last executing test programs:

46.971226278s ago: executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x56)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x40005504, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs={0x1, 0x0, 0xffffffff}, 0x6e)
socket$unix(0x1, 0x5, 0x0)
pread64(r1, &(0x7f0000000480)=""/177, 0xb1, 0xe0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x53, 0x0, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0})
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
r4 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r4, 0x65, 0x1, &(0x7f0000000080), 0x1d0)
bind$can_raw(r4, &(0x7f0000000000), 0x10)
ioctl$int_in(r0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000240))
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file0\x00', 0x10d00e3, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r0, @ANYRES8=0x0, @ANYRES32], 0x0, 0x6278, &(0x7f0000006600)="$eJzs3cuOHFcZB/Cv+jaXkMTKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7enzprm7X7yeNq746VdOn/O/rVFWfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADihz/48ZkiIi79Ki04FvG56Ef0ItaqeiMi1jaO1bd5IXab4/mIGK5EVNvv/vNsxOsR8fEzEXfv3dqsFp89Yj++/+d//OEnT/3o738anvrvX27035i03s2bv/3PX28//P4CAABAF5VlWRbpY/7xiBikz/YAwJMvv/6XSV6uXrh6e8H6o1ar1eolrOvK8W7Xi4jYrm9TvWdwOB4Alsx2fNJ2F2iR/DttEBFPtd0JYKEVbXeAmbh779ZmkfIt6q8HG3vt+VyQA/lvF/vXd0yaTtM8x2Re96+d6MdzE/qzNqc+LJKcf6+Z/6W99lFab9b5z8uk/Ed7lz51Ts6/38y/oaj/1Xep8++Nzb+rcv6DafnXi+2+/AEAAAAAYIHlv/8fa/n478qj78qRHHb8d2NOfQAAAAAAAACAx+1Bx/8bNMb/22f8PwAAAFhY1Wf1yu+eub9s0nexVcsvFhFPN9YHOiZdLLPedj8AAAAAAAAAAAAAoEsGe+fwXiwihhHx9Pp6WZbVT12zflCPuv2y6/r+Q5e1/SQPAAB7Pn6mcS1/EbEaERfTd/0N19fXy3J1bb1cL9dW8vvZ0cpquVb7XJun1bKV0RHeEA9GZfXLVmvb1U37vDytvfn7qtsalf0jdGw+WgwcACJi79Xo7qRXpP95vVpOZflstPwmhyVxyOOfJeXxz1G0fT8FAAAAZq8sy7JIX+d9PB3z77XdKQBgLvLrf/O4gFqtVqvV6ievrivHu10vImK7vk31nsFw/ACwZLbjk7a7QIvk32mDiHih7U4AC61ouwPMxN17tzaLlG9Rfz1I47vnc0EO5L9d7G6Xtx83naZ5jsm87l870Y/nJvTn+Tn1YZHk/HvN/C/ttY/SerPOf14m5V/t57EW+tO2nH+/mX/Dk5N/b2z+XZXzHzxQ/n35AwAAAADAAst//z+2UMd/Rw+7O1Mddvx3Y+wWs+sLAAAAAAAAADwud+/d2szXvebj/18Ys57rP59MOf9C/p2U8+818v9qY71+bf7O2/fz//e9W5t/vPGvz+fpUfNfyTNFumcV6R5RpFsqBmn6KHv3WTvD/qi6pWHR6w/SOT/l8N24EldjK04fWLeX/j/ut5850F71dLjbXvb32s8eaB/st+ftzx1oH6azi8q1QdU+jDgZm/HzuBrv7LZXbStT9n91Sns5pT3n3/f476Sc/6D2U+W/ntqLxrRy56PeZx739em423nryhd/c3r2uzPVTvT3962u2r+XDt90JicC7v6fPDWKX17funby5uUbN66diTQ5sPRspMljlvMfpp/95/+X99rz83798Xrno9ED578odmIwMf+Xa/PV/r4y5761Iec/Sj85/3dS+/jH/zLnP/nx/2oL/QEAAAAAAAAAAAAAAIDDlGW5e4noWxFxPl3/09a1mQDAfOXX/zLJy+dV9+d8e2r1ktfFgvVnrvWn5Yx+/2hvYdv7p1bPo64rx3uzXkTE3+rbVO8Zfj3ulwEAi+zTiPhn252gNfLvsPx9f9X0xJR135xTn4D5uP7Bhz+9fPXq1rXrbfcEAAAAAAAAAHhYefzPjdr4zyfKsrzdWO/A+K9vx8ajjv85yDP7A4xOGKi6/+D7dJid3qjfqw03/mJMGv97uD932Pjfgym3N5zSPm1Q4ZUp7atT2sde6FGT83+xNt75iYg43hh+fbnGf92edInLoeO/Nse874Kc/0u1+3OV/1ca69XzL3+/6PlPthO9A/mfuvH+L05d/+DD1668f/m9rfe2fnbuzJnT586fv3Dhwql3r1zdOr33b4s9nq2cfx77+ijngfLkyPnnzOXfLTn/L6Va/t2S8/9yquXfLTn//H5P/t2S88+ffeTfLTn/V1It/27J+X8t1fLvlpz/q6mWf7fk/L+eavl3S87/tVTLv1ty/idTLf9uyfmfSvUR81+bdb+Yj5x/PsLl8d8tOf98ZoP8uyXnfzbV8u+WnP+5VMu/W3L+r6da/t2S8/9GquXfLTn/86mWf7fk/L+Zavl3S87/Qqrl3y05/2+lWv7dkvP/dqrl3y05/zdSLf9uyfl/J9Xy75ac/3dTLf9uyfl/L9Xy75acfx7bQf7dcv/7/82YMWMmz7T9zAQAAAAAAAAAAAAANM3jdOK29xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzda4xcZ30/8LNXbxxIDIT8nfwNbByThGSTXduJL7QpJlwbbiUQCr1gu961WfANr10SGsmOAiUSRkUVbcOLtoBQmzcVfsELWgHKC9QKqRK0qqgqISpaXkRVQAGpEq0gW805z/PszOxcdr3r9ZlzPh/J/nlnzszzzJlnzs5v1985AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECzW94w96mhLMsaf/K/tmTZixr/vmZyS37Za6/2DAEAAIC1+mX+9/PXpwsOrOBGTdv8wyu/89XFxcXF7P0jfzL2ucXFdMVklo1tyrL8uujSDz8w1LxN8EQ2MTTc9PVwn+FH+lw/2uf6sT7Xj/e5flOf6yf6XL9sByxzTfHzmPzOduT/3FLs0uyGbCy/bkeHWz0xtGl4OP4sJzeU32Zx7Gg2nx3P5rKZlu2LbYfy7b9+S2Ost2ZxrOGmsbY1VshPHzsS5zAU9vGOlrGW7jP68euzyZ/99LEjf3X2uZs61b67oeX+innesb0xz0+ES4q5DmWb0j6J8xxumue2Ds/JSMs8h/LbNf7dPs/nVzjPkaVpbqj253wiG87//d18P402/1gv7adt4bKf35pl2YWlabdvs2ysbDjb3HLJ8NLzM1GsyMZ9NJbSS7PRVa3TW1awTht1dkfrOm1/TcTn/5Zwu9Euc2h+mn78+HjT8/6LxctZp1HjUXd7rbSvwfV+rZRlDcZ18d38QT/ZcQ3uCI//sdu6r8GOa6fDGkyPu2kNbu+3BofHR/I5pydhKL/N0hrc2bL9SD7SUF6fva33Gpw+e+L09MKjH797/sThY3PH5k7u3rlzZveePfv27Zs+On98bqb4+zL3dvltzobTa2B72HfxNXB727bNS3Xxi+PLjr+X+zqc6PE63NK27Xq/DkfbH9zQxrwgl6/p4rXx3sZOn7g4nHV5jeXPz51rfx2mx930Ohxteh12/J7S4XU4uoLXYWOb03eu7D3LaNOfTnPo/r1gbWtwS9MabH8/0r4G1/v9SFnW4ERYF9+/s/v3gm1hvk9Orfb9yMiyNZgebjj2NC5J7/cn9uWl07q8uXHFtePZuYW5M/c8cvjs2TM7s1A2xMua1kr7et3c9JiyZet1eNXr9cD8K5+8ucPlW8K+mri78ddE1+eqsc299/R+rvLvbp33Z8ulu7JQ1tlG789O380b+3M8yz7/rccf+sZjn39D1/3Z6Dc/Mb329+KpL206/o51Of7Gvv+FYrx0V0+MjI0Wr9+RtHfGWo7HrU/VaH7sGsrHfn56ZcfjsfBno4/HN/Q4Hm9t23a9j8dj7Q8uHo+H+v20Y23S83n3v+VfT4R1cnym9/G4sc3WXatdk6M9j8e3hjoU9v9rQqeQ+qKmtdNt3aaxRkfHwjodjSO0rtPdLduPhd6sMdbTuy5vnd5xa3FfI+nRLdmodTrZtu16r9P0s69u63So30/fLk/78zkR1sUNu3uv08Y2z9y79mPnNfGfTcfO8X5rcGxkvDHnsbQI8+N9tnhNXIP3ZEeyU9nxbDa/djxfT0P5WFP3rWwNjoc/G32s3NpjDd7Rtu16r8H0fazb2hsaXf7g10H78zkR1sVT9/Veg41t3rh3fd+73hEuSds0vXdt//lat5953dy2m67UWhkN8/zW3t4/m21sc3zfavvM3vvprnDJtR32U/vrt9trajbbmP20NczzuX3d91NjPo1tPrd/hevpQJZl5z/6QP7z3vD7lfPnvvfVlt+7dPqdzvmPPvCTFx/9+9XMH4DB90JRNhff65p+M7WS3/8DAAAAAyH2/cOhJvp/AAAAqIzY94+Emuj/AQAAoDJi3z8aalKT/n/rG5+bf+F8lpL5i0G8Pu2GB4vtYsZ1Jnw9ubikcfkDX5777787v7Kxh7Ms+8WDf9Bx+60PxnkVJsM8L72p9fJlvnr3isY+9PD5NG5zfv0L4f7j41npMugUwZ3Jsuzr138mH2fyAxfz+syDh/L60IUnn2hs8/z+4ut4+2dfVmz/5yH8e+Do4ZbbPxv2w49CnXlb5/0Rb/eVi6/Ztvd9S+PF2w1tvy5/2E99sLjf+Dk5n32i2D7u527z/8ann/5KY/tHXt15/ueHO8//6XC/Xw71f15RbN/8HDS+jrf7ZJh/HC/e7p4vfbPj/C99qtj+9JuL7Q6FGse/I3y9483PzTfvr0eGDrc8ruwtxXZx/Jnv/VF+fby/eP/t8584eLFlf7Svj2f+ubif6bbt4+VxnOhv28Zv3E/z+ozjP/2Hh1r2c7/xLz307Csa99s+/l1t253+6J35+Ev31/qJTX/xyc90HC/O58DfnG55PAfeHV7HYfynPhjWY7j+fy8V99f+6QqH3t16/Inbf2HL+ZbHE731Z8X4l153LK+bJq7ZfO2LXnzdhVc19l2WfXdTcX/9xj/2l6da5v/FG4v9Ea+PGf328buJ45/52NTJUwvn5mfTXn3s+vyzc95ezCfO9/pwbG3/+uCpsx+aOzM5MzmTZZPV/Qi9y/alUH9SlAu9t15cdgS98+HwfN78Z1/ffNs/fTpe/q/vLS6/+Lbi+9btYbvPhsu3hOdvdeMv99QtN+av76FnwgwXl39e8Fps2/Ff+1a0YXj87e8L4no//fIP5fuhcV3+fSO+rtc4/x/MFvfztbBfF8MnM2+/cWm85u3jZyNcfE/xel/z/guHufi8/nV4vt/xo+L+47zi4/1BeB/zza2tx7u4Pr52frj9/vNP8bgQjifZheL6uFXc3xefv7Hj9OLnkGQXbsq//uN0Pzd13X41Fh5dmD4+f/LcI9Nn5xbOTi88+vGDJ06dO3n2YP5Zngc/3O/2S8enzfnxaXZuz71ZfrQ6VZQr7GrP//TDR2b3ztw2O3f08LmjZx8+PXfm2JGFhSNzswu3HT56dO5j/W4/P3v/zl37d+/dNXVsfvb+ffv3794/NX/yVGMaxaT62DPzkamTZw7mN1m4/979O++7796ZqROnZufu3zszM3Wu3+3z701TjVv//tSZueOHz86fmJtamP/43P079+/Zs6vvpwGeOH10YXL6zLmT0+cW5s5MF49l8mx+ceN7X7/bU00L/168n203VHwQX/auu/akz2dt+PLjXe+q2KTtA0SfC59F8+2XnN63kq9j3z8WalKT/h8AAADqIPb946Em+n8AAACojNj3bwo10f8DAABAZcS+fyLU9F8CatL/Vy7/v/X8isaX/5f/b95f8v81y/+/p2z5/+J4If+/Ptaav5f/D+T/K5H/76bbW6WrnZ9fq6s9f/l/+X+WK1v+P/b912SZ3/8DAABARcW+f3Ooif4fAAAAKiP2/deGmuj/AQAAoDJi3/+iUJOa9P/y//L/8v/y//L/nceX/x9M8v+9yf/3UZP8fzcLjy5MZ/XK/19Yz/nL/8v/s1zZ8v+x739xqElN+n8AAACog9j3Xxdqov8HAACAyoh9//WhJvp/AAAAqIzY928JNalJ/y//L/8v/y//L//feXz5/8Ek/9+b/H8f8v/O/y//L//Puipb/j/2/S8JNalJ/w8AAAB1EPv+l4aa6P8BAACgfEYv72ax739ZqMmy/v8yBwAAAACuutj335C1BcFr8vv/gcn/Py7/L/8v/y//3/p4ypP/H8nk/8tD/r+36uT/X5JnoeX/5f/LNH/5f/l/litb/j/v+7OJ7OWhJjXp/wEAAKAOYt9/Y6iJ/h8AAAAqI/b9/y/URP8PAAAAlRH7/q2hJjXp/wcm/+/8//3y/z9vfurk/+X/e40v/+/8/1Um/99bdfL/Bfl/+f8yzf9K5v9vz+T/GUxly//Hvv+mUJOa9P8AAABQB7HvvznURP8PAAAAlRH6/hPjRV26Qv8PAAAAlfH/878nsm2hJjXp/+X/S57/j8lR5/+X/5f/L2X+f0L+v3Tk/3uT/+9D/l/+v6T5f+f/Z1CVLf8f+/5XhJrUpP8HAACAwbfY6deyLWLf/8pQE/0/AAAAVEbs+18VaqL/BwAAgMqIff9kqElN+n/5/5Ln/4sc/PgKzv/fQv5f/r/X+PL/zv9fZfL/vcn/9yH/L/8v/y//z7oqW/4/9v23hJrUpP8HAACAOoh9//ZQE/0/AAAAVEbs+28NNdH/AwAAQGXEvn9HqElN+n/5/4HI/2fy//L/8v+Xn//Pskz+v0bk/3uT/+9D/l/+X/6/Y/7/s/8i/8/lKVv+P/b9rw41qUn/DwAAAHUQ+/7bQk30/wAAAFAZse+/PdRE/w8AAACVEfv+O0JNatL/y//L/8v/y/9XPf/v/P/1Iv/fm/x/H/L/8v/y/87/z7oqW/4/9v2vCTWpSf8PAAAAdRD7/jtDTfT/AAAAUBmx778r1ET/DwAAAJUR+/6pUJOa9P/y//L/8v/y//L/nceX/x9MJcj/T6xlfPl/+X/5/8Gdv/y//D/LlS3/H/v+u0NNatL/AwAAQB3Evv+eUBP9PwAAAFRG7PunQ030/wAAAFAZse+fCTWpSf8v/y//L/8v/7+q/P+rlu5X/r8g/18uJcj/r2l8+X/5f/n/wZ3/+uT/x+T/qZSy5f9j378z1KQm/T8AAADUQez7d4Wa6P8BAACgMmLfvzvURP8PAAAAlRH7/ntDTWrS/8v/y//L/8v/O/9/5/Hl/weT/H9v65//jw9R/l/+X/7f+f/l/1mubPn/2PffF2pSk/4fAAAA6iD2/XtCTfT/AAAAUBmx798baqL/BwAAgMqIff++UJOa9P/y//L/8v/y//L/nceX/x9M8v+9Of9/H/L/8v8DnP9vrC35f8pmxfn/cLS+0vn/2PfvDzWpSf8PAAAAdRD7/teGmuj/AQAAoDJi3/8roSb6fwAAAKiM2Pf/aqhJTfp/+X/5f/l/+f+y5//H5f/l/1dB/r83+f8+5P/l/wc4/+/8/5TRivP/4fIrnf+Pff/9oSY16f8BAACgDmLf/2uhJvp/AAAAqIzY978u1ET/DwAAAJUR+/4DoSY16f/l/zco/x8vlP8fwPz/f8j/p3ty/n/5//KT/+9N/r8P+X/5f/l/+X/WVdny/7Hvf32oSU36fwAAAKiD2Pc/EGqi/wcAAIDKiH3/G0JN9P8AAABQGbHvf2OoSU36f/l/5/+/+vn/sZa5ly//7/z/8v8F+f/BIP/fm/x/H/L/8v/y//L/rKuy5f9j3/+mUJOa9P8AAABQB7Hvf3Ooif4fAAAAKiP2/W8JNdH/AwAAQGXEvv+toSY16f/l/+X/r37+v+zn/5f/l/8vyP8PBvn/3uT/+5D/l/+X/5f/Z12VLf8f+/5fDzWpSf8PAAAAdRD7/gdDTfT/AAAAUBmx739bqIn+HwAAACoj9v1vDzWpSf9f8fz/pm6byf/L/zfvL/l/+f9O48v/Dyb5/94GLP//y+vC5fL/hauT/7+wKP9/ZfL/o21fX5H8/w+75f8Xl71Plv/nSihb/j/2/e8INalJ/w8AAAB1EPv+d4aa6P8BAACgMmLf/65QE/0/AAAAVEbs+38j1KQm/X/F8/9dteb/l9LL8v/y//kF8v/y//L/A0v+v7cBy/87/38b5/8v9/yd/1/+n+XKlv+Pff+7Q01q0v8DAABAHcS+/6FQE/0/AAAAVEbs+98TaqL/BwAAgMqIff97Q01q0v/L/zv/v/y//L/8f+fx5f8Hk/x/b/L/fcj/y/+XLf//n/L/DLay5f9j3/9wqElN+n8AAACog9j3vy/URP8PAAAAlRH7/t8MNdH/AwAAQGXEvv/9oSY16f/l/wcl/z8p/y//L//f9njk/+X/O5H/703+vw/5f/n/suX/nf+fAVe2/H/s+z8QarLy/n9ixVsCAAAAV0Xs+38r1KQmv/8HAACAOoh9/2+Hmuj/AQAAoDJi3/87oSY16f/l/wcl/+/8/5n8v/x/2+OR/5f/72Tj8v/xyCP/L/8v/x/J/8v/y//Trmz5/9j3/26oSU36fwAAAKiD2Pd/MNRE/w8AAAADodP/yW4X+/6DoSb6fwAAAKiM2PcfCjWpSf8v/y//L/9f0vz/n27/x+9/552Hdsr/y//L/6/Khp7/v/Hid/5/+X/5/0T+X/5f/p92Zcv/x77/cKjJUuP3dif4BwAAgMEW+/7fCzWpye//AQAAoA5i338k1ET/DwAAAJUR+/7ZUJOa9P/y//L/8v8lzf8P8Pn/4/4YpPz/1KYByv/Hg678f0cbmv9/31JOXP5/tfn/8Y6Xyv/L/6/z/L+dZZn8v/w/V1HZ8v+x758LNalJ/w8AAAB1EPr+4aNFXbpC/w8AAACVEfv+Y6Em+n8AAACojNj3fyjUpCb9v/y//L/8v/y/8/93Hr+0+X/n/+9J/r+38uT/O5P/l/8f5PnL/8v/s1zZ8v+x758PNalJ/w8AAAB1EPv+D4ea6P8BAACgMmLf/5FQE/0/AAAAVEbs+4+HmtSk/5f/l/+X/5f/l//vPP7/sXcfTZbW1x3Hb+PBzBQbdl54YW+8wS+Bctlr+wXYVd544yoXVcYB58TgHHHOAWfjgAPYGCecFEEJCWUhCeWIJBSQEGJUzJxzpsPTz+1mbnc/938+n4WP3DC+7REF+jF89df/byf9/+Fu/ppj/M76f/2//l//r/9nA5bW/+fu//a4pcn+BwAAgA5y998Wt9j/AAAAMIzc/d8Rt9j/AAAAMIzc/d8ZtzTZ//p//f+w/f/XXmv//6X6f/2//n8LbaL/v37Q/n/l/f/19P/6f/2//p+NWlr/n7v/u+KWJvsfAAAAOsjd/91xi/0PAAAAw8jdf3vcYv8DAADAMHL3f0/c0mT/7+v/d1Y9+//MePX/I/X/3v8/9PP1//r/kZ3u+/93Pv9nPv2//l//H/T/+n/9P/strf/P3f+9cUuT/Q8AAAAd5O7/vrjF/gcAAIBh5O7//rjF/gcAAIBh5O7/gbilyf73/r/3//X/+n/9//Tn6/+30+n2/97/X3L/f/tjN9721ANf/uBxPl//r//X/+v/2ayl9f+5+38wbmmy/wEAAKCD3P0/FLfY/wAAADCM3P0/HLfY/wAAALCFLkx+NXf/j8S97Lo++1//r//X/+v/9f/Tn7+4/v+8/v8o9P/zOvX/L+Tz9f/6f/2//p/NWlr/n7v/R+OWJvsfAAAAOsjd/2Nxi/0PAAAAw8jdf0fcYv8DAADAMHL3X4xbmux//f/J9/9f0P/r/+Pq//X/3v8/efr/eV37/6m/Tk/S/+v/9f/6fzZqaf1/7v4745Ym+x8AAAA6yN3/43GL/Q8AAADDyN3/E3GL/Q8AAADDyN3/k3FLk/2v//f+v/5f/6//n/58/f920v/P69r/H5n+/1r7+ev1//p//T+7HbP/f2bmT9sb6f9z9/9U3NJk/wMAAEAHuft/Om6x/wEAAGAYuft/Jm6x/wEAAGAYuft/Nm5psv/1//p//b/+/wX3/wf/0LtM/z9N/3869P/zFtP/75yb/LL+f+v7f+//6//1/+yxtPf/c/f/XNzSZP8DAABAB7n7fz5umdn/x/6b+QAAAMCZyt3/C3GLX/8HAACArZfVWe7+X4xbmux//b/+X/+v//f+//Tnz/X/D+76/vT/y6L/n7eY/v8Q+n/9/zZ///p//T8HLa3/z93/S3FLk/0PAAAAHeTuvytusf8BAABgGLn7fzlusf8BAABgGLn7fyVuabL/p/v/q79d/380+v+937/+f/qPj031//l/Uf8/2/9/nff/ezr5/v+b4iv6f/2//n8//f/Q/f+FdT9e/8+UpfX/uft/NW5psv8BAACgg9z9vxa32P8AAAAwjNz9vx632P8AAAAwjNz9vxG3NNn/3v/X/+v/t6//9/7/FWf5/v/q1Pv/c/r/I/L+/zz9/xr6f/2//n/+/f+Z/xYA/T9Tltb/5+7/zbilyf4HAACADnL3/1bcYv8DAADAdtj9zw7s/wdKQ+7+345b7H8AAAAYRu7+34lbmux//b/+X/+v/7/W/n8//f807/+fDv3/PP3/Gvr/k+jnzw3W/9992I9fQv9/x0n3/zP0/0zZ0/8/dPXrZ9X/5+7/3bilyf4HAACADnL3/17cYv8DAADAMHL3/37cYv8DAADAMHL3/0Hc0mT/n3j/P/NGqP5f/6//H6P/9/6//n9J9P/z9P9r6P+9/+/9f/0/G7Wn/9/lrPr/3P1/GLc02f8AAADQQe7+P4pb7H8AAAAYRu7+u+MW+x8AAACGkbv/j+OWJvvf+//6f/2//l//P/35+v/tpP+fp/9fQ/+v/9f/6//ZqKX1/7n7/yRuabL/AQAAoIPc/X8at9j/AAAAMIzc/X8Wt9j/AAAAMIzc/X8etzTZ//r/k+3/8+v6f/3/Sv+v/9f/n4q2/f/O1F+JDjqk/3/k2y5+w96v6P/1//p//b/+nyO6aea3LaL/v3T1P13m7v+LuKXJ/gcAAIAOcvf/Zdxi/wMAAMAwcvf/Vdxi/wMAAMAwcvffE7ccc//PNQ9Lpv/3/r/+X/+v/5/+fP3/dmrb/x+R9//X0P/r//X/+n82ahH9/67/PXf/X8ctfv0fAAAAhpG7/2/iFvsfAAAAhpG7/2/jFvsfAAAAhpG7/+/ilib7X/+v/9f/6//1/9Off/r9/3P6/w3Q/8/T/6+xTf3/Pfr/pX3/+n/9Pwctrf/P3X9v3NJk/wMAAEAHufv/Pm6x/wEAAGAYufv/IW6x/wEAAGAYufv/MW5psv/1//p//b/+X/8//fne/99O+v95+v/VanXfzDcw1f9fumGZ/b/3/xf3/ev/9f8ctLT+P3f/P8UtTfY/AAAAdJC7/764xf4HAACAYeTuvz9usf8BAABgGLn7/zluabL/9f/6f/2//l//P/35+v/tpP+fp/9fY5ve/9f/L+771//r/zloaf1/7v5/iVua7H8AAADoIHf/A3GL/Q8AAADDyN3/r3GL/Q8AAADDyN3/YNzSZP/r//X/+n/9f9f+/1n9/5BOrv9f6f/1//r/NfT/+n/9P/strf/P3f9vcUuT/Q8AAAAd5O7/97jF/gcAAIBh5O7/j7jF/gcAAIBh5O7/z7ilyf7X/+v/9f/6/y3u/zPB9/4/5Xj9/aUDfwb1/n/Q/+v/9f/6f/0/GzDd/99xZv1/7v7/ilua7H8AAADoIHf/Q3GL/Q8AAADDyN3/33GL/Q8AAADDyN3/P3FLk/2v/9f/7+3/Vyv9v/5/i/r/a3r/fwH9//mV/n/jTu79f/3/Sv+v/19jsf3/dauB+v8Lh/54/T9LtLT3/3P3/2/c0mT/AwAAQAe5+/8vbrH/AQAAYBi5+/8/brH/AQAAYBi5+18UtzTZ//p//X/H9//3v/h9hv1//KaL+v+e/X/9rOr/N0f/P0//v4b+f8z+3/v/0/3/vv8qAf0/J2Fp/X/u/hfHLU32PwAAAHSQu/8lcYv9DwAAAMPI3f/SuMX+BwAAgGHk7n9Z3NJk/+v/9f8d+3/v/+v/r73/v1X/v1D6/3n6/zX0//r/Tv3/Pvp/TsLS+v/c/S+PW5rsfwAAAOggd//DcYv9DwAAAMPI3f9I3GL/AwAAwDBy978ibmmy//X/+n/9/3b2/+f1/97/1/9PWkr/f8stX/+o/l//r//X/+v/9f/dLa3/z93/yrilyf4HAACADnL3vypusf8BAABgGLn7Xx232P8AAAAwjNz9r4lbmuz/g/3/9asrheoVU/1/NGr6/130/3u//679/4X4/r3/r/+fov8/HUvp/73//8K+f/2//n+bv/9j9f9fefDH6/8Z0dL6/9z9j8YtTfY/AAAAdJC7/7Vxi/0PAAAAw8jd/7q4xf4HAACAYeTufyxuabL/vf+v/9f/b+f7/yv9v/5f/z9J/z9P/7+G/n+U/j9/Sk/r+7/8b8sw7/9/if6fzVla/5+7//VxS5P9DwAAAB3k7n9D3GL/AwAAwDBy978xbrH/AQAAYBi5+98UtzTZ//p//b/+X/+v/5/+fP3/dtL/z9P/r9Gn/z8/9cUD/f9zW9v/L//9/wmL6f+9/88GHan/3zm9/j93/5vjlib7HwAAADrI3f+WuMX+BwAAgGHk7n9r3GL/AwAAwDBy978tbmmy//X/+v/x+/9v0f/v+3z9v/5/ZPr//Cv6NP3/Gn36/0ln3c9v6vt//j/R6//1/yzDkfr/1en1/7n7H49bmux/AAAA6CB3/9vjFvsfAAAAhpG7/x1xi/0PAAAAw8jd/864pcn+1//36v93Vh37f+//6//1/53o/+fp/9fQ/w/R/3v/X//Pciyt/8/d/8TOuZb7HwAAALbVN371rY8f9fd94vL/PL96V9xi/wMAAMAwcve/O26x/wEAAGAYufvfE7c02f/6/179f8/3//X/+n/9fyf6/3n6/zX0//p//b/+n41aWv+fu/+9ccuu4Xfu2P9fAgAAAEuSu/99cUuTX/8HAACADnL3vz9uObD/Lx3xn2oHAAAAliZ3/wfilia//q//X3j/vzqh/j9+P/3/FQf6/50rnb3+X/+v/98++v9519j/X9rR/+v/Z5xZ/3/TMr5//b/+n4OW1v/n7v9g3NJk/wMAAMCg9vwdhdz9H4pb7H8AAAAYRu7+D8ct9j8AAAAMI3f/R+KWJvtf/3/q/X+m6if4/v+F+lfe/2/+/v9d5yc/X/+v/x+Z/n+e9//X0P9vZ/9/8Pu/Ydf3//xPm/5f/88ZWVr/n7v/o3FLk/0PAAAAHeTufzJusf8BAABgGLn7Pxa32P8AAAAwjNz9H49bmux//f/C3/+f6/+/6hre/9f/9+j/D/n8cfr/L7vx4sPf/K3336v/56rT7P/zjwX9v/5f/3/Fgvp/7//r/1mIzff/5/Z88bj9f+7+T8QtTfY/AAAAdJC7/6m4xf4HAACAYeTu/2TcYv8DAADAMC7v/qczDuu3//X/W9z/H/r+/3b2//lzfQb9/8Xt6/+zKe7e/3v/X/9/kPf/5+n/19D/6//1//p/Nmrz/f/eLx63///U5R91fvXpuKXJ/gcAAIAOcvd/Jm7J/b9z7L91DwAAACxM7v6n4xa//g8AAADDyN3/2bilyf7X/+v/l9L/pw30/0/evFp5/3/m8/X/Z9H/f0X9K/3/ydL/z9P/r6H/1//r//X/bNTS+v/c/Z+LW5rsfwAAAOggd/8zcYv9DwAAAMPI3f/5uMX+BwAAgGHk7n82bmmy//X/o/b/WcS37P+P+/6//l//P/n53v/fTvr/efr/NfT/+n/9v/6fjVpa/5+7/4sBAAD///f7aaY=")

