T6508] F2FS-fs (loop3): invalid crc value
[  191.151980][ T6508] F2FS-fs (loop3): Found nat_bits in checkpoint
[  191.175292][ T6508] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  191.176734][ T6508] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  191.241916][ T6519] binder: BINDER_SET_CONTEXT_MGR already set
[  191.352271][ T6519] binder: 6514:6519 ioctl 40046207 0 returned -16
[  191.373676][ T6519] binder: 6514:6519 IncRefs 0 refcount change on invalid ref 0 ret -22
[  192.618637][ T6529] binder: 6514:6529 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  192.621246][ T6529] binder: 6529 RLIMIT_NICE not set
[  192.630283][ T6519] binder: 6514:6519 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  192.865431][ T4767] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  192.881810][ T4767] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  192.885605][ T6366] 8021q: adding VLAN 0 to HW filter on device bond0
[  192.888581][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.1.502'.
[  192.894344][ T6534] netlink: 4 bytes leftover after parsing attributes in process `syz.1.502'.
[  195.488617][ T6556] No buffer was provided with the request
[  195.492134][ T4304] Bluetooth: hci3: command 0x0406 tx timeout
[  195.706560][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  195.708810][ T4960] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  195.982602][ T6366] 8021q: adding VLAN 0 to HW filter on device team0
[  196.025206][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  196.027497][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  196.030220][ T6562] loop2: detected capacity change from 0 to 764
[  196.030407][ T4767] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.032934][ T4767] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.035155][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  196.037406][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  196.047811][ T4767] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.049310][ T4767] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.051730][ T6562] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  196.068811][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  196.071725][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  196.083320][ T4767] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  196.731584][ T6574] loop1: detected capacity change from 0 to 256
[  197.293780][ T6562] overlayfs: failed to resolve './file0': -2
[  197.390637][  T175] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  197.393998][  T175] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  197.396089][  T175] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  197.415084][ T6279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  197.417405][ T6279] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  198.441644][ T6591] slcan: can't register candev
[  198.448578][ T4304] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  198.450796][ T4304] CPU: 0 PID: 4304 Comm: kworker/u5:1 Tainted: G        W          6.1.120-syzkaller #0
[  198.452754][ T4304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  198.454751][ T4304] Workqueue: hci2 hci_rx_work
[  198.455706][ T4304] Call trace:
[  198.456346][ T4304]  dump_backtrace+0x1c8/0x1f4
[  198.457301][ T4304]  show_stack+0x2c/0x3c
[  198.458159][ T4304]  dump_stack_lvl+0x108/0x170
[  198.459185][ T4304]  dump_stack+0x1c/0x58
[  198.460059][ T4304]  sysfs_create_dir_ns+0x278/0x318
[  198.461173][ T4304]  kobject_add_internal+0x598/0xb14
[  198.462227][ T4304]  kobject_add+0x14c/0x21c
[  198.463129][ T4304]  device_add+0x400/0xef4
[  198.464023][ T4304]  hci_conn_add_sysfs+0xc4/0x1cc
[  198.465089][ T4304]  le_conn_complete_evt+0xa0c/0xfe0
[  198.466166][ T4304]  hci_le_conn_complete_evt+0x114/0x404
[  198.467223][ T4304]  hci_le_meta_evt+0x2b8/0x47c
[  198.468313][ T4304]  hci_event_packet+0x6f8/0x109c
[  198.469307][ T4304]  hci_rx_work+0x310/0xa84
[  198.470269][ T4304]  process_one_work+0x7ac/0x1404
[  198.471281][ T4304]  worker_thread+0x8e4/0xfec
[  198.472254][ T4304]  kthread+0x250/0x2d8
[  198.473145][ T4304]  ret_from_fork+0x10/0x20
[  198.489082][ T4304] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  198.491857][ T4304] Bluetooth: hci2: failed to register connection device
[  198.565568][ T6597] overlayfs: failed to create directory ./bus/work (errno: 22); mounting read-only
[  198.567878][ T6597] overlayfs: failed to resolve './file0/../file0': -2
[  198.577356][ T6366] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  198.588512][ T6366] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  198.608132][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  198.610250][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  198.612409][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  198.614323][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  198.616393][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  200.569027][ T6611] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  200.795791][ T6614] netlink: 4 bytes leftover after parsing attributes in process `syz.2.530'.
