last executing test programs:

21m41.087516636s ago: executing program 32 (id=102):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
syz_io_uring_setup(0x5a78, &(0x7f0000000180)={0x0, 0x5e5a, 0x4000, 0x0, 0x2}, 0x0, 0x0)
syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

21m29.561757329s ago: executing program 33 (id=89):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r0, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r3=>0x0], &(0x7f0000000280), 0x1, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x601, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000200), &(0x7f0000000300)=[r3], &(0x7f0000000580)})

20m19.726043625s ago: executing program 34 (id=381):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r1 = accept$packet(r0, 0x0, 0x0)
accept4$packet(r1, 0x0, 0x0, 0x1800)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r2)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
read$FUSE(r0, &(0x7f00000005c0)={0x2020}, 0x2020)

19m40.60957593s ago: executing program 35 (id=573):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
landlock_restrict_self(r0, 0x6)
open(&(0x7f0000000100)='.\x00', 0x591002, 0x50f)

19m33.746548201s ago: executing program 36 (id=600):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents(r0, 0x0, 0x0)

18m51.576176354s ago: executing program 2 (id=752):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})

18m51.221748348s ago: executing program 2 (id=754):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xb8, 0x1d, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}, 0xb8}}, 0x0)

18m50.855959361s ago: executing program 2 (id=756):
io_uring_setup(0x19b4, &(0x7f0000000000)={0x0, 0x709f, 0x8, 0x2, 0xeb})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r1, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
recvfrom$inet6(r0, &(0x7f00000000c0)=""/53, 0x35, 0x40010102, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

18m50.400833394s ago: executing program 2 (id=758):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49)
symlink(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0x4, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000440)=@filename='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

18m49.678394633s ago: executing program 2 (id=760):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000247000/0x1000)=nil, 0x1000, 0x0)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

18m47.742283993s ago: executing program 2 (id=767):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlockall()
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

18m46.395133307s ago: executing program 37 (id=767):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlockall()
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

18m21.69980925s ago: executing program 3 (id=858):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000240), &(0x7f0000000280)=r0}, 0x20)

18m21.314273063s ago: executing program 3 (id=861):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000480)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
sendfile(r1, r0, 0x0, 0x578410eb)

18m20.760217357s ago: executing program 3 (id=866):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0xffffffffffffffff, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xb, 0x5, 0x10001, 0xa, 0x1, 0xffffffffffffffff, 0x3}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

18m20.16525724s ago: executing program 3 (id=869):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000840)={[{@iocharset={'iocharset', 0x3d, 'macceltic'}}, {@fmask={'fmask', 0x3d, 0xa0}}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'cp936'}}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {@dmask={'dmask', 0x3d, 0x1}}, {@gid}, {@dmask={'dmask', 0x3d, 0x1}}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

18m19.362278988s ago: executing program 3 (id=874):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
close(r0)
fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x2c00)
r1 = syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000)=<r2=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x0, 0x0, 0xfffffffe, 0x368}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0x48e9, 0x0, 0x0, 0x0, 0x0)

18m18.824005426s ago: executing program 3 (id=875):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ptrace(0x10, r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
syz_mount_image$erofs(&(0x7f00000002c0), &(0x7f0000000380)='./file1\x00', 0x4002, &(0x7f0000000f80)=ANY=[@ANYRES16=0x0], 0x1, 0x215, &(0x7f0000000080)="$eJzslb9rFEEUx79vd2/vEiVioYXNWQSMYPZ291TSWMReEBJRy8OMIbrJhcsVSUBIsLGxFv8Ri1QWdlrZ2FioIFiY0kpwZH4sN3e3m7DmtPF9iuH7Zue9eTPz7h0Yhvlv+fL5x6fnNxeWrwA4jVnU7fw334oPp+A56z++9GtWvtmYeXIwGo8ASDmwg2P2DwG8XvSBPRNWStcbmLUxl+FprbgDD5etvgtClOcqB94ChPt2+tGmzFegO2VFJuhBN1t5uJaJWA2JGlI1tAE5lP/hPmEFQMNuQU5+Wzu7jzsZ0DMiE7moyXyfsU9VRdG9kZvfoocbzhWo97r37Om+siM7Hzv3l8BDYnUbhCWrF1BHFEVNa4rEOf+FYBDfN89m2KtyksbJLqKqODtf8ElV+NHuU5lQp51YGr/k0WvUe/1B5HCoBAvWjBflXxMqj+peXnPcKzwmjjh5zjQ6Q25JnD88eDvu9fWfFe3khW5cIzX2QpXN++ksu1XodW5o5mLJTyavwNKSMP2DAuCS058C51+h1V/fbG3t7M6vrXdWxarYSNP29fhqHF9LW7o3m7GoBdr4Dd2fpp34tZK1IYX+dqff7yXbQL+XhBRC26kZnY679Kr7Xft4uv95mPspZf73oo9dH2nEjknWj7Sa80uTZxiGYRiGYRiGYRiGYRiGqUQThHczgDxjbFlIkN7WX38HAAD//8r0WU8=")
write$binfmt_script(r1, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={0x0})

18m17.818117061s ago: executing program 38 (id=875):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ptrace(0x10, r0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
syz_mount_image$erofs(&(0x7f00000002c0), &(0x7f0000000380)='./file1\x00', 0x4002, &(0x7f0000000f80)=ANY=[@ANYRES16=0x0], 0x1, 0x215, &(0x7f0000000080)="$eJzslb9rFEEUx79vd2/vEiVioYXNWQSMYPZ291TSWMReEBJRy8OMIbrJhcsVSUBIsLGxFv8Ri1QWdlrZ2FioIFiY0kpwZH4sN3e3m7DmtPF9iuH7Zue9eTPz7h0Yhvlv+fL5x6fnNxeWrwA4jVnU7fw334oPp+A56z++9GtWvtmYeXIwGo8ASDmwg2P2DwG8XvSBPRNWStcbmLUxl+FprbgDD5etvgtClOcqB94ChPt2+tGmzFegO2VFJuhBN1t5uJaJWA2JGlI1tAE5lP/hPmEFQMNuQU5+Wzu7jzsZ0DMiE7moyXyfsU9VRdG9kZvfoocbzhWo97r37Om+siM7Hzv3l8BDYnUbhCWrF1BHFEVNa4rEOf+FYBDfN89m2KtyksbJLqKqODtf8ElV+NHuU5lQp51YGr/k0WvUe/1B5HCoBAvWjBflXxMqj+peXnPcKzwmjjh5zjQ6Q25JnD88eDvu9fWfFe3khW5cIzX2QpXN++ksu1XodW5o5mLJTyavwNKSMP2DAuCS058C51+h1V/fbG3t7M6vrXdWxarYSNP29fhqHF9LW7o3m7GoBdr4Dd2fpp34tZK1IYX+dqff7yXbQL+XhBRC26kZnY679Kr7Xft4uv95mPspZf73oo9dH2nEjknWj7Sa80uTZxiGYRiGYRiGYRiGYRiGqUQThHczgDxjbFlIkN7WX38HAAD//8r0WU8=")
write$binfmt_script(r1, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={0x0})

15m36.204289996s ago: executing program 7 (id=1613):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000200)=ANY=[@ANYBLOB="58000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a31000000000c000780080006400000000011000300686173683a69702c6d61726b"], 0x58}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

15m35.632038173s ago: executing program 7 (id=1619):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0), 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ustat(0xfffffffeffffffff, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000380)=ANY=[], 0x381, 0x1)

15m33.99588433s ago: executing program 7 (id=1625):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x7f)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='gretap0\x00', 0x10)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1, 0xd}, 0x1c)

15m32.600267831s ago: executing program 7 (id=1638):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
write$binfmt_register(r0, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))

15m31.739284937s ago: executing program 7 (id=1644):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x2c020400)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000000000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

15m30.748202985s ago: executing program 7 (id=1650):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000280))
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
r3 = fcntl$dupfd(r0, 0x0, r1)
syz_emit_ethernet(0x19, &(0x7f00000002c0)={@local, @empty, @val={@val={0x88a8, 0x0, 0x0, 0x3}, {0x8100, 0x1, 0x0, 0x4}}, {@mpls_mc={0x8848, {[], @llc={@llc={0xd4, 0x8e, "da"}}}}}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0})
ioctl$VHOST_NET_SET_BACKEND(r3, 0x4008af30, &(0x7f0000000080)={0x0, r2})

15m29.900637564s ago: executing program 39 (id=1650):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000280))
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = dup(r1)
r3 = fcntl$dupfd(r0, 0x0, r1)
syz_emit_ethernet(0x19, &(0x7f00000002c0)={@local, @empty, @val={@val={0x88a8, 0x0, 0x0, 0x3}, {0x8100, 0x1, 0x0, 0x4}}, {@mpls_mc={0x8848, {[], @llc={@llc={0xd4, 0x8e, "da"}}}}}}, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0})
ioctl$VHOST_NET_SET_BACKEND(r3, 0x4008af30, &(0x7f0000000080)={0x0, r2})

5m51.565787283s ago: executing program 6 (id=3438):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x1, 0x8010000000000084)
syz_open_dev$usbfs(0x0, 0x77, 0x101301)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4000, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d96700e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f5035d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fb4d8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c400"/2303], 0xff, 0x5e0a, &(0x7f000000c740)="$eJzs3U9vHGcdB/Df/vH6T2kbVagKEQc3hdJSmv8JlH9NOXCAA0ioZxK5bhVIASUB0SoirnJAXICXAJdeOPQt8AL6GhAvgEg2px4og8Z+nmQ8XmcdEu/s+vl8JGfmN8+O95l8PZ5dz8w+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADED77/k7O9iLjym7TgWMTnYhDRj1iu69WoZy7nxw8j4nhsN8fzETFYjKjX3/7n2YgLEfHJMxGbW7fX6sXnDtiPi2du3fjsh9/7x+//dPf4z97+6Uft9h9//vzHf7gTcexHr3/82Z0ns+0AAABQiqqqql56m38ivb/vd90pAGAq8vG/SvJytVqtVj/R+o/92eqPutC6qRrvTrOIiI3mOvVrBqfjAWDObMSnXXeBDsm/aMOIeKrrTgAzrdd1BzgUm1u313op317zeLC6057/Trkr/43e/fs79ptO0r7GZFo/X3djEM/t05/lKfVhluT8++38r+y0j9LjDjv/adkv/9HOrU/FyfkP2vm37Mr/zxExt/n3x+Zfqpz/8FHy3xjM8f4vfwAAAAAAjr789/9jHZ//XXz8TTmQh53/XZ1SHwAAAAAAAADgSXvc8f/uM/4fAAAAzKz6vXrtL888WLbfZ7HVy9/qRTzdejxQmNXGhwMCAAAAAAAAAAAAANMxjFhJ1/UvRMTTKytVVdVfTe36UT3u+vOu9O2HknX9Sx4AAHZ88kzrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1scHeAF8XBU1d9sqbFe06T3y5Pa29+vfq5RNThAx6ajw8ABICJ2jkabjkhHTFU9G12/ymE+2P+PHvs/B9H1zykAAABw+Kqqqnrp47xPpHP+/a47BQBMRT7+t88LqNVqtVqtPnp1UzXenWYRERvNderXDIbjB4A5sxGfdt0FOiT/og0j4njXnQBmWq/rDnAoNrdur/VSvr3m8WB1pz1fC7Ir/43e9np5/XHTSdrXmEzr5+tuDOK5ffrz/JT6MEty/v12/ld22vMQ/4ed/7Tsl3+9ncc66E/Xcv6Ddv4tRyf//tj8S5XzHz5S/gP5AwAAAADADMt//z/m/G/eZAAAAAAAAACYO5tbt9fyfa/5/P8Xxzyu15xz/+eRkfPvHTh/9/8eJTn/fjv/1gU5g8b8vTcf5P/vrdtrH9361xfydObzXxiM6ude6PUHw3TNT7XwTlyL67EeZ/Y8frir/eye9oVd7ecmtJ/f0z6q25dz+6lYi1/G9Xj7fvvihAujlia0VxPac/4D+3+Rcv7Dxled/0pq77WmtXsf9vfs983puOe5/Lf/vLR375q+uzG4v21N9fad7KA/2/8nT43i1zfXb5z67dVbt26cjTTZtfRcpMkTlvNfSF85/5df3GnPv/eb++u9D0ePnP+suBvDffN/sTFfb+8rU+5bF3L+o/SV889HoPH7/zznv//+/2oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49e3VSN90aziIi/N9epXzP8btw3AwBm2X8j4p9dd4LOyL9g+fP+6umXuu4MMFU33//g51evX1+/cbPrngAAAAAAAAAA/688/udqY/zn7euAWuNG7xr/9c1YndvxP/ujwfZY52mDXoiHj/99Mh4+/vdwwvMtTGgfTWhfnNC+NKF97I0eDTn/F1LGOf8TacNKGv/15Q7607Wc/8k01nPO/yutxzXzr/46z/n3d+V/+tZ7vzp98/0PXrv23tV3199d/8XZM5cunL944fzFi6ffuXZ9/czOvx32+HDl/PPY164DLUvOP2cu/7Lk/L+cavmXJef/UqrlX5acf369J/+y5Pzzex/5lyXn/0qq5V+WnP9XUy3/suT8X021/MuS8/9aquVflpz/a6mWf1ly/qdSLf+y5PxPp1r+Zcn55zNc8i9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv9SquVflpz/11Mt/7Lk/L+RavmXJef/eqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv+NVMu/LA8+/9+MGTNm8kzXv5kAAAAAAAAAAAAAgLZpXE7c9TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkau+7wB+9mavDQE33IkDtrkZWNhd38AhBpOElJJeKAlp05Iax14bJ77Vu+YmVDaFtkRBKlL7QB+aJlEaRWorUBWpqUQjpEZq35qnRrxErZQHP0DloKRSqsBWZ+b//3tmdnZmfRl75vw/H2T/vDtnZv5z5szZ/S76zgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACN1n985s+GiqIo/9T+WlMUF5f/XlXsLD+c33ahVwgAAACcrfdqf//9pekTO5dxpYZt/u26//juwsLCQvGFd0+8/xcLC+mCdUUxsrIoapdF//6Lny80bhO8UIwPDTd8PNzl7ke6XD7a5fKxLpev6HL5yi6Xj3e5fNEOWGRV/ecxtRu7sfbPNfVdWlxejNUuu7HNtV4YWjk8HH+WUzNUu87C2L7iQHGwmCmmFl1nqPZfUbyxvryvB4t4X8MN97W2KIqTP31uT1zDUNjHNxZNd1bT+Ny9c3+x7t2fPrfn23NvX9Nudt0Ni1ZaFBs3lOt8sShO/biqGCpWpn0S1zncsM61bdY50rTOodr1yn+3rvPkMtcZH/d4WOcPO6xzbfjc0zcURTFfLLlNqxeK4WJ1y72m/T1ePyLK2yifyg8Wo6d1nKxfxnFSXucnNzQfJ63HZNz/68M+GV1iDY1PxztfXrFov5/pcVI+6n44Vsvbfri80/Hxxh+tNh2r5TbP3bT0MdD2uWtzDKRjueEY2NDtGBheMVI7BoZPrXlD0zEwveg6w8VQ7b5O3NT5GJicO3R0cvaZZ+84cGj3/pn9M4enp7Zt2bx1y+atWyf3HTg4M1X/+/R26QBZXQynY3BDONfEY/CWlm0bD8mFb5y718F4n7wOysf+mZvLBV08XCxxjJfbvLjx7F8H6et+w+tgtOF10Pac2uZ1MLqM10G5zcmNy/uaOdrwp90aenUuXNNwDFzIr4flfT5269LnwrVhXS/ddrpfD0cWHQPxYQ2F1175mfT93vjdYb8sPi6uLS+4aEVxfHbm2J1P756bOzZdhHFeXNbwXLUeL6sbHlOx6HgZPu3jZeff/fLma9t8fk3YV+O3d36uym22THR+rmpn9/b7s+mzm4owzrHzvT/bfTUr92fKEh32Z7nNi3ec/feCKZc0nP/Gup3/RsZG6+e/kbQ3xprOf4ufmpHayori5B3LO/+NhT/n+/x3eZ+c/8p99didnY+BcpuXJk/3GBjteP67IcyhsJ5bQ2IYb8j979cun68fpg3PZdfjZnR0LBw3o/Eem4+bzYuuU95aed8bp87suNl4Q/Nz1fR9SwWPm3Jf/eVU5+Om3ObN6bM/d6yK/2w4d6zodgyMjawo1zuWDoL6+W5hVTwG7iz2FEeKg8XedJ3yWS7va2LT8o6BFeHP+T53XN0nx0C5r17d1PkYKLf5weZz+73TxvCZtE3D906tP19YKvNfO3rq9lp327nO/OU6P7Gl88+Gym3e3nK6OaPzfro9fOaiNvup9fWz1DG9tzg/++nqsM6DWzv/bKrc5vJtyzyedhZF8db0W7Wfd4Wf7/7j8f/8btPPfdv9TPmt6bcemnzkR6ezfgAAztz7tb/nV9S/12z4P9bL+f//AAAAwECIuX84zET+BwAAgMqIuX8kzET+BwAAgMqIuX80zCST/P/E3dtfe+/5Ir0b4EIQL4+74eF769vFjvd8+Hjdwinl5z/2rbHXvvL88u57uCiKXz70obbbP3FvXFfd0bjOjzR/fpGrr1/W/T/+6KntGt8/4eT2+u3Hx7PcwyB2ld+Y3FS73XXPTNfmmw8VtfnI/Esv1G+//nHc/sTm+vZ/Hd60ZOe+oabrbwzruTHMdeE9ZR7eeWo/lDNe77W11/3rZZ89dX/xekMbLqk9zFf/qH678T2iXrmsvn183Eut/1+++p3Xyu2fvqn9+p8fbr/+E+F2fxLmL3bUt2/c519pWP+fhPXH+4vXu/Ob32+7/tevqm//ejguvh5m6/rv//MPv9fu+Yr3s/Oe+vXi/U/975ba9eLtxdtvXf/489NN+6P19t98t347O5782Ujj9vHz8X6ix+9pPr6HwvPb1CMviuI7f1o07efio/Xr/XPL+uPtHb2n/fpvb1nn0aHra9c/9XjWND2ur/3tpraPN65n5z+saXo8rzwQ9t+7kz8ob/fEI+F4DJf/3w/rt9f6XqavP9B8vonbf31N/XUbb2+yZf2vtKx//vpy33Vf/4Pv1tf/+n0rm9a/85PheHqwPrutf//fXNp0/W98u/58HHtq4vCR2eMH9jbs1cbX8crxVasvuvgDl1wazqWtH+86MvfEzLF1U+umimLdAL5lYK/X/80w/6c+5s/9PdT96Gf14+7lT9W/bt3y8/rHr4TPPx6ez/j18Wt/NdZ0vLY+7/P31efZrv+2sI7luuqr/339sjY88fk3jv/TH7/d+n1BfDxHrxivPb5X119Zu2zozfrlreerbv7riubX9Y9Hp2rze2G/LoR3Zt5wZf3+Wm8/vjfJy5+uv37jd3Lx+kXL+4msGWl+HGe7/h+H72O+f3Xz+S8eH997vuXdnNcUQ+US5sP5oZivXx63ivv75ZNXtr2/+D48xfw1p7PMJc0+Mzt58MDh409Pzs3Mzk3OPvPsrkNHjh+e21V779JdX+x2/VOv79W11/femW1bitqr/Uh99NiFXv/RR/fsvWvq5r0z+3Yf3zf36NGZY/v3zM7umdk7e/Pufftmnup2/QN7d0xv2r75rk0T+w/s3XH39u2bt08cOHykXEZ9UV1sm/rSxOFju2pXmd2xZfv01q1bpiYOHdk7s+OuqamJ492uX/vaNFFe+8mJYzMHd88dODQzMXvg2Zkd09u3bdvU9d0fDx3dN7tu8tjxw5PHZ2eOTdYfy7q52qfLr33drk8eZo+E812LofDd+edu35beH7f0rS8veVP1TZq/PS3eCe8FFb++dfs45v6xMJNM8j8AAADkIOb+8Mb/py6Q/wEAAKAyYu5fGWYi/wMAAEBlxNw/HmaSSf7X/9f/1//X/9f/1//vJf1//f9O9P/1/wd5/fr/+v9012/9/5j7VxVFlvkfAAAAchBz/+owE/kfAAAAKiPm/ovCTOR/AAAAqIyY+y8OM8kj/4+1/lP/X/9f/7+x/x+31f8v9P/1/8+Q/r/+fyf6//r/g7z+Puz/r9L/p9/0W/8/5v4PhJnkkf8BAAAgCzH3XxJmIv8DAABAZcTcf2mYifwPAAAAlRFz/5owk0zyv9//r/+v/+/3/+v/6//3kv6//n8n+v/6/4O8/j7s//v9//Sdfuv/x9z/K2EmmeR/AAAAyEHM/R8MM5H/AQAAoDJi7r8szET+BwAAgMqIuf/yMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/RZhJJvkfAAAAchBz/5VhJvI/AAAAVEbM/VeFmcj/AAAAUBkx918dZpJJ/tf/1//X/9f/1//X/+8l/X/9/070//X/B3n9+v/6/3TXb/3/mPuvCTPJJP8DAABADmLuvzbMRP4HAACAyoi5/0NhJvI/AAAAVEbM/WvDTDLJ//r/+v/6//r/+v/6/700WP3/4SUv0f+v0/9vpv+v/6//r/9PZ/3W/4+5/8NhJpnkfwAAAMhBzP3XhZnI/wAAAFAZMfdfH2Yi/wMAAEBlxNy/Lswkk/yv/6//r/+v/6//r//fS4PV/1+a/n+d/n8z/X/9f/1//X8667f+f8z968NMMsn/AAAAkIOY+zeEmcj/AAAAUBkx998QZiL/AwAAQGXE3H9jmEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16/8vr/+/otsNUWn91v+Puf+mMJNM8j8AAADkIOb+m8NM5H8AAACojJj7bwkzkf8BAACgMmLu3xhmkkn+1//X/9f/1//X/9f/7yX9f/3/TvT/9f8Hef36/37/P931W/8/5v5bw0wyyf8AAACQg5j7bwszkf8BAACgMmLuvz3MRP4HAACAyoi5fyLMJJP8r/+v/6//r/+v/6//30tV7f+n86j+v/6//r/+v/6//j9L6rf+f8z9d4SZZJL/AQAAIAcx998ZZiL/AwAAQGXE3D8ZZiL/AwAAQGXE3D8VZpJJ/tf/1//X/9f/1//X/++lqvb//f5//f9C/1//X/9f/5+u+q3/H3P/dJhJJvkfAAAAchBz/6YwE/kfAAAAKiPm/s1hJvI/AAAAVEbM/VvCTDLJ//r/+v/6//r/+v/6/72k/6//34n+v/7/IK9f/1//n2bDbT7Xb/3/mPu3hplkkv8BAAAgBzH3bwszkf8BAACgMmLuvyvMRP4HAACAyoi5/+4wk0zyv/6//r/+v/6//r/+fy/p/+v/d6L/r/8/yOvX/9f/p7t+6//H3L89zCST/A8AAAA5iLn/I2Em8j8AAABURsz994SZyP8AAAAwUNr9HsIo5v6Phplkkv/1/6ve/19Yqf+v/6//33n9+v+9pf+v/9+J/r/+/yCvX/9f/5/u+q3/H3P/jjCTTPI/AAAA5CDm/nvDTOR/AAAAqIyY++8LM5H/AQAAoDJi7t8ZZpJJ/tf/r3r/3+//1//X/++2fv3/3tL/1//vRP9/MPv/4dsW/f8+6v+Xx5D+P/2o3/r/MfffH2aSSf4HAACAHMTc/7EwE/kfAAAAKiPm/o+Hmcj/AAAAUBkx938izCST/K//r/+v/6//r/+v/99L+v/6/53o/w9m/z/S/++f/r/f/0+/6rf+f8z9D4SZZJL/AQAAIAcx938yzET+BwAAgMqIuf9Xw0zkfwAAAKiMmPsfDDPJJP/r/+v/6//r/+v/6//3kv6//n8n+v/6/4O8fv1//X+667f+f8z9vxZmkkn+BwAAgBzE3P9QmIn8DwAAAJURc/+nwkzkfwAAAKiMmPt/Pcwkk/yv/39++v/D6fb1//X/9f/1//X/zyX9f/3/Qv//jF3o/vygr1//X/+f7vqt/x9z/2+EmWSS/wEAACAHMff/ZpiJ/A8AAACVEXP/b4WZyP8AAABQGTH3Pxxmkkn+1//3+//1//X/9f/1/3tJ/1//vxP9f/3/QV6//r/+P931W/8/5v7fDjPJJP8DAABADmLufyTMRP4HAACAyoi5/9NhJvI/AAAAVEbM/Z8JM8kk/+v/6//r/+v/6//r//eS/r/+fyf6//r/g7x+/X/9f7rrt/5/zP2Phplkkv8BAAAgBzH3fzbMRP4HAACAyoi5/3fCTOR/AAAAqIyY+383zCST/K//r/+v/6//r/+v/99L+v+L+//lOexC9v9XLGdD/f9l0f/X/9f/1/+ns37r/8fc/7kwk0zyPwAAAOQg5v7fCzOR/wEAAKAyYu7//TAT+R8AAAAqI+b+x8JMMsn/+v/6//r/+v/6//r/vaT/7/f/d6L/r/8/yOvX/9f/p7t+6//H3P/5MJNM8j8AAADkIOb+Pwgzkf8BAACgMmLu3xVmIv8DAABAZcTc/3iYSSb5X/9f/1//X/9f/1//v5f0//X/O9H/1/8f5PXr/+v/012/9f9j7t8dZpJJ/gcAAIAcxNz/hTAT+R8AAAAqI+b+PWEm8j8AAABURsz9e8NMMsn/+v/6//r/+v/6//r/vaT/r//fif6//v8gr1//X/+f7vqt/x9z/0yYSSb5HwAAAHIQc/++MBP5HwAAACoj5v79YSbyPwAAAFRGzP1PhJlkkv/1//X/9f/1//X/9f97Sf9f/78T/X/9/0Fev/6//j/d9Vv/P+b+A2EmmeR/AAAAyEHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc//BMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/KMwkk/wPAAAAOYi5/3CYifwPAAAAlRFz/5EwE/kfAAAAKiPm/qNhJpnkf/1//X/9f/1//X/9/17S/9f/70T/X/9/kNev/6//T3f91v+Puf8Pw0wyyf8AAACQg5j7j4WZyP8AAABQGTH3z4aZyP8AAABQGTH3z4WZZJL/9f/1//X/9f/1//X/e0n/X/+/E/1//f9BXr/+v/4/3fVb/z/m/uNhJpnkfwAAAMhBzP1PhpnI/wAAAFAZMfc/FWYi/wMAAEBlxNz/dJhJJvlf/1//X/+/b/r/9Z6f/r/+v/7/adH/1/8v9P/P2IXuzw/6+vX/9f//n7273BXtLOI4fAohkBDCtXAFXALXwGXgLsXd3d3d3d3dHQrFNSkJZ2ZKaLvWqSz2u2ae58uk7U765uxP/5z8sti3Wv+fu/9eccuQ/Q8AAAAT5O6/d9xi/wMAAEAbufvvE7fY/wAAANBG7v77xi1D9r/+X/+v/1+m//f9//y96v/1/zeD/l//f0n/f4tddD9/9vfr//X/7Fut/8/df7+4Zcj+BwAAgAly998/brH/AQAAoI3c/Q+IW+x/AAAAaCN3/wPjliH7X/+v/9f/6//1//r/I+n/9f9b9P/6/zO/X/+v/2ffav1/7v4HxS1D9j8AAABMkLv/wXGL/Q8AAABt5O5/SNxi/wMAAEAbufsfGrcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f36f/0/+1br/3P3PyxuGbL/AQAAYILc/Q+PW+x/AAAAaCN3/yPiFvsfAAAA2sjd/8i4Zcj+1//r//X/+n/9v/7/SPp//f8W/b/+/8zv1//r/9l3eP9/j6v/c6+0/8/df3XcMmT/AwAAwAS5+x8Vt9j/AAAA0Ebu/kfHLfY/AAAAtJG7/zFxy5D9r//X/1/f/193lf5f/6//v/7f6/9vG/p//f8W/f+q/f+V/Uno//X/+n/2HN7/7/T+//vPufsfG7cM2f8AAAAwQe7+x8Ut9j8AAAC0kbv/8XGL/Q8AAABt5O5/QtwyZP/r//X/vv+v/9f/6/+PpP/X/2/R/6/a//v+/63t/+9+Be/X/zPBav1/7v4nxi1D9j8AAABMkLv/SXGL/Q8AAABt5O5/ctxi/wMAAEAbufufErcM2f/6f/2//l//r//X/x9J/6//36L/1/+f+f2+/6//Z99q/X/u/qfGLUP2PwAAAEyQu/9pcYv9DwAAAG3k7n963GL/AwAAQBu5+58RtwzZ//p//b/+X/9/q/r/2+v/9f/b9P/6/y36f/3/md+v/9f/s2+1/j93/zPjliH7HwAAACbI3f+suMX+BwAAgDZy9z87brH/AQAAoI3c/c+JW4bsf/2//l//r//3/X/9/5H0/+36/6v0/9fT/+v/9f/6f7at1v/n7n9u3DJk/wMAAMAEufufF7fY/wAAANBG7v7nxy32PwAAALSRu/8FccuQ/a//1//r//X/+n/9/5H0/+36f9///y/6f/2//l//z7bV+v/c/S+MW4bsfwAAAJggd/+L4hb7HwAAANrI3f/iuMX+BwAAgDZy978kbhmy//X/+n/9v/5f/6//P5L+X/+/Rf9/4/3/nW7i/6f/X+v9+n/9P/tW6/9z9780bhmy/wEAAGCC3P0vi1vsfwAAAGgjd//L4xb7HwAAANrI3f+KuGXI/r+p/v/aO1/+7/r/K6P/v/H36//1//p//b/+X/+/Rf/v+/9nfr/+X//PvtX6/9z9r4xbhux/AAAAmCB3/6viFvsfAAAA2sjd/+q4xf4HAACANnL3vyZuGbL/ff9f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P2vjVuG7H8AAACYIHf/6+IW+x8AAADayN3/+rjF/gcAAIA2cve/IW4Zsv/1//r/C+//b6f/T/r/+L3q//X/N4P+X/9/Sf9/i110P3/29+v/9f/sW63/z93/xrhlyP4HAACACXL3vylusf8BAACgjdz9b45b7H8AAABoI3f/W+KWIftf/6//v/D+3/f/i/4/fq/6f/3/zaD/1/9f0v/fYhfdz5/9/fp//T/7Vuv/c/e/NW4Zsv8BAABggtz9b4tb7H8AAABoI3f/2+MW+x8AAADayN3/jrhlyP7X/+v/9f/6f/2//v9I+n/9/xb9v/7/zO/X/+v/2bda/5+7/51xy5D9DwAAABPk7n9X3GL/AwAAQBu5+98dt9j/AAAA0Ebu/vfELUP2v/7/7P3/Pa+JF+j/9f/6f/3/kvT/+v8t+n/9/5nfr//X/7Nvtf4/d/9745Yh+x8AAAAmyN3/vrjF/gcAAIA2cve/P26x/wEAAKCN3P0fiFuG7P8Z/f8dbvBjffp/3//X/+v/9f9r0//r/7fo//X/Z36//l//z77V+v/c/R+MW4bsfwAAAJggd/+H4hb7HwAAANrI3f/huMX+BwAAgDZy938kbhmy/2f0/zek/7/sNu//r7ur/l//X/T/+v9L+n/9/w79v/7/zO/X/+v/2bda/5+7/6Nxy5D9DwAAABPk7v9Y3GL/AwAAQBu5+z8et9j/AAAA0Ebu/k/EDXe7y8U96f9K/6//9/1//b/+X/9/JP2//n+L/l//f+b36//1/+xbrf/P3f/JuMXf/wMAAEAbufs/FbfY/wAAANBG7v5Pxy32PwAAALSRu/8zccuQ/a//1//r//X/+n/9/5H0//r/Lfp//f+Z36//1/+zb7X+P3f/Z+OWIfsfAAAAJsjd/7m4xf4HAACANnL3fz5usf8BAACgjdz9X4hbhux//b/+X/+v/9f/6/+PpP/X/2/R/+v/z/x+/b/+n32r9f+5+78YtwzZ/wAAADBB7v4vxS32PwAAALSRu//LcYv9DwAAAG3k7v9K3DJk/+v/9f/6f/2//l//fyT9v/5/i/5f/3/m9+v/9f/sW63/z93/1bhlyP4HAACACXL3fy1usf8BAACgjdz9X49b7H8AAABoI3f/N+KWIfu/c/+/9WP6/8v0//r/S/p//f/B9P/6/y36f/3/md+v/9f/s2+1/j93/zfjliH7HwAAACbI3f+tuMX+BwAAgDZy9387brH/AQAAoI3c/d+JW4bs/879/xb9/2X6f/3/Jf2//v9g+n/9/xb9v/7/zO/X/+v/2bda/5+7/7txy5D9DwAAABPk7v9e3GL/AwAAQBu5+78ft9j/AAAA0Ebu/h/ELUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P0/jFuG7H8AAACYIHf/j+IW+x8AAADayN3/47jF/gcAAIA2cvf/JG4Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/2ncMmT/AwAAwAS5+38Wt9j/AAAA0Ebu/p/HLfY/AAAAtJG7/xdxy5D9r//X/+v/9f/6f/3/kfT/+v8t+n/9/5nfr//X/7Nvtf4/d/8v45Yh+x8AAAAmyN3/q7jF/gcAAIA2cvf/Om6x/wEAAKCN3P2/iVuG7H/9v/5f/6//1//r/4+k/9f/b9H/6//P/H79v/6ffav1/7n7r4lbhux/AAAAmCB3/2/jFvsfAAAA2sjd/7u4xf4HAACANnL3Xxu3DNn/+n/9f8v+/476f/2//n8V+n/9/xb9v/7/zO/X/+v/2bda/5+7//dxy5D9DwAAABPk7v9D3GL/AwAAQBu5+/8Yt9j/AAAA0Ebu/j/FLUP2v/5f/9+y//f9f/2//n8Z+n/9/xb9v/7/zO/X/+v/2bda/5+7/89xy5D9DwAAABPk7v9L3GL/AwAAQBu5+/8at9j/AAAA0Ebu/r/FLUP2v/5f/6//1//r//X/R9L/6/+36P/1/2d+v/5f/8++1fr/3P1/j1uG7H8AAACYIHf/P+IW+x8AAADayN3/z7jF/gcAAIA2cvf/K24Zsv/1//p//b/+X/+v/z+S/l//v0X/r/8/8/v1//p/9q3W/+fu/3cAAAD//1pJMZk=")
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x0)