44.914152213s ago: executing program 3:
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = dup(r0)
getdents64(r1, &(0x7f0000000080)=""/124, 0x7c)

44.734507301s ago: executing program 3:
r0 = socket(0x28, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000208500000072000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r1}, 0x10)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './file0'}, 0xb)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000380), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0x20)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
preadv2(r2, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x4000000}], 0x1, 0x0, 0x0, 0x0)
connect$packet(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@noextend}], [{@smackfsdef={'smackfsdef', 0x3d, 'overlay\x00'}}]}})
connect$packet(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)

43.89523032s ago: executing program 1:
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r3, 0xc0984124, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x300000000000000, 0x0, 0x0)
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x3c, 0x0, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_NETMASK={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x3c}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000040)}], 0x1)
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f00000002c0)='./file0\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYRES64=0x0], 0x5, 0x61fd, &(0x7f000000c700)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8EUKTC5cQ4mswhgCJF7BgwwJ5i2w5k8jCAWQb5EQWnmg2LPgQICSWCLFkxQfIgi07PgCWbCRQVilUM+eMayo97nEm09Uz5/eTxlVPn6rpU/539WWqqk8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPHDH/z4TBURl3+VbjgR8X8xjBhErDT1WkSsrJ3Iy48i4rnYao5nI2K8FNGsv/XP0xGvR8RHT6XbIjbO7rMf3//zP/7wkyd+9Pc/jU/99y+3hm/stdzt27/9z1/vHmSLAQAAoDx1XddV+pj/fPp8P+i7UwDAXOTX/zrJt6vVarVarT5+dVs93d12EREb7XWa9wwOxwPAEbMRH/fdBXok/6KNIuKJvjsBLLSq7w5wKO4/uHO1SvlW7deDte32fC7Irvw3qq318vrTprN0zzGZ1+NrM4bxzB79WZlTHxZJzn/Qzf/ydvskLXfY+c/LXvlPti99Kk7Of9jNv+P45D+Ymn+pcv6jx8p/KH8AAAAAAFhg+e//J3o+/rt08E3Zl0cd/12bUx8AAAAAAAAA4PN20PH/dnTG/8vnARj/DwAAAPrXfFZv/O6ph7ft9V1sze2XqognO8sDZanSxTKrfXcEAAAAAAAAAAAAAEoy2j6H91IVMY6IJ1dX67puftq69eM66PpHXenbDyXr+0keAAC2ffRU51r+KmI5Ii6l7/obr66u1vXyymq9Wq8s5fezk6XleqX1uTZPm9uWJvt4Qzya1M0vW26t1zbr8/Ks9u7va+5rUg/30bH56DFwAIiI7Vej+16Rjpm6fjr6fpfD0WD/P37s/+xH349TAAAA4PDVdV1XaZi/59Mx/0HfnQIA5iK//nePC6jVarVarT5+dVs93d12EREb7XWa9wyG4weAI2YjPu67C/RI/kUbRcRzfXcCWGhV3x3gUNx/cOdqlfKt2q8HaXz3fC7Irvw3qq318vrTprN0zzGZ1+NrM4bxzB79eXZOfVgkOf9BN//L2+2TtNxh5z8ve+XfbOeJHvrTt/sPLo6abIfd/DuOT/6DqfmXKu//o8fKfyh/AAAAAABYYPnv/ycW6vjv5LNuzkyPOv67to/1fTcCAAAAAAAAAIvo/oM7V/N1r/n4/xemLOf6z+Mp51/Jv0g5/0En/692lhu25u9dfJj/vx/cufrHW//6/zzdb/5LeaZKj6wqPSKqdE/VKE0PsnWftjkeTpp7GleD4Sid81OP34lrcT3W4/SuZQfp/+Nh+5ld7U1Px1vt9XC7/eyu9tFOe17/3K72cTrTqV7J7Sfjavw8rsfbW+1N29KM7V+e0V7PaM/5D+3/Rcr5j1o/Tf6rqb3qTBv3Phx8ar9vT6fdz1vXvvib04e/OTNtxnBn29qa7Xuxh/5s/Z88MYlf3ly/cfL2lVu3bpyJNNl169lIk89Zzn+cfnae/1/abs/P++399d6Hk8fOf1FsxmjP/F9qzTfb+8qc+9aHnP8k/eT8307t0/f/o5z/3vv/qz30BwAAAAAAAAAAAAAAAB6lruutS0Tfiojz6fof33EPAGXIr/91km+fVz2c8/2p1Ue8rhasP3OtP6kXqz9q9VGs2+rp3mwXEfG39jrNe4ZfT/tlAMAi+yQi/tl3J+iN/AuWv++vmb7cd2eAubr5/gc/vXL9+vqNm333BAAAAAAAAAD4rPL4n2ut8Z9fruv6bme5XeO/Xoy1g47/OcozOwOM7jFQ9fDxt+lRNgeT4aA13PgLsdf43+OduUeN/z2acX/jGe2TGe1LM9qXZ7RPvdCjJef/Qmu885cj4vnO8OsljP/aHfO+BDn/F1uP5yb/r3SWa+df//4o5z/Ylf+pW+/94tTN9z947dp7V95df3f9Z+fOnDl97vz5CxcunHrn2vX109v/9tjjw5Xzz2NfOw+0LDn/nLn8y5Lz/1Kq5V+WnP+XUy3/suT88/s9+Zcl558/+8i/LDn/V1It/7Lk/L+WavmXJef/aqrlX5ac/9dTLf+y5PxfS7X8y5LzP5lq+Zcl538q1fvMf+Ww+8V85PzzES77f1ly/vnMBvmXJed/NtXyL0vO/1yq5V+WnP/rqZZ/WXL+30i1/MuS8z+favmXJef/zVTLvyw5/wupln9Zcv7fSrX8y5Lz/3aq5V+WnP8bqZZ/WXL+30m1/MuS8/9uquVflpz/91It/7Lk/N9MtfzL8vD7/82YOYozKxGxAN04djN9PzMBAAAAAAAAAAAAAF3zOJ24720EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sQMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7N1bjFx3fQfws1evHZIYCKmTGrJxTAiJk13biS+0KSZcG24lEAq9YLvetVnwDa9dAo1ko0CJhFFRRdvw0BYQavNSEVU80ApQHlCrSpWgfaAviKoSqqIqoICERCvIVnPO///fmdkzM7vr8WbmnM9Hin/e2TNzzpz5z+x+1/nuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLNbXz//6ZEsyxr/5X9szbIXNf6+eXprftlrXugjBAAAAK7UL/M/n7s+XXBoFVdq2uafX/Gdry0tLS1l7xv7s4nPLy2lT0xn2cSmLMs/Fz31X+8fad4meCybGhlt+ni0x+7Henx+vMfnJ3p8frLH5zf1+PxUj8+vOAErbC5+HpPf2M78r1uLU5rdkE3kn9tZcq3HRjaNjsaf5eRG8ussTRzPFrKT2Xw227J9se1Ivv03bm3s6y1Z3Ndo0762N1bITx49Fo9hJJzjnS37Wr7N6Eevy6Z/+pNHj/3N+WdvKps9T0PL7RXHeceOxnF+MlxSHOtItimdk3ico03Hub3kMRlrOc6R/HqNv7cf53OrPM6x5cPcUO2P+VQ2mv/9u/l5Gm/+sV46T9vDZT+/LcuyS8uH3b7Nin1lo9mWlktGlx+fqWJFNm6jsZReko2vaZ3euop12phzO1vXaftzIj7+t4brjXc4huaH6UefmGx63H+xtJ51GjXudafnSvsa7PdzZVDWYFwX383v9OOla3BnuP+P3t55DZaunZI1mO530xrc0WsNjk6O5cecHoSR/DrLa3B3y/Zj+Z5G8vnM7d3X4Mz5U2dnFj/28bsXTh09MX9i/vTe3btn9+7bd+DAgZnjCyfnZ4s/13m2B9+WbDQ9B3aEcxefA69q27Z5qS59aXLF6+96n4dTXZ6HW9u27ffzcLz9zo1szBNy5ZounhvvaZz0qcujWYfnWP743Hnlz8N0v5ueh+NNz8PSryklz8PxVTwPG9ucvXN137OMN/1XdgydvxZc2Rrc2rQG278faV+D/f5+ZFDW4FRYF9+/s/PXgu3heB/ftdbvR8ZWrMF0d8NrT+OS9P3+1IF8lK3LmxufuGYyu7A4f+6eR46eP39udxbGhnhp01ppX69bmu5TtmK9jq55vR5aeMXjN5dcvjWcq6m7G39MdXysGtvce0/3xyr/6lZ+Plsu3ZOF0WcbfT7Lvpo3zudkln3h25946JuPfuH1Hc9nI29+cubKvxdPubTp9Xeiw+tvzP3PF/tLN/XY2MR48fwdS2dnouX1uPWhGs9fu0byfT83s7rX44nw30a/Ht/Q5fV4W9u2/X49nmi/c/H1eKTXTzuuTPvjORXWycnZ7q/HjW227Vnrmhzv+np8W5gj4fy/OiSFlIua1k6ndZv2NT4+Ee7XeNxD6zrd27L9RMhmjX09uWd96/SO24rbGkv3btlGrdPptm37vU7Tz746rdORXj99W5/2x3MqrIsb9nZfp41tnr73yl87N8e/Nr12TvZagxNjk41jnkiLMH+9z5Y2xzV4T3YsO5OdzObyz07m62kk39eu+1a3BifDfxv9Wrmtyxq8o23bfq/B9HWs09obGV955/ug/fGcCuviifu6r8HGNm/Y39/vXe8Il6Rtmr53bf/5Wqefed3cdpqu1loZD8f57f3dfzbb2ObkgbXmzO7n6a5wyTUl56n9+dvpOTWXrfY8jVzxc6pxnM8e6HyeGsfT2ObzB1e5ng5lWXbxIw/kP+8N/77y9xe+97WWf3cp+zedix954MfXHv+ntRw/AMPv+WJsKb7WNf3L1Gr+/R8AAAAYCjH3j4aZyP8AAABQGTH3x/8rPJH/AQAAoDJi7h8PM6lJ/t/2hmcXnr+YpWb+UhA/n07Dg8V2seM6Gz6eXlrWuPyBr8z/7B8vrm7fo1mW/eLBPyrdftuD8bgK0+E4n3pj6+UrfO3uVe37yMMX036b++tfDLcf789ql0FZBXc2y7JvXP/ZfD/T77+cz6cfPJLPhy49/lhjm+cOFh/H6z/z0mL7vwzl30PHj7Zc/5lwHn4Y5uxby89HvN5XL796+/73Lu8vXm9kx3X53X7iA8XthorspuyxYvt4njsd/zc/8+RXG1d45JXlx39xtPz4nwy3+5Uw//flxfbNj0Hj43i9T4Xjj/uL17vny98qO/7sqU8X2599U7HdkTDj/u8IH+9807MLzefrkZGjLfcre3OxXdz/7Pf+JP98vL14++3HP3X4csv5aF8fT/97cTszbdvHy+N+on9o23/jdprXZ9z/k398pOU899r/Uw898/LG7bbv/6627c5+5M58/8u31/obm/7qU58t3V88nkN/d7bl/hx6V3geh/0/8YGwHsPn/++p4vbaf7vCkXe1vv7E7b+49WLL/Yne8tNi/0+99kQ+N01t3nLNi6697tItjXOXZd/dVNxet/3H3wHRfPxfurE4H/E4Yke/ff+dxP2f++iu02cWLyzMpbP66PX57855W3E88XivD6+t7R8fPnP+g/PnpmenZ7Nsurq/Qm/dvhzmj4txaa3Xv/Ph8Hje/Bff2HL7v30mXv4f7ykuv/zW4uvWq8J2nwuXbw2P35Xu/4lbb8yf3yNPFx+39Nj7YPvO/zmwqg3D/W//viCu97Mv+2B+Hhqfy79uxOf1FR7/D+aK2/l6OK9L4Tcz77hxeX/N28ffjXD53cXz/YrPX3iZi4/r34bH++0/LG4/Hle8vz8I38d8a1vr611cH1+/ONp++/lv8bgUXk+yS8Xn41bxfF9+7sbSw4u/hyS7dFP+8Z+m27lpTXezk8WPLc6cXDh94ZGZ8/OL52cWP/bxw6fOXDh9/nD+uzwPf6jX9Zdfn7bkr09z8/vuzfJXqzPFuMpe6OM/+/Cxuf2zt8/NHz964fj5h8/OnztxbHHx2Pzc4u1Hjx+f/2iv6y/M3b97z8G9+/fsOrEwd/+Bgwf3Hty1cPpM4zCKg+ph3+yHd50+dzi/yuL99x7cfd99987uOnVmbv7+/bOzuy70un7+tWlX49p/uOvc/Mmj5xdOze9aXPj4/P27D+7bt6fnbwM8dfb44vTMuQunx7LF+XMzxX2ZPp9f3Pja1+v6VNPifxbfz7YbKX4RX/bOu/al38/a8JVPdLypYpO2XyD6bPhdNP/y4rMHVvNxzP0TYSY1yf8AAABQBzH3T4aZyP8AAABQGTH3bwozkf8BAACgMmLunwozqUn+r1z/f9vFVe1f/7+0/599Tv9f/78O/f939+7/N5z46zM/25j+f/F6of/fH/3p/z8YPtL/1//X/9f/1/9fc/9/5oL+P8mg9f9j7t+cZbXM/wAAAFAHMfdvCTOR/wEAAKAyYu6/JsxE/gcAAIDKiLn/RWEmNcn/+v/6/4PR///va+Ox6/8vX0//v6D/r/+/Ft7/vzv9/x70/2eyevX/L/Xz+PX/9f9ZadD6/zH3XxtmUpP8DwAAAHUQc/91YSbyPwAAAFRGzP3Xh5nI/wAAAFAZMfdvDTOpSf7X/9f/H4z+/zL9/+Xr6f8X9P/1/9dC/787/f8e9P+9/7/+v/4/fTVo/f+Y+18cZlKT/A8AAAB1EHP/S8JM5H8AAAAYPOPru1rM/S8NM1mR/9e5AwAAAOAFF3P/DVlbEbwm//6v/6//r/+v/6//X77/1ff/xzL9/8Gh/9+d/n8P+v9V6/+PZ/r/+v+8oAat/5/n/mwqe1mYSU3yPwAAANRBzP03hpnI/wAAAFAZMff/SpiJ/A8AAACVEXP/tjCTmuR//f+r3f/frP+v/6//H9dlZfv/3v9/kAxL/3+yw+X6//r/+v/De/xD0v9/zUMdrq//z9UwaP3/mPtvCjOpSf4HAACAOoi5/+YwE/kfAAAAKiPm/l8NM5H/AQAAoDJi7t8eZlKT/K//7/3/9f/1//X/y/ev/z+chqX/34n+v/6//v/wHv+Q9P870v/nahi0/n/M/S8PM6lJ/gcAAIA6iLn/FWEm8j8AAABURsz9t4SZyP8AAABQGTH3T4eZ1CT/6//r/+v/6//r/5fvX/9/OOn/d6f/34P+v/6//r/+P301aP3/mPtvDTOpSf4HAACAOoi5f0eYifwPAAAAlRFz/21hJvI/AAAAVEbM/TvDTGqS//X/9f/1//X/9f/L96//P5z0/7vT/+9B/1//X/9f/5++GrT+f8z9rwwzqUn+BwAAgDqIuf/2MBP5HwAAACoj5v5XhZnI/wAAAFAZMfffEWZSk/yv/6//Pxj9/1vSsev/L19P/7+g/6//vxaV6/9n+v+Z/n+i/z/Yx6//r//PSoPW/4+5/9VhJjXJ/wAAAFAHMfffGWYi/wMAAEBlxNx/V5iJ/A8AAACVEXP/rjCTmuR//X/9/8Ho/y/T/1++3tXv/990X/Plg9L/b6996f/r/69F5fr/3v8/p/9fGJT+f9n3PZn+v/6//j8lBq3/H3P/3WEmNcn/AAAAUAcx998TZiL/AwAAQGXE3D8TZiL/AwAAQGXE3D8bZlK5/D9deqn+v/6//n+d+//reP//W5Zv1/v/50czrv8/WPT/u9P/70H/3/v/v+D9/wn9fypl0Pr/MffvDjOpXP4HAACA+oq5f0+YifwPAAAAlRFz/94wE/kfAAAAKiPm/nvDTGqS//X/9f/1//X/B+39/4er/+/9/weN/n93/e//x7uo/6//r//v/f/1/1lp0Pr/MfffF2ZSk/wPAAAAdRBz/74wE/kfAAAAKiPm/v1hJvI/AAAAVEbM/QfCTGqS//X/9f/1//X/9f/L96//P5z0/7vz/v896P/r/+v/6//TV4PW/4+5/2CYSU3yPwAAANRBzP2vCTOR/wEAAKAyYu7/tTAT+R8AAAAqI+b+Xw8zqUn+1//X/9f/1//X/y/fv/7/cNL/707/vwf9f/1//X/9f/pq0Pr/MfffH2ZSk/wPAAAAdRBz/2+Emcj/AAAAUBkx9782zET+BwAAgMqIuf9QmElN8r/+v/6//r/+v/5/+f7X1f+fyDrS/98Y+v/dNff/N3fbUP9f/1//X/9f/58+GLT+f8z9rwszqUn+BwAAgDqIuf+BMBP5HwAAACoj5v7Xh5nI/wAAAFAZMfe/IcykJvlf/1//X/9f/1//v3z/3v9/OOn/d+f9/3vQ/9f/1//X/6evBq3/H3P/G8NMapL/AQAAoA5i7n9TmIn8DwAAAJURc/+bw0zkfwAAAKiMmPvfEmZSk/yv/6//r/+v/6//X75//f/hpP/fnf5/D/r/+v/6//r/rN/UyosGrf8fc/9vth9wTfI/AAAA1EHM/Q+Gmcj/AAAAUBkx9781zET+BwAAgMqIuf9tYSY1yf/6//r/+v/6//r/5fvX/x9O+v/dDVn//5fXhcv1/wv6/4N9/MPV/1/a1H59/X+uhkHr/8fc//Ywk5rkfwAAAKiDmPvfEWYi/wMAAEBlxNz/zjAT+R8AAAAqI+b+3wozqUn+1/9vHMdye1n/X/8/v0D/X/9f/39o6f93N2T9f+//30b/f7CPf7j6/yvp/3M1DFr/P+b+d4WZ1CT/AwAAQB3E3P9QmIn8DwAAAJURc/+7w0zkfwAAAKiMmPvfE2ZSk/yv/+/9//X/9f/1/8v3r/8/nPT/u9P/L5feCV3/X/9f/1//n74atP5/zP0Ph5nUJP8DAABAHcTc/94wE/kfAAAAKiPm/t8OM5H/AQAAoDJi7n9fmElN8r/+/7D0/6f1//X/9f/b7o/+v/5/Gf3/7vT/e9D/1/9f7/Fv0v/X/6fMoPX/Y+5/f5hJTfI/AAAA1EHM/b8TZiL/AwAAQGXE3P+7YSbyPwAAAFRGzP2/F2ZSk/yv/z8s/X/v/5/p/+v/t90f/X/9/zIb1/+Przz6//r/+v9Rrfv/nd7//+fhQdX/1/+vqUHr/8fc//thJjXJ/wAAAFAHMfd/IMxE/gcAAIChUPb/ZLeLuf9wmIn8DwAAAJURc/+RMJOa5H/9f/1//f8B7f//+Y5//f533nFkt/6//r/+/5ps6Pv/N578637//82ll+r/6//r/w/v8Xv/f/1/Vhq0/n/M/UfDTGqS/wEAAKAOYu7/gzAT+R8AAAAqI+b+Y2Em8j8AAABURsz9c2EmNcn/+v/6//r/A9r/H+L3/4/nQ/+/Vd/6//FFV/+/1Ib2/9+73BP3/v9r7f9Pll6q/6//P8zHr/+v/89Kg9b/j7l/PsykJvkfAAAA6iDk/tHjxVz+hPwPAAAAlRFz/4kwE/kfAAAAKiPm/g+GmdQk/+v/6//r/+v/e///8v0PbP/f+/93pf+/wubmDwan/19O/1//f5iPX/9f/5+VBq3/H3P/QphJTfI/AAAA1EHM/R8KM5H/AQAAoDJi7v9wmIn8DwAAAJURc//JMOtG//+F7P8vlfb/m1eh/r/+v/6//r/+/9ro/3en/9+D/r/+v/6//j99NWj9/5j7T4WZ+Pd/AAD4f/buo1nS+rrj+B08hFu8AC+8wWu/BBaw8sJeu7ywq+yFXeXyAmxjnG3AOeKcA7aVAwogIZRQTqCEhLJQzlkoI1VdFZpzzk09T9++0z336f/5fDbHHmnUDZ4C/8R86w8wjNz9N8Ut9j8AAAAMI3f/zXGL/Q8AAADDyN3/K3FLk/2v//f+/4r9/61Xb0v/f4P+/2Kfr//X/49M/z9N/7+E/l//r//X/7NWc+v/c/f/atzSZP8DAABAB7n7fy1usf8BAABgGLn7b4lb7H8AAAAYRu7+X49bmuz/I/3/uZ2e/X9mvPp/7//r//X/+v8td3n7/zue+Cuf/l//r/8P+n/9v/6fo+bW/+fuvzVuabL/AQAAoIPc/b8Rt9j/AAAAMIzc/b8Zt9j/AAAAMIzc/b8VtzTZ/97/9/7/Rfr/n9pw/7+7o//X/+v/68+q/n99vP8/rVP/f8sj19702H0/cv8qn7+p/v/8/n++/n+Dzvr76//1/xw3t/4/d/9vxy1N9j8AAAB0kLv/d+IW+x8AAACGkbv/d+MW+x8AAACGkbv/9+KWJvtf/6//9/6//l//v/jz9f/bSf8/rVP/f5rP9/6//l//r/9nvebW/+fu//24pcn+BwAAgA5y9/9B3GL/AwAAwDBy998Wt9j/AAAAMIzc/bfHLU32v/5f/6//1//r/xd/vv5/O+n/p+n/l9D/6//1//p/1mpu/X/u/jvilib7HwAAADrI3f+HcYv9DwAAAMPI3f9HcYv9DwAAAMPI3f/HcUuT/a//1//r//X/+v/Fn6//3076/2n6/yX0/5faz1+p/9f/6/85aMX+//GJv2yvpf/P3f8ncUuT/Q8AAAAd5O7/07jF/gcAAIBh5O7/s7jF/gcAAIBh5O7/87ilyf7X/+v/9f/6f/3/4s/X/28n/f+0g/3/FVP/xk33/+fOL/xh/f/W9//e/9f/6/85ZG7v/+fu/4u4pcn+BwAAgA5y9/9l3GL/AwAAwDBy9/9V3GL/AwAAwDBy9/913NJk/2+y/z/a8B6l/9f/7/fzV9d31//v/7zt6f+vOvTjHfr/+w98P/3/vOj/p3n/fwn9v/5f/6//Z63m1v/n7v+buKXJ/gcAAIAOcvffGbfY/wAAADCM3P1/G7fY/wAAADCM3P1/F7c02f+L+//9f937/yej/z/8/b3/v/jXx7r6//xP3HT//4Qtfv//Ru//96T/n6b/X0L/r/8/w/5/b+9y9/+H/76+pP/fXfb5+n8WWVP/v7eu/j93/9/HLU32PwAAAHSQu/8f4hb7HwAAAIaRu/8f4xb7HwAAAIaRu/+f4pYm+3+T7/8vo//X/+v/R3n//7CZ9P8bff9/57L3/+f1/yek/5+m/19C/6//9/6/9/9ZqzX1/zvr6v9z9/9z3NJk/wMAAEAHufv/JW6x/wEAAGA7HPy9A0d/Q2nI3f+vcYv9DwAAAMPI3f9vcUuT/a//1//r//X/+v/Fnz+v/t/7/yel/5+m/19C/7+Jfv78YP3/XRf7+XPo/2/T/zMzh/r/B/Z//Kz6/9z9/x63NNn/AAAA0EHu/v+IW+x/AAAAGEbu/v+MW+x/AAAAGEbu/v+KW5rs/433/7sX/2z9v/5f/6//1//r/9dN/z+tZf+/yv8Vxun/f3SFP+py1u/nX6qz/v5z6P+9/8/cHOr/Dzir/j93/3/HLU32PwAAAHSQu/9/4hb7HwAAAIaRu/+uuMX+BwAAgGHk7v/fuKXJ/vf+v/5f/6//1/8v/nz9/3bS/09r2f+vYpz+/1TOup/f9u+v/9f/c9zc+v/c/f8XtzTZ/wAAANBB7v7/j1vsfwAAABhG7v4nxS32PwAAAAwjd/+T45Ym+1//v9n+P39c/6//39H/n6T/v1H/r/+/VG37/3OL/k503EX6/4d+6fafPPwjffr/w3/i9P/6f/2//p+1mkX/v7f//13m7n9K3NJk/wMAAEAHufufGrfY/wAAADCM3P1Pi1vsfwAAABhG7v6nxy1N9r/+3/v/+n/9/4z6f+//1/c9p/8/pbb9/wl5/38J/b/+X/+v/2etZtH/H/jfc/c/I25psv8BAACgg9z9z4xb7H8AAAAYRu7+Z8Ut9j8AAAAMI3f/s+OWJvtf/7+0/7/iJH8s+v/D31//v/jXh/5f/+/9/83T/0/T/y+h/9f/6//1/6zV3Pr/3P13xy1N9j8AAAB0kLv/OXGL/Q8AAADDyN3/3LjF/gcAAIBh5O5/XtzSZP/r/73/r//X/+v/F3++/n876f+nten/f3zi8++Z+AKL+v+9q/X/+n/9v/6fU5pb/5+7//lxS5P9DwAAAB3k7r8nbrH/AQAAYBi5+++NW+x/AAAAGEbu/hfELU32v/5f/6//1//r/xd/vv5/O+n/p7Xp/73/fypn3c9v+/fX/+v/OW5u/X/u/hfGLU32PwAAAHSQu/++uMX+BwAAgGHk7n9R3GL/AwAAwDBy998ftzTZ//p//b/+X/+v/1/8+fr/7bS5/n9H/6//35r+f3elP+h9Z93PX6oTfv8bNvX99f/6f46bW/+fu//FcUuT/Q8AAAAd5O5/Sdxi/wMAAMAwcve/NG6x/wEAAGAYuftfFrc02f/6f/2//l//r/9f/Pn6/+3k/f9p+v8lBun/T6tJ/7+x76//1/9z3Nz6/9z9L49bmux/AAAA6CB3/wNxi/0PAAAAw8jd/4q4xf4HAACAYeTuf2Xc0mT/L+n/9/+E6P8n6f8Pf3/9/+JfH/p//f+R/v+aHf3/2un/p+n/l9D/j9n/X7EzUP+/e9Gfr/9njubW/+fuf1Xc0mT/AwAAQAe5+18dt9j/AAAAMIzc/a+JW+x/AAAAGEbu/tfGLU32v/f/9f/6f/2//n/x53v/fzvp/6fp/5fQ/4/Z/3v/X//PmZlb/5+7/3VxS5P9DwAAAB3k7n993GL/AwAAwJZY/tvucve/IW6x/wEAAGAYufvfGLc02f/6f/2//l//r/9f/Pn6/+2k/5+m/19C/6//1//r/1mrufX/ufvfFLc02f8AAADQQe7+B+MW+x8AAACGkbv/objF/gcAAIBh5O5/c9zSZP/r//X/+v/t7P+v0f/r//X/C82l/7/++p94WP+v/9f/6//1//r/7jbW/8dPWLX/z93/lrilyf4HAACADnL3vzVusf8BAABgGLn73xa32P8AAAAwjNz9b49bmuz/4/3/lTsXCtULFvX/0ajp/w/Q/x/+/vr/xb8+vP+v/9f/b95c+n/v/5/u++v/9f/b/P1X6v+vO/7zf9D/7+7o/xnK3N7/z93/cNzSZP8DAABAB7n73xG32P8AAAAwjNz974xb7H8AAAAYRu7+R+KWJvvf+//6f/2//l//v/jz9f/bSf8/Tf+/hP5f/+/9/5t/4YcuS/+/d/Tv94xpbv1/7v53xS1N9j8AAAB0kLv/3XHL4v2/6B/zAgAAADOXu/89cYt//g8AAADDyN3/3rilyf7X/+v/59r/7+7o//X/F+j/9f+r0P9P0/8vof/fRD9/1Vq+3Ano/73/z/zMrf/P3f++uKXJ/gcAAIAOcve/P26x/wEAAGAYufs/ELfY/wAAADCM3P0fjFua7H/9v/5/rv3/hff/f271/v+6o/3/z+v/j3y+/l//PzL9f/4dfTH9/xL6f+//6//1/6zV3Pr/3P2Pxi1N9j8AAAB0kLv/Q3GL/Q8AAADDyN3/4bjF/gcAAIBh5O7/SNzSZP/r/3v1/+d2tq3/9/6//l//r/9fjf5/mv5/Cf2//l//r/9nrebW/+fu/2jc0mT/AwAAwLb66R/75UdP+u/N3f+xuMX+BwAAgGHk7v943GL/AwAAwDBy938ibmmy//X/vfr/7Xv/X/+v/9f/6/9Xo/+fdor+/1DArv/X/0/R/+v/9f8cNbf+P3f/J+OWA8Pv/Mp/lAAAAMCc5O7/VNzS5J//AwAAQAe5+z8dtxzb/3sn/F3tAAAAwNzk7v9M3NLkn//r/2fe/+/o//X/+n/9v/5/Ffr/aZf4/v/eOf2//n+C/l//r//nqLn1/7n7Pxu3NNn/AAAAMKhD/41C7v7PxS32PwAAAAwjd//n4xb7HwAAAIaRu/8LcUuT/a//n3n/f6r3/3frf9L/N+//77xm4efr//X/I9P/T7vE/t/7//r/Sfr/5f3/z048LK7/Z0Rz6/9z938xbmmy/wEAAKCD3P1filvsfwAAABhG7v4vxy32PwAAAAwjd/9X4pYm+1//P2L/7/1//f/054/T///wtbc/+DO/eO/d+n/2Xc7+P38t6P/1//r/C/T/3v/X/3PU3Pr/3P1fjVua7H8AAADoIHf/Y3GL/Q8AAADDyN3/tbjF/gcAAIBh5O7/etzSZP/r//X/+v9t7P+zKe7e/3v/X/9/nPf/p+n/l9D/6//1//p/1mpu/X/u/m/ELU32PwAAAHSQu/+bcYv9DwAAAMPI3f+tuMX+BwAAgO1xfvpfzt3/7bilyf7X/+v/9f9z7f/Pef8/6P/1/6vQ/0/T/y+h/9f/6//1/6zV3Pr/3P3fiVua7H8AAADoIHf/43GL/Q8AAADDyN3/3bjF/gcAAIBh5O7/XtzSZP/r//X/+v+59v9T7//r/3f0//r/i9D/T9P/L6H/1//r//X/rNXc+v/c/d8PAAD//xI4Zx0=")