[  200.811209][ T6614] device bond_slave_0 entered promiscuous mode
[  200.812831][ T6614] device bond_slave_1 entered promiscuous mode
[  200.847252][ T6614] device macvtap1 entered promiscuous mode
[  200.849109][ T6614] device bond0 entered promiscuous mode
[  200.873237][ T6614] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  200.940816][ T6618] device bond0 left promiscuous mode
[  200.942393][ T6618] device bond_slave_0 left promiscuous mode
[  200.943648][ T6618] device bond_slave_1 left promiscuous mode
[  200.958467][ T6628] netlink: 72 bytes leftover after parsing attributes in process `syz.5.522'.
[  201.236961][ T6624] netlink: 4 bytes leftover after parsing attributes in process `syz.5.522'.
[  203.433895][ T6366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.443762][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  203.445523][ T4662] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  203.610964][ T6659] loop3: detected capacity change from 0 to 512
[  203.663988][ T6659] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  204.452788][ T6659] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  204.454409][ T6659] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  204.456041][ T6659] System zones: 0-1, 15-15, 18-18, 34-34
[  204.468884][ T6659] EXT4-fs (loop3): orphan cleanup on readonly fs
[  204.470236][ T6659] __quota_error: 7 callbacks suppressed
[  204.470246][ T6659] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0
[  204.473196][ T6659] EXT4-fs warning (device loop3): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  204.518508][ T6659] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  204.522100][ T6659] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.533: bg 0: block 40: padding at end of block bitmap is not set
[  204.538465][ T6659] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  204.540618][ T6659] EXT4-fs (loop3): 1 truncate cleaned up
[  204.541791][ T6659] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  206.307914][ T4316] Bluetooth: hci2: command 0x0406 tx timeout
[  206.982917][ T4307] EXT4-fs (loop3): unmounting filesystem.
[  207.102756][ T6687] loop3: detected capacity change from 0 to 128
[  207.144887][ T6685] loop2: detected capacity change from 0 to 512
[  207.158817][ T6687] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  207.188976][ T6685] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  207.245854][ T6687] fscrypt: loop3: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13
[  207.578213][ T6685] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  207.582900][ T6685] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  207.965514][ T6685] System zones: 0-1, 15-15, 18-18, 34-34
[  207.967445][ T6685] EXT4-fs (loop2): orphan cleanup on readonly fs
[  207.997326][ T6685] Quota error (device loop2): v2_read_header: Failed header read: expected=8 got=0
[  208.021149][ T6685] EXT4-fs warning (device loop2): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  208.048457][ T6685] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  208.062406][ T6685] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.547: bg 0: block 40: padding at end of block bitmap is not set
[  208.081188][ T4307] EXT4-fs (loop3): unmounting filesystem.
[  208.102680][ T6685] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  208.118147][ T6685] EXT4-fs (loop2): 1 truncate cleaned up
[  208.119492][ T6685] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  208.210907][ T6706] netlink: 72 bytes leftover after parsing attributes in process `syz.1.539'.
[  209.347023][ T4309] EXT4-fs (loop2): unmounting filesystem.
[  209.463884][ T6719] loop2: detected capacity change from 0 to 1024
[  209.465777][ T6719] EXT4-fs: Ignoring removed orlov option
[  209.466983][ T6719] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.469443][ T6719] EXT4-fs: test_dummy_encryption requires encrypt feature
[  209.676117][ T6701] netlink: 4 bytes leftover after parsing attributes in process `syz.1.539'.
[  210.798409][ T6714] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.821663][ T6714] device batadv_slave_1 entered promiscuous mode
[  211.593790][ T4984] device hsr_slave_0 left promiscuous mode
[  211.832389][ T4984] device hsr_slave_1 left promiscuous mode
[  211.962816][ T4984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.967913][ T4984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  213.626107][ T4984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  213.627730][ T4984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  213.676069][ T4984] device bridge_slave_1 left promiscuous mode
[  213.677461][ T4984] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.860780][ T6749] loop2: detected capacity change from 0 to 128
[  213.883169][ T6749] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  213.943586][ T6753] virtio-fs: tag <(null)> not found
[  214.196432][ T4984] device bridge_slave_0 left promiscuous mode
[  214.198917][ T4984] bridge0: port 1(bridge_slave_0) entered disabled state
[  214.576429][ T6749] fscrypt: loop2: 2 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 13
[  214.640533][ T4309] EXT4-fs (loop2): unmounting filesystem.