5m50.504867655s ago: executing program 6 (id=3439):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(0xffffffffffffffff)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r5, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
pread64(r5, 0x0, 0x0, 0x378e)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

5m48.450015057s ago: executing program 6 (id=3443):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000280)={0x2940, 0x2, 0x10}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x1, &(0x7f0000000480)=ANY=[@ANYBLOB="7472616e733d02"])

5m47.136246699s ago: executing program 6 (id=3446):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000002c0)={0x58, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x58}}, 0x0)

5m45.602767699s ago: executing program 6 (id=3448):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0x4e, &(0x7f0000000000)={[{@test_dummy_encryption_v1}, {@resgid}]}, 0x3, 0x45a, &(0x7f0000000b00)="$eJzs281vFOUfAPDvTLvlxw+wFfGFF7WKxsaXlhZUDh7UaOIBExM96LFpC0EWamhNhBAFY/BkjIl349F/wZNejPFk4lXvhoQYLoCnNbM70+5ud5e27HaB/XzC0OeZmd3n+92ZZ/eZeXYDGFjj2X9JxM6I+DMiRmvVxh3Gs38z0xEX5m5euzCXRKXy7j9Jdb/r1y7MFbtuy//uyJ9zIo1Iv0hif4t2l86dPzVbLi+czetTy6c/mlo6d/6Fk6dnTyycWDgzc/TokcPTL78082JX8sxiur7v08UDe9/64Ju3j33VkH9THl0y3mnj05VKl5vrr1115WS4j4GwIUMRkR2uUrX/j8ZQrB680Xjz874GB/RUpVKp7Gi/+WIFuIcl0VjX5WFQFB/02fVvsTQPAl7t3fCj766+VrsAyvK+kS+1LcOR5vuUmq5vu2k8It6/+O932RK9uQ8BANDgp2z883yr8V8aD9Xtd18+NzQWEfdHxO6IeCAi9kTEgxHVfR+OiEc22H7zJMna8U96ZVOJrVM2/nslIm6sGf8Vo78YG8pru6r5l5LjJ8sLh/LXZCJK27L6dIc2fn7jj6/bbasf/2VL1n5tLFjMwqVXhrc1PmZ+dnn2NtNecfVSxL7hVvknKzMBWSR7I2LfJts4+ewPB9pta5//OnRhnqnyfcQzteN/MZryLySd5yen/hflhUNTxVmx1m+/X36nXfsbzn/0ttJdIzv+/295/q/kP5bUz9cubbyNy3992faa5tb5tz7/R5L3quWRfN0ns8vLZ6cjRpJjtaDr18+sPraoF/tn+U8cbN3/d8fqK7E/IrKT+NGIeCwiHs9jfyIinoyIgx3y//X1pz7cfP69leU/v6Hjv1oYieY1rQtDp375saHRsTX53+x8/I9USxP5mvW8/60nrs2dzQAAAHD3SSNiZyTp5Eo5TScna9+X3xORlheXlp87vvjxmfnabwTGItLiTtdo3f3Q6fyyvla/FBG1rxYU2w/n942/HdperU/OLZbn+508DLgdbfp/5u+hfkcH9Jzfa8Hg0v9hcN2i/49sVRzA1vP5D4OrRf/f3o84gK3X6vP/sz7EAWy9pv5v2g8GiOt/GFz6Pwwu/R8G0tL2uPWP5DsWimfa5MPv2UKU7ogwelaI9I4I444tlO7yftG/9yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBu+i8AAP//LmPcAg==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

5m43.312848484s ago: executing program 6 (id=3456):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x7, 0xf, 0xfffffe0000000001, 0xfa15, 0x1ff}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x8, 0x0, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)

5m27.974236116s ago: executing program 40 (id=3456):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x7, 0xf, 0xfffffe0000000001, 0xfa15, 0x1ff}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x8, 0x0, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)

1m52.397526331s ago: executing program 1 (id=3926):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f00000021c0)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f0000002180)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
fsopen(0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1m40.389907203s ago: executing program 1 (id=3959):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2718, 0x0, &(0x7f0000000400))

1m38.923829759s ago: executing program 1 (id=3961):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r3, 0x13)
tkill(r3, 0x12)
waitid(0x1, r3, 0x0, 0x8, 0x0)

1m36.498076597s ago: executing program 1 (id=3951):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r3, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

1m35.484869222s ago: executing program 1 (id=3954):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffff05850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000002c000000030a010800000000000000000100000b0900030073797a32000000000900010073797a300000000060000000060a010400000000000000000100000008000b40000000000900010073797a300000000038000480340001800a0001006d61746368000000240002800c000300b07346e358c219250b0001006367726f75700000080002"], 0xd4}}, 0x0)

1m34.078991814s ago: executing program 1 (id=3957):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000009c0)="b5", 0x1}], 0x1}, 0x80)

1m18.51333678s ago: executing program 41 (id=3957):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000009c0)="b5", 0x1}], 0x1}, 0x80)

16.631091462s ago: executing program 5 (id=4104):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@dev, @in=@broadcast, 0x0, 0x0, 0x0, 0x4, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {0x0, 0x0, 0xffffffffffffffff}, 0xf, 0x0, 0x1}, {{@in6=@private0, 0x0, 0x3c}, 0x0, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x200}}, 0xe8)
close(r3)

14.583454188s ago: executing program 5 (id=4110):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000000, 0x13, r2, 0x36dee000)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)
fallocate(r1, 0x8, 0x4000, 0x4000)

13.7840617s ago: executing program 9 (id=4113):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680))
r1 = eventfd2(0x1, 0x1)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

13.656107115s ago: executing program 8 (id=4114):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x8000, &(0x7f0000000240)=ANY=[@ANYBLOB="666c7573682c756e695f786c6174653d312c6e6f6e756d7461696c3d302c726f6469722c757466383d312c6e6f6e756d7461696c3d302c756e695f786c6174653d312c6e6f6e756d7461696c3d302c756e695f786c6174653d302c757466383d312c756e695f786c6174653d302c757466383d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c646f733178666c6f7070792c726f6469722c756e695f786c6174653d312c71756965742c00aaed2e6322e12ca43d55f4e47d9fb6f319fab9c81cd7b9b508d5df5619dad30ed85701f46d5bb2b85a6aecd28cb992054878a859b15b1598ee0b05192ff4df579d2dd32fb9a6a092bb22740cfe0636a3d8ff4e975e21fc6d6e2d6ece2beac2098361fe652ea69917e6d47463ceb0b35bc7a2f8799debe5e7b6e82c84ab25d06157c08f006d90e62a8026a845835dbf4ac25eec51c3ec73c82014eee15eaaa123084415546ca2e37c23d441b343cec1f74e52bc1f21eb18053a9b98d3a304fba3751bd0121940bc9d276f1e5352b9f4e674bb80ffeaaff6843ef1c8a7a7e0d592893a77ae91e025a35840e7ff4fdb3571d1986ed6f5a23d9ee6bf1cec94fb17af0627c04bf47586ce288a466c039a1ead7fd99feacc51d9f7a2e67f46a0b86b45e5d7cb4affc1c539a764f5"], 0xf6, 0x31b, &(0x7f0000000440)="$eJzs3U1rE1sYwPFn0rw07e1NF5fL5XIvHHrhci/SoQm4c2GRFsSA0jaCFYSpnWrINCmZUIiIzUJw69pFFy5FEMGdGxG33fgJfNt1050FiyOTk0zTZEzTau2L/9+iOZ15njPnzJlppqf0ZP3M/cXCgmt+8qJSFxMRT1vRW6Qm/79affv39Mtf9PdKTY7PpDNKRUTk6u3HIy8qg5ef/fo8IWvD19Y3Mh/W/poR+TxzUyIq76qiX5eaK5Uqhp88n3cLplKXHNtybZUvuna5oqz6fmvOsdWCU1paqiqrOD80sFS2XVdZxaoq2FVVKalKuaqsG1a+qEzTVEMDAhEZDkqRjn1Gt8Tco03Pkw1/gBI1f9hDomvNQqzxmvi2xuIoaRv/rrEdF0ffQbYMP8KmFw3GP77L+OPk0ff/uwe93P84eaavzF4Yz2YnppTqF1m8t5xbzulXvf/NoOTFEVtWp07NbgWPhv6lYvhfJ89nJ8ZU3bD8u7jSyF9Zzuk3h/GFRn5aUv5zSku+NPPTOl/tzI/JQGt+RlLyW3h+Rkn9qVQk0pIfl//+ack3JSWvr0vJqMl8/RF3O/9OWqlzF7Ntx0/W49rxlgcAAAAAAAAAOA5MFdievzeCP/UmTTNRn1sP9if9zX6cDgjm18ckJVvh8/NjofP7UfkzeogdBwAAAADgJ+JWbxUsx7HLey9IDzF9D5NdDhETEb8gcnfEb0zXCn9vtLhtl19HSFZcRDrr6eulzY1C8rQ+3pOpRsNkvyfqAAsREWndov9Zw++887QZkww7P25kTxfAaLzzzFuO0/99eiFtvfhKoTVGPM8LDZb+/V3YidAO9lIwtppb/giN8Ywu6UZUx1hOTG9p3pi7Hf1s+O3QY8EffT2C7Sdq9L2u1+nyQ+NjMMUHAAAA4Bhp+cUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAckh7WDOtcm625bv/OYGl8RHznkmztH5rLuv8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjqAvAQAA///7SbFN")
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
syz_emit_vhci(&(0x7f0000000980)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_request={{0x4, 0xa}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, "81e949", 0x1}}}, 0xd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x202, 0x40)
write$cgroup_pressure(r1, &(0x7f0000000080)={'some', 0x20, 0x56, 0x20, 0xe}, 0x19)

13.118396277s ago: executing program 5 (id=4116):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r0 = creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
pipe(&(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0500000005000000040400000000100002000000", @ANYRES32, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="01000000000000000300000000000000000000000000000000000000d861eeb79850f3f5a75ec60b67b0bbbc89b7ba00434b43fa67cc6c53d6f741152de3fb61510126476684eda1230b112eddceece216bfad4d396568637400d5b2b8eb005a857015392a1c9d717113532aef62a8551096592d76aa2432fbdc2184c9374927dab7fdc8d99be638f9228fd2914ff9e662c284ef7aa4e6ba569c308a7f6ff2f0b81c6c44d8b44dafd55c506be8684f91bc22a61bd4c6e222576b097f706e384fa6cc8df218fa90e9d291307c0ece3b43d56b6dedf9faeb154747c3fab269478f3a186c0da5edc278a75795defde30d5ad8f5"], 0x50)
r4 = accept4(r3, 0x0, 0x0, 0x800)
splice(r1, 0x0, r4, 0x0, 0x1e8640, 0x0)
write$cgroup_devices(r2, &(0x7f00000002c0)={'c', ' *:* ', 'r\x00'}, 0x8)
creat(&(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)
creat(&(0x7f0000000340)='./file0\x00', 0x0)

11.709555774s ago: executing program 9 (id=4118):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r3, 0x13)
tkill(r3, 0x12)
waitid(0x1, r3, 0x0, 0x8, &(0x7f0000000340))

11.598401923s ago: executing program 8 (id=4119):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f076bbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r3, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000040)='asymmetric\x00', &(0x7f0000000000)=@chain)

9.817779155s ago: executing program 8 (id=4121):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = dup(r3)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, 0x0, 0x0)
sendmsg$inet6(r3, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000180)=[{&(0x7f00000004c0)="99", 0x1}], 0x1}, 0x4048043)
r5 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in={0x2, 0x4e24, @remote}], 0x10)
sendto$inet6(r5, &(0x7f0000000040)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)
sendto$inet6(r2, &(0x7f0000000040)='\x00', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0x9, @loopback, 0xc5f}, 0x1c)
close_range(r0, 0xffffffffffffffff, 0x0)

9.815390366s ago: executing program 0 (id=4122):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(0xffffffffffffffff, 0x6, 0x2, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x2, &(0x7f0000000040)=[{0x87, 0xfe, 0x4, 0xff}, {0x6}]})

7.992154228s ago: executing program 8 (id=4123):
socket(0xa, 0x80002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, 0x0, 0x0)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000c6302, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r3, 0x0)
sendfile(r3, r3, 0x0, 0xffffffff)

7.991862496s ago: executing program 9 (id=4124):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0f0000000400000004000000a2"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r3}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000140), 0x4)
recvfrom$inet6(r0, &(0x7f0000000100)=""/19, 0xff1, 0x40, 0x0, 0x0)