42.217635997s ago: executing program 0:
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21}, &(0x7f0000bbdffc))
pipe2(&(0x7f0000000140)={<r0=>0xffffffffffffffff}, 0x0)
read$char_usb(r0, &(0x7f0000000840)=""/160, 0xa0)
close(r0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.pending_reads\x00', 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getpeername(r2, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000040)=0x80)
close(r3)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x5450, 0x0)

42.167149355s ago: executing program 1:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc))
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff}, 0x0)
read$char_usb(r1, &(0x7f0000000840)=""/160, 0xa0)
close(r1)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
getpeername(r2, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, &(0x7f0000000040)=0x80)
close(r3)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f0000000100)={{}, {0x0, 0x989680}}, 0x0)
eventfd(0x0)

42.155498457s ago: executing program 2:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000140), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

42.026511437s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(0xffffffffffffffff, 0xc0984124, &(0x7f0000000300))

41.948467779s ago: executing program 2:
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
r3 = openat$cgroup_procs(r1, &(0x7f0000000100)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
r4 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8935, &(0x7f0000000700)={'wg2\x00'})
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12)
r7 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000080), 0x12)

41.932198371s ago: executing program 0:
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0)
arch_prctl$ARCH_SHSTK_LOCK(0x1003, 0x0)

41.826144228s ago: executing program 0:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@local, 0x0, r1})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000180)=@nat={'nat\x00', 0x1b, 0x5, 0x358, 0x0, 0x0, 0xffffffff, 0xc8, 0x0, 0x3b0, 0x3b0, 0xffffffff, 0x3b0, 0x3b0, 0x5, 0x0, {[{{@uncond, 0x0, 0x90, 0xc8, 0x0, {}, [@common=@socket0={{0x20}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @local, @dev}}}}, {{@ip={@local, @multicast1, 0x0, 0x0, 'veth0_macvtap\x00', 'pim6reg\x00'}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @empty, @broadcast, @gre_key, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3b8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001a000105"], 0x24}}, 0x0)

41.768373756s ago: executing program 3:
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x16, &(0x7f0000000080)={[{@space_cache_v1}, {@space_cache_v2}, {@acl}, {@notreelog}, {@nodatasum}, {@nodiscard}, {@discard}, {@datacow}]}, 0x1, 0x5102, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX/jei4r/D8W2kmPK2vzwpGkcDoW8vOhWziWFE7EM+3ztfl008L3sZBfYDEfr6BY070kIulxtV+PhcINe5ztHhwAAOCeEsNznmXHepshjbLztUE7rB60w8igHeqDdhhNdkh37Lc9zPYW4vb2mY1Le/7/keHyf3wrVmWLftf/h3j9f/5cw+71/7Ox0EgK87HQSu8Y0IrHyMLux/EYjVbe48r6bgEAAADuavF7gfoKzwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+Ye/eY+Sq7sOBn32O9+H1QvJTCL8o2SQ1jpt4vbbJQy1V1pSqEWmadUODqohiY6/J4gU7tikxCpGxiWiEoLRBSv4owiiKav6AWoGIpIBwkeIIlUdEVRRAoNAaoiBSShKRJkihmr33zN45d+exttd4yecjeefMfM/zzsNz7r1zLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Lvh8Feu+ttm8Yd/e97Tz104ftm+9Re+fM15pz8ewsTM4x1ZuKP/+lvHf37nuXftu2/tbfccPf+DvXm5PB4Gqn868zvXxVqPLg3h3o4QutPAqsEs0JPfH4z1vWswhNPCbKBWYrI/K5E2HL7fF8KBMBuoVfW9vhAGC4ELnnjowRuriVv6QlgeQqikbTxbydroSwNn9WaB/jSwvTsL/OqNTC3w3c4sAMctvhlqL/pDE/UZhucu1+D113PCOvbmSofXFRPDjfP9bP0Cd6qgN31g4rietlJ1LIjS2+Owd9sieLeVtvPNnrbiF6n8G8obs6FK6NwyuXXTldO74yOdYXS0q1FNC/Q8P/XqlzbPJ71oXoexA8Mn5HV402PL7+xa+alH71m1/MWDH9r/0vF280eFTVpML7RKyF9zi+Z5jMZ9niyCt1/pW9KIL10hhK2f/71PN4uX5v/Dzef/8eUcbzvrcsdaXx/K5ubxkcGYeGUom5sDAADAorEY9ppuH33gY83qK83/R9o7/h8P+eeT+Wy0h0MYn0nsXxbCGTOPZ4E7YnOXLAvhvTOpifrA+iRwOIR3ziRW1qpKSiyJJUaSwE+G8sB4EjgSAxNJ4FsxcHMSuC4GDiWBzTFwOAmcGwNhqn4cvz+Uj6PtQF8MbMw24qF4FsIvhmJrybZ6plYVAADACZLPDnvq7xbOdTjeDHF6eaivVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17b/Phl2ruaFVz6TSMjvoMt/7ybz4TmijN/8eaz/8rc3Sko3T8P4QNM39j7s48Ml2Lb5yoywAAAAAch4H/ff6bzeKl+f94e+f/x30iXYXM4ZG4G2LbshDG6gNZtX9YDmRHvQfyAAAAACwGtePxtWPhU/ltdop2Op8u55+YZ/544H98zvy9h+/f2Ky/pfn/RHvn//fX32adOBJ78bVlISwpBH4Qe1kNzBiJgR9/vD6Qj/9I3AA3xKryExNqVd0QS2yMgbEkcKBRiR/WSpxRH8ifrFrj+2vjmMpLFAIAAABw0sXdAfG4fDz//32/WXtVs3Kl+f/G+Z3/PzMPLp3ePz0QwuruELrSHwY80p8tDBgDgx154oH+rK6utKpr+0M4pzqwtKrn8/X/u9M1Bp/oy6qKgTPed/DVs6qJb/aFsLoYePJzt3+4mtidBGqN/2VfCO+pjjZt/DtLssZ70sa/viSEdxcCtaouWRJCtbHetKqHKvl1DNKq/rkSwtsKgVpVH6mEsCcAsEjF/0q3FB/ctefqbZumpyd3LmAi7sPvC1unpidHN2+f3lJp0KctSZ/rljG6tjymdq9880y+RNFn794w2E669jvBsWJb+X780omD+f34XahnZpxre+rurkuH/IH3l5sIhW9SjYbcucBD7i9WMvskluqP+XvDQFhy5a7JnaNf3LR798412d92s6/N/sbDTNm2WpNuq/65+tbGy6PhalmJY91WK4qVrN59+Y7Vu/ZcvWrq8k2XTl46ecWaj6wdO3ts3dhHz15dHdVY9rfFUFfMVXUy1Ddub3NcJ3CoZ3YXKjkZnxoSEhKLLbF9YEXT/5NL8/8dzef/8VMnfvLn6zM0Ov4/HA/zZ4/PHubfGAMH2j3+P9zoaH7txICRJLA3BvY6zA8AAMBbQ5zkx72Zca/0T1d+58Vm5Urz/73t/f7/BK3/X1u6/vxGy/yvjCXGGq3/ny7zX1v/f2+j9f/TZf5r6/8feBPW/7+yFkg2yS+s/w8AALwVnLz1/1su759eIKCUoeXy/ukFAkoZWi7j3+4FAua9/v+z//lX/x2aKM3/b25v/m/hfgAAADh1fPnPrvp/zeKl+f+B9ub/J3/9v9Do/P+RRoGJRgsDWv8PAACARarR+n/D1/df3Kxcaf5/qL35fzztorMud6z19aFsTbuQrmn3ylDtJwMAAACwOHSG0dGeNvPWrYy6/tjbfCpfCrRZuuj5Pzk6v/P/D7c3/6/7XcZNjy2/s2vlpx59/Z5Vy188+KH9L80e/wcAAAAWTrv7JQAAAAAAAAAAAAAAgDff8/+xb12zeOn3/2HDzOONfv8fr/sXf1/w9rrcsdbW6//l9y/45F17ZpYsfGQohPcXA9v2bTst5NfmX1EMPHjRyndUE/vSEvc/d+4L1cTFaeATq05/rZo4JwlsjIskvjMNxKsqvrY0CcTlFf89DcTtcSgN9OaBry7NxtGRbqufDmbbqiPdVk8PhrCsEKhtq3sHszY60gHekgRqA/xCGogD/PM80Jn26q6BrFcxMBiL3jaQ9QoAgFNW/BbYE7ZOTU+Oxa/w8fbM7vrbqG7JsmvL1Xa02fwz+dJkn717w2A76a70u+jstcZ7QqU6hDWlr6vFLB0zozwxtbTYdG9vMORWq711NiiXmu+m6208or5sRKObt09v6Wk58HWts6ztbpllTWmyU8zSObNJ26iljb60MaI2t00bXY73O8PoaFeS6w9icDjUafWKaPf3+sV1/hq9Cop5rji6/1fN6ivN/4fbm/9XiuN6Lb8YwN54Zb2/W2aZfwAAAFhYX13/62/Ef5+5/uEnm+Utzf9H2pv/xz1Y+aHgbG/H4Xj9//3LQpi5tP5wFrgjNnfJshDeO5OaiCWyC+qfH0uMZYE74g6TlbHExon6qpbEwKEk8JOhPHA4CRyJgXwvxcGQ78r5+6EQPjyT2lBfYkcsMZwEPh0DI0lgNAbGksDSGBhPAi8vzQMTSeDfYiBM1W+ru5fm2woAAGA+8nlWT/3dkM7zDnW3ytDRKkN/qwydrTJUWmVoNIp4/9sxQ09y8kpHIVNPWmtfUkspQ7wY/rz7VcoQflifMy1Yajqef1A736CjPsN9H+uuhCZK8/+x9ub//fW3WetH4vx/9vp/WeAHsXtfi6eOj8TAjz9eH8h3DByJk90balVN5CXySfsNscR4DIwkgR0xMJ4ENm7IAwfeUR/IZ9q1xvfXGp/KSxQCAAAAcNLFHQRxN02c/9+26ysDzcqV5v/j7c3/Y3sDxcaui7UeXRrCvR2zvakFVg1mgbgfYzD+PP5dgyGcVtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f4FTzz04I3VxC19ISwv7H2ptfFsJWujLw2c1ZsF+tPA9u4sEPf81ALf7cwCcNxqewXjCyo/1aVmeO5yDV5/b5VrgqbDK+0DnSPfXL+5WiilHa75PtWa+T1tTfffcsKU3h6HvdsW47tt2Lut+EUq/4byxmyoEjq3TG7ddOX07vhI8ZesJQv0PBd/pdpO+gS8Dvcee29bq6QdGEs+PsbmLjf367AjVnfTY8vv7Fr5qUfvWbX8xYMf2v9S291oIP5Q+KFr/nXwR4XNu9AqIX/NLbrPkwmfJ4vxv4ERT1sIYcPLX7+hWbw0/59ob/7fndzO+HXcmLuWhfCBwsZ9JG7+P16WfQ4WAtmn5NvKgeyQ+38NNfzkBAAAgBOttrujtr9gKr/NTghP58nl/BPzzB/3V4zPmb/dfvf/9UXLm8VL8/+Nzef/S5JuOv7v+D8LxPH/OZ3qu6KXpA/sPa5d0aXqWBCO/8/pVH+3Of4/J8f/Hf+fi+P/LTj+P6dT/WkrfUva4UtXCOHFP3rg6Wbx0vx/R3vzf+v/zb1oX239v42N1v/b0Wj9v73W/wMAABZUg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f/Ne/++FM5/9TWiiNP/f2978P74cBoqtL5b1/0Y2NKjq5hjYYWFAAAAATkWNdhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5rrvH/5nS7P4w7897+nnLhy/bN/6C1++5rzTHw9haubxjizc0X/9reM/v/Pcu/bdt/a2e46e/8FKXq4nv/3/dbljra8PhXCg8MhgTLwyVL0zG7jgk3ft6a4mHhkK4f3FwLZ9206rJr41FMKKYuDBi1a+o5rYl5a4/7lzX6gmLk4Dn1h1+mvVxDl5oCPt7j8uzbrbkXb3xqUhLCsEat29bGl9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhiakkIq7tD6EqreriSVdWVVvUvlayqrrSqL1dCOCeE0J1W9VxvVlV3OvLHe7OqYuCM9x189axq4kBvCKuLgSc/d/uHq4kvJIFa43/RG8J7qi+ZtPFv92SN96SN39ITwrtDCL1piV92ZyV60xLPd4fwtkKg1vjnu0PYE3hLiB8+dZ9ou/ZcvW3T9PTkzgVM9OZt9YWtU9OTo5u3T2+pJH1qpKOQfuPaYx/7M69+aXP19rN3bxhsJ92dl+uZ6fLanrq760713sd+9RcrmX0+SvXH/L1hICy5ctfkztEvbtq9e+ea7G+72ddmf7vyaLat1jTZVl3FO2/2tlpRrGT17st3rN615+pVU5dvunTy0skr1nxk7djZY+vGPnr26uqoxrK/7Q81NBzq7Sd/qGd2Fyo5GR8A80vEzXOq9EdC4ncx0Vn36TZ2qv+nV/qiP9vRnlCZ+YAuTSuKWTpmRnkiBr3+GEd8LN9TWo5oTWniUMqytnWWdaXJxGyWvizLzPe60uSwWFPnzCaN9zvD6GhXo+0wXH+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/o8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbh9GzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//+xnJvI=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000000)='./file1\x00', 0x200040, &(0x7f0000000600)=ANY=[@ANYBLOB='nodots,nodots,check=relaxed,dots,nodots,allow_utime=00000000000000000000006,time_offset=0xfffffffffffffa93,nodots,showexec,dots,dots,gid=', @ANYRESHEX=0xee00, @ANYBLOB="2c646f74732c6e6f646f74732c6e66732c6e6f646f74732c6e6f646f74732c6e6f646f74732c646f74732c7379735f696d6d757461626c652c6e6f646f74732c646f74732c646f74732c646f74732c646f74732c74696d655f6f66667365743d3078303030303030303030303030303437612c646f6e745f686173682c736d61636b66736465663d3a370bcb886e6f1bf42c66c07b9f06643d3164303361650a382d356530622d623066342d303098302d38744aa0a964665b2c00"], 0x1, 0x1c7, &(0x7f0000000780)="$eJzs3UGLEmEYB/BnbFstiPYWRIeBLp2k+gQbsUE0EBUe6lSw22WNQC9Tl+xb9AH7ALGnvcREjmmKlo04U/b7XXzw/47v84CMJ995eePN6fHb4evP1z5Fp5NE6zAO4zyJg2jFD6MAAHbJeVHEl6LUdC8AQD3W+P3/WnNLAMCWPXv+4tG9LDt6mqadiLNR3st75WuZP3iYHd1Oxw5mV53lee/CNL9T5ul8fjEuT/K7S/P9uHVznH/8nt1/nC3k7Tje/vgAAAAAAAAAAAAAAAAAAAAAANCIbjq19HyfbndVXlY/nQ+0cH7PXlzfq20MAAAAAAAAAAAAAAAAAAAA+KcN370/fdXvnwxmRTsi5t+pVhRXV26xrEgjYvNN/7RoxQaXx6icsOae6yqSv6ONCkVay15PrvxuTVT75P2I+PWaS9v/1s3uEe1mbk0AAAAAAAAAAAAAAAAAAPDfmfzXNxkMm+4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJpTPv+/fzKoUnyIiDUWT7ZKGh4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHfYtAAD//46ZKGM=")
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f0000000240)=ANY=[@ANYBLOB="636865636b642c696f6368616865636b3d72656c617865642c63727566742c6f76657272696465726f636b7065726d00000000686172c84db07f63703933362c636865636b3d7374726963742c1f00726f636b2c6d6f64653d3078303030303030303077a6e1f3291808552c73010100006f6e3d3078303030303003000000000000003034342c756e686964652c63727566742c00"/161], 0x4, 0xa00, &(0x7f00000003c0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
syz_open_procfs$pagemap(0x0, &(0x7f0000000140))
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r1, 0x0)
fallocate(r1, 0x0, 0x0, 0x1000f4)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000003180)={0x0, [], 0x0, "2d3d89ad33fdab"})
ppoll(&(0x7f000001fbc0)=[{}], 0x1, 0x0, 0x0, 0x0)
r2 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r2, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x2000, 0x0, 0x3)
read$FUSE(0xffffffffffffffff, &(0x7f0000006180)={0x2020}, 0x2020)
write$FUSE_LK(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_OPEN(0xffffffffffffffff, 0x0, 0x0)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$BTRFS_IOC_LOGICAL_INO(r0, 0xc0389424, &(0x7f0000000240)={0x50d000, 0x0, '\x00', 0x0, 0x0})