[  214.691642][ T6758] loop1: detected capacity change from 0 to 512
[  214.715364][ T6758] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  214.781065][ T6758] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  214.782745][ T6758] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  214.784330][ T6758] System zones: 0-1, 15-15, 18-18, 34-34
[  214.786366][ T6758] EXT4-fs (loop1): orphan cleanup on readonly fs
[  214.787809][ T6758] Quota error (device loop1): v2_read_header: Failed header read: expected=8 got=0
[  214.798089][ T6758] EXT4-fs warning (device loop1): ext4_enable_quotas:7029: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  214.801309][ T6758] EXT4-fs (loop1): Cannot turn on quotas: error -22
[  214.803019][ T6758] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.553: bg 0: block 40: padding at end of block bitmap is not set
[  214.806235][ T6758] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  214.808447][ T6758] EXT4-fs (loop1): 1 truncate cleaned up
[  214.809741][ T6758] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  214.900002][ T4984] device veth1_macvtap left promiscuous mode
[  214.903503][ T4984] device veth0_macvtap left promiscuous mode
[  214.905338][ T4984] device veth1_vlan left promiscuous mode
[  214.906951][ T4984] device veth0_vlan left promiscuous mode
[  216.676229][ T4302] EXT4-fs (loop1): unmounting filesystem.
[  224.263265][ T4984] team0 (unregistering): Port device team_slave_1 removed
[  225.065557][ T4984] team0 (unregistering): Port device team_slave_0 removed
[  225.309174][ T4984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  226.127391][ T6818] loop3: detected capacity change from 0 to 32768
[  226.150718][ T6818] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.569 (6818)
[  226.186499][ T6818] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  226.188868][ T6818] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[  226.190619][ T6818] BTRFS info (device loop3): using free space tree
[  226.231712][ T4984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  226.360047][ T6818] BTRFS info (device loop3): enabling ssd optimizations
[  227.378157][ T4307] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  227.535621][ T4316] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  227.557089][ T4316] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  227.563416][ T4316] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  227.566661][ T4316] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  227.577315][ T4316] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  227.581155][ T4316] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  227.665803][ T6855] loop3: detected capacity change from 0 to 1024
[  227.667568][ T6855] EXT4-fs: Ignoring removed nomblk_io_submit option
[  227.687664][ T6855] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  227.690270][ T6855] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  227.691989][ T6855] EXT4-fs (loop3): Test dummy encryption mode enabled
[  227.705033][ T6855] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  228.773863][ T4307] EXT4-fs (loop3): unmounting filesystem.
[  228.839250][ T6861] loop3: detected capacity change from 0 to 256
[  228.850401][ T6861] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x4f8593fa, utbl_chksum : 0xe619d30d)
[  229.650036][ T4316] Bluetooth: hci4: command 0x0409 tx timeout
[  231.407414][ T4304] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  231.411616][ T4304] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  231.424149][ T4304] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  231.426436][ T4304] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  231.428692][ T4304] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  231.431718][ T4304] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  231.698347][ T4304] Bluetooth: hci4: command 0x041b tx timeout
[  231.850252][ T4984] bond0 (unregistering): Released all slaves
[  232.091841][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  232.094015][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  232.118952][ T4766] Ignoring NSS change in VHT Operating Mode Notification from 08:02:11:00:00:00 with invalid nss 2
[  232.231732][ T6868] infiniband syz2: set active
[  232.235097][ T6868] infiniband syz2: added team_slave_1
[  232.245978][ T6868] infiniband syz2: Couldn't open port 1
[  232.277486][ T6868] RDS/IB: syz2: added
[  232.278783][ T6868] smc: adding ib device syz2 with port count 1
[  232.280115][ T6868] smc:    ib device syz2 port 1 has pnetid 
[  232.337278][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  232.339763][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  232.342446][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  232.344345][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  232.390052][ T6366] device veth0_vlan entered promiscuous mode
[  232.401366][ T6366] device veth1_vlan entered promiscuous mode
[  232.513035][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  232.551114][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  232.561250][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  232.571887][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  232.587670][ T6366] device veth0_macvtap entered promiscuous mode
[  232.594075][ T6366] device veth1_macvtap entered promiscuous mode