7.739492516s ago: executing program 9 (id=4126):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$xfs(&(0x7f0000000500), &(0x7f0000009640)='./file0\x00', 0x208800, &(0x7f00000006c0)={[{@nogrpid}, {@prjquota}, {@ikeep}, {@inode32}]}, 0x4, 0x9606, &(0x7f0000012cc0)="$eJzs2gm8pnPhuP/nDGOXMVRSaiqiRdYsUc0MZigkS7QjS8pSUqESSgoVEe3Zt2xlCWVrJdlbKCFUskRabMP8X8ecYYyLb/36/l++dV3X63XO8zz3c9/3+Tyf972cw2wyaYOJg8Ecg2mNG8zceddOnjLm6nXvOGrz+Y9d5tR7DnjsiouOH3mcMPI4cTAYjBp5e2jasrGD004fNZj14eWPNveccw3NOxgsO/JyZD+DFac9zHvF9PWmztTMAx169Ns+074ebr7hHzH85PAD9jpiMBiMmWH7ocFgaPfHfVBpm0yYPOlRq0fchq1Gjzyf8Wu2aV/zXjwYzHvmgI+PGdcdego+0vDP3P0l545e9yn42f9xbTJh8loz+Q+fi7OMLFtx+Byf+Rw0NvNxfttim648MoUPH2+DwfAl7jHnyn9Em0yYtPbgia/zg6NWuXCfqdOum7MPpt0o5hwMBnONXF/neapd6t9rwsTlHr5nT389wj79WN6djosT3n7yQ8M36cFgsMBgMHbN6feCqqqq+s9owsTlVoP7/xxPdv8/5ZSFz+z+X1VV9Z/bWhMmLjd8r5/p/j/Pk93/d1z4oj2n/bf/8StO2+qhp/ZDVFVV1b/UpLXw/j/mye7/K6522drd/6uqqv5zW3+dh+//88x0/1/wye7/bzl5lUVG1pv+e8ODM+xyaIb/n/DADMtnmWH5/TMsHz3DfmZcf7YZlt87w/LZh9+D9ccNBmOn/3vBKY8uHjtu+L2R5ffNsHz8o/9OZ9HVZ1g+YYblk2ZYPnFkrMPLJ8+wfPIM66/5JFNdVVX1f6b1l5u02mCGf2c/snih6e/T/f+Cs65b8qkab1VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVf1n9tAdZ587GAyGBoPBqMFgymDk+YyPg6lTp04dfn3K+Zdf/pQN9P9GQ+ddO3nKmKvXveOozec/dplT7zng0Vn6j+0//xPUv9Ow/xzHjxsMtt/oqR5KPQV1/rvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4h+44+9yRY2DUYDBlMPJ89+mPZ+3/5reOrLryxqfedfCjWy46fpuRZ+ddO3nKNk/B2J+ChoY/65ir173jqM3nP3aZU+854L/g7PnP/wT17/Sw/zZDg8HI+T1m+Fxed8L6Gy4xGAwOvuvUjVcYPPLeSsPvrTJ2lsEsD2+6xMPf11iUd7z7mtMexw9/W/CRfZzy8P7XmnrYLEMzDWKGXnXejUe9a5N7lp/5cfEn/hyjpj854voz7p46derUxywcaY4n2Hj6/qd/lpnP85GxLzE89qV22u69S71/l12X3Ga7zbbecustt19muZWWX2HZZVZY+RVLbbXNtlsuPe37E8zZuIe/r/bPzNk8M8/ZHRNmnLOZP9sTzdm4J5+zh/c4ZdehDafP2az/4pyt9uRzNm6bkR+06PjRg00fnpqhwWDR1UcPdh5+sczsg8Gia4ysu9DwuquOHTUY7P/oBx1+Nvsjx+DQ7sPrbDJpg4mPjuzxn/Bx1+nHrLjo+JHHCSOPE6cNcdzg0UNx7OC000cNz8VjpnnuOecamncwWHbk5ch+BiuPvHvo9PWmztTMAx169Ns+074ebr7hnQw/effSZ18zfC7OtP3/H/0/Xf8f57XS0CMTNTTyNbLONK8Jk9d69Gc9PA3DczfLyLIVh01mnrP/zR433nGzDsY8yXgnrTVxueHFM83/9E3w+LpzsQs/PO3YGr/itK0e+n9GofHO8yTjXWsCjneeJxvv8R+59PRpu/pfG+9M17q1H/4+/p+51g2e/Fo3C+1gy0sWmfla97onHuJjzuPpczT7TCs90bVu50OW3X14/+Of/Fq39vDYRz/mWjdqMFh0tenXuuEL36TRg/2HXyw7/GLy6MGxwy+We/jFnIPzh1+8/J07bLvF8II1p8/J0sP7HT926GH3C1e8dfGpB06duvrIWMaPfexYR46PcTPezyeMnTaZ07edvt/hVafv95ZnTntv0sh+J/wL+52+LY33rvmmvTd5ZL8TZ9rv6CfZ7/RtH3c+LDH0yIXrCa43k2a63oz8jTP9xz3ma7ZpX/NePBjMeyb5zrTu/3jNpPN3jicZ74SJy602PL6Zzt9HDkc6fy+dfPXwvWLewWCwwGAwds3pY/8XG3qi8c765OOdCOOd9cnGe+Vx263zvzDewQzjfcxxtsn6046VNUeOs8n/wvE7fduZr2OjH3532mV/zX/mOjbucdexPWYZNdNkz9AT/c62Baw/7flCj/6ee+1Jx0yf+9Ez7fd/+p1ths8yBNexMTP9PT9qzRsGQzTnux+/6mVDBz35nI8ePPZvi+lzPn3bJ5vzyf/MnD/nyef8n/09eYkXTnt/9Ezjn3HO19vv2ftOn/PZZtrv/zTnk5/83vH4OR8/GE1zvvT90+btya6nTzTn07edPufDH3GVsbMO1hi+Z43M+aR/Zs4X+t85zueC9ac93/KRReccdeobp8/5zHP8P835pH91zsc9cpwv+vB7Lxg1mG22wc6b7bTTjstM+z795bLTvvO16N5rp83zk91Ln8ho+rZPdl6s/s8YjfmnjIb+J6OFZ30io0dPrSN32PEZ/6/XotX/VaMBX4uuPmbavD3Z70VPNOfTt6X74IIzbD/z36Hrr/Pw793zzHQfnL4J3gfPOWvtvafvcmSzB2ca5vT76gMzLJ9lhuX3z7B89Az7mXH92WZYfu8My4c/wmwzrD+dddzw37wjy6c8uvrY4V+exo0sv2+G5eMf3XbR1WdYPmGG5ZNmWD7x0UNj0ckzLJ88w/prDv7Fpv836W1mvsjXP1v//ddd/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+4h+44+9yRY2DUYDBlMO350MjjYPeh9W5/zfDjYDAYveKJU9d7qsf7FDd03rWTp4y5et07jtp8/mOXOfWeA/4Lzp7//E9Q/04P+28zNBiMnN9jthkMButOWH/DJQaDwXpTT1xx1OCR9xYafm/VsaMGg/2HHrOD2R9ZZ2j34XU2mbTBxMFgjpE1xj3uhz7uPHrMiouOH3mcMPI4cdr1adzg0eN17OC000cNZn14+aPNPedcQ/MOBsuOvBzZz2DFaQ/zXjF9vakzNfNAhx79ts+0r4ebb/hHDD/ZeevJzx2eq5m2/z/T9Gv1NqP+x1U7/93l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u/jX/jpb/thJ1l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5i3vojrPPHTkGRg0GUwbTng/tPvI4GDr5tBePHCKjd7nq6MOe6vE+xQ2dd+3kKWOuXveOozaf/9hlTr3ngP+Cs+c//xPUv9PD/tsMDQYj5/eYbQaDwboT1t9wicFgcNjRV+0yavDIewsNv7fq2FGDwf5Dj9nB7I+sM7T78DqbTNpg4mAwx8ga4x73Qx93Hj1mxUXHjzxOGHmcOO36NG7w6PE6dnDa6aMGsz68/NHmnnOuoXkHg2VHXo7sZ7DitId5r5i+3tSZmnmgQ49+22fa18PNN/wjhp/sNc+1Jw/P1Uzb/59p+rV6m1H/46qd/+7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5S/uoTvOPnfkGBg1GEwZTHs+auRxaPebb9ptw+HH4dfzr7n3tU/1eJ/ihs67dvKUMVeve8dRm89/7DKn3nPAf8HZ85//Cerfadh/juPHDQbbb/RUD6Wegjr/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvLX9xDd5x97sjTUY8uHbV7xwU2dN61k6eMuXrdO47afP5jlzn1ngOe6gH9uz2B/x75Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fs/hflz9m8b8+f8zif0P+mMX/d/ljFv8b88cs/jflj1n8b84fs/j/Pn/M4v+H/DGL/x/zxyz+t+SPWfz/lD9m8b81f8zif1v+mMX/9vwxi/8d+WMW/z/nj1n878wfs/jflT9m8f9L/pjF/+78MYv/X/PHLP5/yx+z+P89f8zi/4/8MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8Z+SP2bxfzB/zOL/UP6YxX9q/pjEf5ZB/pjFfyh/zOI/Kn/M4j9L/pjFf9b8MYv/6Pwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/9Pyxyz+8+WPWfzH5I9Z/OfPH7P4j80fs/gvkD9m8V8wf8zi//T8MYv/M/LHLP7PzB+z+C+UP2bxf1b+mMV/4fwxi/+z88cs/s/JH7P4L5I/ZvF/bv6Yxf95+WMW/3H5Yxb/5+ePWfxfkP/jmnXk0eD/wvwxy/m/aP6YxX+x/DGL/4vyxyz+i+ePWfyXyB+z+L84f8zi/5L8MYv/S/PHLP4vyx+z+C+ZP2bxf3n+mMV/qfwxi//S+WMW/2Xyxyz+y+aPWfyXyx+z+C+fP2bxf0X+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxfmT9m8V8lf8ziv2r+mMX/VfljFv9X549Z/F+TP2bxH58/ZvGfkD9m8Z+YP2bxXy1/zOK/ev6YxX+N/DGL/6T8MYv/ZJX/LP/0mhb/NVX+/3wW/7Xyxyz+r80fs/i/Ln/M4r92/pjFf538MYv/uvljFv/X549Z/NfLH7P4vyF/zOK/fv6YxX+D/DGL/4b5Yxb/jfLHLP5vzB+z+G+cP2bx3yR/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOL/tvwxi//b88cs/u/IH7P4b5o/ZvHfLH/M4r95/pjF/535Yxb/LfLHLP5b5o9Z/LfKH7P4b50/ZvF/V/6YxX+b/DGL/7vzxyz+78kfs/hvmz9m8d8uf8ziv33+mMV/h/wxi/9788cs/u/LH7P475g/ZvF/f/6YxX+n/DGL/wfyxyz+H8wfs/h/KH/M4r9z/pjFf5f8MYv/rvljFv8P549Z/D+SP2bx/2j+mMV/t/wxi//H8scs/rvnj1n898gfs/jvmT9m8f94/pjF/xP5Yxb/vfLHLP6fzB+z+O+dP2bx/1T+mMX/0/ljFv998scs/vvmj1n898sfs/h/Jn/M4v/Z/DGL/+fyxyz+++ePWfwPyB+z+H8+f8zif2D+mMX/oPwxi/8X8scs/gfnj1n8D8kfs/h/MX/M4v+l/DGL/5fzxyz+X8kfs/h/NX/M4v+1/DGL/9fzxyz+38gfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+b+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOL/rfwxi/+388cs/qfmj1n8T8sfs/ifnj9m8T8jf8zi/538MYv/mfljFv+z8scs/mfnj1n8v5s/ZvH/Xv6Yxf+c/DGL/7n5Yxb/8/LHLP7n549Z/C/IH7P4fz9/zOL/g/wxi/8P88cs/j/KH7P4/zh/zOL/k/wxi/+F+WMW/4vyxyz+P80fs/hfnD9m8f9Z/pjF/5L8MYv/pfljFv/L8scs/pfnj1n8r8gfs/hfmT9m8b8qf8zi//P8MYv/L/LHLP6/zB+z+P8qf8zif3X+mMX/mvwxi/+v88cs/r/JH7P4X5s/ZvH/bf6Yxf+6/DGL//X5Yxb/G/LHLP6/yx+z+N+YP2bxvyl/zOJ/c/6Yxf/3+WMW/z/kj1n8/5g/ZvG/JX/M4v+n/DGL/635Yxb/2/LHLP63549Z/O/IH7P4/zl/zOJ/Z/6Yxf+u/DGL/1/yxyz+d+ePWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/5T8MYv/g/ljFv+H8scs/lPzxyT+sw7yxyz+Q/ljFv9R+WMW/1nyxyz+s+aPWfxH549Z/GfLH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/3PljFv958scs/vPmj1n8n5Y/ZvGfL3/M4j8mf8ziP3/+mMV/bP6YxX+B/DGL/4L5Yxb/p+ePWfyfkT9m8X9m/pjFf6H8MYv/s/LHLP4L549Z/J+dP2bxf07+mMV/kfwxi/9z88cs/s/LH7P4j8sfs/g/P3/M4v+C/DGL/wvzxyz+i+aPWfwXyx+z+L8of8ziv3j+mMV/ifwxi/+L88cs/i/JH7P4vzR/zOL/svwxi/+S+WMW/5fnj1n8l8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi//y+WMW/1fkj1n8V8gfs/ivmD9m8V8pf8ziv3L+mMX/lfljFv9V8scs/qvmj1n8X5U/ZvF/df6Yxf81+WMW//H5Yxb/CfljFv+J+WMW/9Xyxyz+q+ePWfzXyB+z+E/KH7P4T84fs/ivmT9m8V8rf8zi/9r8MYv/6/LHLP5r549Z/NfJH7P4r5s/ZvF/ff6YxX+9/DGL/xsGl+cPWfzX7/zHLP4b5I9Z/DfMH7P4b5Q/ZvF/Y/6YxX/j/DGL/yb5Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfzfnj9m8X9H/pjFf9P8MYv/ZvljFv/N88cs/u/MH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/u/LHLP7b5I9Z/N+dP2bxf0/+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfzfmz9m8X9f/pjFf8f8MYv/+/PHLP475Y9Z/D+QP2bx/2D+mMX/Q/ljFv+d88cs/rvkj1n8d80fs/h/OH/M4v+R/DGL/0fzxyz+u+WPWfw/lj9m8d89f8ziv0f+mMV/z/wxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/+/kj1n8z8wfs/iflT9m8T87f8zi/938MYv/9/LHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfwvzB+z+F+UP2bx/2n+mMX/4vwxi//P8scs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/6vzxyz+1+SPWfx/nT9m8f9N/pjF/9r8MYv/b/PHLP7X5Y9Z/K/PH7P435A/ZvH/Xf6Yxf/G/DGL/035Yxb/m/PHLP6/zx+z+P8hf8zi/8f8MYv/LfljFv8/5Y9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/8/5Yxb/O/PHLP535Y9Z/P+SP2bxvzt/zOL/1/wxi//f8scs/n/PH7P4/yN/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/Kfkj1n8H8wfs/g/lD9m8Z+aPybxHz3IH7P4D+WPWfxH5Y9Z/GfJH7P4z5o/ZvEfnT9m8Z8tf8ziP3v+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxf1r+mMV/vvwxi/+Y/DGL//z5Yxb/sfljFv8F8scs/gvmj1n8n54/ZvF/Rv6Yxf+Z+WMW/4Xyxyz+z8ofs/gvnD9m8X92/pjF/zn5Yxb/RfLHLP7PzR+z+D8vf8ziPy5/zOL//Pwxi/8L8scs/i/MH7P4L5o/ZvFfLH/M4v+i/DGL/+L5Yxb/JfLHLP4vzh+z+L8kf8zi/9L8MYv/y/LHLP5L5o9Z/F+eP2bxXyp/zOK/dP6YxX+Z/DGL/7L5Yxb/5fLHLP7L549Z/F+RP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/V+aPWfxXyR+z+K+aP2bxf1X+mMX/1fljFv/X5I9Z/Mfnj1n8J+SPWfwn5o9Z/FfLH7P4r54/ZvFfI3/M4j8pf8ziPzl/zOK/Zv6YxX+t/DGL/2vzxyz+r8sfs/ivnT9m8V8nf8ziv27+mMX/9fljFv/18scs/m/IH7P4r58/ZvHfIH/M4r9h/pjFf6P8MYv/G/PHLP4b549Z/DfJH7P4vyl/zOL/5vwxi/9b8scs/m/NH7P4vy1/zOL/9vwxi/878scs/pvmj1n8N8sfs/hvnj9m8X9n/pjFf4v8MYv/lvljFv+t8scs/lvnj1n835U/ZvHfJn/M4v/u/DGL/3vyxyz+2+aPWfy3yx+z+G+fP2bx3yF/zOL/3vwxi//78scs/jvmj1n8358/ZvHfKX/M4v+B/DGL/wfzxyz+H8ofs/jvnD9m8d8lf8ziv2v+mMX/w/ljFv+P5I9Z/D+aP2bx3y1/zOL/sfwxi//u+WMW/z3yxyz+e+aPWfw/nj9m8f9E/pjFf6/8MYv/J/PHLP57549Z/D+VP2bx/3T+mMV/n/wxi/+++WMW//3yxyz+n8kfs/h/Nn/M4v+5/DGL//75Yxb/A/LHLP6fzx+z+B+YP2bxPyh/zOL/hfwxi//B+WMW/0Pyxyz+X8wfs/h/KX/M4v/l/DGL/1fyxyz+X80fs/h/LX/M4v/1/DGL/zfyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvH/Zv6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4fyt/zOL/7fwxi/+p+WMW/9Pyxyz+p+ePWfzPyB+z+H8nf8zif2b+mMX/rPwxi//Z+WMW/+/mj1n8v5c/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/t/PH7P4/yB/zOL/w/wxi/+P8scs/j/OH7P4/yR/zOJ/Yf6Yxf+i/DGL/0/zxyz+F+ePWfx/lj9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+P88f8zi/4v8MYv/L/PHLP6/yh+z+F+dP2bxvyZ/zOL/6/wxi/9v8scs/tfmj1n8f5s/ZvG/Ln/M4n99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/2yD/DGL/1D+mMV/VP6YxX+W/DGL/6z5Yxb/0fljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW/6flj1n858sfs/iPyR+z+M+fP2bxH5s/ZvFfIH/M4r9g/pjF/+n5Yxb/Z+SPWfyfmT9m8V8of8zi/6z8MYv/wvljFv9n549Z/J+TP2bxXyR/zOL/3Pwxi//z8scs/uPyxyz+z88fs/i/IH/M4v/C/DGL/6L5Yxb/xfLHLP4vyh+z+C+eP2bxXyJ/zOL/4vwxi/9L8scs/i/NH7P4vyx/zOK/ZP6Yxf/l+WMW/6Xyxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOK/fP6Yxf8V+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxf2X+mMV/lfwxi/+q+WMW/1flj1n8X50/ZvF/Tf6YxX98/pjFf0L+mMV/Yv6YxX+1/DGL/+r5Yxb/NfLHLP6T8scs/pPzxyz+a+aPWfzXyh+z+L82f8zi/7r8MYv/2vljFv918scs/uvmj1n8X58/ZvFfL3/M4v+G/DGL//r5Yxb/DfLHLP4b5o9Z/DfKH7P4vzF/zOK/cf6YxX+T/DGL/5vyxyz+b84fs/i/JX/M4v/W/DGL/9vyxyz+b88fs/i/I3/M4r9p/pjFf7P8MYv/5vljFv935o9Z/LfIH7P4b5k/ZvHfKn/M4r91/pjF/135Yxb/bfLHLP7vzh+z+L8nf8ziv23+mMV/u/wxi//2+WMW/x3yxyz+780fs/i/L3/M4r9j/pjF//35Yxb/nfLHLP4fyB+z+H8wf8zi/6H8MYv/zvljFv9d8scs/rvmj1n8P5w/ZvH/SP6Yxf+j+WMW/93yxyz+H8sfs/jvnj9m8d8jf8ziv2f+mMX/4/ljFv9P5I9Z/PfKH7P4fzJ/zOK/d/6Yxf9T+WMW/0/nj1n898kfs/jvmz9m8d8vf8zi/5n8MYv/Z/PHLP6fyx+z+O+fP2bxPyB/zOL/+fwxi/+B+WMW/4Pyxyz+X8gfs/gfnD9m8T8kf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5fzx+z+H8jf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/b+aPWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/7fyxyz+384fs/ifmj9m8T8tf8zif3r+mMX/jPwxi/938scs/mfmj1n8z8ofs/ifnT9m8f9u/pjF/3v5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4v/9/DGL/w/yxyz+P8wfs/j/KH/M4v/j/DGL/0/yxyz+F+aPWfwvyh+z+P80f8zif3H+mMX/Z/ljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//P88cs/r/IH7P4/zJ/zOL/q/wxi//V+WMW/2vyxyz+v84fs/j/Jn/M4n9t/pjF/7f5Yxb/6/LHLP7X549Z/G/IH7P4/y5/zOJ/Y/6Yxf+m/DGL/835Yxb/3+ePWfz/kD9m8f9j/pjF/5b8MYv/n/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4v/n/DGL/535Yxb/u/LHLP5/yR+z+N+dP2bx/2v+mMX/b/ljFv+/549Z/P+RP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP5T8scs/g/mj1n8H8ofs/hPzR+T+M8+yB+z+A/lj1n8R+WPWfxnyR+z+M+aP2bxH50/ZvGfLX/M4j97/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8X9a/pjFf778MYv/mPwxi//8+WMW/7H5Yxb/BfLHLP4L5o9Z/J+eP2bxf0b+mMX/mfljFv+F8scs/s/KH7P4L5w/ZvF/dv6Yxf85+WMW/0Xyxyz+z80fs/g/L3/M4j8uf8zi//z8MYv/C/LHLP4vzB+z+C+aP2bxXyx/zOL/ovwxi//i+WMW/yXyxyz+L84fs/i/JH/M4v/S/DGL/8vyxyz+S+aPWfxfnj9m8V8qf8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxfkT9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1fmj1n8V8kfs/ivmj9m8X9V/pjF/9X5Yxb/1+SPWfzH549Z/Cfkj1n8J+aPWfxXyx+z+K+eP2bxXyN/zOI/KX/M4j85f8ziv2b+mMV/rfwxi/9r88cs/q/LH7P4r50/ZvFfJ3/M4r9u/pjF//X5Yxb/9fLHLP5vyB+z+K+fP2bx3yB/zOK/Yf6YxX+j/DGL/xvzxyz+G+ePWfw3yR+z+L8pf8zi/+b8MYv/W/LHLP5vzR+z+L8tf8zi//b8MYv/O/LHLP6b5o9Z/DfLH7P4b54/ZvF/Z/6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/N+VP2bx3yZ/zOL/7vwxi/978scs/tvmj1n8t8sfs/hvnz9m8d8hf8zi/978MYv/+/LHLP475o9Z/N+fP2bx3yl/zOL/gfwxi/8H88cs/h/KH7P475w/ZvHfJX/M4r9r/pjF/8P5Yxb/j+SPWfw/mj9m8d8tf8zi/7H8MYv/7vljFv898scs/nvmj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/vvljFv/98scs/p/JH7P4fzZ/zOL/ufwxi//++WMW/wPyxyz+n88fs/gfmD9m8T8of8zi/4X8MYv/wfljFv9D8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/2b+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+H8rf8zi/+38MYv/qfljFv/T8scs/qfnj1n8z8gfs/h/J3/M4n9m/pjF/6z8MYv/2fljFv/v5o9Z/L+XP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif2H+mMX/ovwxi/9P88cs/hfnj1n8f5Y/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfnT9m8b8mf8zi/+v8MYv/b/LHLP7X5o9Z/H+bP2bxvy5/zOJ/ff6Yxf+G/DGL/+/yxyz+N+aPWfxvyh+z+N+cP2bx/33+mMX/D/ljFv8/5o9Z/G/JH7P4/yl/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP5/zh+z+N+ZP2bxvyt/zOL/l/wxi//d+WMW/7/mj1n8/5Y/ZvH/e/6Yxf8f+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOI/JX/M4v9g/pjF/6H8MYv/1Pwxif8cg/wxi/9Q/pjFf1T+mMV/lvwxi/+s+WMW/9H5Yxb/2fLHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv+n5Y9Z/OfLH7P4j8kfs/jPnz9m8R+bP2bxXyB/zOK/YP6Yxf/p+WMW/2fkj1n8n5k/ZvFfKH/M4v+s/DGL/8L5Yxb/Z+ePWfyfkz9m8V8kf8zi/9z8MYv/8/LHLP7j8scs/s/PH7P4vyB/zOL/wvwxi/+i+WMW/8Xyxyz+L8ofs/gvnj9m8V8if8zi/+L8MYv/S/LHLP4vzR+z+L8sf8ziv2T+mMX/5fljFv+l8scs/kvnj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMX/FfljFv8V8scs/ivmj1n8V8ofs/ivnD9m8X9l/pjFf5X8MYv/qvljFv9X5Y9Z/F+dP2bxf03+mMV/fP6YxX9C/pjFf2L+mMV/tfwxi//q+WMW/zXyxyz+k/LHLP6T88cs/mvmj1n818ofs/i/Nn/M4v+6/DGL/9r5Yxb/dfLHLP7r5o9Z/F+fP2bxXy9/zOL/hvwxi//6+WMW/w3yxyz+G+aPWfw3yh+z+L8xf8ziv3H+mMV/k/wxi/+b8scs/m/OH7P4vyV/zOL/1vwxi//b8scs/m/PH7P4vyN/zOK/af6YxX+z/DGL/+b5Yxb/d+aPWfy3yB+z+G+ZP2bx3yp/zOK/df6Yxf9d+WMW/23yxyz+784fs/i/J3/M4r9t/pjFf7v8MYv/9vljFv8d8scs/u/NH7P4vy9/zOK/Y/6Yxf/9+WMW/53yxyz+H8gfs/h/MH/M4v+h/DGL/875Yxb/XfLHLP675o9Z/D+cP2bx/0j+mMX/o/ljFv/d8scs/h/LH7P4754/ZvHfI3/M4r9n/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPOcgfs/gP5Y9Z/Eflj1n8Z8kfs/jPmj9m8R+dP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvF/Wv6YxX++/DGL/5j8MYv//PljFv+x+WMW/wXyxyz+C+aPWfyfnj9m8X9G/pjF/5n5Yxb/hfLHLP7Pyh+z+C+cP2bxf3b+mMX/OfljFv9F8scs/s/NH7P4Py9/zOI/Ln/M4v/8/DGL/wvyxyz+L8wfs/gvmj9m8V8sf8zi/6L8MYv/4vljFv8l8scs/i/OH7P4vyR/zOL/0vwxi//L8scs/kvmj1n8X54/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/l8scs/svnj1n8X5E/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9X5o9Z/FfJH7P4r5o/ZvF/Vf6Yxf/V+WMW/9fkj1n8x+ePWfwn5I9Z/Cfmj1n8V8sfs/ivnj9m8V8jf8ziPyl/zOI/OX/M4r9m/pjFf638MYv/a/PHLP6vyx+z+K+dP2bxXyd/zOK/bv6Yxf/1+WMW//Xyxyz+b8gfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi/8b88cs/hvnj1n8N8kfs/i/KX/M4v/m/DGL/1vyxyz+b80fs/i/LX/M4v/2/DGL/zvyxyz+m+aPWfw3yx+z+G+eP2bxf2f+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfzflT9m8d8mf8zi/+78MYv/e/LHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4v/e/DGL//vyxyz+O+aPWfzfnz9m8d8pf8zi/4H8MYv/B/PHLP4fyh+z+O+cP2bx3yV/zOK/a/6Yxf/D+WMW/4/kj1n8P5o/ZvHfLX/M4v+x/DGL/+75Yxb/PfLHLP575o9Z/D+eP2bx/0T+mMV/r/wxi/8n88cs/nvnj1n8P5U/ZvH/dP6YxX+f/DGL/775Yxb//fLHLP6fyR+z+H82f8zi/7n8MYv//vljFv8D8scs/p/PH7P4H5g/ZvE/KH/M4v+F/DGL/8H5Yxb/Q/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9m/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/h/K3/M4v/t/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4fyd/zOJ/Zv6Yxf+s/DGL/9n5Yxb/7+aPWfy/lz9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9h/pjF/6L8MYv/T/PHLP4X549Z/H+WP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X50/ZvG/Jn/M4v/r/DGL/2/yxyz+1+aPWfx/mz/2WP/RT/Vw/v2ewP+6/DHL+X99/pjF/4b8MYv/7/LHLP435o9Z/G/KH7P435w/ZvH/ff6Yxf8P+WMW/z/mj1n8b8kfs/j/KX/M4n9r/pjF/7b8MYv/7fljFv878scs/n/OH7P435k/ZvG/K3/M4v+X/DGL/935Yxb/v+aPWfz/lj9m8f97/pjF/x/5Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4j8lf8zi/2D+mMX/ofwxi//U/DGJ/1yD/DGL/1D+mMV/VP6YxX+W/DGL/6z5Yxb/0fljFv/Z8scs/rPnj1n858gfs/jPmT9m8Z8rf+y/33+OR97K//H99/s/3Fzz5I9Z/OfNH7P4Py1/zOI/X/6YxX9M/pjFf/78MYv/2Pwxi/8C+WMW/wXzxyz+T88fs/g/I3/M4v/M/DGL/0L5Yxb/Z+WPWfwXzh+z+D87f8zi/5z8MYv/IvljFv/n5o9Z/J+XP2bxH5c/ZvF/fv6Yxf8F+WMW/xfmj1n8F80fs/gvlj9m8X9R/pjFf/H8MYv/EvljFv8X549Z/F+SP2bxf2n+mMX/ZfljFv8l88cs/i/PH7P4L5U/ZvFfOn/M4r9M/pjFf9n8MYv/cvljFv/l88cs/q/IH7P4r5A/ZvFfMX/M4r9S/pjFf+X8MYv/K/PHLP6r5I9Z/FfNH7P4vyp/zOL/6vwxi/9r8scs/uPzxyz+E/LHLP4T88cs/qvlj1n8V88fs/ivkT9m8Z+UP2bxn5w/ZvFfM3/M4r9W/pjF/7X5Yxb/1+WPWfzXzh+z+K+TP2bxXzd/zOL/+vwxi/96+WMW/zfkj1n8188fs/hvkD9m8d8wf8ziv1H+mMX/jfljFv+N88cs/pvkj1n835Q/ZvF/c/6Yxf8t+WMW/7fmj1n835Y/ZvF/e/6Yxf8d+WMW/03zxyz+m+WPWfw3zx+z+L8zf8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+78ofs/hvkz9m8X93/pjF/z35Yxb/bfPHLP7b5Y9Z/LfPH7P475A/ZvF/b/6Yxf99+WMW/x3zxyz+788fs/jvlD9m8f9A/pjF/4P5Yxb/D+WPWfx3zh+z+O+SP2bx3zV/zOL/4fwxi/9H8scs/h/NH7P475Y/ZvH/WP6YxX/3/DGL/x75Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fs/hflz9m8b8+f8zif0P+mMX/d/ljFv8b88cs/jflj1n8b84fs/j/Pn/M4v+H/DGL/x/zxyz+t+SPWfz/lD9m8b81f8zif1v+mMX/9vwxi/8d+WMW/z/nj1n878wfs/jflT9m8f9L/pjF/+78MYv/X/PHLP5/yx+z+P89f8zi/4/8MYv/PfljFv9788cs/vflj1n8788fs/g/kD9m8Z+SP2bxfzB/zOL/UP6YxX9q/pjEf+5B/pjFfyh/zOI/Kn/M4j9L/pjFf9b8MYv/6Pwxi/9s+WMW/9nzxyz+c+SPWfznzB+z+M+VP2bxnzt/zOI/T/6YxX/e/DGL/9Pyxyz+8+WPWfzH5I9Z/OfPH7P4j80fs/gvkD9m8V8wf8zi//T8MYv/M/LHLP7PzB+z+C+UP2bxf1b+mMV/4fwxi/+z88cs/s/JH7P4L5I/ZvF/bv6Yxf95+WMW/3H5Yxb/5+ePWfxfkD9m8X9h/pjFf9H8MYv/YvljFv8X5Y9Z/BfPH7P4L5E/ZvF/cf6Yxf8l+WMW/5fmj1n8X5Y/ZvFfMn/M4v/y/DGL/1L5Yxb/pfPHLP7L5I9Z/JfNH7P4L5c/ZvFfPn/M4v+K/DGL/wr5Yxb/FfPHLP4r5Y9Z/FfOH7P4vzJ/zOK/Sv6YxX/V/DGL/6vyxyz+r84fs/i/Jn/M4j8+f8ziPyF/zOI/MX/M4r9a/pjFf/X8MYv/GvljFv9J+WMW/8n5Yxb/NfPHLP5r5Y9Z/F+bP2bxf13+mMV/7fwxi/86+WMW/3Xzxyz+r88fs/ivlz9m8X9D/pjFf/38MYv/BvljFv8N88cs/hvlj1n835g/ZvHfOH/M4r9J/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjF/235Yxb/t+ePWfzfkT9m8d80f8ziv1n+mMV/8/wxi/8788cs/lvkj1n8t8wfs/hvlT9m8d86f8zi/678MYv/NvljFv93549Z/N+TP2bx3zZ/zOK/Xf6YxX/7/DGL/w75Yxb/9+aPWfzflz9m8d8xf8zi//78MYv/TvljFv8P5I9Z/D+YP2bx/1D+mMV/5/wxi/8u+WMW/13zxyz+H84fs/h/JH/M4v/R/DGL/275Yxb/j+WPWfx3zx+z+O+RP2bx3zN/zOL/8fwxi/8n8scs/nvlj1n8P5k/ZvHfO3/M4v+p/DGL/6fzxyz+++SPWfz3zR+z+O+XP2bx/0z+mMX/s/ljFv/P5Y9Z/PfPH7P4H5A/ZvH/fP6Yxf/A/DGL/0H5Yxb/L+SPWfwPzh+z+B+SP2bx/2L+mMX/S/ljFv8v549Z/L+SP2bx/2r+mMX/a/ljFv+v549Z/L+RP2bxPzR/zOJ/WP6Yxf/w/DGL/xH5Yxb/I/PHLP5H5Y9Z/I/OH7P4H5M/ZvE/Nn/M4n9c/pjF//j8MYv/N/PHLP4n5I9Z/E/MH7P4n5Q/ZvE/OX/M4n9K/pjF/1v5Yxb/b+ePWfxPzR+z+J+WP2bxPz1/zOJ/Rv6Yxf87+WMW/zPzxyz+Z+WPWfzPzh+z+H83f8zi/738MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8f9+/pjF/wf5Yxb/H+aPWfx/lD9m8f9x/pjF/yf5Yxb/C/PHLP4X5Y9Z/H+aP2bxvzh/zOL/s/wxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/n+WMW/1/kj1n8f5k/ZvH/Vf6Yxf/q/DGL/zX5Yxb/X+ePWfx/kz9m8b82f8zi/9v8MYv/dfljFv/r88cs/jfkj1n8f5c/ZvG/MX/M4n9T/pjF/+b8MYv/7/PHLP5/yB+z+P8xf8zif0v+mMX/T/ljFv9b88cs/rflj1n8b88fs/jfkT9m8f9z/pjF/878MYv/XfljFv+/5I9Z/O/OH7P4/zV/zOL/t/wxi//f88cs/v/IH7P435M/ZvG/N3/M4n9f/pjF//78MYv/A/ljFv8p+WMW/wfzxyz+D+WPWfyn5o9J/OcZ5I9Z/Ifyxyz+o/LHLP6z5I9Z/GfNH7P4j84fs/jPlj9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+D8tf8ziP1/+mMV/TP6YxX/+/DGL/9j8MYv/AvljFv8F88cs/k/PH7P4PyN/zOL/zPwxi/9C+WMW/2flj1n8F84fs/g/O3/M4v+c/DGL/yL5Yxb/5+aPWfyflz9m8R+XP2bxf37+mMX/BfljFv8X5o9Z/BfNH7P4L5Y/ZvF/Uf6YxX/x/DGL/xL5Yxb/F+ePWfxfkj9m8X9p/pjF/2X5Yxb/JfPHLP4vzx+z+C+VP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/5fPHLP6vyB+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yvzxyz+q+SPWfxXzR+z+L8qf8zi/+r8MYv/a/LHLP7j88cs/hPyxyz+E/PHLP6r5Y9Z/FfPH7P4r5E/ZvGflD9m8Z+cP2bxXzN/zOK/Vv6Yxf+1+WMW/9flj1n8184fs/ivkz9m8V83f8zi//r8MYv/evljFv835I9Z/NfPH7P4b5A/ZvHfMH/M4r9R/pjF/435Yxb/jfPHLP6b5I9Z/N+UP2bxf3P+mMX/LfljFv+35o9Z/N+WP2bxf3v+mMX/HfljFv9N88cs/pvlj1n8N88fs/i/M3/M4r9F/pjFf8v8MYv/VvljFv+t88cs/u/KH7P4b5M/ZvF/d/6Yxf89+WMW/23zxyz+2+WPWfy3zx+z+O+QP/aI/1Yn/1f7vzd/zHL+vy9/zOK/Y/6Yxf/9+WMW/53yxyz+H8gfs/h/MH/M4v+h/DGL/875Yxb/XfLHLP675o9Z/D+cP2bx/0j+mMX/o/ljFv/d8scs/h/LH7P4754/ZvHfI3/M4r9n/pjF/+P5Yxb/T+SPWfz3yh+z+H8yf8ziv3f+mMX/U/ljFv9P549Z/PfJH7P475s/ZvHfL3/M4v+Z/DGL/2fzxyz+n8sfs/jvnz9m8T8gf8zi//n8MYv/gfljFv+D8scs/l/IH7P4H5w/ZvE/JH/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+X88fs/h/I3/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/2/mj1n8T8gfs/ifmD9m8T8pf8zif3L+mMX/lPwxi/+38scs/t/OH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/d/LHLP5n5o9Z/M/KH7P4n50/ZvH/bv6Yxf97+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOL//fwxi/8P8scs/j/MH7P4/yh/zOL/4/wxi/9P8scs/hfmj1n8L8ofs/j/NH/M4n9x/pjF/2f5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/z/PHLP6/yB+z+P8yf8zi/6v8MYv/1fljFv9r8scs/r/OH7P4/yZ/zOJ/bf6Yxf+3+WMW/+vyxyz+1+ePWfxvyB+z+P8uf8zif2P+mMX/pvwxi//N+WMW/9/nj1n8/5A/ZvH/Y/6Yxf+W/DGL/5/yxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOL/5/wxi/+d+WMW/7vyxyz+f8kfs/jfnT9m8f9r/pjF/2/5Yxb/v+ePWfz/kT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+U/LHLP4P5o9Z/B/KH7P4T80fk/jPO8gfs/gP5Y9Z/Eflj1n8Z8kfs/jPmj9m8R+dP2bxny1/zOI/e/6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvF/Wv6YxX++/DGL/5j8MYv//PljFv+x+WMW/wXyxyz+C+aPWfyfnj9m8X9G/pjF/5n5Yxb/hfLHLP7Pyh+z+C+cP2bxf3b+mMX/OfljFv9F8scs/s/NH7P4Py9/zOI/Ln/M4v/8/DGL/wvyxyz+L8wfs/gvmj9m8V8sf8zi/6L8MYv/4vljFv8l8scs/i/OH7P4vyR/zOL/0vwxi//L8scs/kvmj1n8X54/ZvFfKn/M4r90/pjFf5n8MYv/svljFv/l8scs/svnj1n8X5E/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9X5o9Z/FfJH7P4r5o/ZvF/Vf6Yxf/V+WMW/9fkj1n8x+ePWfwn5I9Z/Cfmj1n8V8sfs/ivnj9m8V8jf8ziPyl/zOI/OX/M4r9m/pjFf638MYv/a/PHLP6vyx+z+K+dP2bxXyd/zOK/bv6Yxf/1+WMW//Xyxyz+b8gfs/ivnz9m8d8gf8ziv2H+mMV/o/wxi/8b88cs/hvnj1n8N8kfs/i/KX/M4v/m/DGL/1vyxyz+b80fs/i/LX/M4v/2/DGL/zvyxyz+m+aPWfw3yx+z+G+eP2bxf2f+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfzflT9m8d8mf8zi/+78MYv/e/LHLP7b5o9Z/LfLH7P4b58/ZvHfIX/M4v/e/DGL//vyxyz+O+aPWfzfnz9m8d8pf8zi/4H8MYv/B/PHLP4fyh+z+O+cP2bx3yV/zOK/a/6Yxf/D+WMW/4/kj1n8P5o/ZvHfLX/M4v+x/DGL/+75Yxb/PfLHLP575o9Z/D+eP2bx/0T+mMV/r/wxi/8n88cs/nvnj1n8P5U/ZvH/dP6YxX+f/DGL/775Yxb//fLHLP6fyR+z+H82f8zi/7n8MYv//vljFv8D8scs/p/PH7P4H5g/ZvE/KH/M4v+F/DGL/8H5Yxb/Q/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8zi//X8MYv/N/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8f9m/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/h/K3/M4v/t/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4fyd/zOJ/Zv6Yxf+s/DGL/9n5Yxb/7+aPWfy/lz9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+388fs/j/IH/M4v/D/DGL/4/yxyz+P84fs/j/JH/M4n9h/pjF/6L8MYv/T/PHLP4X549Z/H+WP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4/zx/zOL/i/wxi/8v88cs/r/KH7P4X50/ZvG/Jn/M4v/r/DGL/2/yxyz+1+aPWfx/mz9m8b8uf8zif33+mMX/hvwxi//v8scs/jfmj1n8b8ofs/jfnD9m8f99/pjF/w/5Yxb/P+aPWfxvyR+z+P8pf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+f84fs/jfmT9m8b8rf8zi/5f8MYv/3fljFv+/5o9Z/P+WP2bx/3v+mMX/H/ljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8ziPyV/zOL/YP6Yxf+h/DGL/9T8MYn/0wb5Yxb/ofwxi/+o/DGL/yz5Yxb/WfPHLP6j88cs/rPlj1n8Z88fs/jPkT9m8Z8zf8ziP1f+mMV/7vwxi/88+WMW/3nzxyz+T8sfs/jPlz9m8R+TP2bxnz9/zOI/Nn/M4r9A/pjFf8H8MYv/0/PHLP7PyB+z+D8zf8ziv1D+mMX/WfljFv+F88cs/s/OH7P4Pyd/zOK/SP6Yxf+5+WMW/+flj1n8x+WPWfyfnz9m8X9B/pjF/4X5Yxb/RfPHLP6L5Y9Z/F+UP2bxXzx/zOK/RP6Yxf/F+WMW/5fkj1n8X5o/ZvF/Wf6YxX/J/DGL/8vzxyz+S+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6YxX/5/DGL/yvyxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOL/yvwxi/8q+WMW/1Xzxyz+r8ofs/i/On/M4v+a/DGL//j8MYv/hPwxi//E/DGL/2r5Yxb/1UX+c/wL61r81xD5/ytZ/Cflj1n8J+ePWfzXzB+z+K+VP2bxf23+mMX/dfljFv+188cs/uvkj1n8180fs/i/Pn/M4r9e/pjF/w35Yxb/9fPHLP4b5I9Z/DfMH7P4b5Q/ZvF/Y/6YxX/j/DGL/yb5Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfzfnj9m8X9H/pjFf9P8MYv/ZvljFv/N88cs/u/MH7P4b5E/ZvHfMn/M4r9V/pjFf+v8MYv/u/LHLP7b5I9Z/N+dP2bxf0/+mMV/2/wxi/92+WMW/+3zxyz+O+SPWfzfmz9m8X9f/pjFf8f8MYv/+/PHLP475Y9Z/D+QP2bx/2D+mMX/Q/ljFv+d88cs/rvkj1n8d80fs/h/OH/M4v+R/DGL/0fzxyz+u+WPWfw/lj9m8d89f8ziv0f+mMV/z/wxi//H88cs/p/IH7P475U/ZvH/ZP6YxX/v/DGL/6fyxyz+n84fs/jvkz9m8d83f8ziv1/+mMX/M/ljFv/P5o9Z/D+XP2bx3z9/zOJ/QP6Yxf/z+WMW/wPzxyz+B+WPWfy/kD9m8T84f8zif0j+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv+v5Y9Z/L+eP2bx/0b+mMX/0Pwxi/9h+WMW/8Pzxyz+R+SPWfyPzB+z+B+VP2bxPzp/zOJ/TP6Yxf/Y/DGL/3H5Yxb/4/PHLP7fzB+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/b+WPWfy/nT9m8T81f8zif1r+mMX/9Pwxi/8Z+WMW/+/kj1n8z8wfs/iflT9m8T87f8zi/938MYv/9/LHLP7n5I9Z/M/NH7P4n5c/ZvE/P3/M4n9B/pjF//v5Yxb/H+SPWfx/mD9m8f9R/pjF/8f5Yxb/n+SPWfwvzB+z+F+UP2bx/2n+mMX/4vwxi//P8scs/pfkj1n8L80fs/hflj9m8b88f8zif0X+mMX/yvwxi/9V+WMW/5/nj1n8f5E/ZvH/Zf6Yxf9X+WMW/6vzxyz+1+SPWfx/nT9m8f9N/pjF/9r8MYv/b/PHLP7X5Y9Z/K/PH7P435A/ZvH/Xf6Yxf/G/DGL/035Yxb/m/PHLP6/zx+z+P8hf8zi/8f8MYv/LfljFv8/5Y9Z/G/NH7P435Y/ZvG/PX/M4n9H/pjF/8/5Yxb/O/PHLP535Y9Z/P+SP2bxvzt/zOL/1/wxi//f8scs/n/PH7P4/yN/zOJ/T/6Yxf/e/DGL/335Yxb/+/PHLP4P5I9Z/Kfkj1n8H8wfs/g/lD9m8Z+aPybxn2+QP2bxH8ofs/iPyh+z+M+SP2bxnzX/xzTLyKPFf3T+mMV/tvwxi//s+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6Yxf9p+WMW//nyxyz+Y/LHLP7z549Z/Mfmj1n8F8gfs/gvmD9m8X96/pjF/xn5Yxb/Z+aPWfwXyh+z+D8rf8ziv3D+mMX/2fljFv/n5I9Z/BfJH7P4Pzd/zOL/vPwxi/+4/DGL//Pzxyz+L8gfs/i/MH/M4r9o/pjFf7H8MYv/i/LHLP6L549Z/JfIH7P4vzh/zOL/kvwxi/9L88cs/i/LH7P4L5k/ZvF/ef6YxX+p/DGL/9L5Yxb/ZfLHLP7L5o9Z/JfLH7P4L58/ZvF/Rf6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/F+ZP2bxXyV/zOK/av6Yxf9V+WMW/1fnj1n8X5M/ZvEfnz9m8Z+QP2bxn5g/ZvFfLX/M4r96/pjFf438MYv/pPwxi//k/DGL/5r5Yxb/tfLHLP6vzR+z+L8uf8ziv3b+mMV/nfwxi/+6+WMW/9fnj1n818sfs/i/IX/M4r9+/pjFf4P8MYv/hvljFv+N8scs/m/MH7P4b5w/ZvHfJH/M4v+m/DGL/5vzxyz+b8kfs/i/NX/M4v+2/DGL/9vzxyz+78gfs/hvmj9m8d8sf8ziv3n+mMX/nfljFv8t8scs/lvmj1n8t8ofs/hvnT9m8X9X/pjFf5v8MYv/u/PHLP7vyR+z+G+bP2bx3y5/zOK/ff6YxX+H/DGL/3vzxyz+78sfs/jvmD9m8X9//pjFf6f8MYv/B/LHLP4fzB+z+H8of8ziv3P+mMV/l/wxi/+u+WMW/w/nj1n8P5I/ZvH/aP6YxX+3/DGL/8fyxyz+u+ePWfz3yB+z+O+ZP2bx///Yo6cEUAgACIDZeNm2bdu2bdv1kW3btm3btm3zAnuCduYKc6D/qOX/IP9Ry//B/qOW/0P8Ry3/h/qPWv4P8x+1/B/uP2r5P8J/1PJ/pP+o5f8o/1HL/9H+o5b/Y/xHLf/H+o9a/o/zH7X8H+8/avk/wX/U8n+i/6jl/yT/Ucv/yf6jlv9T/Ect/6f6j1r+T/Mftfyf7j9q+T/Df9Tyf6b/qOX/LP9Ry//Z/qOW/3P8Ry3/5/qPWv7P8x+1/J/vP2r5v8B/1PJ/of+o5f8i/1HL/8X+o5b/S/xHLf+X+o9a/i/zH7X8X+4/avm/wn/U8n+l/6jl/yr/Ucv/1f6jlv9r/Ect/9f6j1r+r/Mftfxf7z9q+b/Bf9Tyf6P/qOX/Jv9Ry//N/qOW/1v8Ry3/t/qPWv5v8x+1/N/uP2r5v8N/1PJ/p/+o5f8u/1HL/93+o5b/e/xHLf/3+o9a/u/zH7X83+8/avl/wH/U8v+g/6jl/yH/Ucv/w/6jlv9H/Ect/4/6j1r+H/Mftfw/7j9q+X/Cf9Ty/6T/qOX/Kf9Ry//T/qOW/2f8Ry3/z/qPWv6f8x+1/D/vP2r5f8F/1PL/ov+o5f8l/1HL/8v+o5b/V/xHLf+v+o9a/l/zH7X8v+4/avl/w3/U8v+m/6jl/y3/Ucv/2/6jlv93/Ect/+/6j1r+3/Mftfy/7z9q+f/Af9Ty/6H/qOX/I/9Ry//H/qOW/0/8Ry3/n/qPWv4/8x+1/H/uP2r5/8J/1PL/pf+o5f8r/1HL/9f+o5b/b/xHLf/f+o9a/r/zH7X8f+8/avn/wX/U8v+j/6jl/yf/Ucv/z/6jlv9f/Ect/7/6j1r+f/Mftfz/7j9q+f/Df9Ty/6f/qOX/L/9Ry//f/qOW/3/8Ry3///qPSv4HDOQ/avkf2H/U8j+I/6jlf1D/Ucv/YP6jlv/B/Uct/0P4j1r+h/QftfwP5T9q+R/af9TyP4z/qOV/WP9Ry/9w/qOW/+H9Ry3/I/iPWv5H9B+1/A/wH7X8j+Q/avkf2X/U8j+K/6jlf1T/Ucv/aP6jlv/R/Uct/2P4j1r+x/QftfyP5T9q+R/bf9TyP47/qOV/XP9Ry/94/qOW//H9Ry3/E/iPWv4n9B+1/E/kP2r5n9h/1PI/if+o5X9S/1HL/2T+o5b/yf1HLf9T+I9a/qf0H7X8T+U/avmf2n/U8j+N/6jlf1r/Ucv/dP6jlv/p/Uct/zP4j1r+Z/QftfzP5D9q+Z/Zf9TyP4v/qOV/Vv9Ry/9s/qOW/9n9Ry3/c/iPWv7n9B+1/M/lP2r5n9t/1PI/j/+o5X9e/1HL/3z+o5b/+f1HLf8L+I9a/hf0H7X8L+Q/avlf2H/U8r+I/6jlf1H/Ucv/Yv6jlv/F/Uct/0v4j1r+l/Qftfwv5T9q+V/af9Tyv4z/qOV/Wf9Ry/9y/qOW/+X9Ry3/K/iPWv5X9B+1/K/kP2r5X9l/1PK/iv+o5X9V/1HL/2r+o5b/1f1HLf9r+I9a/tf0H7X8r+U/avlf23/U8r+O/6jlf13/Ucv/ev6jlv/1/Uct/xv4j1r+N/Qftfxv5D9q+d/Yf9Tyv4n/qOV/U/9Ry/9m/qOW/839Ry3/W/iPWv639B+1/G/lP2r539p/1PK/jf+o5X9b/1HL/3b+o5b/7f1HLf87+I9a/nf0H7X87+Q/avnf2X/U8r+L/6jlf1f/Ucv/bv6jlv/d/Uct/3v4j1r+9/Qftfzv5T9q+d/bf9Tyv4//qOV/X/9Ry/9+/qOW//39Ry3/B/iP/nf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf+zbbWydZeHH8bvbOsb+/JMRF1yGJptcKCTCbPeQ8YKwydhWB914HgMc3dqNjXabXYddAffwYhIhPEgyyRIlypahhJnQSAwEK4ho0EVNNPgAiEIUjRMh6Ja4WHPa09Ieu8Zz1etalM/nRc+577Pfva3Jd/e9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ns1NC48Mr5m2KnxQw8+eLil73XO0ZU3H/htz4UDr+WPl41wyXFDD3p7e3vnPDd7R/nwlKIoSj/bzvLxpMpx6fo767/Q2X8UFvS8tOT4lJ83Hjmw5vRH6rqP3l/bd7a2uGndhtaWj40rinBxbdFZOqirKYqwuLa4r3RQXzpYUls8UjqY3XdwavHt0sH5aze3NpdOLI3+nsH/iobGncX4YcUWw/40GNr/zvpv3TnwOsolB642oSj3f0XX99+q+GzACfofuH5YWNl/1b9B4ISq6/+FBQOvo1zyX+7/k59a9cpIn524/4Hrh4/rH9IZ4fl/WKOVz/0Vz/8zRrjk4P6qmq7jpf4vve3ZmeVTE/6d5/93rx8urux/3LDn/9Jz/KKB5/9TiiJcMsZvB7ynNDTuOjLa/X/0/idMr9jUDO3/jPbN+0v9P77ke0+UT9VW2f+iUe7/45ZW/FqB6jQ0frm34v5fRf/FR0a45GD/bz/x64dL/T/2+wfOHPJZNf1fUtn/rI62LbO2bu86b0Nb0/qW9S2b6mbPnzOvvm7eBXNn9T0S9H8d43cF3hvGdv8vJldsaoqiZXB/TfeBp0v9z33wwTnlU5Oq7H/xqPf/Ge7/MKIPjSsmTiw6mzo62uv6vw4c1vd/7f9hI/Rfxd//zzqn/MNqy681RTFtcH/XmXevKPX/zqFnd5dPTayy/yWj9r9g8OcFIozx/t9csRnW/8FDL/U9/y+79+AZ5VPV/v1/6aj9v+r+D2PR0FjxP/z8h5X631VcFtlpaPDf/yCdHP0/9s4NPXHr8An9Qzo5+v/d546eG7cOy/QP6eTof8LGB56PW4dL9Q/p5Oh/+dT5K+LW4TL9Qzo5+l/76rl/jluHRv1DOjn6P+dLuzvj1mG5/iGdHP0/1D5nW9w6rNA/pJOj/5+e9tBrcetwuf4hnRz9Hzt2z41x63CF/iGdHP137zn7B3HrcKX+IZ0c/V++bmGIW4er9A/p5Oh/+rQ/Ph63DlfrH9LJ0f+8P/39tLh1uEb/kE6O/u/4/Ip9cetwrf4hnRz9j7/+lRfj1mGl/iGdHP0vPXvbwrh1uE7/kE6O/pt/0twbtw6r9A/p5Oh/1td/tCFuHa7XP6STo//Dyx/dE7cON+gf0snR/566YkrcOtyof0gnR/9f++7ph+LW4ZP6h3Ry9P+bp56cH7cOq/UP6eTo/7kP3P6NuHW4Sf+QTo7+713z4llx69Ckf0gnR/8P733+i3HrsEb/kE6O/t94o+3/4tZhrf4hnRz9T5506utx69Csf0gnR/8Lb/1Ke9w6tOgf0snRf9vu7h/GrcM6/UM6Ofr/8PFpq+LWYb3+IZ0c/a+cu/f9cetws/4hnRz9v2/Zhbvi1mGD/iGdHP1f1PPRi+LWYaP+IZ0c/Xc889mvxq3DLfqHdHL0v3fma4vj1qFV/5BOjv5fXr30x3Hr0KZ/SCdH/289et2muHXYpH9IJ0f/T/7s7WNx67BZ/5BOjv7//4JFf41bhy36h3Ry9L94yZtr49bhU/qHdHL0v7H7Hy/HrUO7/iGdHP3PPHz1srh12Kp/SCdH/985r25/3Dp06B/SydH/nVfuq49bh236h3Ry9L//4F13x63DrfqHdHL0/+YvZkyPW4dP6x/SydH//VMOXRu3Dp36h3Ry9P/LTbXPxK3Ddv1DOjn6/9u+qTvi1qFL/5BOjv6ffr3nD3HrcJv+IZ0c/a+e8KuJcetwu/4hnRz9T+3acl/cOtyhf0gnR//z72k6P24dPqN/SCdH/1v/8sI349Zhh/4hna3bu25pam1taffGG2+8GXxzsv9kAlJ7N/qT/SsBAAAAAAAAAAAAAABOJMc/JzrZv0cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+yQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRC9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBXAAAA//+O1eBI")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x2800, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x68042, 0x62)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
ftruncate(r2, 0x2007ffb)
sendfile(r1, r2, 0x0, 0x1000000201005)