41.765953217s ago: executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xc45, 0x760b, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000008c0)={0x24, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x22, 0x7, {[@main, @main, @global=@item_4={0x3, 0x1, 0x0, "ac09cd93"}]}}, 0x0}, 0x0)

41.748770509s ago: executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0x1c, &(0x7f00000002c0)=ANY=[@ANYBLOB="180800000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030008000000008500000005000000bf0900000000000055090100000000009500000000000000b7f39fd67d0000007b9a00", @ANYRES32=r2, @ANYBLOB="0000000000000000b7050000080000001500000076000000bf9800000000000056080000000000008500000007000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r0, 0x0, r4, 0x0, 0x8ec0, 0x0)
dup3(r1, r3, 0x0)
dup2(r3, r4)
sendmsg$nl_route_sched(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000b00)=@newqdisc={0x24, 0x24, 0x0, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xfff3}}}, 0x24}}, 0x0)
unshare(0x2040400)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000000)={0x2, <r5=>0xffffffffffffffff, 0x1})
write$USERIO_CMD_SET_PORT_TYPE(r5, &(0x7f0000000080)={0x1, 0x20}, 0x2)

41.74593831s ago: executing program 0:
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0xd3464, 0x0, 0x1, 0x0, &(0x7f0000000000))
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c}]]}, {0x4}, {0xc}, {0xc}}}, @m_police={0x6c, 0x2, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x1}}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf0}}, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0x0)

41.55239459s ago: executing program 1:
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
read(r0, &(0x7f0000000700)=""/222, 0xde)
mknod(0x0, 0x0, 0x29b3)
socket(0x0, 0x0, 0x0)
r1 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040), 0x10)
connect$inet(r1, &(0x7f0000000000), 0x10)

40.63824612s ago: executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$9p_tcp(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', &(0x7f0000000e40), 0x0, &(0x7f0000000e80))

40.003512217s ago: executing program 3:
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_submit(r0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x0, &(0x7f0000000140), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

39.716643931s ago: executing program 2:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="38020000300009007fffffff000000000700002c040006801e0001"], 0x238}}, 0x0)
sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x0, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="0900000000000000000023180000000018110000f3ccf96224dbac4d30d84cc9f847439030aaa3975c8d2b16ad633d60a0b26d325ba6678b75d07c0cf4", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095fa265f2f2ee1aa6c9b6ec58917741022b03cd750f6b212a43cccaf315c21975fbcdc0b57ec76a05433c1a5ccba69aadac3bd8bc901577a2e98bec31352c04888923cf5dcec694be3287dcb12b85929a0840d709a97228a4005e63ff248efdd0db3d1c6e987572bd46ce35c212cbf0d23dbc85d22b6f5b87c20bfa9ad6aa01e9a7c6f9658390c4050aaa51109ad776c5bcc1f7677250208be1ab35008db2ed6a85f7bd2616cddeaea73d1"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000b40)={{r5}, &(0x7f0000000940), &(0x7f0000000980)=r6}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8401)
connect$pppl2tp(0xffffffffffffffff, &(0x7f00000001c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x3, 0x3, 0x0, 0x1, {0xa, 0x4e21, 0x5, @private1, 0x3}}}, 0x3a)
ioctl$USBDEVFS_FORBID_SUSPEND(r8, 0x5521)
write$binfmt_elf64(r3, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYRES64], 0x100000530)

38.666718713s ago: executing program 3:
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f0000001801000064"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040)}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cgroup.stat\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000080)=0x2, 0x4)
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})

38.651191365s ago: executing program 2:
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@local, 0x0, r1})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001a000105"], 0x24}}, 0x0)

31.761096623s ago: executing program 4:
syz_mount_image$btrfs(&(0x7f0000000100), &(0x7f0000005140)='./file0\x00', 0x816, &(0x7f0000000140), 0x1, 0x50ed, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX9S+H8stJPClbV54UhSOB0L+fnQLRxLCifimfb52ny6aeH7WMgvsJiPV1Cs6V4SkfS42q/HQuGGPc52Dw4AAHBPieE5z7Jjvc2QRtn52qAdVg/aYWTQDvVBO4wmO6Q79tseZnsLcXv7zMalPf//yHD5P74Vq7JFv+v/Q7z+P3+uYff6/9lYaCSF+VhopXcMaMVjZGH343iMRivvcWV9twAAAAB3tfi9QH2F5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP+zda4xc1X0A8LPP8T68XkiqEBolm6TGcROv1zaQqKXKmlI1IqVZNxRURRQbe00WL9ixTYlRiIxNRCMEpQ1S8qEIoyiq+QC1AhFJAeEixREqj4iqKIBAoTVEQaSUJCJNkEI1e++ZvXPuzsOPNV76+0neOTP/87zz8Jx775wLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/w8GvXPO3zeKP/va8Z1+4ePyKPWsvfvW68059MoSJmcc7snBH/423j//87nPv2fPA6jvuO3z+R3vzcnk8DFT/dOZ3boi1Hl4cwv0dIXSngRWDWaAnvz8Y63vfYAinhNlArcRkf1YibTh8vy+EfWE2UKvqe30hDBYCFz71yMM3VxO39YWwNIRQSdt4vpK10ZcGzujNAv1pYGt3FvjVW5la4LudWQCOWXwz1F70BybqMwzPXa7B66/nuHXs7ZUOrysmhhvn+9naee5UQW/6wMQxPW2l6pgXpbfHQe+2BfBuK23nWz1txS9S+TeUt2ZDldC5aXLzhqund8ZHOsPoaFejmubpeX7m9S9tPJL0gnkdxg4MH5fX4S1PLL27a/kFj9+3YunL+z+295Vj7eaPCpu0mJ5vlZC/5hbM8xiN+zxZAG+/0rekEV+6QgibP/97n2kWL83/h5vP/+PLOd521uWOtb45lM3N4yODMfHaUDY3BwAAgAVjIew13Tr60Cea1Vea/4+0d/w/HvLPJ/PZaA+GMD6T2LskhNNmHs8Cd8XmLlsSwgdnUhP1gbVJ4GAI751JLK9VlZRYFEuMJIGfDOWB8SRwKAYmksC3YuDWJHBDDBxIAhtj4GASODcGwlT9OH5/KB9H24G+GFifbcQD8SyEXwzF1pJt9VytKgAAgOMknx321N8tnOtwrBni9PJAX6sM8QzshhkqSQ3pDLY2rWpYQ3erGjpb1VAb9+7mwy/V3NGq5tJpGB31GW7/5d98NjRRmv+PNZ//V+boSEfp+H8I62b+xtydeWS6Fl8/UZcBAAAAOAYD//viN5vFS/P/8fbO/4/7RLoKmcNjcTfEliUhjNUHsmr/sBzIjnoP5AEAAABYCGrH42vHwqfy2+wU7XQ+Xc4/cYT544H/8Tnz9x58cH2z/pbm/xPtnf/fX3+bdeJQ7MXXloSwqBD4QexlNTBjJAZ+/Mn6QD7+Q3ED3BSryk9MqFV1UyyxPgbGksC+RiV+WCtxWn0gf7Jqje+tjWMqL1EIAAAAwAkXdwfE4/Lx/P8P/Wb1Nc3Kleb/64/s/P+ZeXDp9P7pgRBWdofQlf4w4LH+bGHAGBjsyBMP9Wd1daVVXd8fwjnVgaVVvZiv/9+drjH4VF9WVQyc9qH9r59RTXyzL4SVxcDTn7vzrGpiZxKoNf6XfSF8oDratPHvLMoa70kb//qiEN5fCNSqumxRCNXGetOqHqnk1zFIq/rnSgjvKgRqVZ1dCWFXAGCBiv+Vbio+uGPXtVs2TE9Pbp/HRNyH3xc2T01Pjm7cOr2p0qBPm5I+1y1jdH15TO1e+ea5fImii+5dN9hOuvY7wbFiW/l+/NKJg/n9+F2oZ2acq3vq7q5Jh/yRD5ebCIVvUo2G3DnPQ+4vVjL7JJbqj/l7w0BYdPWOye2jX9ywc+f2VdnfdrOvzv7Gw0zZtlqVbqv+ufrWxsuj4WpZiaPdVsuKlazceeW2lTt2Xbti6soNl09ePnnVqrNXj505tmbs42eurI5qLPvbYqjL5qo6Gepbd7Y5ruM41NO7C5WciE8NCQmJhZbYOrCs6f/Jpfn/tubz//ipEz/58/UZGh3/H46H+bPHZw/zr4+Bfe0e/x9udDS/dmLASBLYHQO7HeYHAADgnSFO8uPezLhX+qfLv/Nys3Kl+f/u9n7/f5zW/68tXX9+o2X+l8cSY43W/0+X+a+t/7+70fr/6TL/tfX/970N6/9fXQskm+QX1v8HAADeCU7c+v8tl/dPLxBQytByef/0AgGlDC2X8W/3AgFHvP7/8//5V/8dmijN/29tb/5v4X4AAAA4eXz5z675nWbx0vx/X3vz/xO//l9odP7/SKPARKOFAa3/BwAAwALVaP2/4Rv7L21WrjT/P9De/D+edtFZlzvW+uZQtqZdSNe0e22o9pMBAAAAWBg6w+hoT5t561ZGXXv0bT6TLwXaLF304p8cPrLz/w+2N/+v+13GLU8svbtr+QWPv3nfiqUv7//Y3ldmj/8DAAAA86fd/RIAAAAAAAAAAAAAAMDb78X/2LOmWbz0+/+wbubxRr//j9f9i78veHdd7lhr6/X/8vsXfvqeXTNLFj42FMKHi4Ete7acEvJr8y8rBh6+ZPl7qok9aYkHXzj3pWri0jTwqRWnvlFNnJME1sdFEt+bBuJVFd9YnATi8or/ngbi9jiQBnrzwFcXZ+PoSLfVTwezbdWRbqtnB0NYUgjUttX9g1kbHekAb0sCtQF+IQ3EAf55HuhMe3XPQNarGBiMRe8YyHoFAMBJK34L7Ambp6Ynx+JX+Hh7enf9bVS3ZNn15Wo72mz+uXxpsovuXTfYTror/S46e63xnlCpDmFV6etqMUvHzCiPTy0tNt27Gwy51WpvnQ3KpY500/U2HlFfNqLRjVunN/W0HPia1llWd7fMsqo02Slm6ZzZpG3U0kZf2hhRm9umjS7H+51hdLQryfUHMTgc6rR6RbT7e/3iOn+NXgXFPFcd3vurZvWV5v/D7c3/K8VxvZFfDGB3vLLe3y2xzD8AAADMr6+u/fU34r/P3vjo083ylub/I+3N/+MerPxQcLa342C8/v/eJSHMXFp/OAvcFZu7bEkIH5xJTcQS2QX1z48lxrLAXXGHyfJYYv1EfVWLYuBAEvjJUB44mAQOxUC+l2J/yHfl/P1QCGfNpNbVl9gWSwwngc/EwEgSGI2BsSSwOAbGk8Cri/PARBL4txgIU/Xb6t7F+bYCAAA4Evk8q6f+bkjneQe6W2XoaJWhv1WGzlYZKq0yNBpFvP/tmKEnOXmlo5CpJ621L6mllCFeDP+I+1XKEH5YnzMtWGo6nn9QO9+goz7DA5/oroQmSvP/sfbm//31t1nrh+L8f/b6f1ngB7F7X4unjo/EwI8/WR/IdwwcipPdm2pVTeQl8kn7TbHEeAyMJIFtMTCeBNavywP73lMfyGfatcb31hqfyksUAgAAAHDCxR0EcTdNnP/fseMrA83Kleb/4+3N/2N7A8XGboi1Hl4cwv0ds72pBVYMZoG4H2Mw/jz+fYMhnFLYwVErMdmflehNGg7f78t+od6bVvW9vuzHB/H+hU898vDN1cRtfSEsLex9qbXxfCVroy8NnNGbBfrTwNbuLBD3/NQC3+3MAnDMansF4wsqP9WlZnjucg1ef++Ua4KmwyvtA50j31y/uZovpR2u+T7VmiN72pruv+W4Kb09Dnq3LcR327B3W/GLVP4N5a3ZUCV0bprcvOHq6Z3xkeIvWUvm6Xku/kq1nfRxeB3uPvretlZJOzCWfHyMzV1u7tdhR6zulieW3t21/ILH71ux9OX9H9v7StvdaCD+UPiR6/518EeFzTvfKiF/zS24z5MJnycL8b+BEU9bCGHdq1+/qVm8NP+faG/+353czvh13Jg7loTwkcLGfSxu/j9ekn0OFgLZp+S7yoHskPt/DTX85AQAAIDjrba7o7a/YCq/zU4IT+fJ5fwTR5g/7q8YnzN/u/3u/+tLljaLl+b/65vP/xcl3XT83/F/5onj/3M62XdFL0of2H1Mu6JL1TEvHP+f08n+bnP8f06O/zv+PxfH/1tw/H9OJ/vTVvqWtM2XrhDCy3/00LPN4qX5/7b25v/W/5t70b7a+n/rG63/t63R+n+7rf8HAADMqwYLzaXzvNLqfaUM6ep9pQwtFwhsucSg9f+OeP2/l05//jehidL8f3d78//4chgotr5Q1v8bWdegqltjYJuFAQEAADgZNdpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNvrgX/4n03N4o/+9rxnX7h4/Io9ay9+9brzTn0yhKmZxzuycEf/jbeP//zuc+/Z88DqO+47fP5HK3m5nvz2d+tyx1rfHAphX+GRwZh4bah6ZzZw4afv2dVdTTw2FMKHi4Ete7acUk18ayiEZcXAw5csf081sSct8eAL575UTVyaBj614tQ3qolz8kBH2t1/XJx1tyPt7s2LQ1hSCNS6e8Xi+qpqbfxpHuhM2/inwayNGBiMRb8xmLURA9OxxNSiEFZ2h9CVVvVoJauqK63qXypZVV1pVV+uhHBOCKE7reqF3qyq7nTkT/ZmVcXAaR/a//oZ1cS+3hBWFgNPf+7Os6qJLySBWuN/0RvCB6ovmbTxb/dkjfekjd/WE8L7Qwi9aYlfdmcletMSL3aH8K5CoNb457tD2BV4R4gfPnWfaDt2Xbtlw/T05PZ5TPTmbfWFzVPTk6Mbt05vqiR9aqSjkH7r+qMf+3Ovf2lj9faie9cNtpPuzsv1zHR5dU/d3TUne+9jv/qLlcw+H6X6Y/7eMBAWXb1jcvvoFzfs3Ll9Vfa33eyrs79deTTbVqsWyrZaVqxk5c4rt63csevaFVNXbrh88vLJq1advXrszLE1Yx8/c2V1VGPZ3+Mx1DtP/FBP7y5UciI+ACQkJBZaorPu023sZP8gL33Rn+1oT6jMfECXphXFLB0zozweg157lCM+mu8pLUe0qjRxKGVZ3TrLmtJkYjZLX5Zl5ntdaXJYrKlzZpPG+51hdLSr0XYYrr9b3Lw/O4bN+0y+6dpNAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgUAAD//wNUIwc=")
lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)=@known='trusted.overlay.upper\x00', 0x0, 0x2)

31.290178575s ago: executing program 4:
symlinkat(&(0x7f0000001040)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x20000008)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f00000000c0)='./file0\x00', r0, &(0x7f00000003c0)='./bus\x00', 0x0)

30.873215779s ago: executing program 4:
socket$packet(0x11, 0x0, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
r0 = getpid()
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000000c0))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x84, 0x0, 0x0)

30.392521033s ago: executing program 4:
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f00000001c0)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
read(0xffffffffffffffff, &(0x7f0000000540)=""/57, 0x39)
syz_emit_ethernet(0x92, &(0x7f0000000000)={@empty, @broadcast, @val={@void, {0x8100, 0x0, 0x0, 0x1}}, {@ipv4={0x800, @tcp={{0xd, 0x4, 0x0, 0x9, 0x80, 0x0, 0x0, 0x0, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @remote, {[@ra={0x94, 0x4}, @timestamp={0x44, 0xc, 0x0, 0x0, 0x0, [0xf38, 0x0]}, @lsrr={0x83, 0xf, 0xe, [@remote, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}, {{0x4e23, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0xe, 0x0, 0x1, 0x0, 0xf931, {[@mptcp=@mp_fclose={0x1e, 0xc, 0x9}, @exp_smc={0xfe, 0x6}, @md5sig={0x13, 0x12, "9fb7ce74121c41c9c9abc99ba1302b5b"}]}}, {"143d794f7e65b7cbda2cc9162a9b77ba79b8e1ba"}}}}}}, 0x0)
fsopen(&(0x7f0000000bc0)='sockfs\x00', 0x0)
socket(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
chdir(0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x10000)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$FS_IOC_READ_VERITY_METADATA(r3, 0xc0286687, &(0x7f0000000d00)={0x1, 0x0, 0x200001e6, &(0x7f0000000100)=""/230})
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x17)

30.037615898s ago: executing program 4:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x0, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x60}}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x585, &(0x7f0000000580)="$eJzs3c9rVNceAPDvvUk06nsvCiLvvUUJuKjFOmOS/rDQhV2WViq0ezskY5BMHMlMxKRCdVE33RQplFKhtPvuu5T+A/0rhFaQIqFddDPlTu7E0cwkkzj5ofP5wNVz7rkz55y593vm3Lk33AAG1nj2Txrxv4j4KokYaysbjrxwfHW7lcc3p7MliUbj4z+SSPJ1re2T/P8jeea/EfHLFxGn0/X11paW50qVSnkhzxcjuVasLS2fuTJfmi3Plq9OTk2de3Nq8p233+pbX1+7+Ne3H91//9yXJ1e++enhsbtJnI/G56tl7f14DrfaM+Mxnn8mI3H+mQ0n+lDZfpLsdQPYlqE8zkciGwPGYiiP+o4aY7vZNGCHZV9/DWBAJeIfBlRrHtA6t+/TefAL49F7qydA6/s/vPrbSIw2z40OryRPnRll57tH+1B/VsfPv9+7my3Rv98hADZ163ZEnB0eXj/+Jfn4t31ne9jm2TqMf7B77mfzn9c7zX/StflPdJj/HOkQu9uxefynD/tQTVfZ/O/djvPftYtWR4fy3L+bc76R5PKVSjkb2/4TEadi5GCW3+B6zqfpyoNGt8L2+V+2ZPW35oJ5Ox4OH3z6NTOleum5Ot3m0e2I/3ec/yZr+z/psP+zz+Nij3WcKN97pVvZ5v3fWY0fIl7tuP+fXNHKUsX6fLfrk8Xm8VBsHRXr/XnnxK/d6t/r/mf7//DG/T+atF+vrW29ju9H/y53K9vu8X8g+aSZPpCvu1Gq1xcmIg4kH65fP/nkta18a/us/6dObjz+dTr+D2WB3WP/7xy/077p6Eb9H+nxPfsl6//Mlvb/1hMPPvjsu27197b/32imTuVrehn/em3g83x2AAAAAAAAsN+kEfGvSNLCWjpNC4XV+zuOx+G0Uq3VT1+uLl6dycqa9z+krSvdY233Q0zk98O28pPP5Kci4lhEfD10qJkvTFcrM3vdeQAAAAAAAAAAAAAAAAAAANgnjkSMdvr7/8xvQ3vdOmDHbfDI7252+zkFwA7pHv95ST+e9ATsS+3xf3AP2wHsvm3M/4GXRA/xn+5GO4Dd5/sfBpf4h8El/mFwiX8YXFuJ/x8v7GBDAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OVw8cKFbGmsPL45neVnri8tzlWvn5kp1+YK84vThenqwrXCbLU6WykXpqvzm71fpVq9NjEZizeK9XKtXqwtLV+ary5erV+6Ml+aLV8qe244AAAAAAAAAAAAAAAAAAAArFdbWp4rVSrlBQmJbSWG90czuiXS/EDfL+15YRJ7PDABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJt/AgAA//9UjzKL")
r1 = inotify_init1(0x0)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0x305, 0x0, 0x0, {}, [{0x34, 0x1, [@m_csum={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./bus\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000080)={[{@stats}]})
inotify_add_watch(r1, &(0x7f0000000000)='.\x00', 0x150007a2)
r6 = userfaultfd(0x0)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, 0x0)
ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00003fe000/0x4000)=nil, 0x4000}, 0x1})
r7 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000880)=""/258, 0x102)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

11.72200898s ago: executing program 0:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = dup(r1)
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r3, 0x200004)
sendto$inet(r2, &(0x7f0000002500)="e5", 0x1, 0x0, 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x80001d00c0d1)

8.642793823s ago: executing program 3:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/231, 0xe7}], 0x1, 0x2, 0x0)
syz_mount_image$udf(&(0x7f0000000a40), &(0x7f0000000000)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4400, &(0x7f00000000c0)=ANY=[@ANYBLOB='shortad,utf8,noadinicb,uid=', @ANYRESDEC=0x0, @ANYBLOB="fd8264ce811b0aa5bdd12fb654a0b8e5c9af4c16d527a2185f7229df1a1e9af9eae16c73071191ebe4c7827a6bc9ac04ccad46be56db8153d472982550fd0677926ea7061ad0efe867b5c4cff628c8911fd6b69e8f464aaf4f07a8cf4b79d269fc8117bcba718fbe709f79dc5b3ec5bf28152a09f45344f10e"], 0x1, 0xa1b, &(0x7f0000001540)="$eJzs209sm+d9B/Dfw1eyaadrFbd1kzbLWLQIPKUN5P9KvAH2rApt5iZGZWXzZTBlyQ4R/askF043tB42oAjQg1FgPWzAkMsOA3bwDrvsFOwwDBg2GDsMxYp2Wrpm6Y3BBuS0aXhfPpQoWY7VOLZk+/Mx7C/58veSzx+afMmHbwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/1lVNDB9N2twIAuJ9eGvvG0GHv/wDwSDnn8z8AAAAAAAAAAAAAAOx0KYr4s0jx6k/a6UJ1vaN+pjV75er4yOjmu+1JkaIWRVVf/q0fPHT4yNFjx4e7+cH7f9SejJfHzp1qnJ6bmV+YWlycmmyMz7Yuzk1Obfke7nb/jQarAWjMvHZl8tKlxcah5w6vu/nqwDu7H9s/cOL4i+f3dWvHR0ZHx3pq+vo/9KPf4nZneOyKIn4WKerfezc1I6IWdz8Wd3ju3Gt7qk4MVp0YHxmtOjLdas4ulTemWq6qRQz07HSyO0b3YS7uSiPiWtn8ssGDZffG5psLzYnpqcbZ5sJSa6k1N5tqndaW/RmIWgyniPmIaBe33l1/FPHvkeL777fTREQU3XF4tjox+M7tqd2DPm5BX9m3IuJmPABztoPtjiLeiBQ/OD8UF/O4VsP2TMTXy3w64ptlLkdcz9dT+QR5KuK9TZ5PPFj6ooh/ihRzqZ0mu3Nfva6ceaXxtdlLcz213deVB/794X7a4a9N9ShionrFb6cPf7ADAAAAAMDOU8TfRoobMwfSfPSuKbZmLzfONSemO98Kd7/7b+S9VlZWVgZSJxs5h3KezHk254Wc8zmv5bye882cN3K+lfNmzuWc7ZxRy4+fs5FzKOfJnGdzXsg5n/Nazus538x5I+dbOW/mXM7ZzhnWvQAAAAAAAADYYfZEET+OFF/4m29V5xVHdV76J04MH/jqF3vPGf/MHe6nrH0uIm7E1s7J7c+nDqda+eej7xdbU48ivpPP//vD7W4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwrWpRxGcixQ/faKdIEdGIuBCdXC62u3UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh1FPRZyOFL/4Sr26fjMiPhsR/7dS/omI5ZUNtrvFAAAAAAAAAMAtUhFDkeLxJ9tpICKuDryz+7H9AyeOv3h+XxFFpLKkt/7lsXOnGqfnZuYXphYXpyYb47Oti3OTU1t9uPqZ1uyVq+Mjo/ekM3e05x63f0/99Nz86wuty68ubXr73vqpicWlhebFzW+OPVGLGOrdMlg1eHxktGr0dKs5W+2aardpYC2isdXOAAAAAAAAAPDQ2JuKOBopXm0dSd11477Omv+vdK4Vq7V/8QdrvwWY3pBdvb8f2MrltNWGDlYL743xkdHRsZ7Nff23lpZtSqmIv44Un/vdJ6r18BR7N10bL+t2RYpj3zqS6wY+V9adXFdVHxwfGW28NDf75VPT03MXm0vNiempxth88+KWfzgAAAAAAAAAAPfQ3lTEn0eK3xu6mbrnnef1/77OtZ71/9+oltAr9bQ+V1Vr+x+v1vY7lz9xYrgx+mu3234v1v/LNqVUxL9Fisd//4nqfPru+v/Qhtqy7r8jxb/+41O5rrarrDvY7U7nHi+1pqeGUh6rzz/brY2q9niu/eRa7cGy9vOR4i+fWV87nGs/tVZ7qKz940jxv0c3r/30Wu3hsvaPIsVvv93o1u4ta8/k2v1rtc9dnJuevNOwlvP/d5Hi7C++mrp9vu389/z+49qGXHXLnH/w5Y9q/gd6tl3L8/rjPP8H7zD/fx8p/uSnT+W6ztgfyrc/Xv27Nv+/Eyn+61fX1x7LtfvWag9utVvbrZz/L0WKEz/60Wqf8/znkV2bod75/2zf+lx9lmzT/D/es20gt+vwLzkWj6LF17/9WnN6emrBBRdccGH1wna/MnE/lO///xwpXjhTS93jmPz+/7HOtbXjv/e/s/b+/8KGXLVN7//7era9kI9a+vsi6ksz8/37I+qLr3/7y62Z5uWpy1Ozw8eOHnl++Nix5/t3dY/t1i5teegeCuX8n4kUr/z0X1Y/x6w//tv8+H/vhly1TfP/yd4+rTuu2fJQPJLK+b8eKb779rurnzc/6Pi/+/n/wBfW5+r/v22a/0/1bKt+4//xiOd7th34dMSprT4WAAAAPGT25nXyP/31f1g953395//4Yre29/uf29kJ5/8DAAAAAMCjbm8q4q8ixf8MfSl1zyHbyu8/Jzfkqm36/d/+nm2T9+m8li0PMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADpSiiKcjxas/aaflorzeUT/Tmr1ydXxkdPPd9qRIUYuiqi//1g8eOnzk6LHjw9384P0/ak/Gy2PnTjVOz83ML0wtLk5NNsZnWxfnJqe2fA93u/9Gg9UANGZeuzJ56dJi49Bzh9fdfHXgnd2P7R84cfzF8/u6teMjo6NjPTV9/R/60W+RbrN9VxRxKVLUv/du+o8iohZ3PxZ3eO7ca3uqTgxWnRgfGa06Mt1qzi6VN6ZarqpFDPTsdLI7RvdhLu5KI+Ja2fyywYNl98bmmwvNiempxtnmwlJrqTU3m2qd1pb9GYhaDKeI+YhoF7feXX8UMREpvv9+O71dRBTdcXj2pbFvDB2+c3tq96CPvVa+u+nmvrJvRcTNeADmbAfbHUV8LFL84PxQ/KzojGs1bM9EfL3MpyO+WeZyxPV8PZVPkKci3tvk+cSDpS+KOBsp5lI7/WeR5756XTnzSuNrs5fmemq7rysP/PvD/bTDX5vqUcTPq1f8dvq5/88AAAAAAA+RIn4zUtyYOZCq9cHVNcXW7OXGuebEdOdr/e53/42818rKyspA6mQj51DOkznP5ryQcz7ntZzXc76Z80bOt3LezLmcs50zavnxczZyDuU8mfNszgs553Ney3k955s5b+R8K+fNnMs52znD9+QAAAAAAADADlSLIp6IFD98o51Wis4C74Xo5LJ1zofe/wcAAP//Vsw/Lg==")