[  232.682575][ T6366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.684618][ T6366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.686555][ T6366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.701496][ T6366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.703401][ T6366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.705450][ T6366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.707377][ T6366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  232.718281][ T6366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.722264][ T6366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.725750][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  232.728067][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  232.739931][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  232.742356][ T1734] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  232.754189][ T6366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.756331][ T6366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.761327][ T6366] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.764050][ T6366] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  232.787545][ T6366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.048586][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  233.051355][ T5284] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  233.460540][ T4316] Bluetooth: hci6: command 0x0409 tx timeout
[  233.778434][ T4316] Bluetooth: hci4: command 0x040f tx timeout
[  233.875754][ T6366] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.877522][ T6366] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.879425][ T6366] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.881126][ T6366] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.021308][ T6901] loop3: detected capacity change from 0 to 8192
[  234.078665][ T6901] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  234.081545][ T6901] REISERFS (device loop3): found reiserfs format "3.6" with non-standard journal
[  234.083496][ T6901] REISERFS (device loop3): using ordered data mode
[  234.084786][ T6901] reiserfs: using flush barriers
[  234.116245][ T6893] loop1: detected capacity change from 0 to 40427
[  234.158880][ T6901] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  234.163207][ T6901] REISERFS (device loop3): checking transaction log (loop3)
[  234.169769][ T6893] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x3ffff
[  234.174320][ T4316] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  234.178075][ T4316] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  234.182013][ T4316] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  234.184822][ T4316] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  234.186748][ T4316] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  234.189365][ T4306] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  234.212498][ T6893] F2FS-fs (loop1): invalid crc value
[  234.228350][ T6893] F2FS-fs (loop1): Found nat_bits in checkpoint
[  234.298096][ T6870] chnl_net:caif_netlink_parms(): no params data found
[  234.298352][ T6893] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  234.467099][ T6901] REISERFS (device loop3): Using tea hash to sort names
[  234.487356][ T6901] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  234.642680][ T6923] syz.1.579: attempt to access beyond end of device
[  234.642680][ T6923] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.711184][ T6923] syz.1.579: attempt to access beyond end of device
[  234.711184][ T6923] loop1: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  235.200936][ T4302] syz-executor: attempt to access beyond end of device
[  235.200936][ T4302] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  235.229124][ T6850] chnl_net:caif_netlink_parms(): no params data found
[  235.431655][ T6870] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.433209][ T6870] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.435291][ T6870] device bridge_slave_0 entered promiscuous mode
[  235.470756][ T6870] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.472242][ T6870] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.474340][ T6870] device bridge_slave_1 entered promiscuous mode
[  235.544881][ T4316] Bluetooth: hci6: command 0x041b tx timeout
[  235.580566][ T6941] loop1: detected capacity change from 0 to 128
[  235.590231][ T6941] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  235.599277][ T6941] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 81: 0xc9 != 0xba
[  235.626504][ T6870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  235.675909][ T6870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  235.737982][ T6850] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.744022][ T6850] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.746200][ T6850] device bridge_slave_0 entered promiscuous mode
[  235.751238][ T6850] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.752667][ T6850] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.754709][ T6850] device bridge_slave_1 entered promiscuous mode
[  235.858467][ T4304] Bluetooth: hci4: command 0x0419 tx timeout
[  236.258472][ T4316] Bluetooth: hci2: command 0x0409 tx timeout
[  236.288027][ T6870] team0: Port device team_slave_0 added