7.734683267s ago: executing program 0 (id=4127):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open(0x0, 0x14927e, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r3, 0x5607, 0x1)

7.616923144s ago: executing program 4 (id=4128):
mkdir(&(0x7f0000000000)='./file0\x00', 0x80)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x80002, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
fchdir(0xffffffffffffffff)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r0, 0x3, 0x1)
getdents64(r0, 0x0, 0x0)

6.589081346s ago: executing program 0 (id=4129):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000002880)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

6.205510786s ago: executing program 9 (id=4130):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
r1 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xfffffdfc}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000340)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x63e, @loopback, 0xee}}, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x3516, 0x0, 0x8d, 0x0, 0x0)

5.943778781s ago: executing program 4 (id=4131):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
semctl$IPC_INFO(0x0, 0x1, 0x3, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000300), &(0x7f00000001c0)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)

5.900233489s ago: executing program 0 (id=4132):
syz_io_uring_setup(0x62ce, 0x0, &(0x7f00000000c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000004ec0)=[{&(0x7f0000004bc0)=""/68, 0x44}], 0x1, 0x8000, 0x0)

4.675705573s ago: executing program 0 (id=4133):
r0 = syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x800, 0xfff)
setns(r2, 0x24020000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_clone(0xb21e0000, &(0x7f00000001c0)="4cf06f798106c293f486a45b04c4114fa1e7bae6761655661a3070eb2fea8e909123c3417010ccc38aaae6fa3dea98a9071467e66342", 0x36, 0x0, 0x0, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f0000000040)='.\x00', 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000100)={0x990000, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0xa10905, 0xfffffffe, '\x00', @ptr=0x1}})

4.649279067s ago: executing program 5 (id=4134):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x80000001, @private1, 0x3}], 0x1c)
shutdown(r3, 0x2)

4.603858731s ago: executing program 4 (id=4135):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
recvmsg$qrtr(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/191, 0xbf}], 0x1, 0x0, 0x0, 0x2060}, 0x38, 0x40000000)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x14, 0xffffffb9, 0x1a}, 0x9c)

4.479473021s ago: executing program 8 (id=4136):
syz_mount_image$minix(&(0x7f0000000300), &(0x7f0000000180)='./file2\x00', 0x4000, &(0x7f0000001f00)=ANY=[], 0x1, 0x210, &(0x7f0000000700)="$eJzs28tOE1Ecx/Hf9EZFI17iJa5MTIwbqQIJ6Up5ADcuTVyQWkjjoEbcQEiUl3Dv1pWPQKLv4QvAwp0rjjkzp2nHDp0LM0yg309C50/n/M6cAc6h04sAzKznwa0nT+2gMsZ8vi/p1QtJjYoHB6BUxm2PDYDZU8899V8P1xAA59LRWl1SWwee9PvPXu/QfbVTPn44WquFhScdjuUvpc3ve8H2XiOan5d0eaL15AWJ+RbmH2qYtyPf613JePx5RY+va2nz4fk/eqCmxvJXJS1IQTfXJd2QdFOas21vSapFjt9y343yd8M79lOeBgAAAAAAU9mrz8XT5hM7qEt6ErvHXgdvDPx+/N5kTZd/mjPfcvmlaY1Mcn55/M7aSa29UdkMN3Muv9h777/JMG6gCLVs83/iaUH7F32Q0MGJ08GtDNH530w/GveM4Mbga6YMgND2zu7bdd/vfyyyeDatjZS1Q7siFDzC+OK7LfQ3fGWk5GPlKeximzc+fEGm6IF9UXIbk6LNRSoaxf6cf8r7f542IpPoh/vdZuj5ZdyuliLzNKJ+xgsTgNJ1Pm196Gzv7D4ebK1v9jf771ZWu93VleWlbid4WG5vzULVowRQhtF//5idad/EAwAAAAAAAAAAAAAAKnVb0p2g+nWcIcY7AwAAAIBz6Cw+FFX1OQIAAAAAAAAAAAAAcNH9CwAA///UBDZV")
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000000c0)='./file0\x00', 0x1400, 0x0, 0x1, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f00000012c0)={0xffff, 0x20000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x7b53a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

2.872246249s ago: executing program 8 (id=4137):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$nl_rdma(0x10, 0x3, 0x14)
mprotect(&(0x7f000004f000/0x800000)=nil, 0x800000, 0x0)
munlockall()
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00003, 0x8)
migrate_pages(0x0, 0x3, &(0x7f0000000300)=0x3, &(0x7f0000000040)=0x13e)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0xff, "d4e9002b2c000000ff00"})
dup(0xffffffffffffffff)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team_slave_0\x00'})
setresuid(0xee00, 0xee00, 0x0)

2.848896321s ago: executing program 4 (id=4138):
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r0, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r1 = socket$inet(0x2, 0x1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0xb, 0x7, 0x2, 0x4, 0x5}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000b00), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000540)='inet_sock_set_state\x00', r4}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r1, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r1, 0x0)
listen(r0, 0x0)

2.660686768s ago: executing program 5 (id=4139):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$cont(0x9, r3, 0x33e, 0x3)

2.572245612s ago: executing program 0 (id=4140):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x3, @empty, 0x0, 0x3}, 0x20)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
connect$l2tp6(r0, &(0x7f0000000f40)={0xa, 0x0, 0x0, @empty}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000ac0)=[{{&(0x7f0000000180)={0xa, 0x0, 0x0, @empty}, 0x1b, 0x0}}], 0x17fd147c801ae9af, 0xff00)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

2.348168341s ago: executing program 4 (id=4141):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
pread64(0xffffffffffffffff, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
open(&(0x7f0000000000)='./bus\x00', 0x1a1043, 0xc5)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r1, 0x40045402, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000083c0)={{0x1}})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000100)='br_fdb_external_learn_add\x00', r2}, 0x18)

82.153915ms ago: executing program 4 (id=4142):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'dt2801\x00', [0x4f37, 0x100007, 0x10002, 0x4, 0x5, 0xcc7, 0x8, 0x7, 0xa, 0x5, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x2, 0x3, 0x40000003, 0x89, 0xcaa7, 0x0, 0x1000, 0x7ff, 0xe65, 0x3d, 0x8, 0x0, 0x0, 0xfffffff8]})

61.346449ms ago: executing program 5 (id=4143):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000700)={0x40, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 9 (id=4144):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x8000003, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)

kernel console output (not intermixed with test programs):