8.629129075s ago: executing program 2:
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='kfree\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r2, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller1\x00', 0x2})
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000100)={0x0, 0x1, [@remote]})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$sock_buf(r3, 0x1, 0x1c, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000000206010100000000000000000000000005000100070000000900020073797a3000000000050005000a000000050004000000000010000300686173683a69702c6d6163"], 0x48}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, 0x4, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}}, 0x0)

0s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT64(r1, 0xc0984124, &(0x7f0000000300))

kernel console output (not intermixed with test programs):

ily 0 port 6081 - 0
[  467.523099][ T7542] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.558095][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  467.771042][ T8350] loop1: detected capacity change from 0 to 256
[  467.849796][ T8350] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  467.872872][ T7542] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.896269][ T8350] exFAT-fs (loop1): invalid boot region
[  467.929733][ T8350] exFAT-fs (loop1): failed to recognize exfat type
[  468.017067][ T7542] bond0: (slave netdevsim0): Releasing backup interface
[  468.077977][ T7542] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  468.358357][ T8355] loop1: detected capacity change from 0 to 128
[  469.330405][ T3579] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  469.343723][ T3579] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  469.352028][ T3579] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  469.365082][ T3579] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  469.373612][ T3579] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  469.381419][ T3579] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  469.417346][ T5571] sysv_free_block: flc_count > flc_size
[  469.423154][ T5571] sysv_free_block: flc_count > flc_size
[  469.433700][ T5571] sysv_free_block: flc_count > flc_size
[  469.439287][ T5571] sysv_free_block: flc_count > flc_size
[  469.489803][ T5571] sysv_free_block: flc_count > flc_size
[  469.495648][ T5571] sysv_free_block: flc_count > flc_size
[  469.502502][ T5571] sysv_free_block: flc_count > flc_size
[  469.521553][ T5571] sysv_free_block: flc_count > flc_size
[  469.528299][ T5571] sysv_free_block: flc_count > flc_size
[  469.534035][ T5571] sysv_free_block: flc_count > flc_size
[  469.540699][ T5571] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  471.463610][ T3579] Bluetooth: hci3: command tx timeout
[  471.533896][ T8367] loop1: detected capacity change from 0 to 1024
[  471.591113][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  471.600079][ T8367] hfsplus: failed to load root directory
[  476.009196][ T3587] Bluetooth: hci0: command 0x0406 tx timeout
[  476.021009][ T3587] Bluetooth: hci3: command tx timeout
[  476.334684][ T8359] chnl_net:caif_netlink_parms(): no params data found
[  476.641801][ T8403] loop4: detected capacity change from 0 to 1024
[  476.661533][ T8359] bridge0: port 1(bridge_slave_0) entered blocking state
[  476.671313][ T8359] bridge0: port 1(bridge_slave_0) entered disabled state
[  476.724816][ T8403] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  476.743188][ T8359] device bridge_slave_0 entered promiscuous mode
[  476.794305][ T8403] EXT4-fs (loop4): orphan cleanup on readonly fs
[  476.805254][ T8403] EXT4-fs error (device loop4): __ext4_get_inode_loc:4495: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[  476.818920][ T8403] EXT4-fs (loop4): Remounting filesystem read-only
[  476.827116][ T8403] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  478.662243][ T8403] EXT4-fs error (device loop4): ext4_quota_write:7172: inode #3: comm syz-executor.4: mark_inode_dirty error
[  478.847129][ T8403] Quota error (device loop4): write_blk: dquota write failed
[  478.931462][ T8403] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  478.990621][ T8403] EXT4-fs error (device loop4): ext4_acquire_dquot:6777: comm syz-executor.4: Failed to acquire dquot type 0
[  479.054289][ T8403] EXT4-fs (loop4): 1 truncate cleaned up
[  479.071086][ T3579] Bluetooth: hci3: command tx timeout
[  479.078277][ T8359] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.107289][ T8403] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  479.119468][ T8359] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.133118][ T8359] device bridge_slave_1 entered promiscuous mode
[  479.301308][ T8359] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  479.318354][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  479.340093][ T8359] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  479.479353][ T7542] device hsr_slave_0 left promiscuous mode
[  479.494228][ T7542] device hsr_slave_1 left promiscuous mode
[  479.513729][ T7542] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  479.521164][ T7542] batman_adv: batadv0: Removing interface: batadv_slave_0
[  479.586702][ T7542] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  479.614065][ T7542] batman_adv: batadv0: Removing interface: batadv_slave_1
[  479.666318][ T7542] device bridge_slave_1 left promiscuous mode
[  479.692746][ T7542] bridge0: port 2(bridge_slave_1) entered disabled state
[  479.715730][ T7542] device bridge_slave_0 left promiscuous mode
[  479.728963][ T7542] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.762303][ T7542] device veth1_macvtap left promiscuous mode
[  479.780160][ T7542] device veth0_macvtap left promiscuous mode
[  479.786775][ T7542] device veth1_vlan left promiscuous mode
[  479.803685][ T7542] device veth0_vlan left promiscuous mode
[  479.994251][ T8438] loop1: detected capacity change from 0 to 512
[  480.055118][ T7060] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  480.511056][ T7542] team0 (unregistering): Port device team_slave_1 removed
[  480.542340][ T7542] team0 (unregistering): Port device team_slave_0 removed
[  480.572718][ T7542] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  480.599345][ T7542] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  480.739488][ T8426] loop2: detected capacity change from 0 to 32768
[  480.781189][ T8426] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  480.806202][ T8426] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  480.832524][ T8426] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  480.858891][  T154] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  480.865966][  T154] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  480.876175][ T7542] bond0 (unregistering): Released all slaves
[  480.958870][  T154] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 92ms
[  480.974592][  T154] gfs2: fsid=syz:syz.0: jid=0: Done
[  480.979879][ T8426] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  480.998843][ T8438] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  481.056629][ T8359] team0: Port device team_slave_0 added
[  481.135643][ T8359] team0: Port device team_slave_1 added
[  481.144089][ T3579] Bluetooth: hci3: command tx timeout
[  481.327342][ T8359] batman_adv: batadv0: Adding interface: batadv_slave_0
[  481.343450][ T8359] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  481.413459][ T8359] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  481.465583][ T8359] batman_adv: batadv0: Adding interface: batadv_slave_1
[  481.472564][ T8359] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  481.530723][ T8359] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  481.690842][ T8359] device hsr_slave_0 entered promiscuous mode
[  481.714612][ T8359] device hsr_slave_1 entered promiscuous mode
[  481.731989][ T8359] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  481.774294][ T8359] Cannot create hsr debugfs directory
[  482.772410][ T8464] loop4: detected capacity change from 0 to 1024
[  482.780240][ T8464] hfsplus: unable to parse mount options
[  482.864764][   T26] audit: type=1326 audit(1717851486.483:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8465 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  482.899501][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  482.943014][ T8464] loop4: detected capacity change from 0 to 256
[  484.096363][ T8482] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  484.550818][   T26] audit: type=1326 audit(1717851488.163:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8502 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  484.609197][ T8359] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  485.539065][ T8359] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  485.590965][ T8359] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  485.621074][ T8359] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  485.903787][ T8359] 8021q: adding VLAN 0 to HW filter on device bond0
[  485.922862][   T26] audit: type=1326 audit(1717851489.533:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8518 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  485.970427][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  486.005413][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  486.150617][ T8359] 8021q: adding VLAN 0 to HW filter on device team0
[  486.454456][ T8525] loop2: detected capacity change from 0 to 256
[  486.526159][ T8525] exFAT-fs (loop2): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  486.594149][ T8525] exFAT-fs (loop2): invalid boot region
[  486.626290][ T8525] exFAT-fs (loop2): failed to recognize exfat type
[  486.701139][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  486.978587][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  487.086253][ T8527] loop2: detected capacity change from 0 to 128
[  487.296236][ T3626] bridge0: port 1(bridge_slave_0) entered blocking state
[  487.303475][ T3626] bridge0: port 1(bridge_slave_0) entered forwarding state
[  487.386416][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  487.407137][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  487.475255][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  487.531631][   T14] bridge0: port 2(bridge_slave_1) entered blocking state
[  487.538915][   T14] bridge0: port 2(bridge_slave_1) entered forwarding state
[  487.659342][   T14] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  487.755995][ T7484] sysv_free_block: flc_count > flc_size
[  487.761594][ T7484] sysv_free_block: flc_count > flc_size
[  487.768967][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  487.783689][ T8529] loop1: detected capacity change from 0 to 512
[  487.790423][ T7484] sysv_free_block: flc_count > flc_size
[  487.827301][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  487.835701][ T7484] sysv_free_block: flc_count > flc_size
[  487.851947][ T7484] sysv_free_block: flc_count > flc_size
[  487.867680][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  487.878029][ T7484] sysv_free_block: flc_count > flc_size
[  487.886617][ T7484] sysv_free_block: flc_count > flc_size
[  487.893223][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  487.907311][ T7484] sysv_free_block: flc_count > flc_size
[  487.912887][ T7484] sysv_free_block: flc_count > flc_size
[  487.920292][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  487.932536][ T7484] sysv_free_block: flc_count > flc_size
[  487.938819][ T7484] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  487.951835][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  487.960499][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  488.015697][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  488.056078][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  488.085717][ T8359] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  488.110153][ T7060] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  488.287676][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  488.385746][ T8529] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  488.722203][ T8531] loop4: detected capacity change from 0 to 1024
[  488.764008][ T8531] hfsplus: failed to load root directory
[  488.890802][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  493.026747][ T3587] Bluetooth: hci1: command 0x0406 tx timeout
[  493.440211][   T26] audit: type=1326 audit(1717851497.053:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8554 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  493.556575][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  493.567703][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  493.590267][ T8359] 8021q: adding VLAN 0 to HW filter on device batadv0
[  493.661668][ T4225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  493.676452][ T4225] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  493.768865][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  493.788940][ T4292] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  493.864928][ T8359] device veth0_vlan entered promiscuous mode
[  493.890592][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  493.911681][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  493.934253][ T8359] device veth1_vlan entered promiscuous mode
[  493.981691][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  493.996240][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  494.066151][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  494.929572][ T3659] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  494.941261][ T8359] device veth0_macvtap entered promiscuous mode
[  494.973897][ T4225] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  495.002232][ T8359] device veth1_macvtap entered promiscuous mode
[  495.078775][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.252626][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.509109][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.524618][ T8579] loop2: detected capacity change from 0 to 256
[  495.596815][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.609068][ T8579] exFAT-fs (loop2): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  495.635788][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.653283][ T8579] exFAT-fs (loop2): invalid boot region
[  495.665417][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.683594][ T8579] exFAT-fs (loop2): failed to recognize exfat type
[  495.696459][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.720733][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.746200][ T8359] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.763791][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  495.777413][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  495.987943][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.999565][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.010243][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  496.021066][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.031207][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  496.078117][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.131782][ T8583] loop2: detected capacity change from 0 to 128
[  496.269417][ T8359] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  496.386438][ T8359] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  496.409448][ T8359] batman_adv: batadv0: Interface activated: batadv_slave_1
[  496.694040][ T4225] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  496.713912][ T4225] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  496.756891][ T8359] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.803514][ T8359] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.812261][ T8359] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.853439][ T8359] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.862391][ T7484] sysv_free_block: flc_count > flc_size
[  496.868970][ T7484] sysv_free_block: flc_count > flc_size
[  496.883587][ T7484] sysv_free_block: flc_count > flc_size
[  496.896200][ T7484] sysv_free_block: flc_count > flc_size
[  496.917436][ T7484] sysv_free_block: flc_count > flc_size
[  496.938301][ T7484] sysv_free_block: flc_count > flc_size
[  496.958042][ T7484] sysv_free_block: flc_count > flc_size
[  496.985207][ T7484] sysv_free_block: flc_count > flc_size
[  497.005887][ T7484] sysv_free_block: flc_count > flc_size
[  497.023584][ T7484] sysv_free_block: flc_count > flc_size
[  497.041848][ T7484] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  497.054485][ T3689] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.078695][ T3689] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.114282][ T4357] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  497.188871][ T4103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.204056][ T4103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.242086][ T8587] loop2: detected capacity change from 0 to 1024
[  497.246429][ T4225] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  497.289240][ T8587] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  497.391445][ T8587] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  497.394838][ T8589] loop3: detected capacity change from 0 to 1024
[  497.414904][ T8589] hfsplus: unable to parse mount options
[  497.486967][ T8589] loop3: detected capacity change from 0 to 256
[  500.062000][   T26] audit: type=1326 audit(1717851503.673:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8605 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  500.131958][ T8598] loop4: detected capacity change from 0 to 32768
[  500.204758][ T8598] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  500.226409][ T8598] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  500.300675][ T8598] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  500.339050][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  500.341158][ T3659] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  500.351879][ T3659] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  500.486257][ T3659] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 134ms
[  500.521620][ T3659] gfs2: fsid=syz:syz.0: jid=0: Done
[  500.539550][ T8598] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  501.526865][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  501.533205][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  502.563807][ T8627] 9pnet_fd: Insufficient options for proto=fd
[  503.340155][ T8630] loop3: detected capacity change from 0 to 256
[  503.365810][ T8630] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  503.383729][ T3587] Bluetooth: hci4: command 0x0406 tx timeout
[  503.389812][ T8630] exFAT-fs (loop3): invalid boot region
[  503.395591][ T8630] exFAT-fs (loop3): failed to recognize exfat type
[  503.455061][ T3582] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  503.897295][ T8634] loop3: detected capacity change from 0 to 128
[  504.524616][ T8359] sysv_free_block: flc_count > flc_size
[  504.530233][ T8359] sysv_free_block: flc_count > flc_size
[  504.553605][ T8359] sysv_free_block: flc_count > flc_size
[  504.559475][ T8359] sysv_free_block: flc_count > flc_size
[  504.573108][ T8359] sysv_free_block: flc_count > flc_size
[  504.593516][ T8359] sysv_free_block: flc_count > flc_size
[  504.606600][ T8359] sysv_free_block: flc_count > flc_size
[  504.634114][ T8359] sysv_free_block: flc_count > flc_size
[  504.650925][ T8359] sysv_free_block: flc_count > flc_size
[  504.665718][ T8359] sysv_free_block: flc_count > flc_size
[  504.670459][ T8638] loop4: detected capacity change from 0 to 1764
[  504.682300][ T8359] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  505.626144][ T8647] loop4: detected capacity change from 0 to 1024
[  505.705952][ T8647] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  505.790041][ T8647] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  506.189666][ T8641] loop3: detected capacity change from 0 to 40427
[  506.213411][ T8641] F2FS-fs (loop3): invalid crc value
[  506.302831][ T8641] F2FS-fs (loop3): Found nat_bits in checkpoint
[  506.544738][ T8641] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[  506.558157][   T26] audit: type=1326 audit(1717851510.173:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8658 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe35827cf69 code=0x0
[  506.606650][ T8641] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  507.636488][ T8641] syz-executor.3: attempt to access beyond end of device
[  507.636488][ T8641] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  508.634818][ T8672] 9pnet_fd: Insufficient options for proto=fd
[  508.778181][ T8359] syz-executor.3: attempt to access beyond end of device
[  508.778181][ T8359] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  509.011327][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  509.060023][ T8675] loop2: detected capacity change from 0 to 512
[  509.104829][ T8675] ext2: Unknown parameter 'obj_user'
[  509.172060][ T8678] loop4: detected capacity change from 0 to 256
[  509.184837][ T7060] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  509.196332][   T26] audit: type=1326 audit(1717851512.813:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8674 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe35827cf69 code=0x0
[  509.269686][ T8678] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  509.319494][ T8678] exFAT-fs (loop4): invalid boot region
[  509.341219][ T8678] exFAT-fs (loop4): failed to recognize exfat type
[  509.756081][ T8686] loop4: detected capacity change from 0 to 128
[  511.783434][ T3570] sysv_free_block: flc_count > flc_size
[  511.789038][ T3570] sysv_free_block: flc_count > flc_size
[  511.803542][ T3570] sysv_free_block: flc_count > flc_size
[  511.809123][ T3570] sysv_free_block: flc_count > flc_size
[  511.879726][ T3570] sysv_free_block: flc_count > flc_size
[  511.893503][ T3570] sysv_free_block: flc_count > flc_size
[  511.899094][ T3570] sysv_free_block: flc_count > flc_size
[  511.939270][ T3570] sysv_free_block: flc_count > flc_size
[  511.962825][ T3570] sysv_free_block: flc_count > flc_size
[  511.993203][ T3570] sysv_free_block: flc_count > flc_size
[  512.008705][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  512.564672][ T8717] binder: BINDER_SET_CONTEXT_MGR already set
[  512.573541][ T8717] binder: 8711:8717 ioctl 4018620d 20000040 returned -16
[  513.226124][ T8720] loop3: detected capacity change from 0 to 2048
[  513.419385][ T8720] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  516.482209][ T8735] loop2: detected capacity change from 0 to 512
[  516.543769][ T8735] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 393: padding at end of block bitmap is not set
[  516.605020][ T8735] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  516.627091][ T8735] EXT4-fs (loop2): 2 truncates cleaned up
[  516.642226][ T8735] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  517.435074][ T8742] 9pnet_fd: Insufficient options for proto=fd
[  517.868586][ T4358] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  517.890379][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  517.954630][   T26] audit: type=1326 audit(1717851521.573:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8740 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  518.009325][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  518.035582][ T8748] loop3: detected capacity change from 0 to 256
[  518.068323][ T8748] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  518.086640][ T8748] exFAT-fs (loop3): invalid boot region
[  518.100283][ T8748] exFAT-fs (loop3): failed to recognize exfat type
[  518.110689][ T8746] loop4: detected capacity change from 0 to 1764
[  518.721430][ T8754] loop3: detected capacity change from 0 to 128
[  519.875812][ T8755] loop2: detected capacity change from 0 to 1024
[  519.884895][ T8359] sysv_free_block: flc_count > flc_size
[  519.926757][ T8359] sysv_free_block: flc_count > flc_size
[  519.949671][ T8755] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  519.958605][ T8359] sysv_free_block: flc_count > flc_size
[  519.958650][ T8359] sysv_free_block: flc_count > flc_size
[  519.958660][ T8359] sysv_free_block: flc_count > flc_size
[  519.958670][ T8359] sysv_free_block: flc_count > flc_size
[  519.958680][ T8359] sysv_free_block: flc_count > flc_size
[  519.958690][ T8359] sysv_free_block: flc_count > flc_size
[  519.958699][ T8359] sysv_free_block: flc_count > flc_size
[  519.958709][ T8359] sysv_free_block: flc_count > flc_size
[  519.959298][ T8359] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  520.074850][ T8755] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  521.929558][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  522.287789][ T8794] loop2: detected capacity change from 0 to 512
[  522.386969][ T7060] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  522.414047][ T8794] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  522.519811][ T8794] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  523.038087][ T8804] fuse: Bad value for 'rootmode'
[  524.756927][ T8811] loop2: detected capacity change from 0 to 1024
[  524.777779][ T8811] hfsplus: failed to load root directory
[  524.898769][ T7060] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  525.694103][ T8830] loop2: detected capacity change from 0 to 1764
[  526.250224][ T8836] binder: BINDER_SET_CONTEXT_MGR already set
[  526.269614][ T8836] binder: 8833:8836 ioctl 4018620d 20000040 returned -16
[  526.427858][ T8814] loop1: detected capacity change from 0 to 32768
[  526.574833][ T8814] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz-executor.1 (8814)
[  527.374979][ T8841] 9pnet_fd: Insufficient options for proto=fd
[  527.550084][ T3579] Bluetooth: hci4: command 0x0406 tx timeout
[  527.894646][ T8846] loop2: detected capacity change from 0 to 256
[  527.989089][ T8846] exFAT-fs (loop2): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  528.007243][ T8849] loop3: detected capacity change from 0 to 512
[  528.065603][ T8846] exFAT-fs (loop2): invalid boot region
[  528.071689][ T8846] exFAT-fs (loop2): failed to recognize exfat type
[  528.111193][ T8848] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  528.807452][ T8854] loop2: detected capacity change from 0 to 128
[  529.425722][ T8848] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  529.603542][   T26] audit: type=1326 audit(1717851533.173:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8855 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  529.661096][ T7484] sysv_free_block: flc_count > flc_size
[  529.702623][ T7484] sysv_free_block: flc_count > flc_size
[  529.733463][ T7484] sysv_free_block: flc_count > flc_size
[  529.739060][ T7484] sysv_free_block: flc_count > flc_size
[  529.758459][ T7484] sysv_free_block: flc_count > flc_size
[  529.764111][ T7484] sysv_free_block: flc_count > flc_size
[  529.769763][ T7484] sysv_free_block: flc_count > flc_size
[  529.823390][ T7484] sysv_free_block: flc_count > flc_size
[  529.829068][ T7484] sysv_free_block: flc_count > flc_size
[  529.879053][ T7484] sysv_free_block: flc_count > flc_size
[  529.885813][ T7484] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  529.995982][ T8859] loop3: detected capacity change from 0 to 1024
[  530.042252][ T8859] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  530.144605][ T8859] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  532.503267][ T8894] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  533.155039][ T8898] 9pnet_fd: Insufficient options for proto=fd
[  533.670575][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  535.603707][   T26] audit: type=1326 audit(1717851539.123:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8909 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f228507cf69 code=0x0
[  536.114411][ T8927] binder: BINDER_SET_CONTEXT_MGR already set
[  536.251373][ T8927] binder: 8920:8927 ioctl 4018620d 20000040 returned -16
[  536.600960][ T8934] loop4: detected capacity change from 0 to 512
[  536.674755][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  536.692642][ T8934] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  536.726109][ T8934] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  536.949731][ T8932] loop1: detected capacity change from 0 to 1764
[  537.914772][ T8944] 9pnet_fd: Insufficient options for proto=fd
[  538.407160][ T8947] loop2: detected capacity change from 0 to 1024
[  538.495895][ T8947] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  538.672915][ T8947] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  539.680389][ T8964] loop4: detected capacity change from 0 to 256
[  539.763668][ T8964] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  539.784051][ T8964] exFAT-fs (loop4): invalid boot region
[  539.796185][ T8964] exFAT-fs (loop4): failed to recognize exfat type
[  540.130975][ T8971] loop4: detected capacity change from 0 to 128
[  541.148696][ T3570] sysv_free_block: flc_count > flc_size
[  541.169371][ T3570] sysv_free_block: flc_count > flc_size
[  541.185456][ T3570] sysv_free_block: flc_count > flc_size
[  541.191036][ T3570] sysv_free_block: flc_count > flc_size
[  541.205841][ T3570] sysv_free_block: flc_count > flc_size
[  541.211511][ T3570] sysv_free_block: flc_count > flc_size
[  541.244618][   T26] audit: type=1326 audit(1717851544.853:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8972 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e62c7cf69 code=0x0