[  236.488559][ T6960] loop3: detected capacity change from 0 to 256
[  236.494647][ T6960] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  236.503054][ T4984] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  236.548305][ T6870] team0: Port device team_slave_1 added
[  237.267804][ T6850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.316059][ T6850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.465161][ T4984] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  237.607455][ T6870] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.609330][ T6870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.128452][ T6870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.137819][ T6870] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.142107][ T6870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  238.155998][ T6870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  238.360904][ T4316] Bluetooth: hci6: command 0x040f tx timeout
[  238.361014][ T4304] Bluetooth: hci2: command 0x041b tx timeout
[  239.102895][ T6850] team0: Port device team_slave_0 added
[  239.281901][ T4984] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.031225][ T6850] team0: Port device team_slave_1 added
[  240.170386][ T4984] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.183774][ T6995] loop1: detected capacity change from 0 to 1024
[  240.210226][ T6870] device hsr_slave_0 entered promiscuous mode
[  240.218409][ T6995] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  240.220360][ T6995] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  240.225133][ T6995] EXT4-fs error (device loop1): ext4_get_journal_inode:5722: inode #5: comm syz.1.590: unexpected bad inode w/o EXT4_IGET_BAD
[  240.228125][ T6995] EXT4-fs (loop1): no journal found
[  240.232309][ T6995] EXT4-fs (loop1): can't get journal size
[  240.234540][ T6995] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  240.249262][ T6870] device hsr_slave_1 entered promiscuous mode
[  240.298374][ T6870] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  240.300070][ T6870] Cannot create hsr debugfs directory
[  240.351105][ T6850] batman_adv: batadv0: Adding interface: batadv_slave_0
[  240.353102][ T6850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.358159][ T6850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  240.399502][ T6850] batman_adv: batadv0: Adding interface: batadv_slave_1
[  240.400961][ T6850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  240.405987][ T6850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  240.418524][ T4306] Bluetooth: hci6: command 0x0419 tx timeout
[  240.419733][ T4306] Bluetooth: hci2: command 0x040f tx timeout
[  240.441301][ T6907] chnl_net:caif_netlink_parms(): no params data found
[  240.477311][ T7006] loop3: detected capacity change from 0 to 512
[  240.479613][ T7006] EXT4-fs: Ignoring removed i_version option
[  240.480811][ T7006] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.482083][ T7006] ext4: Unknown parameter 'seclabel'
[  240.548095][ T6422] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  240.567066][ T7006] loop3: detected capacity change from 0 to 256
[  240.768846][ T6850] device hsr_slave_0 entered promiscuous mode
[  240.808743][ T6850] device hsr_slave_1 entered promiscuous mode
[  241.064327][ T6850] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  241.066684][ T6850] Cannot create hsr debugfs directory
[  241.805799][ T7014] loop3: detected capacity change from 0 to 8192
[  241.811199][ T7014] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  241.811553][ T4302] EXT4-fs (loop1): unmounting filesystem.
[  241.813718][ T7014] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  241.816863][ T7014] REISERFS (device loop3): using ordered data mode
[  241.818187][ T7014] reiserfs: using flush barriers
[  241.820460][ T7014] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  241.823852][ T7014] REISERFS (device loop3): checking transaction log (loop3)
[  241.832081][ T7014] REISERFS (device loop3): Using r5 hash to sort names
[  241.855535][ T7014] reiserfs: enabling write barrier flush mode
[  241.875921][ T7014] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  242.024204][ T4984] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.082818][ T6907] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.086491][ T6907] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.089897][ T6907] device bridge_slave_0 entered promiscuous mode
[  242.181135][ T4984] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.193979][ T6907] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.203297][ T6907] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.207657][ T6907] device bridge_slave_1 entered promiscuous mode
[  242.302606][ T4984] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.327637][ T6907] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.411325][ T4984] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  242.423660][ T6907] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.471531][ T6907] team0: Port device team_slave_0 added
[  242.494324][ T6907] team0: Port device team_slave_1 added
[  242.508540][ T4316] Bluetooth: hci2: command 0x0419 tx timeout