6.649949][T12328] veth0_vlan: entered promiscuous mode
[  546.672703][T12328] veth1_vlan: entered promiscuous mode
[  546.728504][T12328] veth0_macvtap: entered promiscuous mode
[  546.746563][T12328] veth1_macvtap: entered promiscuous mode
[  546.777971][T12328] batman_adv: batadv0: Interface activated: batadv_slave_0
[  546.815988][T12328] batman_adv: batadv0: Interface activated: batadv_slave_1
[  546.837771][ T8620] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  546.859585][ T8620] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  546.874336][ T8620] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  546.893211][ T8620] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  547.043434][ T8620] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  547.058097][ T8620] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  547.110058][ T8620] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  547.121190][ T8620] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.168529][T12957] loop1: detected capacity change from 0 to 128
[  550.238013][T12957] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  550.450278][   T44] Process accounting resumed
[  550.457997][   T44] FAT-fs (loop1): error, corrupted file size (i_pos 548, 512)
[  550.483173][   T44] FAT-fs (loop1): Filesystem has been set read-only
[  550.508885][T12957] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  551.208544][   T44] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  551.275377][   T44] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  551.688560][T12983] vlan2: entered promiscuous mode
[  551.733751][T12983] vlan2: entered allmulticast mode
[  551.745754][T12983] hsr_slave_1: entered allmulticast mode
[  553.716929][T13008] fuse: Unknown parameter '0xffffffffffffffff'
[  555.086463][T13038] vlan3: entered promiscuous mode
[  555.128619][T13038] vlan3: entered allmulticast mode
[  555.148006][T13038] hsr_slave_1: entered allmulticast mode
[  557.047353][T13075] overlayfs: failed to clone upperpath
[  560.262987][T13139] overlayfs: failed to clone upperpath
[  561.024002][T13160] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1880'.
[  566.541296][T13217] loop5: detected capacity change from 0 to 32768
[  566.578352][T13217] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1894 (13217)
[  566.662889][T13217] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  566.691683][T13217] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  566.876846][T13217] BTRFS info (device loop5): enabling ssd optimizations
[  566.885083][T13217] BTRFS info (device loop5): enabling free space tree
[  568.125987][T12386] Process accounting resumed
[  568.269714][T12328] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  572.459130][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  572.465590][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  576.175237][T13390] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  577.179847][T13413] tipc: Started in network mode
[  577.186500][T13413] tipc: Node identity fffffffa, cluster identity 4711
[  577.205830][T13413] tipc: Node number set to 4294967290
[  579.987888][T13458] loop4: detected capacity change from 0 to 1024
[  580.030048][T13458] EXT4-fs: Ignoring removed orlov option
[  580.047763][T13465] netlink: 'syz.1.1956': attribute type 27 has an invalid length.
[  580.291931][T13465] netlink: 'syz.1.1956': attribute type 1 has an invalid length.
[  580.316861][T13458] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  580.511914][   T30] audit: type=1800 audit(1758859050.429:120): pid=13458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1954" name="bus" dev="loop4" ino=18 res=0 errno=0
[  580.675887][   T30] audit: type=1804 audit(1758859050.439:121): pid=13458 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1954" name="/newroot/214/bus/bus" dev="loop4" ino=18 res=1 errno=0
[  580.823546][ T8316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  581.114822][T13479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1963'.
[  582.386330][T13504] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  583.054565][T13518] tipc: Started in network mode
[  583.059627][T13518] tipc: Node identity fffffffa, cluster identity 4711
[  583.079615][T13518] tipc: Node number set to 4294967290
[  583.088309][T13517] netlink: 'syz.0.1975': attribute type 4 has an invalid length.
[  583.096450][T13517] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1975'.
[  585.570908][   T30] audit: type=1326 audit(1758859055.589:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13552 comm="syz.1.1987" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9edff85d67 code=0x7fc00000
[  585.671285][   T44] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  585.853598][   T44] usb 6-1: Using ep0 maxpacket: 16
[  585.886129][   T44] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  585.945720][   T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  586.020065][   T44] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  586.045589][   T44] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.084335][   T44] usb 6-1: Product: syz
[  586.100109][   T44] usb 6-1: Manufacturer: syz
[  586.120624][   T44] usb 6-1: SerialNumber: syz
[  586.154374][   T44] usb 6-1: config 0 descriptor??
[  586.166101][   T44] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  586.221439][   T44] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  586.571588][T13596] veth1_macvtap: left promiscuous mode
[  586.597712][T13596] macsec0: entered promiscuous mode
[  586.860416][   T44] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  586.868955][   T44] em28xx 6-1:0.0: Config register raw data: 0xfffffffb
[  586.951794][T13605] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2001'.
[  588.535002][   T44] em28xx 6-1:0.0: Unknown AC97 audio processor detected!
[  588.781263][   T44] em28xx 6-1:0.0: couldn't setup AC97 register 2
[  588.812668][   T44] em28xx 6-1:0.0: couldn't setup AC97 register 4
[  588.850525][   T44] em28xx 6-1:0.0: couldn't setup AC97 register 6
[  588.874378][   T44] em28xx 6-1:0.0: couldn't setup AC97 register 54
[  588.901348][   T44] em28xx 6-1:0.0: couldn't setup AC97 register 56
[  589.067948][   T44] usb 6-1: USB disconnect, device number 5
[  589.342418][T13613] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  589.442848][T13615] overlayfs: failed to clone upperpath
[  592.774374][T13652] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2017'.
[  593.562034][T13673] netlink: 'syz.1.2025': attribute type 4 has an invalid length.
[  593.619384][T13673] netlink: 17 bytes leftover after parsing attributes in process `syz.1.2025'.
[  600.536025][   T30] audit: type=1326 audit(1758859070.579:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  600.672673][   T30] audit: type=1326 audit(1758859070.579:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  600.781254][   T30] audit: type=1326 audit(1758859070.579:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  600.881375][   T30] audit: type=1326 audit(1758859070.579:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  600.959029][   T30] audit: type=1326 audit(1758859070.579:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  601.073081][   T30] audit: type=1326 audit(1758859070.579:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  601.150940][   T30] audit: type=1326 audit(1758859070.579:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  601.183387][   T30] audit: type=1326 audit(1758859070.579:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  601.375512][   T30] audit: type=1326 audit(1758859070.579:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  601.932127][   T30] audit: type=1326 audit(1758859070.579:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13743 comm="syz.4.2050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc67d78eec9 code=0x7fc00000
[  604.117066][T13789] fuse: Bad value for 'fd'
[  604.198336][T13789] tipc: Started in network mode
[  604.208903][T13789] tipc: Node identity fffeffff, cluster identity 4711
[  604.241426][T13789] tipc: Node number set to 4294901759
[  604.719569][T13796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2067'.
[  604.780223][T13796] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2067'.
[  605.092631][T12385] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  605.284226][T12385] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  605.320341][T12385] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  605.360172][T12385] usb 6-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[  605.385090][T12385] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  605.424885][T12385] usb 6-1: config 0 descriptor??
[  605.535424][T13814] tipc: Failed to remove unknown binding: 66,1,1/4294967290:2700514691/2700514693
[  605.579970][T13814] tipc: Failed to remove unknown binding: 66,1,1/4294967290:2700514691/2700514693
[  605.613655][T13814] tipc: Failed to remove unknown binding: 66,1,1/4294967290:2700514691/2700514693
[  605.869499][T12385] playstation 0003:054C:0DF2.000F: item fetching failed at offset 1/5
[  605.900196][T12385] playstation 0003:054C:0DF2.000F: Parse failed
[  605.928715][T12385] playstation 0003:054C:0DF2.000F: probe with driver playstation failed with error -22
[  606.101772][T12385] usb 6-1: USB disconnect, device number 6
[  606.696523][T13830] syz_tun: entered allmulticast mode
[  608.222488][T13862] loop4: detected capacity change from 0 to 128
[  608.243372][T13862] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  608.256050][T13862] ext4 filesystem being mounted at /234/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  608.473589][ T8316] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  611.020197][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  611.020221][   T30] audit: type=1326 audit(1758859081.059:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  611.146281][   T30] audit: type=1326 audit(1758859081.099:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  611.245939][   T30] audit: type=1326 audit(1758859081.099:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  611.330829][   T30] audit: type=1326 audit(1758859081.099:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  611.610599][   T30] audit: type=1326 audit(1758859081.129:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  611.781414][   T30] audit: type=1326 audit(1758859081.129:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  611.943407][   T30] audit: type=1326 audit(1758859081.129:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  612.086762][   T30] audit: type=1326 audit(1758859081.129:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  612.250175][   T30] audit: type=1326 audit(1758859081.129:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  612.379019][   T30] audit: type=1326 audit(1758859081.129:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13915 comm="syz.9.2111" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7ffc0000
[  614.403262][T13961] loop5: detected capacity change from 0 to 16
[  614.486031][T13961] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  619.116989][T14006] fuse: Bad value for 'fd'
[  619.504006][T14006] tipc: Started in network mode
[  619.508913][T14006] tipc: Node identity fffeffff, cluster identity 4711
[  619.561203][T14006] tipc: Node number set to 4294901759
[  620.510617][T14011] overlayfs: failed to resolve './file0': -2
[  620.550296][T14019] tipc: Failed to remove unknown binding: 66,1,1/4294967290:929472250/929472252
[  620.631632][T14019] tipc: Failed to remove unknown binding: 66,1,1/4294967290:929472250/929472252
[  620.657726][T14019] tipc: Failed to remove unknown binding: 66,1,1/4294967290:929472250/929472252
[  626.140133][T14076] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  627.985936][T14107] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2178'.
[  628.239644][T14107] batman_adv: batadv0: Removing interface: batadv_slave_1
[  631.051311][ T5873] Bluetooth: hci6: command 0x0406 tx timeout
[  631.125609][T14153] overlayfs: failed to clone upperpath
[  632.233120][T14172] netlink: 'syz.4.2196': attribute type 12 has an invalid length.
[  633.980712][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  633.987088][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  634.082985][T14181] netlink: 161716 bytes leftover after parsing attributes in process `syz.4.2201'.
[  634.105173][T14181] netlink: zone id is out of range
[  637.322478][T14259] netlink: 'syz.5.2205': attribute type 21 has an invalid length.
[  637.330349][T14259] netlink: 128 bytes leftover after parsing attributes in process `syz.5.2205'.
[  637.340870][T14259] netlink: 'syz.5.2205': attribute type 5 has an invalid length.
[  637.348839][T14259] netlink: 'syz.5.2205': attribute type 6 has an invalid length.
[  637.356932][T14259] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2205'.
[  639.696926][T14294] vlan3: entered promiscuous mode
[  639.845310][T14294] bridge0: entered promiscuous mode
[  639.857029][T14294] vlan3: entered allmulticast mode
[  639.930048][T14294] bridge0: entered allmulticast mode
[  642.842486][T14339] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2247'.
[  645.228026][T14367] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode
[  645.358026][T14367] bridge_slave_0: left allmulticast mode
[  645.380872][T14367] bridge_slave_0: left promiscuous mode
[  645.408933][T14367] bridge0: port 1(bridge_slave_0) entered disabled state
[  645.448295][T14367] bridge_slave_1: left allmulticast mode
[  645.459250][T14369] binder: 14368:14369 unknown command 0
[  645.465475][T14367] bridge_slave_1: left promiscuous mode
[  645.482534][T14369] binder: 14368:14369 ioctl c0306201 200000000080 returned -22
[  645.490504][T14367] bridge0: port 2(bridge_slave_1) entered disabled state
[  645.542931][T14367] bond0: (slave bond_slave_0): Releasing backup interface
[  645.595172][T14367] bond0: (slave bond_slave_1): Releasing backup interface
[  645.633432][T14367] team0: Port device team_slave_0 removed
[  645.676257][T14367] team0: Port device team_slave_1 removed
[  645.683555][T14367] bond1: (slave gretap1): Releasing active interface
[  645.819912][T14371] syz_tun: entered allmulticast mode
[  645.867846][T14370] syz_tun: left allmulticast mode
[  646.719795][T14380] futex_wake_op: syz.5.2263 tries to shift op by -1; fix this program
[  646.764444][T14380] loop9: detected capacity change from 0 to 7
[  646.802509][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  646.810422][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  646.876928][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  646.909422][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  646.940626][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  646.989094][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  647.027611][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  647.061066][T14380] ldm_validate_partition_table(): Disk read failed.
[  647.081537][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  647.114554][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  647.166970][T14380] Buffer I/O error on dev loop9, logical block 0, async page read
[  647.195246][T14380] Dev loop9: unable to read RDB block 0
[  647.226525][T14380]  loop9: unable to read partition table
[  647.249251][T14380] loop9: partition table beyond EOD, truncated
[  647.278486][T14380] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  647.278486][T14380] 
) failed (rc=-5)
[  647.590754][T14395] netlink: 'syz.1.2270': attribute type 4 has an invalid length.
[  652.420204][T14439] bpq0: entered allmulticast mode
[  655.400618][   T51] Bluetooth: hci6: unexpected event 0x1d length: 11 > 5
[  655.451106][T14470] netlink: 'syz.9.2296': attribute type 3 has an invalid length.
[  655.525968][T14470] netlink: 'syz.9.2296': attribute type 3 has an invalid length.
[  656.487367][T14484] netlink: 'syz.9.2299': attribute type 2 has an invalid length.
[  659.150491][   T30] audit: type=1326 audit(1758859129.189:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  659.317242][   T30] audit: type=1326 audit(1758859129.189:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  659.475281][   T30] audit: type=1326 audit(1758859129.189:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  659.589164][   T30] audit: type=1326 audit(1758859129.199:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  659.591249][   T44] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  659.693540][   T30] audit: type=1326 audit(1758859129.199:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  659.946882][   T30] audit: type=1326 audit(1758859129.209:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  660.063421][   T30] audit: type=1326 audit(1758859129.319:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  660.161348][   T44] usb 1-1: Using ep0 maxpacket: 32
[  660.161385][   T30] audit: type=1326 audit(1758859129.329:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  660.238547][   T44] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  660.297362][   T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  660.350624][   T30] audit: type=1326 audit(1758859129.339:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  660.351663][   T44] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  660.504006][T14545] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2321'.
[  660.693172][   T30] audit: type=1326 audit(1758859129.349:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14532 comm="syz.0.2317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7ffc0000
[  660.715939][   T44] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  660.732678][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.774621][   T44] usb 1-1: Product: syz
[  660.810820][   T44] usb 1-1: Manufacturer: syz
[  660.841385][   T44] usb 1-1: SerialNumber: syz
[  660.878736][   T44] cdc_ncm 1-1:1.0: invalid descriptor buffer length
[  660.888282][   T44] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  660.900297][   T44] cdc_ncm 1-1:1.0: bind() failure
[  662.384995][T12386] usb 1-1: USB disconnect, device number 6
[  666.124491][T14593] netlink: 'syz.0.2339': attribute type 4 has an invalid length.
[  666.313754][T14593] netlink: 'syz.0.2339': attribute type 4 has an invalid length.
[  667.644796][T14620] Cache volume key already in use (9p,(null),)
[  668.217319][T14630] binder: 14629:14630 unknown command 0
[  668.223592][T14630] binder: 14629:14630 ioctl c0306201 200000000080 returned -22
[  668.528708][T14634] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2350'.
[  668.570277][T14634] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  668.764065][T14634] batman_adv: batadv0: Removing interface: batadv_slave_1
[  669.324946][T14644] binder: 14643:14644 ioctl c0306201 200000000640 returned -22
[  669.527151][T14646] mac80211_hwsim hwsim25 wlan1: entered allmulticast mode
[  669.679495][T14649] bond0: (slave bond_slave_0): Releasing backup interface
[  669.802139][T14649] bond0: (slave bond_slave_1): Releasing backup interface
[  669.868367][T14649] team0: Port device team_slave_0 removed
[  669.955789][T14649] team0: Port device team_slave_1 removed
[  670.137642][T14649] batman_adv: batadv0: Removing interface: batadv_slave_0
[  674.673617][T14690] netlink: 161716 bytes leftover after parsing attributes in process `syz.0.2370'.
[  674.691610][T14690] netlink: zone id is out of range
[  675.411975][T14705] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode
[  675.497105][T14705] bond0: (slave macvlan2): Releasing backup interface
[  678.573507][T14742] netlink: 'syz.0.2390': attribute type 1 has an invalid length.
[  678.864091][T14742] 8021q: adding VLAN 0 to HW filter on device bond1
[  679.005915][T14747] bond1: (slave gretap1): making interface the new active one
[  679.118782][T14747] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  679.299354][T14749] vlan3: entered allmulticast mode
[  679.327483][T14749] bond1: entered allmulticast mode
[  679.383717][T14749] gretap1: entered allmulticast mode
[  679.571084][T14749] bond1: (slave vlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  680.813281][T14759] mac80211_hwsim hwsim15 wlan1: entered allmulticast mode
[  681.953123][T14764] bond0: (slave bond_slave_0): Releasing backup interface
[  682.109749][T14764] bond0: (slave bond_slave_1): Releasing backup interface
[  682.287511][T14764] team0: Port device team_slave_0 removed
[  682.354773][T14764] team0: Port device team_slave_1 removed
[  682.392202][T14764] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  682.399592][T14764] batman_adv: batadv0: Removing interface: batadv_slave_0
[  682.574636][T14764] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  682.582177][T14764] batman_adv: batadv0: Removing interface: batadv_slave_1
[  683.187611][T14780] syzkaller1: entered promiscuous mode
[  683.226818][T14780] syzkaller1: entered allmulticast mode
[  685.912684][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  685.912710][   T30] audit: type=1326 audit(1758859155.959:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.071520][   T30] audit: type=1326 audit(1758859155.999:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.152617][   T30] audit: type=1326 audit(1758859155.999:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.301607][   T30] audit: type=1326 audit(1758859155.999:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.355742][   T30] audit: type=1326 audit(1758859155.999:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.610331][   T30] audit: type=1326 audit(1758859155.999:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.724413][   T30] audit: type=1326 audit(1758859156.009:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.912076][   T30] audit: type=1326 audit(1758859156.009:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  686.993249][   T30] audit: type=1326 audit(1758859156.009:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  687.084652][   T30] audit: type=1326 audit(1758859156.009:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14810 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6241b8eec9 code=0x7ffc0000
[  690.878300][T14846] netlink: 'syz.0.2420': attribute type 1 has an invalid length.
[  691.034552][T14849] bond2: entered promiscuous mode
[  691.039641][T14849] bond2: entered allmulticast mode
[  691.046415][T14849] 8021q: adding VLAN 0 to HW filter on device bond2
[  691.343251][T14846] bridge0: entered promiscuous mode
[  691.348644][T14846] bridge0: entered allmulticast mode
[  692.169374][T13445] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  692.186001][T14846] bond2: (slave bridge0): Enslaving as an active interface with an up link
[  692.304662][T14857] overlayfs: failed to clone upperpath
[  692.732409][T13545] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  695.361919][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  695.368260][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  698.965509][T14929] delete_channel: no stack
[  699.758090][T14940] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2453'.
[  702.614406][T14971] ref_ctr going negative. vaddr: 0x200000ffd000, curr val: -19135, delta: 1
[  702.625972][T14971] ref_ctr increment failed for inode: 0x207 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88807ec86b80
[  704.758882][T14999] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  705.715633][T15014] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  707.660546][T15022] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2477'.
[  708.028651][T15030] overlayfs: upper fs does not support file handles, falling back to index=off.
[  708.256528][T15035] sp0: Synchronizing with TNC
[  708.340513][T15036] sp0: Found TNC
[  713.640838][T15090] netlink: 'syz.5.2500': attribute type 39 has an invalid length.
[  715.273575][T15097] ceph: No mds server is up or the cluster is laggy
[  715.354857][T12420] libceph: connect (1)[c::]:6789 error -101
[  715.361477][T12420] libceph: mon0 (1)[c::]:6789 connect error
[  717.279895][T15120] tipc: Started in network mode
[  717.331468][T15120] tipc: Node identity 4, cluster identity 4711
[  717.424059][T15120] tipc: Node number set to 4
[  719.891464][T12386] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  720.495024][T12386] usb 1-1: Using ep0 maxpacket: 16
[  720.562496][T12386] usb 1-1: config 0 has no interfaces?
[  720.568018][T12386] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  720.631921][T12386] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.707580][T12386] usb 1-1: config 0 descriptor??
[  720.823010][T15145] overlayfs: failed to clone upperpath
[  721.100692][T15137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.209676][T15137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.395775][T15137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  721.431603][T15137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  721.462125][T15163] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2520'.
[  721.542174][   T51] Bluetooth: hci1: Unknown advertising packet type: 0x72
[  721.542255][   T51] Bluetooth: hci1: Malformed LE Event: 0x0d
[  721.545845][T12386] usb 1-1: USB disconnect, device number 7
[  721.830298][T15169] loop4: detected capacity change from 0 to 1024
[  721.938315][T15169] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  724.185509][T15188] ref_ctr increment failed for inode: 0x255 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88802ab38ac0
[  724.790575][T15197] tc_dump_action: action bad kind
[  728.682816][T15242] netlink: 'syz.1.2547': attribute type 1 has an invalid length.
[  729.865463][T15250] bond4: entered promiscuous mode
[  729.925489][T15250] bond4: entered allmulticast mode
[  729.945346][T15250] 8021q: adding VLAN 0 to HW filter on device bond4
[  729.994110][T15257] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2552'.
[  730.210522][T15242] bridge2: entered promiscuous mode
[  730.243422][T13890] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  730.254390][T15242] bridge2: entered allmulticast mode
[  730.263903][T15242] bond4: (slave bridge2): Enslaving as an active interface with an up link
[  730.303043][T15257] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2552'.
[  730.431708][T13890] bond4: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  730.788553][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  730.788579][   T30] audit: type=1326 audit(1758859200.829:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  731.035895][T15272] netlink: 'syz.4.2555': attribute type 29 has an invalid length.
[  731.109238][T15272] netlink: 'syz.4.2555': attribute type 29 has an invalid length.
[  731.353948][T15275] netlink: 500 bytes leftover after parsing attributes in process `syz.4.2555'.
[  731.540511][   T30] audit: type=1326 audit(1758859201.579:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  731.775460][   T30] audit: type=1326 audit(1758859201.579:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  731.890202][   T30] audit: type=1326 audit(1758859201.579:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  732.224911][   T30] audit: type=1326 audit(1758859201.579:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  733.051355][   T30] audit: type=1326 audit(1758859201.579:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  733.124712][   T30] audit: type=1326 audit(1758859201.589:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15263 comm="syz.1.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9edff8eec9 code=0x7fc00000
[  733.881014][T15291] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2562'.
[  736.343820][T15311] netlink: 'syz.6.2568': attribute type 1 has an invalid length.
[  736.367561][T15312] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2567'.
[  736.416762][T15312] netem: unknown loss type 0
[  736.446154][T15312] netem: change failed
[  736.782060][T15316] bond1: entered promiscuous mode
[  736.811302][T15316] bond1: entered allmulticast mode
[  736.877088][T15316] 8021q: adding VLAN 0 to HW filter on device bond1
[  737.021993][T15320] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2570'.
[  737.057349][T15318] bridge0: entered promiscuous mode
[  737.138730][T13889] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  737.162811][T15318] bridge0: entered allmulticast mode
[  737.252748][T15318] bond1: (slave bridge0): Enslaving as an active interface with an up link
[  737.321408][T13889] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  737.682172][T15329] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  749.173060][T15465] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2604'.
[  749.896937][T15480] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  750.645644][T15487] netlink: 128 bytes leftover after parsing attributes in process `syz.4.2612'.
[  750.960038][   T30] audit: type=1326 audit(1758859220.999:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15490 comm="syz.9.2615" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x0
[  753.748262][T15512] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2619'.
[  753.917565][T15514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2619'.
[  756.437955][T15549] 9pnet_fd: Insufficient options for proto=fd
[  756.779413][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  756.786081][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  757.894105][T15558] overlayfs: failed to clone upperpath
[  758.680432][T15574] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2641'.
[  764.065584][   T30] audit: type=1326 audit(1758859234.109:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15626 comm="syz.0.2658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x7fc00000
[  765.223526][   T30] audit: type=1326 audit(1758859235.239:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15626 comm="syz.0.2658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f662532af79 code=0x7fc00000
[  765.425374][   T30] audit: type=1326 audit(1758859235.239:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15626 comm="syz.0.2658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f662532b03f code=0x7fc00000
[  765.622939][   T30] audit: type=1326 audit(1758859235.239:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15626 comm="syz.0.2658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f662538eec9 code=0x7fc00000
[  769.462644][T15666] lo: Caught tx_queue_len zero misconfig
[  774.233739][T15727] netlink: zone id is out of range
[  774.238975][T15727] netlink: zone id is out of range
[  774.245652][T15727] netlink: del zone limit has 4 unknown bytes
[  774.335884][   T51] Bluetooth: hci1: unexpected event for opcode 0x2024
[  774.466633][T15730] overlayfs: failed to clone upperpath
[  777.485301][T15771] binder: 15770:15771 ioctl 4018620d 0 returned -22
[  777.614944][T15773] netlink: 1335 bytes leftover after parsing attributes in process `syz.9.2708'.
[  781.619295][T15805] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2718'.
[  781.996803][T15808] loop4: detected capacity change from 0 to 128
[  782.057350][T15808] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  782.071776][T15808] ext4 filesystem being mounted at /327/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  782.110753][T15812] loop5: detected capacity change from 0 to 256
[  782.368999][T15812] FAT-fs (loop5): Directory bread(block 64) failed
[  782.408703][T15812] FAT-fs (loop5): Directory bread(block 65) failed
[  782.468786][T15812] FAT-fs (loop5): Directory bread(block 66) failed
[  782.512726][T15812] FAT-fs (loop5): Directory bread(block 67) failed
[  782.561437][T15812] FAT-fs (loop5): Directory bread(block 68) failed
[  782.583573][T15812] FAT-fs (loop5): Directory bread(block 69) failed
[  782.614105][T15812] FAT-fs (loop5): Directory bread(block 70) failed
[  782.620671][T15812] FAT-fs (loop5): Directory bread(block 71) failed
[  782.691466][T15812] FAT-fs (loop5): Directory bread(block 72) failed
[  782.725253][T15812] FAT-fs (loop5): Directory bread(block 73) failed
[  782.794328][T15808] fscrypt (loop4, inode 12): Error allocating 'adiantum(xchacha12,aes)' transform: -4
[  782.975625][ T8316] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  787.441790][T15866] loop4: detected capacity change from 0 to 1024
[  787.527103][T15866] EXT4-fs (loop4): can't mount with data_err=abort, fs mounted w/o journal
[  787.912049][T15875] loop5: detected capacity change from 0 to 512
[  788.000946][T15875] EXT4-fs (loop5): can't mount with data_err=abort, fs mounted w/o journal
[  788.436204][   T30] audit: type=1804 audit(1758859258.469:265): pid=15883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2746" name="file0" dev="tmpfs" ino=2695 res=1 errno=0
[  789.341448][T12420] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  790.283199][T12420] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  790.341406][T12420] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  790.387875][T12420] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  790.441277][T12420] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  790.472232][T15892] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  790.494171][T12420] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  790.504883][T15903] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2752'.
[  790.745088][T15905] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2752'.
[  790.897470][T12420] usb 5-1: USB disconnect, device number 7
[  792.403492][T15925] ref_ctr going negative. vaddr: 0x200000ffd000, curr val: -19135, delta: 1
[  792.439192][T15925] ref_ctr increment failed for inode: 0xaa1 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888049dbc080
[  794.847831][T15957] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2768'.
[  798.431665][   T44] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  798.644674][   T44] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  798.686492][   T44] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  798.749349][   T44] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  798.806877][   T44] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.884598][T15975] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  798.933648][   T44] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  799.392590][   T44] usb 6-1: USB disconnect, device number 7
[  803.173833][T16019] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2788'.
[  804.347360][   T30] audit: type=1326 audit(1758859274.389:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16021 comm="syz.9.2789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x0
[  804.358129][T16022] overlayfs: failed to clone upperpath
[  804.943641][   T30] audit: type=1804 audit(1758859274.989:267): pid=16026 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2791" name="file0" dev="ramfs" ino=41012 res=1 errno=0
[  806.972221][T16033] tipc: Started in network mode
[  806.977136][T16033] tipc: Node identity 7f000001, cluster identity 4711
[  807.032861][T16033] tipc: Enabled bearer <udp:syz2>, priority 10
[  807.058204][T16037] tc_dump_action: action bad kind
[  807.789870][T16057] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2802'.
[  808.798434][T12386] tipc: Node number set to 2130706433
[  811.096435][T16086] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2810'.
[  813.180840][T16094] tc_dump_action: action bad kind
[  815.649070][T16114] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2819'.
[  816.212482][T16117] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2820'.
[  817.481473][T16133] loop4: detected capacity change from 0 to 512
[  817.527341][T16130] overlayfs: failed to clone upperpath
[  817.762108][T16119] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2820'.
[  817.961102][T16133] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  818.091487][T16133] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  818.218580][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  818.225072][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  818.795584][ T8316] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  819.007610][T16152] loop4: detected capacity change from 0 to 128
[  819.104453][T16152] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  819.277781][T16152] ext4 filesystem being mounted at /344/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  820.731724][T16152] fscrypt: loop4: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  820.842592][T16169] loop5: detected capacity change from 0 to 16
[  820.898707][T16169] erofs (device loop5): mounted with root inode @ nid 36.
[  821.165975][ T8316] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  821.247742][T16173] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[  821.906729][T16173] erofs (device loop5): read error -117 @ 43 of nid 36
[  824.391472][T16199] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2842'.
[  825.537332][T16205] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2843'.
[  826.001625][T16203] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2843'.
[  826.459868][T16211] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2846'.
[  828.030631][T16223] ref_ctr increment failed for inode: 0xaf0 offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88807ab56b80
[  829.759957][T16223] uprobe: syz.1.2850:16223 failed to unregister, leaking uprobe
[  830.684600][T16247] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  835.006753][T16301] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2869'.
[  838.448768][T16330] loop5: detected capacity change from 0 to 1024
[  838.715163][   T30] audit: type=1800 audit(1758859308.689:268): pid=16330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2876" name="file1" dev="loop5" ino=20 res=0 errno=0
[  840.969852][T16344] netlink: 'syz.0.2893': attribute type 1 has an invalid length.
[  841.543338][T16349] 8021q: adding VLAN 0 to HW filter on device bond4
[  841.631086][T16349] bond3: (slave bond4): making interface the new active one
[  841.646054][T16349] bond3: (slave bond4): Enslaving as an active interface with an up link
[  841.737024][T16346] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2880'.
[  841.829051][T16352] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2880'.
[  841.927818][T16344] bond3: (slave gretap2): Enslaving as a backup interface with an up link