[  541.292842][ T3570] sysv_free_block: flc_count > flc_size
[  541.303808][ T3570] sysv_free_block: flc_count > flc_size
[  541.310947][ T3570] sysv_free_block: flc_count > flc_size
[  541.332356][ T3570] sysv_free_block: flc_count > flc_size
[  541.354242][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  541.488115][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  541.701273][ T8986] loop3: detected capacity change from 0 to 512
[  542.973813][ T8990] 9pnet_fd: Insufficient options for proto=fd
[  543.669858][ T8986] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  545.432283][ T9025] loop4: detected capacity change from 0 to 256
[  545.447283][ T9023] binder: BINDER_SET_CONTEXT_MGR already set
[  545.489578][ T9025] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  545.526962][ T9025] exFAT-fs (loop4): invalid boot region
[  545.542155][ T9023] binder: 9017:9023 ioctl 4018620d 20000040 returned -16
[  545.550624][ T9025] exFAT-fs (loop4): failed to recognize exfat type
[  545.783973][ T9028] loop1: detected capacity change from 0 to 1024
[  545.852695][ T9028] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  545.973190][ T9032] loop4: detected capacity change from 0 to 128
[  546.238403][ T9028] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  546.503648][ T3570] sysv_free_block: flc_count > flc_size
[  546.509245][ T3570] sysv_free_block: flc_count > flc_size
[  546.533824][ T3570] sysv_free_block: flc_count > flc_size
[  546.539407][ T3570] sysv_free_block: flc_count > flc_size
[  546.553783][ T3570] sysv_free_block: flc_count > flc_size
[  546.561193][ T3570] sysv_free_block: flc_count > flc_size
[  546.580927][ T3570] sysv_free_block: flc_count > flc_size
[  546.610140][ T3570] sysv_free_block: flc_count > flc_size
[  546.617746][ T3570] sysv_free_block: flc_count > flc_size
[  546.638664][ T3570] sysv_free_block: flc_count > flc_size
[  546.652924][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  546.979078][   T26] audit: type=1326 audit(1717851550.593:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9039 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  548.660890][ T9047] loop2: detected capacity change from 0 to 512
[  548.866130][ T7060] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  549.474473][ T9054] 9pnet_fd: Insufficient options for proto=fd
[  550.104486][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  550.111093][ T9047] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  551.740432][ T9083] loop4: detected capacity change from 0 to 256
[  551.755518][ T9078] loop2: detected capacity change from 0 to 1764
[  551.787510][ T9083] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  551.829532][ T9083] exFAT-fs (loop4): invalid boot region
[  551.831354][   T26] audit: type=1326 audit(1717851555.443:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9084 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e62c7cf69 code=0x0
[  551.857680][ T9083] exFAT-fs (loop4): failed to recognize exfat type
[  552.606900][ T9092] loop4: detected capacity change from 0 to 128
[  553.496509][ T3570] sysv_free_block: flc_count > flc_size
[  553.502205][ T3570] sysv_free_block: flc_count > flc_size
[  553.507887][ T3570] sysv_free_block: flc_count > flc_size
[  553.513580][ T3570] sysv_free_block: flc_count > flc_size
[  553.519232][ T3570] sysv_free_block: flc_count > flc_size
[  553.524938][ T3570] sysv_free_block: flc_count > flc_size
[  553.530581][ T3570] sysv_free_block: flc_count > flc_size
[  553.537591][ T3570] sysv_free_block: flc_count > flc_size
[  553.545494][ T3570] sysv_free_block: flc_count > flc_size
[  553.551155][ T3570] sysv_free_block: flc_count > flc_size
[  553.581784][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  554.354897][ T9105] 9pnet_fd: Insufficient options for proto=fd
[  554.964523][ T9110] loop4: detected capacity change from 0 to 1024
[  554.991567][ T9110] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  555.047248][ T9116] binder: BINDER_SET_CONTEXT_MGR already set
[  555.086667][ T9110] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  555.121560][ T9116] binder: 9108:9116 ioctl 4018620d 20000040 returned -16
[  555.134371][ T9119] loop2: detected capacity change from 0 to 512
[  555.300356][ T9119] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  557.112885][ T9134] loop2: detected capacity change from 0 to 32768
[  557.200473][ T9134] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  557.210716][ T9134] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  557.219481][ T9134] BTRFS info (device loop2): use zlib compression, level 3
[  557.226712][ T9134] BTRFS info (device loop2): using free space tree
[  557.339457][ T9134] BTRFS info (device loop2): enabling ssd optimizations
[  557.393034][ T7484] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  557.873224][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  557.906745][   T26] audit: type=1326 audit(1717851561.523:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9158 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e62c7cf69 code=0x0
[  558.593881][ T9171] loop4: detected capacity change from 0 to 256
[  558.630578][ T9171] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  558.711463][ T9171] exFAT-fs (loop4): invalid boot region
[  558.717196][ T9171] exFAT-fs (loop4): failed to recognize exfat type
[  559.060924][ T9174] loop4: detected capacity change from 0 to 128
[  559.669791][ T3570] sysv_free_block: flc_count > flc_size
[  559.711141][ T3570] sysv_free_block: flc_count > flc_size
[  559.758748][ T3570] sysv_free_block: flc_count > flc_size
[  559.784101][ T3570] sysv_free_block: flc_count > flc_size
[  559.789686][ T3570] sysv_free_block: flc_count > flc_size
[  559.859139][ T3570] sysv_free_block: flc_count > flc_size
[  559.870960][ T3570] sysv_free_block: flc_count > flc_size
[  559.877203][ T3570] sysv_free_block: flc_count > flc_size
[  559.882856][ T3570] sysv_free_block: flc_count > flc_size
[  559.889058][ T3570] sysv_free_block: flc_count > flc_size
[  559.896274][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  560.684880][ T9180] 9pnet_fd: Insufficient options for proto=fd
[  561.136632][ T9181] loop4: detected capacity change from 0 to 1764
[  561.302561][ T9190] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  563.333409][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  563.339767][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  563.572557][ T9211] loop4: detected capacity change from 0 to 256
[  563.605311][ T9207] loop3: detected capacity change from 0 to 1024
[  563.614949][ T9211] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  563.628475][   T26] audit: type=1326 audit(1717851567.243:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9209 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  563.651915][ T9207] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  563.659050][ T9211] exFAT-fs (loop4): invalid boot region
[  563.681138][ T9211] exFAT-fs (loop4): failed to recognize exfat type
[  563.717933][ T9207] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  564.394639][ T9221] loop4: detected capacity change from 0 to 128
[  564.912924][ T3570] sysv_free_block: flc_count > flc_size
[  564.961359][ T9225] binder: 9224:9225 ioctl 4018620d 20000040 returned -22
[  564.974075][ T3570] sysv_free_block: flc_count > flc_size
[  564.979667][ T3570] sysv_free_block: flc_count > flc_size
[  565.013900][ T3570] sysv_free_block: flc_count > flc_size
[  565.047501][ T3570] sysv_free_block: flc_count > flc_size
[  565.084910][ T3570] sysv_free_block: flc_count > flc_size
[  565.090495][ T3570] sysv_free_block: flc_count > flc_size
[  565.117040][ T3570] sysv_free_block: flc_count > flc_size
[  565.125084][ T3570] sysv_free_block: flc_count > flc_size
[  565.130827][ T3570] sysv_free_block: flc_count > flc_size
[  565.140985][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  565.198238][ T9227] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  567.275538][ T9243] 9pnet_fd: Insufficient options for proto=fd
[  568.777575][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  568.889330][   T26] audit: type=1326 audit(1717851572.503:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9256 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  569.054051][ T9264] binder: 9263:9264 ioctl 4018620d 20000040 returned -22
[  569.159049][ T9267] loop1: detected capacity change from 0 to 256
[  569.211512][ T9267] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  569.249011][ T9267] exFAT-fs (loop1): invalid boot region
[  569.269003][ T9267] exFAT-fs (loop1): failed to recognize exfat type
[  569.639641][ T9275] loop1: detected capacity change from 0 to 128
[  570.671868][ T9277] loop4: detected capacity change from 0 to 512
[  570.844394][ T5571] sysv_free_block: flc_count > flc_size
[  570.853966][ T5571] sysv_free_block: flc_count > flc_size
[  570.859598][ T5571] sysv_free_block: flc_count > flc_size
[  570.865418][ T5571] sysv_free_block: flc_count > flc_size
[  570.871108][ T5571] sysv_free_block: flc_count > flc_size
[  570.878563][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  571.092449][ T5571] sysv_free_block: flc_count > flc_size
[  571.220237][ T5571] sysv_free_block: flc_count > flc_size
[  571.563586][ T5571] sysv_free_block: flc_count > flc_size
[  571.577234][ T5571] sysv_free_block: flc_count > flc_size
[  571.594076][ T9277] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  571.612861][ T5571] sysv_free_block: flc_count > flc_size
[  571.651366][ T5571] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  571.910704][ T9292] loop2: detected capacity change from 0 to 1024
[  571.937670][ T9292] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  572.058283][ T9292] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  572.944960][ T9306] 9pnet_fd: Insufficient options for proto=fd
[  573.391286][ T9312] binder: 9310:9312 ioctl 4018620d 20000040 returned -22
[  573.460174][   T26] audit: type=1326 audit(1717851577.073:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9311 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  573.769439][ T9322] loop1: detected capacity change from 0 to 1764
[  573.874641][ T9325] loop3: detected capacity change from 0 to 256
[  573.954811][ T9325] exFAT-fs (loop3): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  573.966896][ T9325] exFAT-fs (loop3): invalid boot region
[  573.972736][ T9325] exFAT-fs (loop3): failed to recognize exfat type
[  574.307118][ T9328] loop3: detected capacity change from 0 to 128
[  574.934606][ T8359] sysv_free_block: flc_count > flc_size
[  574.964737][ T8359] sysv_free_block: flc_count > flc_size
[  574.995951][ T8359] sysv_free_block: flc_count > flc_size
[  575.013962][ T8359] sysv_free_block: flc_count > flc_size
[  575.028807][ T8359] sysv_free_block: flc_count > flc_size
[  575.046787][ T8359] sysv_free_block: flc_count > flc_size
[  575.069969][ T8359] sysv_free_block: flc_count > flc_size
[  575.087285][ T8359] sysv_free_block: flc_count > flc_size
[  575.099811][ T8359] sysv_free_block: flc_count > flc_size
[  575.118865][ T8359] sysv_free_block: flc_count > flc_size
[  575.125118][ T8359] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  575.264104][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  576.490827][ T9351] loop2: detected capacity change from 0 to 512
[  576.647679][ T7060] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  576.673246][ T9351] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  577.454718][ T9358] 9pnet_fd: Insufficient options for proto=fd
[  577.804024][ T9360] loop3: detected capacity change from 0 to 512
[  577.850127][ T9360] EXT4-fs: Invalid want_extra_isize 5
[  577.977393][ T9364] binder: BINDER_SET_CONTEXT_MGR already set
[  577.983578][ T9364] binder: 9361:9364 ioctl 4018620d 20000040 returned -16
[  578.822746][ T9375] loop1: detected capacity change from 0 to 256
[  578.840847][ T9375] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  578.854927][ T9375] exFAT-fs (loop1): invalid boot region
[  578.876274][   T26] audit: type=1326 audit(1717851582.493:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9376 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe35827cf69 code=0x0
[  578.876698][ T9375] exFAT-fs (loop1): failed to recognize exfat type
[  578.944463][ T7060] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  579.304072][ T9384] loop1: detected capacity change from 0 to 128
[  579.735158][ T9386] loop3: detected capacity change from 0 to 1024
[  579.810318][ T9386] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  579.925888][ T9386] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  579.974422][ T5571] sysv_free_block: flc_count > flc_size
[  579.980683][ T5571] sysv_free_block: flc_count > flc_size
[  580.025853][ T5571] sysv_free_block: flc_count > flc_size
[  580.038557][ T5571] sysv_free_block: flc_count > flc_size
[  580.056412][ T5571] sysv_free_block: flc_count > flc_size
[  580.077438][ T5571] sysv_free_block: flc_count > flc_size
[  580.101669][ T5571] sysv_free_block: flc_count > flc_size
[  580.170584][ T5571] sysv_free_block: flc_count > flc_size
[  580.176703][ T5571] sysv_free_block: flc_count > flc_size
[  580.182328][ T5571] sysv_free_block: flc_count > flc_size
[  580.188994][ T5571] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  581.011681][   T26] audit: type=1804 audit(1717851584.623:81): pid=9386 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/36/file0/bus" dev="loop3" ino=18 res=1 errno=0
[  582.122709][ T9408] loop4: detected capacity change from 0 to 512
[  582.205193][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  582.220152][ T9408] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  583.303487][ T9417] binder: BINDER_SET_CONTEXT_MGR already set
[  583.309531][ T9417] binder: 9412:9417 ioctl 4018620d 20000040 returned -16
[  583.380465][ T9418] 9pnet_fd: Insufficient options for proto=fd
[  584.398709][ T9421] loop1: detected capacity change from 0 to 1024
[  584.440401][ T9421] hfsplus: unable to parse mount options
[  584.538774][ T7060] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  584.576668][ T9421] loop1: detected capacity change from 0 to 256
[  584.772998][   T26] audit: type=1326 audit(1717851588.383:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  584.801461][ T9426] loop2: detected capacity change from 0 to 512
[  584.821971][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  584.825419][ T9426] EXT4-fs: Invalid want_extra_isize 5
[  585.558879][ T3582] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  586.672365][ T9440] loop1: detected capacity change from 0 to 1024
[  586.681897][ T9440] hfsplus: failed to load root directory
[  586.808621][ T9452] loop3: detected capacity change from 0 to 1024
[  586.852746][ T9452] hfsplus: unable to parse mount options
[  586.900770][ T9456] loop2: detected capacity change from 0 to 512
[  586.935330][ T7060] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  586.944272][ T9452] loop3: detected capacity change from 0 to 256
[  587.073447][   T26] audit: type=1804 audit(1717851590.673:83): pid=9458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir26909140/syzkaller.TiE99x/351/cgroup.controllers" dev="sda1" ino=1952 res=1 errno=0
[  587.154528][   T26] audit: type=1804 audit(1717851590.683:84): pid=9458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir26909140/syzkaller.TiE99x/351/cgroup.controllers" dev="sda1" ino=1952 res=1 errno=0
[  587.184614][ T3582] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  587.221199][ T9456] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  588.067061][ T9468] binder: BINDER_SET_CONTEXT_MGR already set
[  588.073137][ T9468] binder: 9461:9468 ioctl 4018620d 20000040 returned -16
[  588.743969][ T3587] Bluetooth: hci0: command 0x0406 tx timeout
[  589.095136][   T26] audit: type=1326 audit(1717851592.683:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9476 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f228507cf69 code=0x0
[  589.238860][ T9480] fuse: Unknown parameter 'use00000000000000000000'
[  591.490298][ T9494] loop3: detected capacity change from 0 to 1024
[  592.354225][ T9503] 9pnet_fd: Insufficient options for proto=fd
[  592.520799][ T9494] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  592.548735][ T9494] EXT4-fs (loop3): orphan cleanup on readonly fs
[  592.569409][ T9494] EXT4-fs error (device loop3): __ext4_get_inode_loc:4495: comm syz-executor.3: Invalid inode table block 0 in block_group 0
[  592.669703][ T9494] EXT4-fs (loop3): Remounting filesystem read-only
[  592.774724][ T9494] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  592.808409][ T9494] EXT4-fs error (device loop3): ext4_quota_write:7172: inode #3: comm syz-executor.3: mark_inode_dirty error
[  592.815505][ T9505] loop4: detected capacity change from 0 to 1024
[  592.837919][ T9505] hfsplus: unable to parse mount options
[  592.855815][ T9494] Quota error (device loop3): write_blk: dquota write failed
[  592.868630][ T9494] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  592.881161][ T9494] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz-executor.3: Failed to acquire dquot type 0
[  592.890435][ T9507] loop2: detected capacity change from 0 to 512
[  592.903597][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  592.919951][ T9505] loop4: detected capacity change from 0 to 256
[  592.921077][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  592.940102][ T9494] EXT4-fs (loop3): 1 truncate cleaned up
[  592.947517][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  592.957292][ T9494] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  592.970402][ T7060] Buffer I/O error on dev loop4, logical block 0, async page read
[  592.999795][ T9507] netlink: 'syz-executor.2': attribute type 10 has an invalid length.
[  594.157134][ T9510] loop2: detected capacity change from 0 to 1024
[  594.166497][ T9510] hfsplus: failed to load root directory
[  594.268535][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  594.486397][ T9518] loop4: detected capacity change from 0 to 512
[  594.660042][ T9518] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz-executor.4: bg 0: block 393: padding at end of block bitmap is not set
[  594.685097][ T9519] binder: BINDER_SET_CONTEXT_MGR already set
[  594.691149][ T9519] binder: 9517:9519 ioctl 4018620d 20000040 returned -16
[  594.766206][ T9518] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  594.788364][ T9518] EXT4-fs (loop4): 2 truncates cleaned up
[  594.794228][ T9518] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  595.813008][ T3579] Bluetooth: hci3: command 0x0406 tx timeout
[  596.050207][   T26] audit: type=1326 audit(1717851599.663:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9543 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e62c7cf69 code=0x0
[  596.183517][ T3583] Bluetooth: hci4: command 0x0406 tx timeout
[  596.200789][ T9534] device veth0_vlan left promiscuous mode
[  596.248640][ T9534] device veth0_vlan entered promiscuous mode
[  596.381676][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  596.396635][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  596.414352][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  597.838238][ T9560] loop3: detected capacity change from 0 to 1024
[  597.893045][ T9560] hfsplus: unable to parse mount options
[  597.944177][ T9561] loop1: detected capacity change from 0 to 1024
[  597.976419][ T9560] loop3: detected capacity change from 0 to 256
[  597.983147][ T9561] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  598.016710][ T9561] EXT4-fs (loop1): orphan cleanup on readonly fs
[  598.180185][ T9561] EXT4-fs error (device loop1): __ext4_get_inode_loc:4495: comm syz-executor.1: Invalid inode table block 0 in block_group 0
[  598.204096][ T9561] EXT4-fs (loop1): Remounting filesystem read-only
[  598.212511][ T9561] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  598.684326][ T9561] EXT4-fs error (device loop1): ext4_quota_write:7172: inode #3: comm syz-executor.1: mark_inode_dirty error
[  598.711212][ T9561] Quota error (device loop1): write_blk: dquota write failed
[  598.750882][ T9561] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  598.798712][ T9561] EXT4-fs error (device loop1): ext4_acquire_dquot:6777: comm syz-executor.1: Failed to acquire dquot type 0
[  599.114403][ T9561] EXT4-fs (loop1): 1 truncate cleaned up
[  599.322722][ T9561] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  599.667759][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  599.674680][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  600.704687][ T9579] loop1: detected capacity change from 0 to 2048
[  601.007552][ T9579] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  601.244338][ T9586] loop2: detected capacity change from 0 to 32768
[  601.254583][ T9586] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (9586)
[  601.273862][ T9586] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  601.284118][ T9586] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  601.292837][ T9586] BTRFS info (device loop2): use zlib compression, level 3
[  601.300167][ T9586] BTRFS info (device loop2): using free space tree
[  601.543482][ T3579] Bluetooth: hci2: command 0x0406 tx timeout
[  601.663654][ T4222] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  602.846853][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  602.939179][ T9586] BTRFS info (device loop2): enabling ssd optimizations
[  603.045281][ T7484] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  603.113828][ T4222] usb 2-1: device not accepting address 18, error -71
[  603.907557][ T9624] loop1: detected capacity change from 0 to 512
[  603.994392][ T9624] netlink: 'syz-executor.1': attribute type 10 has an invalid length.
[  604.557656][ T9648] loop4: detected capacity change from 0 to 1024
[  604.606713][ T9648] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  604.647885][ T9648] EXT4-fs (loop4): orphan cleanup on readonly fs
[  604.687247][ T9648] EXT4-fs error (device loop4): __ext4_get_inode_loc:4495: comm syz-executor.4: Invalid inode table block 0 in block_group 0
[  604.712222][ T9648] EXT4-fs (loop4): Remounting filesystem read-only
[  604.763620][ T9648] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  604.880117][ T9648] EXT4-fs error (device loop4): ext4_quota_write:7172: inode #3: comm syz-executor.4: mark_inode_dirty error
[  604.903805][ T9648] Quota error (device loop4): write_blk: dquota write failed
[  605.713617][ T9648] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  605.800155][ T9648] EXT4-fs error (device loop4): ext4_acquire_dquot:6777: comm syz-executor.4: Failed to acquire dquot type 0
[  605.853411][ T9628] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  605.875252][ T9648] EXT4-fs (loop4): 1 truncate cleaned up
[  605.881459][ T9648] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  606.209417][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  606.216055][ T9628] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  606.393790][ T9628] usb 1-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.40
[  606.531190][ T9628] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.760026][ T9665] loop4: detected capacity change from 0 to 1024
[  606.972157][ T9665] hfsplus: failed to load root directory
[  606.983560][ T9628] usb 1-1: Product: syz
[  606.999020][ T9628] usb 1-1: Manufacturer: syz
[  607.014126][ T9628] usb 1-1: SerialNumber: syz
[  607.089399][ T9628] usbhid 1-1:1.0: couldn't find an input interrupt endpoint
[  608.376317][ T9154] usb 1-1: USB disconnect, device number 11
[  608.533874][ T3579] Bluetooth: hci1: command 0x0406 tx timeout
[  610.357115][ T9693] loop3: detected capacity change from 0 to 512
[  610.418133][ T7060] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  610.461255][ T9693] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  610.524796][ T9670] loop1: detected capacity change from 0 to 40427
[  610.592669][ T9670] F2FS-fs (loop1): invalid crc value
[  610.669694][ T9670] F2FS-fs (loop1): Found nat_bits in checkpoint
[  611.217025][ T9670] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  611.260831][ T9711] loop3: detected capacity change from 0 to 1024
[  611.337197][ T9711] hfsplus: failed to load root directory
[  611.677013][ T9718] loop4: detected capacity change from 0 to 1024
[  611.704596][ T9718] hfsplus: unable to parse mount options
[  611.804668][ T4149] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  611.876781][ T9718] loop4: detected capacity change from 0 to 256
[  612.580882][ T9725] loop3: detected capacity change from 0 to 1024
[  612.621979][ T9725] hfsplus: unable to parse mount options
[  614.483158][ T3579] Bluetooth: hci3: command 0x0406 tx timeout
[  614.525269][ T7060] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  614.551274][ T9725] loop3: detected capacity change from 0 to 256
[  615.635478][ T9736] loop4: detected capacity change from 0 to 32768
[  615.646790][ T9736] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (9736)
[  615.767198][ T9736] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  615.777893][ T9736] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  615.786683][ T9736] BTRFS info (device loop4): use zlib compression, level 3
[  615.793937][ T9736] BTRFS info (device loop4): using free space tree
[  615.998092][ T9736] BTRFS info (device loop4): enabling ssd optimizations
[  616.196921][ T3570] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  616.216446][ T9768] loop3: detected capacity change from 0 to 512
[  616.275926][ T7060] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  616.293103][ T9768] netlink: 'syz-executor.3': attribute type 10 has an invalid length.
[  616.457334][ T9748] loop2: detected capacity change from 0 to 1024
[  616.494952][ T9748] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  616.566478][ T9748] EXT4-fs (loop2): orphan cleanup on readonly fs
[  616.632096][ T9748] EXT4-fs error (device loop2): __ext4_get_inode_loc:4495: comm syz-executor.2: Invalid inode table block 0 in block_group 0
[  616.666187][ T9748] EXT4-fs (loop2): Remounting filesystem read-only
[  616.720530][ T9748] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  616.731569][ T9748] EXT4-fs error (device loop2): ext4_quota_write:7172: inode #3: comm syz-executor.2: mark_inode_dirty error
[  616.749276][ T9748] Quota error (device loop2): write_blk: dquota write failed
[  616.757976][ T9748] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  616.777120][ T9748] EXT4-fs error (device loop2): ext4_acquire_dquot:6777: comm syz-executor.2: Failed to acquire dquot type 0
[  616.792905][ T9748] EXT4-fs (loop2): 1 truncate cleaned up
[  616.802993][ T9748] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  617.080454][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  618.522492][ T9784] loop4: detected capacity change from 0 to 32768
[  618.551145][ T9784] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  618.567654][ T9784] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  618.602861][ T9784] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  618.754977][ T3659] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  618.780945][ T3659] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  619.772628][ T3659] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 991ms
[  619.794968][ T3659] gfs2: fsid=syz:syz.0: jid=0: Done
[  619.800718][ T9784] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  619.814736][ T9787] loop2: detected capacity change from 0 to 40427
[  619.991958][ T9787] F2FS-fs (loop2): invalid crc value
[  620.043744][ T3579] Bluetooth: hci2: command 0x0406 tx timeout
[  620.222274][ T9787] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4)
[  620.800600][ T9816] loop1: detected capacity change from 0 to 512
[  620.849092][ T9816] EXT4-fs: Invalid want_extra_isize 5
[  621.102276][ T9820] binder: BINDER_SET_CONTEXT_MGR already set
[  621.108497][ T9820] binder: 9815:9820 ioctl 4018620d 20000040 returned -16
[  621.987481][ T9825] loop4: detected capacity change from 0 to 32768
[  621.999425][ T9825] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (9825)
[  622.015632][ T9825] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  622.026176][ T9825] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  622.035446][ T9825] BTRFS info (device loop4): use zlib compression, level 3
[  622.042679][ T9825] BTRFS info (device loop4): using free space tree
[  622.047075][ T9827] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  622.377135][ T9825] BTRFS info (device loop4): enabling ssd optimizations
[  622.443969][ T9845] loop3: detected capacity change from 0 to 1024
[  622.479221][ T9845] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  622.510694][ T9845] EXT4-fs (loop3): orphan cleanup on readonly fs
[  622.544378][ T9845] EXT4-fs error (device loop3): __ext4_get_inode_loc:4495: comm syz-executor.3: Invalid inode table block 0 in block_group 0
[  622.600382][ T9845] EXT4-fs (loop3): Remounting filesystem read-only
[  622.601389][ T3570] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  622.613474][ T9845] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  622.633461][ T9845] EXT4-fs error (device loop3): ext4_quota_write:7172: inode #3: comm syz-executor.3: mark_inode_dirty error
[  622.668699][ T9845] Quota error (device loop3): write_blk: dquota write failed