[  242.543535][ T6907] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.545417][ T6907] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.562481][ T6907] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.581349][ T6907] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.582758][ T6907] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.611786][ T6907] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.737226][ T6907] device hsr_slave_0 entered promiscuous mode
[  242.798846][ T6907] device hsr_slave_1 entered promiscuous mode
[  242.868441][ T6907] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.870081][ T6907] Cannot create hsr debugfs directory
[  242.945506][ T6850] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  243.583266][ T6850] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  243.678519][ T6870] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  243.920206][ T6870] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  243.945458][ T6870] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  244.229404][   T27] audit: type=1326 audit(244.050:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.253995][   T27] audit: type=1326 audit(244.050:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.307082][   T27] audit: type=1326 audit(244.050:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.443173][   T27] audit: type=1326 audit(244.060:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.546576][   T27] audit: type=1326 audit(244.060:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.704159][ T6870] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  244.705937][   T27] audit: type=1326 audit(244.060:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=200 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.710094][   T27] audit: type=1326 audit(244.060:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.714183][   T27] audit: type=1326 audit(244.060:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.718470][   T27] audit: type=1326 audit(244.070:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=203 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.722595][   T27] audit: type=1326 audit(244.070:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7045 comm="syz.1.596" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff82953aa8 code=0x7ffc0000
[  244.815230][ T6850] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  244.894343][ T6850] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  245.999722][ T4984] tipc: Disabling bearer <udp:syz2>
[  246.003172][ T4984] tipc: Left network mode
[  247.087946][ T4379] Unable to handle kernel paging request at virtual address dfff800000000006
[  247.089998][ T4379] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[  247.091644][ T4379] Mem abort info:
[  247.092344][ T4379]   ESR = 0x0000000096000006
[  247.093258][ T4379]   EC = 0x25: DABT (current EL), IL = 32 bits
[  247.761883][ T4379]   SET = 0, FnV = 0
[  247.762818][ T4379]   EA = 0, S1PTW = 0
[  247.763676][ T4379]   FSC = 0x06: level 2 translation fault
[  247.764878][ T4379] Data abort info:
[  247.765637][ T4379]   ISV = 0, ISS = 0x00000006
[  247.836210][ T4379]   CM = 0, WnR = 0
[  247.837001][ T4379] [dfff800000000006] address between user and kernel address ranges
[  247.839314][ T4379] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP
[  247.840804][ T4379] Modules linked in:
[  247.841581][ T4379] CPU: 0 PID: 4379 Comm: kworker/0:7 Tainted: G        W          6.1.120-syzkaller #0
[  247.843448][ T4379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  247.845317][ T4379] Workqueue: events cleanup_bearer
[  247.846351][ T4379] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  247.847927][ T4379] pc : cleanup_bearer+0x1bc/0x294
[  247.848922][ T4379] lr : cleanup_bearer+0x184/0x294
[  247.849932][ T4379] sp : ffff800021547b00
[  247.850757][ T4379] x29: ffff800021547b00 x28: ffff0001b3cf9800 x27: ffff0000d3289a98
[  247.852319][ T4379] x26: ffff0000d3289a98 x25: dead000000000122 x24: dfff800000000000
[  247.853997][ T4379] x23: ffff0000c33b1b00 x22: ffff0000c33b1b40 x21: 1fffe0001a651341
[  247.855666][ T4379] x20: 0000000000000030 x19: ffff0000d3289a18 x18: 1fffe0003679c376
[  247.857265][ T4379] x17: ffff800015a7d000 x16: ffff80000830158c x15: ffff0001b3ce1bbc
[  247.858882][ T4379] x14: 1ffff00002b500b2 x13: dfff800000000000 x12: 0000000000000003
[  247.860484][ T4379] x11: 0000000000ff0100 x10: 0000000000000000 x9 : 3c702d9c0223bb00
[  247.862050][ T4379] x8 : 0000000000000006 x7 : 0000000000000000 x6 : 000000000000003f
[  247.863675][ T4379] x5 : 0000000000000040 x4 : ffffffffffffffe0 x3 : 0000000000000000
[  247.865344][ T4379] x2 : 0000000000000006 x1 : ffff80001247c5c0 x0 : ffff80019e30e000
[  247.866998][ T4379] Call trace:
[  247.867645][ T4379]  cleanup_bearer+0x1bc/0x294
[  247.868594][ T4379]  process_one_work+0x7ac/0x1404
[  247.869646][ T4379]  worker_thread+0x8e4/0xfec
[  247.870533][ T4379]  kthread+0x250/0x2d8
[  247.871383][ T4379]  ret_from_fork+0x10/0x20
[  247.872293][ T4379] Code: 97839264 f9400288 9100c114 d343fe88 (38786908) 
[  247.873677][ T4379] ---[ end trace 0000000000000000 ]---
[  248.460499][ T4379] Kernel panic - not syncing: Oops: Fatal exception
[  248.461913][ T4379] SMP: stopping secondary CPUs
[  248.462888][ T4379] Kernel Offset: disabled
[  248.463763][ T4379] CPU features: 0x080000,02070084,26017203
[  248.464907][ T4379] Memory Limit: none
[  249.048926][ T4379] Rebooting in 86400 seconds..