[  846.066142][T16397] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2898'.
[  847.096123][T16404] netlink: 24 bytes leftover after parsing attributes in process `syz.9.2911'.
[  847.836314][T16404] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2911'.
[  852.649067][T16448] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2913'.
[  852.909577][T16448] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2913'.
[  855.126159][   T30] audit: type=1326 audit(1758859325.169:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16465 comm="syz.1.2921" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9edff8eec9 code=0x0
[  856.896713][T16493] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  857.249645][T16497] syz_tun: entered allmulticast mode
[  857.330460][T16495] syz_tun: left allmulticast mode
[  857.712175][T16503] loop4: detected capacity change from 0 to 128
[  857.843486][T16503] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  858.056875][T16503] ext4 filesystem being mounted at /361/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  859.356971][ T8316] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  869.112453][T16586] hugetlbfs: syz.9.2951 (16586): Using mlock ulimits for SHM_HUGETLB is obsolete
[  871.566667][   T30] audit: type=1326 audit(1758859341.609:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.9.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7fc00000
[  872.001336][   T30] audit: type=1326 audit(1758859341.609:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.9.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0dbc18eec9 code=0x7fc00000
[  872.117663][   T30] audit: type=1326 audit(1758859342.159:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.9.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0dbc12af79 code=0x7fc00000
[  872.301616][   T30] audit: type=1326 audit(1758859342.329:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.9.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f0dbc12b03f code=0x7fc00000
[  872.371936][   T30] audit: type=1326 audit(1758859342.329:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16602 comm="syz.9.2957" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0dbc18eec9 code=0x7fc00000
[  876.831377][T12420] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  877.161417][T12420] usb 6-1: Using ep0 maxpacket: 32
[  877.170629][T12420] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  878.021193][T12420] usb 6-1: config 0 has no interface number 0
[  878.168632][T12420] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  878.178129][T12420] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  878.186301][T12420] usb 6-1: Product: syz
[  878.190534][T12420] usb 6-1: Manufacturer: syz
[  878.196238][T12420] usb 6-1: SerialNumber: syz
[  878.212264][T12420] usb 6-1: config 0 descriptor??
[  878.232090][T12420] smsc95xx v2.0.0
[  878.657930][T12420] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  878.761401][T12420] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  878.866841][T16677] netlink: 'syz.1.2976': attribute type 27 has an invalid length.
[  878.937579][T16677] netlink: 'syz.1.2976': attribute type 4 has an invalid length.
[  878.951727][T16677] netlink: 144 bytes leftover after parsing attributes in process `syz.1.2976'.
[  879.656515][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  879.663016][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  880.547080][T12420] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000038: -71
[  880.596094][T12420] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[  880.671726][T12420] usb 6-1: USB disconnect, device number 8
[  884.945527][   T44] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  885.112991][   T44] usb 5-1: Using ep0 maxpacket: 16
[  885.128438][   T44] usb 5-1: config 0 has an invalid interface number: 236 but max is 0
[  885.139481][   T44] usb 5-1: config 0 has no interface number 0
[  885.185782][   T44] usb 5-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=84.33
[  885.237650][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  885.276363][   T44] usb 5-1: Product: syz
[  885.280551][   T44] usb 5-1: Manufacturer: syz
[  885.311657][   T44] usb 5-1: SerialNumber: syz
[  885.360698][   T44] usb 5-1: config 0 descriptor??
[  885.380773][   T44] usb-storage 5-1:0.236: USB Mass Storage device detected
[  885.424287][   T44] usb-storage 5-1:0.236: device ignored
[  885.773160][T12420] usb 5-1: USB disconnect, device number 8
[  888.919290][T16821] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3015'.
[  891.392633][   T30] audit: type=1800 audit(1758859361.399:275): pid=16833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3020" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  895.256437][   T51] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[  895.256630][   T51] Bluetooth: hci1: Malformed LE Event: 0x0d
[  908.141476][T12420] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  908.511245][T12420] usb 1-1: Using ep0 maxpacket: 16
[  908.542126][T12420] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  909.545211][T12420] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  909.648299][T12420] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  909.718773][T12420] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  909.758453][T12420] usb 1-1: Product: syz
[  909.772968][T12420] usb 1-1: Manufacturer: syz
[  909.831242][T12420] usb 1-1: SerialNumber: syz
[  909.855245][T12420] usb 1-1: config 0 descriptor??
[  909.894473][T12420] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  909.931227][T12420] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  910.620821][T12420] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  910.646356][T12420] em28xx 1-1:0.0: Config register raw data: 0xfffffffb
[  911.741491][T12420] em28xx 1-1:0.0: AC97 chip type couldn't be determined
[  911.768138][T12420] em28xx 1-1:0.0: No AC97 audio processor
[  911.951219][T12420] usb 1-1: USB disconnect, device number 8
[  911.992802][T12420] em28xx 1-1:0.0: Disconnecting em28xx
[  912.252811][T12420] em28xx 1-1:0.0: Freeing device
[  912.576086][T17008] overlayfs: failed to clone upperpath
[  913.471865][T12352] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  913.831267][T12352] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  913.859110][T12352] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  914.701171][T12352] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  914.774694][T12352] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  914.824556][T12352] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  914.865725][T12352] usb 6-1: config 0 descriptor??
[  915.720800][T12352] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  916.752186][T12352] usb 6-1: USB disconnect, device number 9
[  920.131369][   T30] audit: type=1800 audit(1758859390.159:276): pid=17061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3091" name="bus" dev="tmpfs" ino=2 res=0 errno=0
[  928.824280][T17104] netlink: 'syz.6.3104': attribute type 1 has an invalid length.
[  929.128600][T17110] gretap1: entered promiscuous mode
[  929.159177][T17110] bond2: (slave gretap1): making interface the new active one
[  929.206475][T17110] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  937.432454][T17166] overlayfs: failed to clone upperpath
[  941.021336][T12420] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  941.098934][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  941.105502][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  941.211391][T12420] usb 5-1: Using ep0 maxpacket: 16
[  941.229628][T12420] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  941.263646][T12420] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  941.304585][T12420] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  941.320847][T12420] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.349237][T12420] usb 5-1: Product: syz
[  941.359340][T12420] usb 5-1: Manufacturer: syz
[  941.378037][T12420] usb 5-1: SerialNumber: syz
[  941.410984][T12420] usb 5-1: config 0 descriptor??
[  941.440872][T12420] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  941.479543][T12420] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  941.996663][   T30] audit: type=1326 audit(1758859412.039:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17212 comm="syz.6.3135" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec4b18eec9 code=0x7fc00000
[  942.071428][T12420] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  942.101337][T12420] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  944.213335][T12420] em28xx 5-1:0.0: Unknown AC97 audio processor detected!
[  944.223129][T12420] em28xx 5-1:0.0: couldn't setup AC97 register 2
[  944.251633][T12420] em28xx 5-1:0.0: couldn't setup AC97 register 4
[  944.281680][T12420] em28xx 5-1:0.0: couldn't setup AC97 register 6
[  944.308692][T12420] em28xx 5-1:0.0: couldn't setup AC97 register 54
[  944.355014][T12420] em28xx 5-1:0.0: couldn't setup AC97 register 56
[  944.398229][T12420] usb 5-1: USB disconnect, device number 9
[  951.183108][   T30] audit: type=1800 audit(1758859421.229:278): pid=17295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3157" name="/" dev="9p" ino=2 res=0 errno=0
[  954.656053][T17334] netlink: 'syz.4.3167': attribute type 1 has an invalid length.
[  954.696320][T17335] sch_tbf: burst 1821 is lower than device lo mtu (11337746) !
[  954.703807][T17334] netlink: 'syz.4.3167': attribute type 4 has an invalid length.
[  954.731540][T17334] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.3167'.
[  954.845853][T17337] overlayfs: failed to clone upperpath
[  954.902197][T17338] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3166'.
[  957.026772][T17358] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  959.902504][T17389] fuse: Bad value for 'fd'
[  961.236807][T17402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3181'.
[  972.240892][T12386] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  972.243583][T17487] sg_write: data in/out 91/14 bytes for SCSI command 0x0-- guessing data in;
[  972.243583][T17487]    program syz.5.3202 not setting count and/or reply_len properly
[  972.801399][T12386] usb 5-1: Using ep0 maxpacket: 16
[  972.820251][T12386] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  972.857122][T12386] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  973.063921][T12386] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  974.237868][T12386] usb 5-1: string descriptor 0 read error: -71
[  974.260497][T12386] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  975.278565][T12386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  975.296416][T12386] usb 5-1: can't set config #1, error -71
[  975.304519][T12386] usb 5-1: USB disconnect, device number 10
[  992.451450][T12352] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  992.831247][T12352] usb 5-1: device descriptor read/64, error -71
[  993.101964][T12352] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  993.332297][T12352] usb 5-1: device descriptor read/64, error -71
[  993.461687][T12352] usb usb5-port1: attempt power cycle
[  993.854471][T12352] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  993.903758][T12352] usb 5-1: device descriptor read/8, error -71
[  994.152079][T12352] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  994.326648][T12352] usb 5-1: device descriptor read/8, error -71
[  994.511704][T12352] usb usb5-port1: unable to enumerate USB device
[  994.640840][T17630] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3250'.
[ 1001.989608][T17680] overlayfs: failed to clone upperpath
[ 1002.545905][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1002.552347][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1006.185146][T12420] Process accounting resumed
[ 1007.327580][T17726] netlink: set zone limit has 4 unknown bytes
[ 1009.358831][T17736] sch_tbf: burst 14 is lower than device lo mtu (18) !
[ 1009.701852][   T30] audit: type=1326 audit(1758859735.744:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17741 comm="syz.0.3284" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f662538eec9 code=0x0
[ 1016.060907][T17793] loop4: detected capacity change from 0 to 128
[ 1016.177102][T17793] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[ 1016.765579][T17810] netlink: 88 bytes leftover after parsing attributes in process `syz.4.3304'.
[ 1016.887606][T17816] netlink: 'syz.0.3306': attribute type 4 has an invalid length.
[ 1016.907906][T17810] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3304'.
[ 1017.331771][T12420] usb 5-1: new low-speed USB device number 15 using dummy_hcd
[ 1017.524363][T12420] usb 5-1: config 1 has an invalid interface descriptor of length 6, skipping
[ 1017.562040][T17824] binder: 17823:17824 ioctl c0306201 2000000005c0 returned -14
[ 1017.578763][T12420] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1017.795103][T12420] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1017.825977][T12420] usb 5-1: config 1 has no interface number 1
[ 1017.886638][T12420] usb 5-1: string descriptor 0 read error: -22
[ 1017.902383][T12420] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1017.941227][T12420] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1018.008964][T12420] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1018.076227][T12420] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1018.117038][T12420] usb 5-1: MIDIStreaming interface descriptor not found
[ 1018.374593][T12420] usb 5-1: USB disconnect, device number 15
[ 1020.841967][T17840] netlink: 'syz.4.3312': attribute type 27 has an invalid length.
[ 1020.849793][T17840] netlink: 'syz.4.3312': attribute type 4 has an invalid length.
[ 1020.895830][T17840] netlink: 144 bytes leftover after parsing attributes in process `syz.4.3312'.
[ 1021.073241][   T51] Bluetooth: hci0: unexpected event for opcode 0x0c24
[ 1021.716126][T17858] fuse: Bad value for 'fd'
[ 1023.449309][T17877] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3323'.
[ 1025.344087][   T51] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1025.354704][   T51] Bluetooth: hci0: Injecting HCI hardware error event
[ 1025.364542][   T51] Bluetooth: hci0: hardware error 0x00
[ 1027.893665][   T51] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1035.382693][T17932] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3338'.
[ 1037.147548][   T44] libceph: connect (1)[c::]:6789 error -101
[ 1037.179347][   T44] libceph: mon0 (1)[c::]:6789 connect error
[ 1037.277337][T17950] ceph: No mds server is up or the cluster is laggy
[ 1037.491515][T12386] libceph: connect (1)[c::]:6789 error -101
[ 1037.515360][T12386] libceph: mon0 (1)[c::]:6789 connect error
[ 1039.059831][T17982] loop5: detected capacity change from 0 to 256
[ 1041.666202][T17982] FAT-fs (loop5): Directory bread(block 64) failed
[ 1041.742095][T17982] FAT-fs (loop5): Directory bread(block 65) failed
[ 1041.781313][T17982] FAT-fs (loop5): Directory bread(block 66) failed
[ 1041.806589][T17982] FAT-fs (loop5): Directory bread(block 67) failed
[ 1041.839733][T17982] FAT-fs (loop5): Directory bread(block 68) failed
[ 1041.915948][T17982] FAT-fs (loop5): Directory bread(block 69) failed
[ 1041.996708][T17982] FAT-fs (loop5): Directory bread(block 70) failed
[ 1042.039913][T17982] FAT-fs (loop5): Directory bread(block 71) failed
[ 1042.060148][T18011] overlayfs: failed to clone upperpath
[ 1042.250242][T17982] FAT-fs (loop5): Directory bread(block 72) failed
[ 1042.369858][T17982] FAT-fs (loop5): Directory bread(block 73) failed
[ 1054.964143][T18095] lo speed is unknown, defaulting to 1000
[ 1054.981014][T18095] lo speed is unknown, defaulting to 1000
[ 1055.244219][T18095] lo speed is unknown, defaulting to 1000
[ 1055.258051][T18095] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1056.374769][T18095] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1057.928252][T18095] lo speed is unknown, defaulting to 1000
[ 1058.174470][T18095] lo speed is unknown, defaulting to 1000
[ 1059.058810][T18095] lo speed is unknown, defaulting to 1000
[ 1059.149509][T18095] lo speed is unknown, defaulting to 1000
[ 1059.637719][T18120] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1060.872915][T18095] lo speed is unknown, defaulting to 1000
[ 1060.923211][T18095] lo speed is unknown, defaulting to 1000
[ 1061.234367][T18114] delete_channel: no stack
[ 1062.310886][T18129] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3396'.
[ 1063.976281][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1063.982783][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1072.266937][T12420] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[ 1073.480156][T12420] usb 6-1: device descriptor read/all, error -71
[ 1074.892003][T18221] loop5: detected capacity change from 0 to 32768
[ 1074.959111][T18221] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3420 (18221)
[ 1074.981898][T18221] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1074.992178][T18221] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[ 1075.212630][T18221] BTRFS info (device loop5): rebuilding free space tree
[ 1075.229710][T18221] BTRFS info (device loop5): disabling free space tree
[ 1075.237905][T18221] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1075.248160][T18221] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1075.279867][T18221] BTRFS info (device loop5): enabling ssd optimizations
[ 1075.286972][T18221] BTRFS info (device loop5): disabling tree log
[ 1075.293417][T18221] BTRFS info (device loop5): turning on flush-on-commit
[ 1075.300367][T18221] BTRFS info (device loop5): force clearing of disk cache
[ 1075.308084][T18221] BTRFS info (device loop5): doing ref verification
[ 1081.069563][T12328] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1085.885783][T18308] 9pnet: Could not find request transport: 
[ 1086.357171][T18305] loop0: detected capacity change from 0 to 1024
[ 1087.816904][T18305] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1088.625016][T18334] gfs2: not a GFS2 filesystem
[ 1089.883819][ T9047] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1090.280963][T18344] loop5: detected capacity change from 0 to 4096
[ 1090.594775][T18356] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1092.267642][T18366] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1096.770296][T18396] loop0: detected capacity change from 0 to 128
[ 1100.534997][   T30] audit: type=1800 audit(1758859826.584:280): pid=18403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.3470" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1102.031042][T18423] netlink: 72 bytes leftover after parsing attributes in process `syz.9.3476'.
[ 1107.580018][T18459] loop0: detected capacity change from 0 to 16
[ 1107.620962][T18459] erofs (device loop0): mounted with root inode @ nid 36.
[ 1110.573365][T17891] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1110.591451][T17891] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1110.600058][T17891] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1110.611760][T17891] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1110.621897][T17891] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1111.723403][T18477] lo speed is unknown, defaulting to 1000
[ 1112.851256][   T51] Bluetooth: hci3: command tx timeout
[ 1114.941375][   T51] Bluetooth: hci3: command tx timeout
[ 1117.035116][T18350] syz_tun (unregistering): left allmulticast mode
[ 1117.041835][   T51] Bluetooth: hci3: command tx timeout
[ 1117.712872][T13563] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.785161][T18477] chnl_net:caif_netlink_parms(): no params data found
[ 1119.092504][   T51] Bluetooth: hci3: command tx timeout
[ 1119.389662][T13563] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.436645][T18535] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3506'.
[ 1120.330906][T18544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3508'.
[ 1120.647584][T13563] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1121.607824][T13563] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1123.271419][T18477] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1123.337448][T18477] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1123.419493][T18477] bridge_slave_0: entered allmulticast mode
[ 1123.520136][T18477] bridge_slave_0: entered promiscuous mode
[ 1123.548797][T18477] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.558038][T18477] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1123.570807][T18477] bridge_slave_1: entered allmulticast mode
[ 1123.615996][T18477] bridge_slave_1: entered promiscuous mode
[ 1123.761230][T16653] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1125.129255][T16653] usb 5-1: Using ep0 maxpacket: 16
[ 1125.143129][T16653] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1125.159692][T16653] usb 5-1: New USB device found, idVendor=046d, idProduct=0722, bcdDevice=9c.25
[ 1125.177350][T16653] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1125.180994][T18477] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1125.193414][T16653] usb 5-1: Product: syz
[ 1125.199190][T16653] usb 5-1: SerialNumber: syz
[ 1126.171754][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1126.178093][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1126.449992][T16653] usb 5-1: config 0 descriptor??
[ 1126.471300][T18477] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1126.582543][T16653] usb 5-1: can't set config #0, error -71
[ 1126.598864][T18602] netlink: 188 bytes leftover after parsing attributes in process `syz.1.3526'.
[ 1126.866805][T16653] usb 5-1: USB disconnect, device number 16
[ 1127.770768][T18477] team0: Port device team_slave_0 added
[ 1127.796608][T18477] team0: Port device team_slave_1 added
[ 1130.180467][T18632] netlink: 'syz.9.3534': attribute type 2 has an invalid length.
[ 1130.243587][T18638] netlink: 100 bytes leftover after parsing attributes in process `syz.1.3535'.
[ 1130.551348][   T30] audit: type=1804 audit(1758859856.584:281): pid=18642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.3547" name="bus" dev="ramfs" ino=51567 res=1 errno=0
[ 1130.771798][   T30] audit: type=1804 audit(1758859856.584:282): pid=18642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3547" name="bus" dev="ramfs" ino=51567 res=1 errno=0
[ 1131.921295][T18652] netlink: 4768 bytes leftover after parsing attributes in process `syz.5.3538'.
[ 1133.956924][   T51] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[ 1138.219245][T13563] bond2 (unregistering): (slave gretap1): Releasing active interface
[ 1139.136206][T13563] bond1 (unregistering): (slave bridge0): Removing an active aggregator
[ 1139.159716][T13563] bond1 (unregistering): (slave bridge0): Releasing backup interface
[ 1139.925522][T13563] bridge0 (unregistering): left promiscuous mode
[ 1139.931970][T13563] bridge0 (unregistering): left allmulticast mode
[ 1144.445008][T13563] bond0 (unregistering): Released all slaves
[ 1145.076541][T18741] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3567'.
[ 1149.102591][T13563] bond1 (unregistering): Released all slaves
[ 1149.170459][T13563] bond2 (unregistering): Released all slaves
[ 1149.315572][T18477] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1149.353266][T18477] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1149.514868][T18477] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1149.619561][T18477] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1149.630418][T18477] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1149.780683][T18477] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1149.860756][T13563] tipc: Left network mode
[ 1151.498890][T18477] hsr_slave_0: entered promiscuous mode
[ 1151.538149][T18477] hsr_slave_1: entered promiscuous mode
[ 1151.677516][T18477] debugfs: 'hsr0' already exists in 'hsr'
[ 1151.715462][T18477] Cannot create hsr debugfs directory
[ 1155.700234][T18827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3589'.
[ 1158.224134][T18840] binder: 18837:18840 ioctl c00c620f 0 returned -14
[ 1158.938002][T18854] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3598'.
[ 1163.100645][T13563] hsr_slave_0: left promiscuous mode
[ 1163.939091][T18886] loop0: detected capacity change from 0 to 1024
[ 1163.952557][T13563] veth1_macvtap: left promiscuous mode
[ 1163.958268][T13563] veth0_macvtap: left promiscuous mode
[ 1163.964024][T13563] veth1_vlan: left promiscuous mode
[ 1163.971026][T13563] veth0_vlan: left promiscuous mode
[ 1163.987328][T18884] loop5: detected capacity change from 0 to 2048
[ 1164.005406][T18888] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3609'.
[ 1164.035744][T18888] netlink: 'syz.4.3609': attribute type 6 has an invalid length.
[ 1164.062236][T18888] netlink: 'syz.4.3609': attribute type 5 has an invalid length.
[ 1164.083906][T18886] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1164.131646][T18884] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1164.202075][T18888] netlink: 'syz.4.3609': attribute type 4 has an invalid length.
[ 1164.928623][T18892] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1165.203169][T18886] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1165.291992][T18886] EXT4-fs (loop0): This should not happen!! Data will be lost
[ 1165.291992][T18886] 
[ 1165.308040][   T30] audit: type=1804 audit(1758860147.373:283): pid=18901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3607" name="/newroot/429/file1/file1" dev="loop0" ino=15 res=1 errno=0
[ 1165.330948][T18886] EXT4-fs (loop0): Total free blocks count 0
[ 1165.385723][T18886] EXT4-fs (loop0): Free/Dirty block details
[ 1165.427616][T18886] EXT4-fs (loop0): free_blocks=68451041280
[ 1165.433605][T18886] EXT4-fs (loop0): dirty_blocks=80
[ 1165.458906][T18886] EXT4-fs (loop0): Block reservation details
[ 1165.464991][T18886] EXT4-fs (loop0): i_reserved_data_blocks=5
[ 1165.502505][T12328] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[ 1165.516776][T18901] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[ 1166.701231][   T30] audit: type=1804 audit(1758860148.764:284): pid=18886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3607" name="/newroot/429/file1/file1" dev="loop0" ino=15 res=1 errno=0
[ 1166.814735][   T30] audit: type=1800 audit(1758860148.784:285): pid=18886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3607" name="file2" dev="loop0" ino=16 res=0 errno=0
[ 1166.902709][   T30] audit: type=1800 audit(1758860148.784:286): pid=18886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3607" name="file2" dev="loop0" ino=16 res=0 errno=0
[ 1171.009295][T17891] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1171.040166][T17891] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1171.057424][T17891] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1171.070968][T17891] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1171.082297][T17891] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1172.198447][T18961] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3628'.
[ 1173.337383][T17891] Bluetooth: hci5: command tx timeout
[ 1173.616964][T18971] loop5: detected capacity change from 0 to 512
[ 1174.526356][T18975] loop0: detected capacity change from 0 to 32768
[ 1174.533604][T18975] XFS: ikeep mount option is deprecated.
[ 1174.585116][T18975] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1174.674472][T18975] XFS (loop0): Ending clean mount
[ 1174.685233][T18975] XFS (loop0): Quotacheck needed: Please wait.
[ 1174.748900][T18975] XFS (loop0): Quotacheck: Done.
[ 1174.749314][T18971] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[ 1174.775405][T18971] EXT4-fs (loop5): mount failed
[ 1175.092539][   T30] audit: type=1800 audit(1758860157.138:287): pid=18992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3631" name="file1" dev="loop0" ino=9286 res=0 errno=0
[ 1175.237683][T18971] netlink: 'syz.5.3629': attribute type 4 has an invalid length.
[ 1175.289950][ T9047] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1175.390365][T17891] Bluetooth: hci5: command tx timeout
[ 1176.246694][T18998] Invalid option length (1032005) for dns_resolver key
[ 1177.469333][T17891] Bluetooth: hci5: command tx timeout
[ 1180.223788][T17891] Bluetooth: hci5: command tx timeout
[ 1184.698791][T18950] lo speed is unknown, defaulting to 1000
[ 1186.839880][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1186.846318][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1189.905839][T13563] IPVS: stop unused estimator thread 0...
[ 1189.968097][T18950] chnl_net:caif_netlink_parms(): no params data found
[ 1190.223415][T13563] bridge_slave_1: left allmulticast mode
[ 1190.238329][T13563] bridge_slave_1: left promiscuous mode
[ 1190.261481][T13563] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1190.362450][T13563] bridge_slave_0: left allmulticast mode
[ 1190.377280][T13563] bridge_slave_0: left promiscuous mode
[ 1190.388368][T13563] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1190.767111][T13563] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1190.805577][T13563] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1190.863822][T13563] bond0 (unregistering): Released all slaves
[ 1191.601698][T18950] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1192.371949][T18950] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1192.379236][T18950] bridge_slave_0: entered allmulticast mode
[ 1192.556967][T18950] bridge_slave_0: entered promiscuous mode
[ 1194.083991][T13563] hsr_slave_0: left promiscuous mode
[ 1194.161234][T13563] hsr_slave_1: left promiscuous mode
[ 1195.131227][T13563] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1195.165559][T13563] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1196.182014][   T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1196.202805][   T51] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1196.212891][   T51] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1196.237424][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1196.247414][   T51] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1197.550756][T13563] team0 (unregistering): Port device team_slave_1 removed
[ 1197.618607][T19138] RDS: rds_bind could not find a transport for fe88::a, load rds_tcp or rds_rdma?
[ 1197.642148][T13563] team0 (unregistering): Port device team_slave_0 removed
[ 1198.619248][   T51] Bluetooth: hci3: command tx timeout
[ 1200.787638][   T51] Bluetooth: hci3: command tx timeout
[ 1202.816769][   T51] Bluetooth: hci3: command tx timeout
[ 1203.176850][T18950] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1203.426381][T18950] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.433606][T18950] bridge_slave_1: entered allmulticast mode
[ 1204.310796][T18950] bridge_slave_1: entered promiscuous mode
[ 1205.362603][   T51] Bluetooth: hci3: command tx timeout
[ 1205.710720][T18950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1205.742394][T19192] netlink: 'syz.4.3690': attribute type 1 has an invalid length.
[ 1205.767754][T19192] netlink: 'syz.4.3690': attribute type 4 has an invalid length.
[ 1205.799602][T18950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1205.815581][T19192] netlink: 15334 bytes leftover after parsing attributes in process `syz.4.3690'.
[ 1208.364861][T18950] team0: Port device team_slave_0 added
[ 1208.373651][T18950] team0: Port device team_slave_1 added
[ 1209.553841][T19122] lo speed is unknown, defaulting to 1000
[ 1210.404998][T18950] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1210.509893][T18950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1210.578935][T18950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1210.658104][T18950] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1210.684936][T18950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1210.741692][T18950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1213.586210][T18950] hsr_slave_0: entered promiscuous mode
[ 1213.632810][T18950] hsr_slave_1: entered promiscuous mode
[ 1213.639198][T18950] debugfs: 'hsr0' already exists in 'hsr'
[ 1213.710005][T18950] Cannot create hsr debugfs directory
[ 1219.137806][T19122] chnl_net:caif_netlink_parms(): no params data found
[ 1223.896503][T19359] ptrace attach of "./syz-executor exec"[5877] was attempted by "                                                                ��\x0c��H;�'���Sde/Ȑ|�zP��иW��\x0b�P�<�I7�{���Wr�עӇam�L5��{�޶-ڨ���ظ�����E�f�YS�7�?�V�s��\x0b�M�������`���g��ر/◒��U�C�ΐ�OG�Dn��\x07��w��m}O��q�����p�]��K|I(����9�/�k��Y_�֤vqy����rƲ�.+/�n�y�]�6�B\x5c
*���Lo��� �\x0a��B�\x0d��An���\x0bptQU�olL��obB��M�����ȹ.��T3#(D�\x1b�����?-�M��M�\x0d�{�X���Lhl1G�J(��\x0a����\x07�b\x0cf��\x5c�L�e#�y�w�O%�0��,��zǂ�r�\x5cH�\x22�@)E�lĪo��=��0}�|�����m ��~�M��UK\x0b�QoDU1h$�t�Qf�\x0b�;\x0bvN�T/��rP��x0m�؇dG>�t5Q�I����0k��p��;����t�>?7~��՞��8�)>�\x0a.F�v\x5c0CP�{�\x07ԭ4OT)���%��DkfCkF 籥�;��m\x0c�v�\x0cTʪz5��m֢����v����ī'c���^ت�g_\x0bƍ��8�)c,�(q��e�B���㑻SPt4�o� 
�I�HwL#��@mU�p�E�^a��gh~d�_��9\x07r|��GJj+&ҽk(�\x07���rn�E�4�(����#ë�\x0b Y�βB��\x0aЦ&��R��`�?��L1t����իw��.M�=3�|G����s�m�g�4`|\x22{б�춋���1�[{��ȯw/B�_g�6-�qyk*�o��\x0d\x5cc8����\x5
[ 1225.650204][T19368] loop0: detected capacity change from 0 to 2048
[ 1225.828196][T19368] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1226.145029][T19122] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1226.682028][T19379] Set syz0 is full, maxelem 0 reached
[ 1226.904697][T19122] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1226.911986][T19122] bridge_slave_0: entered allmulticast mode
[ 1226.944743][T19122] bridge_slave_0: entered promiscuous mode
[ 1226.979462][T19122] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1227.015290][T19122] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1227.064632][T19122] bridge_slave_1: entered allmulticast mode
[ 1227.093047][T19122] bridge_slave_1: entered promiscuous mode
[ 1231.225694][T19122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1231.365175][T19122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1232.453750][T19122] team0: Port device team_slave_0 added
[ 1232.554208][T19122] team0: Port device team_slave_1 added
[ 1233.623579][T17891] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1233.641198][T17891] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1233.656850][T17891] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1233.668000][T17891] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1233.676081][T17891] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1234.023629][T19122] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1234.030603][T19122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1234.820660][T19122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1234.863067][T19122] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1234.870023][T19122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1235.020654][T19122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1235.679448][T19122] hsr_slave_0: entered promiscuous mode
[ 1235.767560][   T51] Bluetooth: hci6: command tx timeout
[ 1236.421544][T19122] hsr_slave_1: entered promiscuous mode
[ 1236.470137][T19122] debugfs: 'hsr0' already exists in 'hsr'
[ 1236.499811][T19122] Cannot create hsr debugfs directory
[ 1237.404417][T19434] lo speed is unknown, defaulting to 1000
[ 1237.449705][T12352] IPVS: starting estimator thread 0...
[ 1237.550058][T19468] IPVS: using max 21 ests per chain, 50400 per kthread
[ 1237.840721][   T51] Bluetooth: hci6: command tx timeout
[ 1238.071055][T19224] bridge_slave_1: left allmulticast mode
[ 1238.095463][T19224] bridge_slave_1: left promiscuous mode
[ 1238.114998][T19224] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1239.208616][T19224] bridge_slave_0: left allmulticast mode
[ 1239.214300][T19224] bridge_slave_0: left promiscuous mode
[ 1239.282017][T19224] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1239.295097][T12352] IPVS: starting estimator thread 0...
[ 1239.539739][T19483] IPVS: using max 20 ests per chain, 48000 per kthread
[ 1240.076195][   T51] Bluetooth: hci6: command tx timeout
[ 1241.024263][T19224] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1241.046670][T19224] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1241.063994][T19224] bond0 (unregistering): Released all slaves
[ 1241.612903][T19508] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1242.082059][T19224] hsr_slave_0: left promiscuous mode
[ 1242.150453][T19224] hsr_slave_1: left promiscuous mode
[ 1242.162208][   T51] Bluetooth: hci6: command tx timeout
[ 1242.173084][T19224] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1242.249843][T19224] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1244.775773][   T30] audit: type=1804 audit(1758860226.873:288): pid=19548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3768" name="/newroot/459/file1" dev="fuse" ino=1 res=1 errno=0
[ 1244.857937][   T30] audit: type=1800 audit(1758860226.873:289): pid=19548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3768" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1245.725759][T19224] team0 (unregistering): Port device team_slave_1 removed
[ 1245.977045][T19224] team0 (unregistering): Port device team_slave_0 removed
[ 1248.384378][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1248.432068][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1249.777954][T19590] loop0: detected capacity change from 0 to 64
[ 1251.078599][T19593] Set syz0 is full, maxelem 0 reached
[ 1251.558040][T19603] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3778'.
[ 1254.175131][T19434] chnl_net:caif_netlink_parms(): no params data found
[ 1256.589242][T17891] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1256.601377][T17891] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1256.609337][T17891] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1256.618796][T17891] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1256.626863][T17891] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1258.884446][T17891] Bluetooth: hci5: command tx timeout
[ 1259.304721][T19688] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1260.319857][T19434] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1260.338014][T19434] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1260.345313][T19434] bridge_slave_0: entered allmulticast mode
[ 1260.508692][T19434] bridge_slave_0: entered promiscuous mode
[ 1260.868804][T19655] lo speed is unknown, defaulting to 1000