[  622.677082][ T9845] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  622.814832][ T9845] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz-executor.3: Failed to acquire dquot type 0
[  622.843058][ T9845] EXT4-fs (loop3): 1 truncate cleaned up
[  622.861899][ T9845] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  623.581936][ T9861] loop4: detected capacity change from 0 to 1024
[  623.595653][ T9861] hfsplus: failed to load root directory
[  623.674588][ T9868] loop2: detected capacity change from 0 to 512
[  623.802149][ T9868] EXT4-fs: Invalid want_extra_isize 5
[  623.809372][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  623.858203][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  624.149412][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  624.158209][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  624.287660][ T9878] fuse: Unknown parameter 'user_id00000000000000000000'
[  625.653582][ T3579] Bluetooth: hci1: command 0x0406 tx timeout
[  626.309881][ T9898] binder: BINDER_SET_CONTEXT_MGR already set
[  626.316008][ T9898] binder: 9890:9898 ioctl 4018620d 20000040 returned -16
[  626.855820][ T9899] loop4: detected capacity change from 0 to 32768
[  626.866450][ T9899] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (9899)
[  626.957380][ T9885] loop2: detected capacity change from 0 to 1764
[  626.967368][ T9899] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  626.977540][ T9899] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  626.986805][ T9899] BTRFS info (device loop4): use zlib compression, level 3
[  626.994114][ T9899] BTRFS info (device loop4): using free space tree
[  627.166472][ T3582] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  627.187432][ T9899] BTRFS info (device loop4): enabling ssd optimizations
[  627.442493][ T3570] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  629.161708][ T9942] loop2: detected capacity change from 0 to 512
[  629.211488][ T9942] EXT4-fs: Invalid want_extra_isize 5
[  629.877392][ T9948] loop4: detected capacity change from 0 to 1024
[  629.930641][ T9948] hfsplus: failed to load root directory
[  630.046061][ T7060] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  630.319079][ T9967] binder: BINDER_SET_CONTEXT_MGR already set
[  630.325213][ T9967] binder: 9961:9967 ioctl 4018620d 20000040 returned -16
[  630.710846][ T9964] loop3: detected capacity change from 0 to 1024
[  630.740687][ T9964] hfsplus: unable to parse mount options
[  630.952814][ T9970] loop2: detected capacity change from 0 to 1024
[  630.963585][ T9970] EXT4-fs: Ignoring removed orlov option
[  631.129716][ T9970] EXT4-fs (loop2): Test dummy encryption mode enabled
[  631.700943][ T9970] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  631.987021][ T3579] Bluetooth: hci1: command 0x0406 tx timeout
[  633.019446][ T9982] loop1: detected capacity change from 0 to 1024
[  633.026930][ T9982] EXT4-fs: Ignoring removed orlov option
[  633.033218][ T9982] EXT4-fs (loop1): Test dummy encryption mode enabled
[  633.059835][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  633.112791][ T9982] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  633.450094][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  635.185449][T10013] loop3: detected capacity change from 0 to 512
[  635.192995][T10013] EXT4-fs: Invalid want_extra_isize 5
[  635.483044][T10005] loop4: detected capacity change from 0 to 40427
[  635.491247][T10022] loop1: detected capacity change from 0 to 256
[  635.499214][T10005] F2FS-fs (loop4): invalid crc value
[  635.520033][T10005] F2FS-fs (loop4): Found nat_bits in checkpoint
[  635.534807][T10022] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4e1f5d09, utbl_chksum : 0xe619d30d)
[  635.654025][T10005] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  635.667970][T10005] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  635.699414][T10005] syz-executor.4: attempt to access beyond end of device
[  635.699414][T10005] loop4: rw=2049, sector=53248, nr_sectors = 16 limit=40427
[  635.720797][   T26] audit: type=1804 audit(1717851639.333:87): pid=10005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1691407478/syzkaller.nuA0N8/299/bus/bus" dev="loop4" ino=10 res=1 errno=0
[  635.804457][ T3570] syz-executor.4: attempt to access beyond end of device
[  635.804457][ T3570] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  635.990954][T10030] fuse: Bad value for 'fd'
[  636.607362][T10034] loop3: detected capacity change from 0 to 1024
[  636.879433][ T3687] hfsplus: b-tree write err: -5, ino 4
[  637.456122][T10042] loop3: detected capacity change from 0 to 1024
[  637.467537][T10042] EXT4-fs: Ignoring removed orlov option
[  637.495426][T10042] EXT4-fs (loop3): Test dummy encryption mode enabled
[  637.681695][T10042] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  638.170970][T10049] loop2: detected capacity change from 0 to 512
[  638.199558][T10049] EXT4-fs: Invalid want_extra_isize 5
[  638.278866][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  638.397529][   T26] audit: type=1326 audit(1717851642.013:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10053 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  638.421891][T10056] loop3: detected capacity change from 0 to 1024
[  638.445834][T10056] hfsplus: unable to parse mount options
[  639.833732][T10077] loop3: detected capacity change from 0 to 512
[  639.842050][T10077] EXT4-fs: Invalid want_extra_isize 5
[  640.012553][T10081] device veth0_vlan left promiscuous mode
[  640.032249][T10081] device veth0_vlan entered promiscuous mode
[  640.103687][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  640.127146][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  640.146654][ T3622] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  640.685087][T10092] fuse: Bad value for 'fd'
[  641.410926][T10075] loop2: detected capacity change from 0 to 40427
[  641.549465][T10075] F2FS-fs (loop2): invalid crc value
[  641.611350][T10075] F2FS-fs (loop2): Found nat_bits in checkpoint
[  641.822047][T10103] loop3: detected capacity change from 0 to 1024
[  641.835607][T10103] EXT4-fs: Ignoring removed orlov option
[  641.852921][T10103] EXT4-fs (loop3): Test dummy encryption mode enabled
[  643.460304][T10103] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  643.628287][T10075] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  643.814272][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  643.826794][T10116] loop4: detected capacity change from 0 to 1024
[  643.912276][ T3997] hfsplus: b-tree write err: -5, ino 4
[  643.974050][T10123] loop3: detected capacity change from 0 to 512
[  643.990038][T10123] EXT4-fs: Invalid want_extra_isize 5
[  644.091911][T10128] loop4: detected capacity change from 0 to 1024
[  644.111503][T10128] hfsplus: unable to parse mount options
[  645.243221][T10150] loop4: detected capacity change from 0 to 1024
[  645.396823][   T63] hfsplus: b-tree write err: -5, ino 4
[  646.514520][T10155] loop4: detected capacity change from 0 to 1024
[  646.535640][T10155] hfsplus: failed to load root directory
[  646.560250][T10118] loop1: detected capacity change from 0 to 32768
[  647.181463][T10168] loop3: detected capacity change from 0 to 1024
[  647.635681][T10170] loop4: detected capacity change from 0 to 1024
[  647.647159][T10170] EXT4-fs: Ignoring removed orlov option
[  647.675546][T10170] EXT4-fs (loop4): Test dummy encryption mode enabled
[  648.216803][T10170] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  648.259038][   T63] hfsplus: b-tree write err: -5, ino 4
[  648.502734][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  648.509730][T10176] loop2: detected capacity change from 0 to 512
[  648.517834][T10176] EXT4-fs: Invalid want_extra_isize 5
[  648.583564][ T3583] Bluetooth: hci1: command 0x0406 tx timeout
[  650.373628][T10204] loop4: detected capacity change from 0 to 2048
[  650.843203][T10204]  loop4: p1 < > p4
[  651.057506][T10204] loop4: p4 size 8388608 extends beyond EOD, truncated
[  651.975148][T10210] loop4: detected capacity change from 0 to 1024
[  651.992135][T10210] hfsplus: failed to load root directory
[  652.046507][T10217] loop3: detected capacity change from 0 to 1024
[  652.061824][T10217] hfsplus: unable to parse mount options
[  652.377490][T10217] loop3: detected capacity change from 0 to 256
[  653.415775][T10226] binder: BINDER_SET_CONTEXT_MGR already set
[  653.421787][T10226] binder: 10224:10226 ioctl 4018620d 20000040 returned -16
[  653.648366][T10232] loop4: detected capacity change from 0 to 512
[  653.704321][T10232] EXT4-fs: Invalid want_extra_isize 5
[  654.023481][ T3579] Bluetooth: hci1: command 0x0406 tx timeout
[  655.353751][T10247] loop4: detected capacity change from 0 to 512
[  655.361141][T10247] EXT4-fs: Invalid want_extra_isize 5
[  656.848603][T10266] device veth0_vlan left promiscuous mode
[  656.874267][T10266] device veth0_vlan entered promiscuous mode
[  656.918377][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  656.954790][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  656.962875][ T3626] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  657.950536][T10276] loop1: detected capacity change from 0 to 1024
[  657.974763][T10276] hfsplus: failed to load root directory
[  658.410407][T10280] loop2: detected capacity change from 0 to 256
[  658.420892][T10280] exFAT-fs (loop2): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  658.473442][T10280] exFAT-fs (loop2): invalid boot region
[  658.479150][T10280] exFAT-fs (loop2): failed to recognize exfat type
[  658.548774][T10265] loop4: detected capacity change from 0 to 32768
[  658.749767][T10286] loop1: detected capacity change from 0 to 512
[  658.757408][T10286] EXT4-fs: Invalid want_extra_isize 5
[  658.778476][T10265] XFS (loop4): Mounting V5 Filesystem
[  658.879129][T10291] loop2: detected capacity change from 0 to 128
[  659.459464][ T7484] sysv_free_block: flc_count > flc_size
[  659.477396][ T7484] sysv_free_block: flc_count > flc_size
[  659.482989][ T7484] sysv_free_block: flc_count > flc_size
[  659.511797][T10265] XFS (loop4): Ending clean mount
[  659.541173][ T7484] sysv_free_block: flc_count > flc_size
[  659.554593][T10265] XFS (loop4): Quotacheck needed: Please wait.
[  659.583743][ T7484] sysv_free_block: flc_count > flc_size
[  659.589336][ T7484] sysv_free_block: flc_count > flc_size
[  659.615845][ T7484] sysv_free_block: flc_count > flc_size
[  659.639685][ T7484] sysv_free_block: flc_count > flc_size
[  659.670505][ T7484] sysv_free_block: flc_count > flc_size
[  659.676744][ T7484] sysv_free_block: flc_count > flc_size
[  659.682786][T10265] XFS (loop4): Quotacheck: Done.
[  659.699495][ T7484] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  659.706549][ T3583] Bluetooth: hci0: command 0x0406 tx timeout
[  659.819792][ T3570] XFS (loop4): Unmounting Filesystem
[  662.421105][T10300] loop1: detected capacity change from 0 to 40427
[  662.453416][T10300] F2FS-fs (loop1): invalid crc value
[  662.460006][   T26] audit: type=1326 audit(1717851666.073:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10322 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  662.511069][T10300] F2FS-fs (loop1): Found nat_bits in checkpoint
[  662.760337][T10300] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  663.106181][T10341] loop4: detected capacity change from 0 to 1024
[  663.116970][T10341] EXT4-fs: Ignoring removed orlov option
[  663.218815][T10341] EXT4-fs (loop4): Test dummy encryption mode enabled
[  663.391145][T10341] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  663.895013][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  664.103883][T10355] loop1: detected capacity change from 0 to 256
[  664.140953][T10355] exFAT-fs (loop1): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  664.309491][T10355] exFAT-fs (loop1): invalid boot region
[  664.317366][T10355] exFAT-fs (loop1): failed to recognize exfat type
[  665.687352][T10355] loop1: detected capacity change from 0 to 128
[  666.157321][   T26] audit: type=1804 audit(1717851669.773:90): pid=10364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/82/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0
[  666.260696][   T26] audit: type=1804 audit(1717851669.803:91): pid=10364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/82/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0
[  666.517600][ T5571] sysv_free_block: flc_count > flc_size
[  666.551319][ T5571] sysv_free_block: flc_count > flc_size
[  666.579482][ T5571] sysv_free_block: flc_count > flc_size
[  666.601782][ T5571] sysv_free_block: flc_count > flc_size
[  666.629626][ T5571] sysv_free_block: flc_count > flc_size
[  666.655312][ T5571] sysv_free_block: flc_count > flc_size
[  666.674301][ T5571] sysv_free_block: flc_count > flc_size
[  666.693342][ T5571] sysv_free_block: flc_count > flc_size
[  666.719769][ T5571] sysv_free_block: flc_count > flc_size
[  666.732444][ T5571] sysv_free_block: flc_count > flc_size
[  666.774134][ T5571] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  667.349769][T10382] device veth0_vlan left promiscuous mode
[  667.440154][T10382] device veth0_vlan entered promiscuous mode
[  667.501560][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  667.522754][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  667.550067][T10385] loop1: detected capacity change from 0 to 512
[  667.561919][ T4358] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  667.581350][T10385] ext2: Unknown parameter 'obj_user'
[  667.677439][   T26] audit: type=1326 audit(1717851671.293:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10384 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e62c7cf69 code=0x0
[  667.940568][T10392] loop4: detected capacity change from 0 to 1024
[  667.980663][T10392] hfsplus: unable to parse mount options
[  668.061972][T10392] loop4: detected capacity change from 0 to 256
[  669.289474][T10398] loop1: detected capacity change from 0 to 1024
[  669.297178][T10398] EXT4-fs: Ignoring removed orlov option
[  669.325104][T10398] EXT4-fs (loop1): Test dummy encryption mode enabled
[  670.937217][T10398] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  671.121516][T10404] loop2: detected capacity change from 0 to 1024
[  671.150945][T10404] hfsplus: unable to parse mount options
[  671.218034][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  671.239323][T10404] loop2: detected capacity change from 0 to 256
[  671.501200][T10413] loop4: detected capacity change from 0 to 256
[  671.516791][T10413] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  671.560871][T10415] binder: BINDER_SET_CONTEXT_MGR already set
[  671.567016][T10415] binder: 10409:10415 ioctl 4018620d 20000040 returned -16
[  671.937590][T10413] exFAT-fs (loop4): invalid boot region
[  671.943791][T10413] exFAT-fs (loop4): failed to recognize exfat type
[  671.968353][T10418] loop3: detected capacity change from 0 to 512
[  671.991415][T10418] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 393: padding at end of block bitmap is not set
[  672.025923][T10418] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6171: Corrupt filesystem
[  672.063252][T10418] EXT4-fs (loop3): 2 truncates cleaned up
[  672.072108][T10418] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  672.310788][T10424] loop1: detected capacity change from 0 to 1024
[  672.788596][T10429] loop4: detected capacity change from 0 to 128
[  673.004989][T10424] hfsplus: unable to parse mount options
[  673.537038][ T3570] sysv_free_block: flc_count > flc_size
[  673.542911][ T3570] sysv_free_block: flc_count > flc_size
[  673.552570][ T3570] sysv_free_block: flc_count > flc_size
[  674.112463][ T3570] sysv_free_block: flc_count > flc_size
[  674.265078][ T3570] sysv_free_block: flc_count > flc_size
[  674.290202][T10427] loop2: detected capacity change from 0 to 1024
[  674.299663][T10427] hfsplus: failed to load root directory
[  674.312976][ T3570] sysv_free_block: flc_count > flc_size
[  674.336412][T10424] loop1: detected capacity change from 0 to 256
[  674.342720][ T3570] sysv_free_block: flc_count > flc_size
[  674.352894][ T3570] sysv_free_block: flc_count > flc_size
[  674.545572][ T3570] sysv_free_block: flc_count > flc_size
[  674.695685][ T3570] sysv_free_block: flc_count > flc_size
[  674.701920][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  675.735597][T10441] loop4: detected capacity change from 0 to 512
[  675.763123][T10441] ext2: Unknown parameter 'obj_user'
[  675.837266][   T26] audit: type=1326 audit(1717851679.453:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10440 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  676.233192][   T26] audit: type=1804 audit(1717851679.843:94): pid=10450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir26909140/syzkaller.TiE99x/395/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  676.342702][   T26] audit: type=1804 audit(1717851679.883:95): pid=10450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir26909140/syzkaller.TiE99x/395/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  676.368702][ T3579] Bluetooth: hci4: command 0x0406 tx timeout
[  676.449403][T10457] loop4: detected capacity change from 0 to 512
[  676.504719][T10457] EXT4-fs: Invalid want_extra_isize 5
[  678.120665][T10462] loop2: detected capacity change from 0 to 512
[  678.149739][T10462] EXT4-fs: Ignoring removed oldalloc option
[  678.160274][T10462] EXT4-fs: Ignoring removed oldalloc option
[  678.168546][T10469] binder: BINDER_SET_CONTEXT_MGR already set
[  678.174580][T10469] binder: 10467:10469 ioctl 4018620d 20000040 returned -16
[  678.185119][T10462] EXT4-fs: Ignoring removed oldalloc option
[  678.201781][T10462] EXT4-fs (loop2): Test dummy encryption mode enabled
[  678.240275][T10462] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c024e01c, mo2=0002]
[  678.251197][T10472] loop4: detected capacity change from 0 to 256
[  678.282205][T10472] exFAT-fs (loop4): Invalid boot checksum (boot checksum : 0x0019abd0, checksum : 0x1119abd0)
[  678.294083][T10462] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  678.318478][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  678.343728][T10462] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.2: missing EA_INODE flag
[  678.360145][T10472] exFAT-fs (loop4): invalid boot region
[  678.377685][T10445] loop1: detected capacity change from 0 to 40427
[  678.385764][T10472] exFAT-fs (loop4): failed to recognize exfat type
[  678.392629][T10462] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 12 err=-117
[  678.410284][T10445] F2FS-fs (loop1): invalid crc value
[  678.424842][T10462] EXT4-fs (loop2): 1 orphan inode deleted
[  678.431098][T10462] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  678.470356][T10462] EXT4-fs (loop2): unmounting filesystem.
[  678.647963][T10445] F2FS-fs (loop1): Found nat_bits in checkpoint
[  678.891185][T10481] loop3: detected capacity change from 0 to 1024
[  678.898916][T10481] EXT4-fs: Ignoring removed orlov option
[  678.915565][T10482] loop4: detected capacity change from 0 to 128
[  681.193881][T10481] EXT4-fs (loop3): Test dummy encryption mode enabled
[  681.534938][T10481] EXT4-fs: failed to create workqueue
[  681.540355][T10481] EXT4-fs (loop3): mount failed
[  681.669571][T10445] F2FS-fs (loop1): Cannot turn on quotas: -2 on 0
[  681.753238][ T3570] sysv_free_block: flc_count > flc_size
[  681.759244][ T3570] sysv_free_block: flc_count > flc_size
[  681.837524][ T3570] sysv_free_block: flc_count > flc_size
[  681.917018][ T3570] sysv_free_block: flc_count > flc_size
[  681.922695][ T3570] sysv_free_block: flc_count > flc_size
[  681.929980][ T3570] sysv_free_block: flc_count > flc_size
[  681.940289][ T3570] sysv_free_block: flc_count > flc_size
[  681.953026][ T3570] sysv_free_block: flc_count > flc_size
[  681.959614][ T3570] sysv_free_block: flc_count > flc_size
[  681.965310][ T3570] sysv_free_block: flc_count > flc_size
[  681.971474][ T3570] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  682.573092][T10494] loop3: detected capacity change from 0 to 1024
[  682.580760][T10494] EXT4-fs: Ignoring removed orlov option
[  684.096579][T10494] EXT4-fs (loop3): Test dummy encryption mode enabled
[  684.255027][T10494] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  684.548030][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  684.548430][T10502] loop4: detected capacity change from 0 to 2048
[  684.604041][T10505] loop1: detected capacity change from 0 to 1024
[  684.621571][T10502] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  684.641529][T10505] hfsplus: unable to parse mount options
[  684.705073][T10505] loop1: detected capacity change from 0 to 256
[  685.383874][ T3620] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  685.674038][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  685.680400][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  685.903222][ T3620] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  686.183586][ T3579] Bluetooth: hci2: command 0x0406 tx timeout
[  686.303504][ T3620] usb 5-1: New USB device found, idVendor=0566, idProduct=3004, bcdDevice= 0.40
[  686.330939][ T3620] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  686.362807][ T3620] usb 5-1: Product: syz
[  686.381903][ T3620] usb 5-1: Manufacturer: syz
[  686.397233][ T3620] usb 5-1: SerialNumber: syz
[  686.465780][ T3620] usbhid 5-1:1.0: couldn't find an input interrupt endpoint
[  686.642408][   T26] audit: type=1326 audit(1717851690.253:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10523 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f228507cf69 code=0x0
[  687.411050][T10529] binder: BINDER_SET_CONTEXT_MGR already set
[  687.417282][T10529] binder: 10527:10529 ioctl 4018620d 20000040 returned -16
[  687.527916][T10531] loop2: detected capacity change from 0 to 1024
[  687.535666][T10531] hfsplus: unable to parse mount options
[  687.620071][T10531] loop2: detected capacity change from 0 to 256
[  687.765412][ T3620] usb 5-1: USB disconnect, device number 20
[  687.859332][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  688.729816][T10538] device bond1 entered promiscuous mode
[  688.776713][T10538] 8021q: adding VLAN 0 to HW filter on device bond1
[  688.803162][   T26] audit: type=1326 audit(1717851692.413:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10539 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  688.927037][T10545] device bridge1 entered promiscuous mode
[  688.985852][T10545] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  689.049597][ T3620] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  689.467848][T10555] fuse: Bad value for 'rootmode'
[  690.508150][T10533] loop3: detected capacity change from 0 to 40427
[  690.526379][T10533] F2FS-fs (loop3): invalid crc value
[  690.540552][T10561] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  690.566902][T10533] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  690.881968][T10565] loop1: detected capacity change from 0 to 1024
[  690.893413][T10565] EXT4-fs: Ignoring removed orlov option
[  691.114140][T10565] EXT4-fs (loop1): Test dummy encryption mode enabled
[  691.621191][T10565] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  691.688073][   T26] audit: type=1107 audit(1717851695.303:98): pid=10567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='§'
[  692.765416][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  692.965118][T10579] device bond1 entered promiscuous mode
[  692.978849][T10579] 8021q: adding VLAN 0 to HW filter on device bond1
[  692.991496][   T26] audit: type=1326 audit(1717851696.603:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10578 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x0
[  693.284835][T10587] loop3: detected capacity change from 0 to 1024
[  693.296550][T10587] EXT4-fs: Ignoring removed orlov option
[  693.313973][T10587] EXT4-fs (loop3): Test dummy encryption mode enabled
[  693.440102][T10587] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  693.847725][T10583] device bridge1 entered promiscuous mode
[  693.870484][T10583] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  693.883893][ T9932] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  694.169721][T10595] loop1: detected capacity change from 0 to 1024
[  694.808863][T10596] binder: BINDER_SET_CONTEXT_MGR already set
[  694.814993][T10596] binder: 10592:10596 ioctl 4018620d 20000040 returned -16
[  695.242094][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  695.309538][T10595] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  695.497642][   T26] audit: type=1804 audit(1717851699.113:100): pid=10605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/91/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  695.547714][   T26] audit: type=1804 audit(1717851699.153:101): pid=10605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/91/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  695.592778][T10606] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  695.689522][T10609] fuse: Bad value for 'rootmode'
[  696.673943][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  696.781379][T10619] loop2: detected capacity change from 0 to 512
[  696.799330][T10619] EXT4-fs: Invalid want_extra_isize 5
[  697.123527][T10626] loop3: detected capacity change from 0 to 1024
[  697.135003][T10626] EXT4-fs: Ignoring removed orlov option
[  697.233981][T10626] EXT4-fs (loop3): Test dummy encryption mode enabled
[  697.372058][T10626] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  697.915806][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  697.967244][T10631] loop1: detected capacity change from 0 to 512
[  698.024874][T10631] ext2: Unknown parameter 'obj_user'
[  698.143532][   T26] audit: type=1326 audit(1717851701.753:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10630 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e62c7cf69 code=0x0
[  698.414547][T10637] loop2: detected capacity change from 0 to 1024
[  698.422711][T10637] EXT4-fs: Ignoring removed orlov option
[  698.448093][T10638] binder: BINDER_SET_CONTEXT_MGR already set
[  698.454279][T10638] binder: 10634:10638 ioctl 4018620d 20000040 returned -16
[  698.517505][T10637] EXT4-fs (loop2): Test dummy encryption mode enabled
[  698.645115][T10637] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  699.386425][ T7484] EXT4-fs (loop2): unmounting filesystem.
[  699.432595][T10647] device bond1 entered promiscuous mode
[  699.459040][T10647] 8021q: adding VLAN 0 to HW filter on device bond1
[  700.498959][   T26] audit: type=1804 audit(1717851704.113:103): pid=10662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir26909140/syzkaller.TiE99x/408/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  700.569723][   T26] audit: type=1804 audit(1717851704.153:104): pid=10662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir26909140/syzkaller.TiE99x/408/cgroup.controllers" dev="sda1" ino=1957 res=1 errno=0
[  700.701744][T10658] loop1: detected capacity change from 0 to 1024
[  700.829414][T10658] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  700.857444][T10658] EXT4-fs (loop1): orphan cleanup on readonly fs
[  700.940528][T10677] 9pnet_fd: Insufficient options for proto=fd
[  701.050956][T10658] EXT4-fs error (device loop1): __ext4_get_inode_loc:4495: comm syz-executor.1: Invalid inode table block 0 in block_group 0
[  701.137798][T10664] loop4: detected capacity change from 0 to 512
[  701.197988][T10676] loop2: detected capacity change from 0 to 512
[  701.260165][T10658] EXT4-fs (loop1): Remounting filesystem read-only
[  701.275778][T10664] EXT4-fs: Ignoring removed oldalloc option
[  701.337077][T10676] EXT4-fs: Invalid want_extra_isize 5
[  701.358189][T10664] EXT4-fs: Ignoring removed oldalloc option
[  701.368127][T10658] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5868: Corrupt filesystem
[  701.438326][T10664] EXT4-fs: Ignoring removed oldalloc option
[  701.496064][T10658] EXT4-fs error (device loop1): ext4_quota_write:7172: inode #3: comm syz-executor.1: mark_inode_dirty error
[  701.521294][T10664] EXT4-fs (loop4): Test dummy encryption mode enabled
[  701.551269][T10658] Quota error (device loop1): write_blk: dquota write failed
[  701.570759][T10664] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c024e01c, mo2=0002]
[  701.586943][T10658] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  701.602245][T10664] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  701.634216][T10658] EXT4-fs error (device loop1): ext4_acquire_dquot:6777: comm syz-executor.1: Failed to acquire dquot type 0
[  701.647783][T10658] EXT4-fs (loop1): 1 truncate cleaned up
[  701.663615][T10664] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag
[  701.675838][T10658] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  701.685844][T10664] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117
[  701.706948][T10664] EXT4-fs (loop4): 1 orphan inode deleted
[  701.723172][T10664] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  701.749864][T10681] loop3: detected capacity change from 0 to 1024
[  701.805581][T10681] hfsplus: unable to parse mount options
[  701.824796][T10664] EXT4-fs (loop4): unmounting filesystem.
[  701.885262][   T26] audit: type=1326 audit(1717851705.503:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10682 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe35827cf69 code=0x0
[  701.936730][T10681] loop3: detected capacity change from 0 to 256
[  701.950755][ T5571] EXT4-fs (loop1): unmounting filesystem.
[  702.014241][T10685] loop4: detected capacity change from 0 to 512
[  702.235272][T10685] ext2: Unknown parameter 'obj_user'
[  702.964523][   T26] audit: type=1326 audit(1717851706.563:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10684 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff94667cf69 code=0x0
[  704.122048][T10712] loop4: detected capacity change from 0 to 1024
[  704.129892][T10712] hfsplus: unable to parse mount options
[  704.174168][T10712] loop4: detected capacity change from 0 to 256
[  704.384516][T10717] loop1: detected capacity change from 0 to 512
[  707.163328][T10717] EXT4-fs: failed to create workqueue
[  707.169385][T10717] EXT4-fs (loop1): mount failed
[  707.317986][   T26] audit: type=1804 audit(1717851710.923:107): pid=10725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/99/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0
[  707.381699][   T26] audit: type=1804 audit(1717851710.963:108): pid=10725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.3" name="/root/syzkaller-testdir2783877642/syzkaller.aGYCtj/99/cgroup.controllers" dev="sda1" ino=1961 res=1 errno=0
[  707.638982][T10729] loop1: detected capacity change from 0 to 512
[  707.658120][T10729] EXT4-fs: Invalid want_extra_isize 5
[  707.918646][T10733] loop4: detected capacity change from 0 to 512
[  707.965195][T10733] EXT4-fs: Ignoring removed oldalloc option
[  707.972571][   T26] audit: type=1800 audit(1717851711.583:109): pid=10730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1966 res=0 errno=0
[  708.025948][T10733] EXT4-fs: Ignoring removed oldalloc option
[  708.054566][T10733] EXT4-fs: Ignoring removed oldalloc option
[  708.091273][T10733] EXT4-fs (loop4): Test dummy encryption mode enabled
[  708.152254][T10734] loop2: detected capacity change from 0 to 32768
[  708.154886][T10733] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c024e01c, mo2=0002]
[  708.171454][T10734] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz-executor.2 (10734)
[  708.215092][T10733] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  708.233410][T10734] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  708.243710][T10734] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  708.252446][T10734] BTRFS info (device loop2): use zlib compression, level 3
[  708.259855][T10734] BTRFS info (device loop2): using free space tree
[  708.287789][T10733] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag
[  708.313737][T10733] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117
[  708.334195][T10733] EXT4-fs (loop4): 1 orphan inode deleted
[  708.353595][T10733] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  708.418113][T10733] EXT4-fs (loop4): unmounting filesystem.
[  708.526795][T10734] BTRFS info (device loop2): enabling ssd optimizations
[  708.590061][T10758] loop1: detected capacity change from 0 to 512
[  708.635264][T10758] EXT4-fs: Invalid want_extra_isize 5
[  708.653875][ T7484] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  708.765444][T10762] loop3: detected capacity change from 0 to 1024
[  708.821727][T10762] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  708.869353][T10762] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  709.189401][T10771] loop4: detected capacity change from 0 to 1764
[  710.778163][T10794] overlayfs: missing 'lowerdir'
[  712.818351][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  713.037651][T10814] loop4: detected capacity change from 0 to 256
[  713.080334][T10814] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  716.254980][T10849] loop4: detected capacity change from 0 to 1024
[  716.277470][T10849] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  716.311788][T10849] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  716.369831][T10838] loop1: detected capacity change from 0 to 1764
[  717.123553][T10851] loop2: detected capacity change from 0 to 40427
[  717.154439][T10851] F2FS-fs (loop2): invalid crc value
[  717.209700][T10851] F2FS-fs (loop2): Found nat_bits in checkpoint
[  717.616578][T10870] loop1: detected capacity change from 0 to 256
[  718.269817][T10870] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0xff6f124c, utbl_chksum : 0xe619d30d)
[  718.308147][T10851] F2FS-fs (loop2): Cannot turn on quotas: -2 on 1
[  718.316810][T10851] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  718.330836][   T26] audit: type=1800 audit(1717851721.943:110): pid=10851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=10 res=0 errno=0
[  718.334533][T10847] loop3: detected capacity change from 0 to 40427
[  718.376026][T10847] F2FS-fs (loop3): Unrecognized mount option "errors=remount-ro" or missing value
[  718.397899][T10851] syz-executor.2: attempt to access beyond end of device
[  718.397899][T10851] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  718.494412][T10851] syz-executor.2: attempt to access beyond end of device
[  718.494412][T10851] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  718.551562][T10874] syz-executor.2: attempt to access beyond end of device
[  718.551562][T10874] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  718.724597][ T7484] syz-executor.2: attempt to access beyond end of device
[  718.724597][ T7484] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  719.241270][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  719.607394][T10895] loop3: detected capacity change from 0 to 256
[  719.704447][T10895] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  719.747652][T10895] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  720.335068][T10897] loop2: detected capacity change from 0 to 8
[  720.356404][T10897] SQUASHFS error: lzo decompression failed, data probably corrupt
[  720.384730][T10897] SQUASHFS error: Failed to read block 0x91: -5
[  720.391311][T10897] SQUASHFS error: Unable to read metadata cache entry [8f]
[  720.402042][T10897] SQUASHFS error: Unable to read inode 0x11f
[  720.796881][   T26] audit: type=1800 audit(1717851724.413:111): pid=10911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  721.313698][T10925] loop1: detected capacity change from 0 to 2048
[  721.393515][T10925] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  721.514331][T10930] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  721.710567][T10932] loop4: detected capacity change from 0 to 256
[  721.854047][T10932] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  721.909317][T10932] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  722.645913][   T26] audit: type=1804 audit(1717851726.263:112): pid=10925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir814065052/syzkaller.YTNoqA/233/bus/bus" dev="overlay" ino=1971 res=1 errno=0
[  723.124790][T10962] loop1: detected capacity change from 0 to 256
[  723.145595][T10962] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  723.431456][T10973] loop3: detected capacity change from 0 to 512
[  723.478763][T10973] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  723.491925][T10973] ext4 filesystem being mounted at /root/syzkaller-testdir2783877642/syzkaller.aGYCtj/106/file0 supports timestamps until 2038 (0x7fffffff)
[  723.591208][T10973] EXT4-fs error (device loop3): ext4_validate_block_bitmap:429: comm syz-executor.3: bg 0: block 18: invalid block bitmap
[  723.619672][T10973] Quota error (device loop3): write_blk: dquota write failed
[  723.652643][T10973] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  723.671687][T10983] loop4: detected capacity change from 0 to 2048
[  723.690073][T10973] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz-executor.3: Failed to acquire dquot type 1
[  723.722086][T10985] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  723.791608][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  723.853717][  T154] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  723.960575][T10994] loop3: detected capacity change from 0 to 256
[  723.979748][T10994] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  724.159330][ T4289] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  724.175980][T10968] loop1: detected capacity change from 0 to 32768
[  724.283623][  T154] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  724.323439][  T154] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  724.344049][  T154] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.378838][  T154] usb 3-1: config 0 descriptor??
[  724.436350][ T4289] usb 1-1: Using ep0 maxpacket: 16
[  724.828024][T11006] loop3: detected capacity change from 0 to 32768
[  724.838048][ T4289] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  724.849830][ T4289] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  724.914899][  T154] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor
[  724.937599][  T154] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0002/input/input5
[  725.033646][ T4289] usb 1-1: New USB device found, idVendor=15c2, idProduct=0040, bcdDevice= 7.fb
[  725.069360][ T4289] usb 1-1: New USB device strings: Mfr=7, Product=130, SerialNumber=11
[  725.100066][ T4289] usb 1-1: Product: syz
[  725.120149][  T154] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  725.132872][ T4289] usb 1-1: Manufacturer: syz
[  725.138114][ T4289] usb 1-1: SerialNumber: syz
[  725.506107][T11016] loop3: detected capacity change from 0 to 40427
[  725.515306][T11016] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  725.523100][T11016] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  725.540044][ T4289] usb 1-1: config 0 descriptor??
[  725.549068][T11016] F2FS-fs (loop3): Found nat_bits in checkpoint
[  725.611327][ T4289] input: iMON Panel, Knob and Mouse(15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6
[  725.618832][T11022] loop1: detected capacity change from 0 to 2048
[  725.634829][T11016] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  725.641968][T11016] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  725.968870][ T4645] usb 3-1: USB disconnect, device number 5
[  726.076727][T11029] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  726.163517][ T4289] rc_core: IR keymap rc-imon-pad not found
[  726.169456][ T4289] Registered IR keymap rc-empty
[  726.202366][ T4289] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  726.248761][ T4289] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  726.365768][ T4289] rc rc0: iMON Remote (15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  726.392071][ T4289] input: iMON Remote (15c2:0040) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input7
[  726.433613][ T4289] imon 1-1:0.0: iMON device (15c2:0040, intf0) on usb<1:12> initialized
[  726.547381][ T4645] usb 1-1: USB disconnect, device number 12
[  727.040107][T11037] loop3: detected capacity change from 0 to 2048
[  727.108735][T11037] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  727.128443][T11037] ext4 filesystem being mounted at /root/syzkaller-testdir2783877642/syzkaller.aGYCtj/114/file0 supports timestamps until 2038 (0x7fffffff)
[  727.338858][ T8359] EXT4-fs (loop3): unmounting filesystem.
[  727.439611][T11051] loop1: detected capacity change from 0 to 2048
[  727.476381][T11051] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  728.427055][T11052] loop4: detected capacity change from 0 to 32768
[  728.472708][T11052] I/O error, dev loop14, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  728.482445][T11052] lbmIODone: I/O error in JFS log
[  728.487958][T11052] *** Log Format Error ! ***
[  728.493148][T11052] lmLogInit: exit(-22)
[  728.497587][T11052] lmLogOpen: exit(-22)
[  728.653766][T11035] loop2: detected capacity change from 0 to 65536
[  728.707348][T11035] XFS (loop2): Mounting V5 Filesystem
[  728.828850][T11064] can0: slcan on ptm0.
[  728.862459][T11045] overlayfs: missing 'workdir'
[  728.900675][T11035] XFS (loop2): Ending clean mount
[  729.262230][ T7484] XFS (loop2): Unmounting Filesystem
[  729.733869][T11062] can0 (unregistered): slcan off ptm0.
[  729.954960][   T26] audit: type=1326 audit(1717851733.573:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.069213][   T26] audit: type=1326 audit(1717851733.573:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.167846][   T26] audit: type=1326 audit(1717851733.593:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.206525][   T26] audit: type=1326 audit(1717851733.593:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.206951][T11061] loop1: detected capacity change from 0 to 32768
[  730.258774][T11101] loop4: detected capacity change from 0 to 2048
[  730.278863][T11101] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  730.281087][   T26] audit: type=1326 audit(1717851733.593:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.304354][T11101] ext4 filesystem being mounted at /root/syzkaller-testdir1691407478/syzkaller.nuA0N8/362/file0 supports timestamps until 2038 (0x7fffffff)
[  730.441428][   T26] audit: type=1326 audit(1717851733.593:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.590630][   T26] audit: type=1326 audit(1717851733.593:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.711713][   T26] audit: type=1326 audit(1717851733.593:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f12ce67a6e7 code=0x7ffc0000
[  730.772662][   T26] audit: type=1326 audit(1717851733.593:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f12ce6403b9 code=0x7ffc0000
[  730.834753][   T26] audit: type=1326 audit(1717851733.593:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11092 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f12ce67cf69 code=0x7ffc0000
[  730.884528][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  731.238898][T11125] 9pnet_fd: Insufficient options for proto=fd
[  732.047822][T11152] loop4: detected capacity change from 0 to 512
[  732.089022][T11152] EXT4-fs: Ignoring removed oldalloc option
[  732.141333][T11152] EXT4-fs: Ignoring removed oldalloc option
[  732.172388][T11152] EXT4-fs: Ignoring removed oldalloc option
[  732.197878][T11152] EXT4-fs (loop4): Test dummy encryption mode enabled
[  732.230861][T11152] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c024e01c, mo2=0002]
[  732.255151][T11152] EXT4-fs error (device loop4): ext4_orphan_get:1396: inode #15: comm syz-executor.4: casefold flag without casefold feature
[  732.334434][T11152] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #12: comm syz-executor.4: missing EA_INODE flag
[  732.387084][T11121] loop1: detected capacity change from 0 to 32768
[  732.410624][T11152] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 12 err=-117
[  732.443703][T11152] EXT4-fs (loop4): 1 orphan inode deleted
[  732.478412][T11152] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  732.668988][ T3570] EXT4-fs (loop4): unmounting filesystem.
[  733.344080][ T9155] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  733.628237][T11187] loop3: detected capacity change from 0 to 32768
[  733.641327][T11187] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz-executor.3 (11187)
[  733.680593][T11187] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  733.691613][T11187] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  733.703376][T11187] BTRFS info (device loop3): enabling disk space caching
[  733.712268][T11187] BTRFS info (device loop3): enabling free space tree
[  733.719578][ T9155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  733.733509][ T9155] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  733.745923][T11187] BTRFS info (device loop3): disabling tree log
[  733.753347][T11187] BTRFS info (device loop3): setting nodatasum
[  733.759815][ T9155] usb 3-1: New USB device found, idVendor=0c45, idProduct=760b, bcdDevice= 0.00
[  733.770141][T11187] BTRFS info (device loop3): turning on sync discard
[  733.778889][ T9155] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.787131][T11187] BTRFS info (device loop3): using free space tree
[  733.805058][ T9155] usb 3-1: config 0 descriptor??
[  733.939809][T11187] BTRFS info (device loop3): enabling ssd optimizations
[  734.268377][T11224] 9pnet_fd: p9_fd_create_tcp (11224): problem connecting socket to 127.0.0.1
[  734.289101][ T9155] redragon 0003:0C45:760B.0003: unknown main item tag 0x0
[  734.318061][ T9155] redragon 0003:0C45:760B.0003: unknown main item tag 0x0
[  734.358480][ T9155] redragon 0003:0C45:760B.0003: hidraw0: USB HID v0.00 Device [HID 0c45:760b] on usb-dummy_hcd.2-1/input0
[  734.504965][ T9155] usb 3-1: USB disconnect, device number 6
[  734.820589][ T8359] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  735.450324][T11236] netlink: 'syz-executor.2': attribute type 6 has an invalid length.
[  735.955689][ T3583] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  736.000587][ T3583] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  736.010036][ T3583] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  736.018112][ T3583] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  736.035932][ T3583] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  736.043442][ T3583] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  736.610124][T11251] 9pnet_fd: Insufficient options for proto=fd
[  738.115724][ T3579] Bluetooth: hci0: command tx timeout
[  739.356375][T11263] loop4: detected capacity change from 0 to 32768
[  739.370731][T11263] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (11263)
[  739.391554][T11263] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  739.412101][T11263] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  739.420971][T11263] BTRFS info (device loop4): enabling disk space caching
[  739.434927][T11263] BTRFS info (device loop4): enabling free space tree
[  739.441731][T11263] BTRFS info (device loop4): disabling tree log
[  739.452466][T11263] BTRFS info (device loop4): setting nodatasum
[  739.459843][T11263] BTRFS info (device loop4): turning on sync discard
[  739.472196][T11263] BTRFS info (device loop4): using free space tree
[  739.517725][T11263] BTRFS info (device loop4): enabling ssd optimizations
[  739.960064][ T3570] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  740.188958][ T3579] Bluetooth: hci0: command tx timeout
[  741.958205][T11299] 9pnet_fd: Insufficient options for proto=fd
[  742.263416][ T3579] Bluetooth: hci0: command tx timeout
[  743.392639][T11301] loop4: detected capacity change from 0 to 32768
[  743.401300][T11301] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (11301)
[  743.416653][T11301] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  743.428756][T11301] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  743.437705][T11301] BTRFS info (device loop4): using free space tree
[  743.468253][T11301] BTRFS info (device loop4): enabling ssd optimizations
[  743.547484][ T3570] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  744.343524][ T3579] Bluetooth: hci0: command tx timeout
[  744.791650][T11329] loop4: detected capacity change from 0 to 1024
[  744.811463][T11329] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000e01c, mo2=0002]
[  744.820758][T11329] System zones: 0-1, 3-12
[  744.834577][T11329] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  746.985294][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  746.991647][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  748.833461][T11332] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  763.428429][ T3587] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  763.438899][ T3587] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  763.449582][ T3587] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  763.457520][ T3587] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  763.467596][ T3587] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  763.476700][ T3587] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  765.544000][ T3587] Bluetooth: hci5: command tx timeout
[  766.559370][ T3579] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  766.569235][ T3579] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  766.577298][ T3579] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  766.595166][ T3579] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  766.603787][ T3579] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  766.611071][ T3579] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  766.764783][ T3587] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  766.780613][ T3587] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  766.789037][ T3587] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  766.796920][ T3587] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  766.805228][ T3587] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  766.812460][ T3587] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  767.623626][ T3579] Bluetooth: hci5: command tx timeout
[  768.664036][ T3579] Bluetooth: hci6: command tx timeout
[  768.904536][ T3579] Bluetooth: hci7: command tx timeout
[  769.704396][ T3579] Bluetooth: hci5: command tx timeout
[  770.743585][ T3579] Bluetooth: hci6: command tx timeout
[  770.998696][ T3579] Bluetooth: hci7: command tx timeout
[  771.783550][ T3579] Bluetooth: hci5: command tx timeout
[  772.833716][ T3579] Bluetooth: hci6: command tx timeout
[  773.063372][ T3579] Bluetooth: hci7: command tx timeout
[  774.903794][ T3579] Bluetooth: hci6: command tx timeout
[  775.143501][ T3579] Bluetooth: hci7: command tx timeout
[  775.262300][ T3583] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  775.271981][ T3583] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  775.280656][ T3583] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  775.289304][ T3583] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  775.301010][ T3587] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  775.312039][ T3587] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  777.383484][ T3579] Bluetooth: hci8: command tx timeout
[  779.463409][ T3579] Bluetooth: hci8: command tx timeout
[  781.543314][ T3579] Bluetooth: hci8: command tx timeout
[  783.623575][ T3579] Bluetooth: hci8: command tx timeout
[  799.997585][ T3579] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  800.012561][ T3579] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  800.020762][ T3579] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  800.029339][ T3583] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  800.039490][ T3583] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  800.047003][ T3583] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  802.103432][ T3583] Bluetooth: hci9: command tx timeout
[  804.183425][ T3583] Bluetooth: hci9: command tx timeout
[  806.263346][ T3583] Bluetooth: hci9: command tx timeout
[  808.343409][ T3583] Bluetooth: hci9: command tx timeout
[  808.425169][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  808.431505][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  828.562416][ T3587] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  828.572200][ T3587] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  828.580358][ T3587] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  828.588403][ T3587] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  828.598950][ T3587] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  828.607207][ T3587] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  830.663506][ T3587] Bluetooth: hci10: command tx timeout
[  831.501897][ T3583] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  831.513401][ T3583] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  831.521476][ T3583] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  831.529476][ T3583] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  831.537134][ T3583] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  831.544554][ T3583] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  831.712492][ T3583] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  831.723038][ T3583] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  831.733511][ T3583] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  831.743532][ T3583] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  831.751122][ T3583] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  831.758469][ T3583] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  832.743527][ T3587] Bluetooth: hci10: command tx timeout
[  833.623484][ T3587] Bluetooth: hci11: command tx timeout
[  833.783438][ T3587] Bluetooth: hci12: command tx timeout
[  834.823430][ T3587] Bluetooth: hci10: command tx timeout
[  835.703352][ T3587] Bluetooth: hci11: command tx timeout
[  835.863294][ T3587] Bluetooth: hci12: command tx timeout
[  836.903415][ T3587] Bluetooth: hci10: command tx timeout
[  837.783430][ T3587] Bluetooth: hci11: command tx timeout
[  837.943445][ T3587] Bluetooth: hci12: command tx timeout
[  839.863300][ T3587] Bluetooth: hci11: command tx timeout
[  840.023446][ T3579] Bluetooth: hci12: command tx timeout
[  840.202074][ T3579] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  840.220743][ T3579] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  840.230538][ T3579] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  840.239398][ T3579] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  840.247080][ T3579] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  840.254455][ T3579] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  842.353374][ T3579] Bluetooth: hci13: command tx timeout
[  844.433319][ T3579] Bluetooth: hci13: command tx timeout
[  846.513385][ T3579] Bluetooth: hci13: command tx timeout
[  848.583409][ T3579] Bluetooth: hci13: command tx timeout
[  861.703420][ T3579] Bluetooth: hci0: command 0x0406 tx timeout
[  865.112122][ T3587] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  865.124533][ T3587] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  865.139914][ T3587] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  865.149783][ T3587] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  865.162906][ T3587] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  865.170380][ T3587] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  867.223559][ T3587] Bluetooth: hci14: command tx timeout
[  869.303394][ T3587] Bluetooth: hci14: command tx timeout
[  869.868640][ T1255] ieee802154 phy0 wpan0: encryption failed: -22
[  869.875001][ T1255] ieee802154 phy1 wpan1: encryption failed: -22
[  871.383408][ T3587] Bluetooth: hci14: command tx timeout
[  873.473396][ T3587] Bluetooth: hci14: command tx timeout
[  887.313378][ T3583] Bluetooth: hci5: command 0x0406 tx timeout
[  888.423553][   T27] INFO: task kworker/0:16:4645 blocked for more than 143 seconds.
[  888.431803][   T27]       Not tainted 6.1.92-syzkaller #0
[  888.445010][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  888.457388][   T27] task:kworker/0:16    state:D stack:23800 pid:4645  ppid:2      flags:0x00004000
2024/06/08 13:04:52 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  888.469347][   T27] Workqueue: ipv6_addrconf addrconf_dad_work
[  888.483377][   T27] Call Trace:
[  888.486739][   T27]  <TASK>
[  888.489693][   T27]  __schedule+0x142d/0x4550
[  888.511957][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  888.524058][   T27]  ? __sched_text_start+0x8/0x8
[  888.528978][   T27]  ? print_irqtrace_events+0x210/0x210
[  888.534510][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  888.539730][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  888.545123][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  888.550353][   T27]  schedule+0xbf/0x180
[  888.554508][   T27]  schedule_preempt_disabled+0xf/0x20
[  888.559920][   T27]  __mutex_lock+0x6b9/0xd80
[  888.564582][   T27]  ? __mutex_lock+0x53c/0xd80
[  888.569285][   T27]  ? addrconf_dad_work+0xcc/0x16b0
[  888.588750][   T27]  ? mutex_lock_nested+0x10/0x10
[  888.593974][   T27]  addrconf_dad_work+0xcc/0x16b0
[  888.599623][   T27]  ? read_lock_is_recursive+0x10/0x10
[  888.624962][   T27]  ? ipv6_get_saddr_eval+0xe90/0xe90
[  888.630304][   T27]  ? print_irqtrace_events+0x210/0x210
[  888.643214][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  888.649166][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  888.673359][   T27]  ? process_one_work+0x7a9/0x11d0
[  888.678520][   T27]  process_one_work+0x8a9/0x11d0
[  888.693438][   T27]  ? worker_detach_from_pool+0x260/0x260
[  888.699125][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  888.749041][   T27]  ? kthread_data+0x4e/0xc0
[  888.753672][   T27]  ? wq_worker_running+0x97/0x190
[  888.758748][   T27]  worker_thread+0xa47/0x1200
[  888.769067][   T27]  ? _raw_spin_unlock+0x40/0x40
[  888.773997][   T27]  kthread+0x28d/0x320
[  888.778100][   T27]  ? worker_clr_flags+0x190/0x190
[  888.783142][   T27]  ? kthread_blkcg+0xd0/0xd0
[  888.803233][   T27]  ret_from_fork+0x1f/0x30
[  888.807734][   T27]  </TASK>
[  888.810832][   T27] INFO: task syz-executor.1:5571 blocked for more than 143 seconds.
[  888.833217][   T27]       Not tainted 6.1.92-syzkaller #0
[  888.838796][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  888.863215][   T27] task:syz-executor.1  state:D stack:20632 pid:5571  ppid:1      flags:0x00004006
[  888.872467][   T27] Call Trace:
[  888.894289][   T27]  <TASK>
[  888.897259][   T27]  __schedule+0x142d/0x4550
[  888.901824][   T27]  ? __sched_text_start+0x8/0x8
[  888.923308][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  888.929095][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[