[ 1260.979110][T17891] Bluetooth: hci5: command tx timeout
[ 1261.849016][T14962] bridge_slave_1: left allmulticast mode
[ 1261.857227][T14962] bridge_slave_1: left promiscuous mode
[ 1261.886088][T14962] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1261.942653][T14962] bridge_slave_0: left allmulticast mode
[ 1261.968980][T14962] bridge_slave_0: left promiscuous mode
[ 1262.011386][T14962] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1263.196181][T17891] Bluetooth: hci5: command tx timeout
[ 1266.014990][T17891] Bluetooth: hci5: command tx timeout
[ 1267.905027][T14962] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1268.723907][T14962] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1268.991740][T14962] bond0 (unregistering): Released all slaves
[ 1269.115522][T19434] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1269.122804][T19434] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1269.193786][T19434] bridge_slave_1: entered allmulticast mode
[ 1269.201825][T19434] bridge_slave_1: entered promiscuous mode
[ 1272.507732][T14962] hsr_slave_0: left promiscuous mode
[ 1272.761668][T14962] hsr_slave_1: left promiscuous mode
[ 1272.767876][T14962] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1272.800056][T14962] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1276.659976][T14962] team0 (unregistering): Port device team_slave_1 removed
[ 1276.838156][T14962] team0 (unregistering): Port device team_slave_0 removed
[ 1278.461823][T19861] loop0: detected capacity change from 0 to 64
[ 1278.481405][T19861] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[ 1278.571172][T19861] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop0
[ 1278.717747][T19861] netlink: 'syz.0.3832': attribute type 2 has an invalid length.
[ 1279.915894][T19434] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1280.163858][T19434] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1280.421682][T19434] team0: Port device team_slave_0 added
[ 1280.454284][T19434] team0: Port device team_slave_1 added
[ 1280.821195][T19434] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1280.837750][T19434] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1280.902170][T19434] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1281.042321][T19434] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1281.074262][T19434] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1281.389076][T19434] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1282.115374][T19434] hsr_slave_0: entered promiscuous mode
[ 1282.152728][T19434] hsr_slave_1: entered promiscuous mode
[ 1282.182147][T19434] debugfs: 'hsr0' already exists in 'hsr'
[ 1282.205654][T19434] Cannot create hsr debugfs directory
[ 1282.293442][T19655] chnl_net:caif_netlink_parms(): no params data found
[ 1282.661403][T19655] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1282.673953][T19655] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1282.683547][T19655] bridge_slave_0: entered allmulticast mode
[ 1282.696305][T19655] bridge_slave_0: entered promiscuous mode
[ 1282.748264][T19655] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1282.755439][T19655] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1282.767262][T19655] bridge_slave_1: entered allmulticast mode
[ 1282.775330][T19655] bridge_slave_1: entered promiscuous mode
[ 1282.880499][T19655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1282.928302][T19655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1283.022308][T19655] team0: Port device team_slave_0 added
[ 1283.052652][T19655] team0: Port device team_slave_1 added
[ 1283.063213][T19434] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1283.120548][T19434] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1283.132061][T19655] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1283.141540][T19655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1283.168749][T19655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1283.180161][T19434] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1283.193478][T19655] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1283.202249][T19655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1283.229621][T19655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1283.241776][T19434] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1283.324302][T19655] hsr_slave_0: entered promiscuous mode
[ 1283.333864][T19655] hsr_slave_1: entered promiscuous mode
[ 1283.347196][T19655] debugfs: 'hsr0' already exists in 'hsr'
[ 1283.352946][T19655] Cannot create hsr debugfs directory
[ 1283.696819][T19655] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1283.784764][T19434] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1283.824828][T19655] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1283.881753][T19434] 8021q: adding VLAN 0 to HW filter on device team0
[ 1283.954606][T19655] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1284.033617][T19223] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1284.040783][T19223] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1284.052805][T19223] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1284.060010][T19223] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1284.111377][T19655] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1284.170349][T19434] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1284.359036][T19655] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1284.380949][T19655] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1284.393712][T19655] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1284.414615][T19655] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1284.484453][T19434] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1284.590916][T19655] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1284.629336][T19655] 8021q: adding VLAN 0 to HW filter on device team0
[ 1284.644143][T19653] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1284.651322][T19653] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1284.668169][T14962] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1284.675319][T14962] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1285.012260][T19434] veth0_vlan: entered promiscuous mode
[ 1285.053696][T19434] veth1_vlan: entered promiscuous mode
[ 1285.084661][T19655] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1285.110252][T19434] veth0_macvtap: entered promiscuous mode
[ 1285.123313][T19434] veth1_macvtap: entered promiscuous mode
[ 1285.154287][T19434] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1285.179731][T19434] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1285.209474][T19633] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.227131][T19633] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.237563][T19633] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.268089][T19633] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.393773][T13890] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1285.422891][T13890] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1285.472465][T13890] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1285.480780][T13890] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1286.094188][T19655] veth0_vlan: entered promiscuous mode
[ 1286.121889][T19655] veth1_vlan: entered promiscuous mode
[ 1286.199447][T19655] veth0_macvtap: entered promiscuous mode
[ 1286.212085][T19655] veth1_macvtap: entered promiscuous mode
[ 1286.236528][T19655] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1286.251706][T19655] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1286.292646][T19653] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.335706][T19653] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.344455][T19653] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.403063][T19653] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1291.492715][T19635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1291.500557][T19635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1294.136943][T19225] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1294.168865][T19225] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1304.372109][T20102] loop5: detected capacity change from 0 to 2048
[ 1304.429737][T20102] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1309.717109][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1309.724375][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1310.176758][T20148] loop0: detected capacity change from 0 to 128
[ 1310.417269][T20148] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1310.459886][T20148] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1314.556958][T20173] binder: 20170:20173 ioctl c00c620f 0 returned -14
[ 1314.892238][T20186] binder: 20183:20186 ioctl c0306201 200000000080 returned -14
[ 1315.669692][T20198] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1315.776744][T20205] loop0: detected capacity change from 0 to 128
[ 1315.844771][T20205] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1317.318000][T19223] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1318.554302][T20226] uprobe: syz.0.3917:20226 failed to unregister, leaking uprobe
[ 1321.937239][T20255] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3923'.
[ 1322.047149][T20255] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3923'.
[ 1327.126743][T20288] loop0: detected capacity change from 0 to 32768
[ 1327.211012][T20288] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3936 (20288)
[ 1327.466178][T20288] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1327.476437][T20288] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[ 1329.336318][T20288] BTRFS info (device loop0): enabling ssd optimizations
[ 1329.343350][T20288] BTRFS info (device loop0): enabling free space tree
[ 1331.013144][ T9047] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1338.082949][T20363] loop5: detected capacity change from 0 to 1024
[ 1338.599741][T20363] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1339.150423][T20363] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[ 1339.249083][T20363] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1339.271681][T20363] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1339.271681][T20363] 
[ 1339.284608][   T30] audit: type=1804 audit(1758860833.433:290): pid=20375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3953" name="/newroot/13/file1/file1" dev="loop5" ino=15 res=1 errno=0
[ 1339.308072][T20363] EXT4-fs (loop5): Total free blocks count 0
[ 1339.315447][T20363] EXT4-fs (loop5): Free/Dirty block details
[ 1339.358201][T20363] EXT4-fs (loop5): free_blocks=68451041280
[ 1339.398328][T20363] EXT4-fs (loop5): dirty_blocks=80
[ 1339.404139][T20363] EXT4-fs (loop5): Block reservation details
[ 1339.487885][T20363] EXT4-fs (loop5): i_reserved_data_blocks=5
[ 1339.850806][T20375] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[ 1340.415733][T20388] loop8: detected capacity change from 0 to 512
[ 1340.422945][   T30] audit: type=1804 audit(1758860834.574:291): pid=20363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3953" name="/newroot/13/file1/file1" dev="loop5" ino=15 res=1 errno=0
[ 1340.550250][T20388] EXT4-fs: Mount option(s) incompatible with ext2
[ 1340.564100][   T30] audit: type=1800 audit(1758860834.694:292): pid=20363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3953" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1340.684591][   T30] audit: type=1800 audit(1758860834.704:293): pid=20363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3953" name="file2" dev="loop5" ino=16 res=0 errno=0
[ 1351.026850][   T30] audit: type=1804 audit(1758860845.149:294): pid=20448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.3975" name="bus" dev="ramfs" ino=56008 res=1 errno=0
[ 1351.299036][   T30] audit: type=1804 audit(1758860845.159:295): pid=20448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3975" name="bus" dev="ramfs" ino=56008 res=1 errno=0
[ 1359.657098][T17891] Bluetooth: hci6: command 0x0406 tx timeout
[ 1362.744683][T20513] loop8: detected capacity change from 0 to 512
[ 1362.766059][T20513] EXT4-fs: Ignoring removed nobh option
[ 1362.969524][T20486] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1362.980047][T20486] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1362.980703][T20513] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1362.989103][T20486] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1363.008742][T20486] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1363.017242][T20486] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1363.200632][T20517] lo speed is unknown, defaulting to 1000
[ 1363.628670][T20513] EXT4-fs error (device loop8): ext4_lookup:1787: inode #15: comm syz.8.3991: iget: bad i_size value: 15393162788874
[ 1363.840843][T20486] Bluetooth: hci6: unexpected event for opcode 0x0c7d
[ 1364.245980][T19434] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1364.355327][   T30] audit: type=1804 audit(1758860858.516:296): pid=20535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3997" name="bus" dev="ramfs" ino=56120 res=1 errno=0
[ 1365.225450][T20486] Bluetooth: hci3: command tx timeout
[ 1365.231964][   T30] audit: type=1804 audit(1758860858.556:297): pid=20535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.3997" name="bus" dev="ramfs" ino=56120 res=1 errno=0
[ 1367.062806][T20555] ptrace attach of "./syz-executor exec"[9047] was attempted by "                                                                ��\x0c��H;�'���Sde/Ȑ|�zP��иW��\x0b�P�<�I7�{���Wr�עӇam�L5��{�޶-ڨ���ظ�����E�f�YS�7�?�V�s��\x0b�M�������`���g��ر/◒��U�C�ΐ�OG�Dn��\x07��w��m}O��q�����p�]��K|I(����9�/�k��Y_�֤vqy����rƲ�.+/�n�y�]�6�B\x5c
*���Lo��� �\x0a��B�\x0d��An���\x0bptQU�olL��obB��M�����ȹ.��T3#(D�\x1b�����?-�M��M�\x0d�{�X���Lhl1G�J(��\x0a����\x07�b\x0cf��\x5c�L�e#�y�w�O%�0��,��zǂ�r�\x5cH�\x22�@)E�lĪo��=��0}�|�����m ��~�M��UK\x0b�QoDU1h$�t�Qf�\x0b�;\x0bvN�T/��rP��x0m�؇dG>�t5Q�I����0k��p��;����t�>?7~��՞��8�)>�\x0a.F�v\x5c0CP�{�\x07ԭ4OT)���%��DkfCkF 籥�;��m\x0c�v�\x0cTʪz5��m֢����v����ī'c���^ت�g_\x0bƍ��8�)c,�(q��e�B���㑻SPt4�o� 
�I�HwL#��@mU�p�E�^a��gh~d�_��9\x07r|��GJj+&ҽk(�\x07���rn�E�4�(����#ë�\x0b Y�βB��\x0aЦ&��R��`�?��L1t����իw��.M�=3�|G����s�m�g�4`|\x22{б�춋���1�[{��ȯw/B�_g�6-�qyk*�o��\x0d\x5cc8����\x5
[ 1367.754137][T20486] Bluetooth: hci3: command tx timeout
[ 1367.845393][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1367.860960][T17891] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[ 1367.869574][T17891] Bluetooth: hci6: Injecting HCI hardware error event
[ 1367.879534][T17891] Bluetooth: hci6: hardware error 0x00
[ 1368.253079][T20517] chnl_net:caif_netlink_parms(): no params data found
[ 1370.045264][   T51] Bluetooth: hci3: command tx timeout
[ 1370.292960][T17891] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[ 1371.056875][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1371.063439][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1373.046877][T17891] Bluetooth: hci3: command tx timeout
[ 1373.928700][T20590] loop5: detected capacity change from 0 to 512
[ 1373.959455][T20590] EXT4-fs: Ignoring removed nobh option
[ 1374.698956][T20603] loop0: detected capacity change from 0 to 128
[ 1375.404990][T20590] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1376.034070][T20603] affs: No valid root block on device loop0
[ 1376.144535][T20590] EXT4-fs error (device loop5): ext4_lookup:1787: inode #15: comm syz.5.4011: iget: bad i_size value: 15393162788874
[ 1376.598693][T20517] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1376.650528][T20517] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1376.657808][T20517] bridge_slave_0: entered allmulticast mode
[ 1376.677374][T19655] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1376.698410][T20517] bridge_slave_0: entered promiscuous mode
[ 1376.723809][T20517] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1376.744429][T20517] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1376.768217][T20517] bridge_slave_1: entered allmulticast mode
[ 1376.797599][T20517] bridge_slave_1: entered promiscuous mode
[ 1377.657462][T20624] netlink: 'syz.4.4022': attribute type 15 has an invalid length.
[ 1378.409384][T20517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1378.519256][T20517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1379.998654][T12420] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 1380.538003][T17891] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1380.548775][T17891] Bluetooth: hci5: Injecting HCI hardware error event
[ 1380.558150][   T51] Bluetooth: hci5: hardware error 0x00
[ 1380.724477][T12420] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1380.768398][T20638] binder: 20637:20638 ioctl c00c620f 0 returned -14
[ 1380.808306][T12420] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1380.830094][T12420] usb 1-1: config 0 descriptor??
[ 1380.839953][T12420] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1380.870219][T20517] team0: Port device team_slave_0 added
[ 1380.995964][T20517] team0: Port device team_slave_1 added
[ 1382.412102][T20654] hfsplus: unable to find HFS+ superblock
[ 1382.902857][   T51] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1383.279375][T20517] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1383.309040][T20517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1383.361742][T20517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1384.582434][T20517] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1384.595088][T20517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1384.639326][T12420] usb 1-1: USB disconnect, device number 9
[ 1384.652901][T20517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1384.776532][T20672] loop0: detected capacity change from 0 to 128
[ 1384.787554][T20672] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1384.820003][T20672] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1384.834307][T20672] ext4 filesystem being mounted at /518/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1385.021871][ T9047] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1385.075049][T13436] dvmrp1 (unregistering): left allmulticast mode
[ 1385.426397][T13436] bond4 (unregistering): (slave bridge2): Removing an active aggregator
[ 1385.437954][T13436] bond4 (unregistering): (slave bridge2): Releasing backup interface
[ 1385.447088][T13436] bridge2 (unregistering): left promiscuous mode
[ 1385.453500][T13436] bridge2 (unregistering): left allmulticast mode
[ 1391.803953][T20718] loop0: detected capacity change from 0 to 32768
[ 1391.811478][T20718] XFS: ikeep mount option is deprecated.
[ 1391.893763][T20718] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1392.012113][T20718] XFS (loop0): Ending clean mount
[ 1392.023179][T20718] XFS (loop0): Quotacheck needed: Please wait.
[ 1393.486598][T13436] bond0 (unregistering): Released all slaves
[ 1393.566104][T20718] XFS (loop0): Quotacheck: Done.
[ 1394.088591][T13436] bond1 (unregistering): Released all slaves
[ 1395.106873][ T9047] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1395.483166][T13436] bond2 (unregistering): Released all slaves
[ 1395.506898][T13436] bond3 (unregistering): Released all slaves
[ 1395.662358][T13436] bond4 (unregistering): Released all slaves
[ 1395.765985][T20517] hsr_slave_0: entered promiscuous mode
[ 1395.777104][T20517] hsr_slave_1: entered promiscuous mode
[ 1395.787709][T20517] debugfs: 'hsr0' already exists in 'hsr'
[ 1395.796671][T20517] Cannot create hsr debugfs directory
[ 1398.384321][T13436] tipc: Left network mode
[ 1398.750100][   T51] Bluetooth: hci2: unexpected event for opcode 0x0c7d
[ 1402.174885][T13436] hsr_slave_0: left promiscuous mode
[ 1402.211528][T13436] hsr_slave_1: left promiscuous mode
[ 1402.565568][T20792] syz.8.4063 (20792): drop_caches: 2
[ 1402.807476][   T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1402.816365][   T51] Bluetooth: hci2: Injecting HCI hardware error event
[ 1402.911441][   T51] Bluetooth: hci2: hardware error 0x00
[ 1404.151160][T20809] loop0: detected capacity change from 0 to 2048
[ 1404.214524][T20809] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1405.845692][   T51] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1406.748852][T20825] loop8: detected capacity change from 0 to 40427
[ 1406.777609][T20825] F2FS-fs (loop8): invalid crc value
[ 1406.888140][T20825] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1406.897981][T20825] F2FS-fs (loop8): Start checkpoint disabled!
[ 1406.961974][T20825] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[ 1407.744609][T19225] kworker/u8:9: attempt to access beyond end of device
[ 1407.744609][T19225] loop8: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1408.014367][T19225] CPU: 0 UID: 0 PID: 19225 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) 
[ 1408.014416][T19225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1408.014440][T19225] Workqueue: writeback wb_workfn (flush-7:8)
[ 1408.014506][T19225] Call Trace:
[ 1408.014518][T19225]  <TASK>
[ 1408.014531][T19225]  dump_stack_lvl+0x16c/0x1f0
[ 1408.014593][T19225]  f2fs_handle_critical_error+0x624/0x9f0
[ 1408.014643][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.014687][T19225]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1408.014740][T19225]  f2fs_write_end_io+0x958/0xcf0
[ 1408.014796][T19225]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1408.014855][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.014909][T19225]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1408.014966][T19225]  bio_endio+0x713/0x860
[ 1408.015030][T19225]  submit_bio_noacct+0x306/0x1ed0
[ 1408.015092][T19225]  __submit_merged_bio+0x33c/0x770
[ 1408.015150][T19225]  __submit_merged_write_cond+0x319/0x3f0
[ 1408.015214][T19225]  f2fs_write_cache_pages+0x2067/0x2570
[ 1408.015306][T19225]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1408.015378][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.015437][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.015582][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.015625][T19225]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1408.015671][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.015717][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.015759][T19225]  ? rcu_is_watching+0x12/0xc0
[ 1408.015805][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.015859][T19225]  f2fs_write_data_pages+0x4ad/0xd90
[ 1408.015933][T19225]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1408.016005][T19225]  ? __pfx___schedule+0x10/0x10
[ 1408.016056][T19225]  ? __lock_acquire+0xb97/0x1ce0
[ 1408.016117][T19225]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1408.016178][T19225]  do_writepages+0x27a/0x600
[ 1408.016234][T19225]  ? __pfx_do_writepages+0x10/0x10
[ 1408.016282][T19225]  ? preempt_schedule_thunk+0x16/0x30
[ 1408.016342][T19225]  __writeback_single_inode+0x160/0xfb0
[ 1408.016391][T19225]  ? preempt_schedule_thunk+0x16/0x30
[ 1408.016445][T19225]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1408.016498][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.016550][T19225]  writeback_sb_inodes+0x60d/0xfa0
[ 1408.016626][T19225]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1408.016677][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.016719][T19225]  ? mark_held_locks+0x49/0x80
[ 1408.016775][T19225]  ? irqentry_exit+0x3b/0x90
[ 1408.016901][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.016952][T19225]  ? rcu_is_watching+0x12/0xc0
[ 1408.016997][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017040][T19225]  ? queue_io+0x3f6/0x520
[ 1408.017088][T19225]  wb_writeback+0x419/0xb70
[ 1408.017150][T19225]  ? __pfx_wb_writeback+0x10/0x10
[ 1408.017194][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017253][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017296][T19225]  ? mark_held_locks+0x49/0x80
[ 1408.017362][T19225]  wb_workfn+0x14d/0xbe0
[ 1408.017420][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017467][T19225]  ? __pfx_wb_workfn+0x10/0x10
[ 1408.017523][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017571][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017617][T19225]  ? preempt_schedule_thunk+0x16/0x30
[ 1408.017683][T19225]  process_one_work+0x9cf/0x1b70
[ 1408.017746][T19225]  ? __pfx_process_one_work+0x10/0x10
[ 1408.017788][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017846][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.017887][T19225]  ? assign_work+0x1a0/0x250
[ 1408.017925][T19225]  worker_thread+0x6c8/0xf10
[ 1408.018002][T19225]  ? __pfx_worker_thread+0x10/0x10
[ 1408.018045][T19225]  kthread+0x3c5/0x780
[ 1408.018085][T19225]  ? __pfx_kthread+0x10/0x10
[ 1408.018126][T19225]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1408.018168][T19225]  ? rcu_is_watching+0x12/0xc0
[ 1408.018214][T19225]  ? __pfx_kthread+0x10/0x10
[ 1408.018254][T19225]  ret_from_fork+0x56d/0x730
[ 1408.018288][T19225]  ? __pfx_kthread+0x10/0x10
[ 1408.018326][T19225]  ret_from_fork_asm+0x1a/0x30
[ 1408.018399][T19225]  </TASK>
[ 1408.018767][T19225] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[ 1412.221285][T20875] loop5: detected capacity change from 0 to 256
[ 1414.164165][T20894] genirq: Flags mismatch irq 31. 00200000 (pcmmio) vs. 00200000 (virtio1-input.0)
[ 1419.356475][T20947] loop5: detected capacity change from 0 to 40427
[ 1419.380926][T20947] F2FS-fs (loop5): invalid crc value
[ 1419.478469][T20947] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1419.487919][T20947] F2FS-fs (loop5): Start checkpoint disabled!
[ 1419.510097][T20947] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[ 1420.312280][T20961] loop8: detected capacity change from 0 to 128
[ 1420.363468][T19633] kworker/u8:30: attempt to access beyond end of device
[ 1420.363468][T19633] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1420.543339][T19633] CPU: 1 UID: 0 PID: 19633 Comm: kworker/u8:30 Not tainted syzkaller #0 PREEMPT(full) 
[ 1420.543389][T19633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1420.543414][T19633] Workqueue: writeback wb_workfn (flush-7:5)
[ 1420.543475][T19633] Call Trace:
[ 1420.543486][T19633]  <TASK>
[ 1420.543499][T19633]  dump_stack_lvl+0x16c/0x1f0
[ 1420.543560][T19633]  f2fs_handle_critical_error+0x624/0x9f0
[ 1420.543610][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.543654][T19633]  ? f2fs_build_fault_attr+0x53/0x1f0
[ 1420.543704][T19633]  f2fs_write_end_io+0x958/0xcf0
[ 1420.543759][T19633]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1420.543815][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.543869][T19633]  ? __pfx_f2fs_write_end_io+0x10/0x10
[ 1420.543918][T19633]  bio_endio+0x713/0x860
[ 1420.543980][T19633]  submit_bio_noacct+0x306/0x1ed0
[ 1420.544039][T19633]  __submit_merged_bio+0x33c/0x770
[ 1420.544097][T19633]  __submit_merged_write_cond+0x319/0x3f0
[ 1420.544161][T19633]  f2fs_write_cache_pages+0x2067/0x2570
[ 1420.544252][T19633]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[ 1420.544308][T19633]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1420.544363][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.544414][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.544457][T19633]  ? find_held_lock+0x2b/0x80
[ 1420.544505][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.544545][T19633]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1420.544582][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.544620][T19633]  ? do_raw_spin_unlock+0x172/0x230
[ 1420.544671][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.544710][T19633]  ? f2fs_available_free_memory+0x279/0xa30
[ 1420.544815][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.544862][T19633]  f2fs_write_data_pages+0x4ad/0xd90
[ 1420.544923][T19633]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1420.544986][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545025][T19633]  ? __lock_acquire+0xb97/0x1ce0
[ 1420.545079][T19633]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1420.545134][T19633]  do_writepages+0x27a/0x600
[ 1420.545187][T19633]  ? __pfx_do_writepages+0x10/0x10
[ 1420.545228][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545267][T19633]  ? reacquire_held_locks+0xcd/0x1f0
[ 1420.545318][T19633]  ? writeback_sb_inodes+0x3b0/0xfa0
[ 1420.545367][T19633]  __writeback_single_inode+0x160/0xfb0
[ 1420.545417][T19633]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1420.545460][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545498][T19633]  ? do_raw_spin_unlock+0x172/0x230
[ 1420.545535][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545580][T19633]  writeback_sb_inodes+0x60d/0xfa0
[ 1420.545646][T19633]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1420.545688][T19633]  ? do_raw_spin_unlock+0x172/0x230
[ 1420.545725][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545764][T19633]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1420.545870][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545908][T19633]  ? rcu_is_watching+0x12/0xc0
[ 1420.545950][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.545988][T19633]  ? queue_io+0x3f6/0x520
[ 1420.546031][T19633]  wb_writeback+0x419/0xb70
[ 1420.546085][T19633]  ? __pfx_wb_writeback+0x10/0x10
[ 1420.546126][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546182][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546221][T19633]  ? mark_held_locks+0x49/0x80
[ 1420.546279][T19633]  wb_workfn+0x14d/0xbe0
[ 1420.546329][T19633]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1420.546380][T19633]  ? __pfx_wb_workfn+0x10/0x10
[ 1420.546429][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546472][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546517][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546555][T19633]  ? rcu_is_watching+0x12/0xc0
[ 1420.546603][T19633]  process_one_work+0x9cf/0x1b70
[ 1420.546659][T19633]  ? __pfx_process_one_work+0x10/0x10
[ 1420.546696][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546745][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.546785][T19633]  ? assign_work+0x1a0/0x250
[ 1420.546822][T19633]  worker_thread+0x6c8/0xf10
[ 1420.546879][T19633]  ? __pfx_worker_thread+0x10/0x10
[ 1420.546916][T19633]  kthread+0x3c5/0x780
[ 1420.546950][T19633]  ? __pfx_kthread+0x10/0x10
[ 1420.546984][T19633]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1420.547023][T19633]  ? rcu_is_watching+0x12/0xc0
[ 1420.547064][T19633]  ? __pfx_kthread+0x10/0x10
[ 1420.547099][T19633]  ret_from_fork+0x56d/0x730
[ 1420.547129][T19633]  ? __pfx_kthread+0x10/0x10
[ 1420.547163][T19633]  ret_from_fork_asm+0x1a/0x30
[ 1420.547231][T19633]  </TASK>
[ 1420.547333][T19633] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[ 1421.166836][T20486] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1421.183003][T20486] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1421.196449][T20486] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1421.259147][T20486] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1421.618199][T20486] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1424.395942][T20486] Bluetooth: hci4: command tx timeout
[ 1424.806255][   T30] audit: type=1326 audit(1758860918.996:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20987 comm="syz.0.4122" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f662538eec9 code=0x0
[ 1425.659482][T21002] loop5: detected capacity change from 0 to 128
[ 1425.745345][T21002] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1426.432209][T21002] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1426.527697][T20486] Bluetooth: hci4: command tx timeout
[ 1426.815515][T21002] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1427.270333][T20962] lo speed is unknown, defaulting to 1000
[ 1428.604006][T20486] Bluetooth: hci4: command tx timeout
[ 1428.759202][T21027] No source specified
[ 1428.816504][T19655] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1428.994866][T21035] loop8: detected capacity change from 0 to 64
[ 1430.622804][T20486] Bluetooth: hci4: command tx timeout
[ 1430.684081][T13436] IPVS: stop unused estimator thread 0...
[ 1430.964597][T20962] chnl_net:caif_netlink_parms(): no params data found
[ 1433.292008][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1433.301394][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1433.482735][T14964] ------------[ cut here ]------------
[ 1433.489403][T14964] WARNING: CPU: 0 PID: 14964 at io_uring/io_uring.c:2980 io_ring_exit_work+0x3fc/0x10f0
[ 1433.499781][T14964] Modules linked in:
[ 1433.504105][T14964] CPU: 0 UID: 0 PID: 14964 Comm: kworker/u8:44 Not tainted syzkaller #0 PREEMPT(full) 
[ 1433.513939][T14964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1433.524046][T14964] Workqueue: iou_exit io_ring_exit_work
[ 1433.529633][T14964] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0
[ 1433.535698][T14964] Code: 0f 85 0a 0b 00 00 48 8b 05 a1 64 4a 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 0f ec e4 fc 4d 85 f6 79 12 e8 95 f0 e4 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 83 f0 e4 fc 48 8b 74 24 60
[ 1433.555391][T14964] RSP: 0018:ffffc9000aa57a90 EFLAGS: 00010293
[ 1433.562082][T14964] RAX: 0000000000000000 RBX: ffff88802a8fa6c8 RCX: ffffffff84d6ad71
[ 1433.570071][T14964] RDX: ffff88802e475a00 RSI: ffffffff84d6ad7b RDI: 0000000000000007
[ 1433.578106][T14964] RBP: ffffc9000aa57c50 R08: 0000000000000007 R09: 0000000000000000
[ 1433.586440][T14964] R10: ffffffffffffffff R11: 0000000000000000 R12: ffff88802a8fa000
[ 1433.595121][T14964] R13: dffffc0000000000 R14: ffffffffffffffff R15: ffff88802a8fa040
[ 1433.603630][T14964] FS:  0000000000000000(0000) GS:ffff8881246b3000(0000) knlGS:0000000000000000
[ 1433.612622][T14964] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1433.619219][T14964] CR2: 000000110c385888 CR3: 0000000058da0000 CR4: 0000000000350ef0
[ 1433.627245][T14964] Call Trace:
[ 1433.630527][T14964]  <TASK>
[ 1433.633516][T14964]  ? __pfx_io_ring_exit_work+0x10/0x10
[ 1433.639020][T14964]  ? try_to_wake_up+0x160/0x1870
[ 1433.644012][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.649677][T14964]  ? debug_object_deactivate+0x1ec/0x3a0
[ 1433.655483][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.661191][T14964]  ? rcu_is_watching+0x12/0xc0
[ 1433.665993][T14964]  process_one_work+0x9cf/0x1b70
[ 1433.670972][T14964]  ? __pfx_batadv_mcast_mla_update+0x10/0x10
[ 1433.677021][T14964]  ? __pfx_process_one_work+0x10/0x10
[ 1433.682505][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.688174][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.694428][T14964]  ? assign_work+0x1a0/0x250
[ 1433.699133][T14964]  worker_thread+0x6c8/0xf10
[ 1433.704284][T14964]  ? __pfx_worker_thread+0x10/0x10
[ 1433.709422][T14964]  kthread+0x3c5/0x780
[ 1433.713555][T14964]  ? __pfx_kthread+0x10/0x10
[ 1433.718167][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.723862][T14964]  ? rcu_is_watching+0x12/0xc0
[ 1433.728656][T14964]  ? __pfx_kthread+0x10/0x10
[ 1433.733385][T14964]  ret_from_fork+0x56d/0x730
[ 1433.737996][T14964]  ? __pfx_kthread+0x10/0x10
[ 1433.742829][T14964]  ret_from_fork_asm+0x1a/0x30
[ 1433.747649][T14964]  </TASK>
[ 1433.750681][T14964] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1433.757974][T14964] CPU: 0 UID: 0 PID: 14964 Comm: kworker/u8:44 Not tainted syzkaller #0 PREEMPT(full) 
[ 1433.767620][T14964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1433.777685][T14964] Workqueue: iou_exit io_ring_exit_work
[ 1433.783269][T14964] Call Trace:
[ 1433.786545][T14964]  <TASK>
[ 1433.789476][T14964]  dump_stack_lvl+0x3d/0x1f0
[ 1433.794107][T14964]  vpanic+0x6e8/0x7a0
[ 1433.798130][T14964]  ? __pfx_vpanic+0x10/0x10
[ 1433.802675][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.808340][T14964]  ? io_ring_exit_work+0x3fc/0x10f0
[ 1433.813566][T14964]  panic+0xca/0xd0
[ 1433.817328][T14964]  ? __pfx_panic+0x10/0x10
[ 1433.821797][T14964]  ? check_panic_on_warn+0x1f/0xb0
[ 1433.826925][T14964]  check_panic_on_warn+0xab/0xb0
[ 1433.831884][T14964]  __warn+0xf6/0x3c0
[ 1433.835791][T14964]  ? io_ring_exit_work+0x3fc/0x10f0
[ 1433.841020][T14964]  report_bug+0x3c3/0x580
[ 1433.845388][T14964]  ? io_ring_exit_work+0x3fc/0x10f0
[ 1433.850622][T14964]  handle_bug+0x184/0x210
[ 1433.854989][T14964]  exc_invalid_op+0x17/0x50
[ 1433.859516][T14964]  asm_exc_invalid_op+0x1a/0x20
[ 1433.864403][T14964] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0
[ 1433.870240][T14964] Code: 0f 85 0a 0b 00 00 48 8b 05 a1 64 4a 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 0f ec e4 fc 4d 85 f6 79 12 e8 95 f0 e4 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 83 f0 e4 fc 48 8b 74 24 60
[ 1433.889865][T14964] RSP: 0018:ffffc9000aa57a90 EFLAGS: 00010293
[ 1433.895952][T14964] RAX: 0000000000000000 RBX: ffff88802a8fa6c8 RCX: ffffffff84d6ad71
[ 1433.903945][T14964] RDX: ffff88802e475a00 RSI: ffffffff84d6ad7b RDI: 0000000000000007
[ 1433.912107][T14964] RBP: ffffc9000aa57c50 R08: 0000000000000007 R09: 0000000000000000
[ 1433.920100][T14964] R10: ffffffffffffffff R11: 0000000000000000 R12: ffff88802a8fa000
[ 1433.928095][T14964] R13: dffffc0000000000 R14: ffffffffffffffff R15: ffff88802a8fa040
[ 1433.936098][T14964]  ? io_ring_exit_work+0x3f1/0x10f0
[ 1433.941340][T14964]  ? io_ring_exit_work+0x3fb/0x10f0
[ 1433.946598][T14964]  ? __pfx_io_ring_exit_work+0x10/0x10
[ 1433.952093][T14964]  ? try_to_wake_up+0x160/0x1870
[ 1433.957061][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.962717][T14964]  ? debug_object_deactivate+0x1ec/0x3a0
[ 1433.968401][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1433.974057][T14964]  ? rcu_is_watching+0x12/0xc0
[ 1433.978860][T14964]  process_one_work+0x9cf/0x1b70
[ 1433.983836][T14964]  ? __pfx_batadv_mcast_mla_update+0x10/0x10
[ 1433.989839][T14964]  ? __pfx_process_one_work+0x10/0x10
[ 1433.995234][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1434.000990][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1434.006649][T14964]  ? assign_work+0x1a0/0x250
[ 1434.011260][T14964]  worker_thread+0x6c8/0xf10
[ 1434.015890][T14964]  ? __pfx_worker_thread+0x10/0x10
[ 1434.021024][T14964]  kthread+0x3c5/0x780
[ 1434.025112][T14964]  ? __pfx_kthread+0x10/0x10
[ 1434.029726][T14964]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1434.035383][T14964]  ? rcu_is_watching+0x12/0xc0
[ 1434.040176][T14964]  ? __pfx_kthread+0x10/0x10
[ 1434.044791][T14964]  ret_from_fork+0x56d/0x730
[ 1434.049394][T14964]  ? __pfx_kthread+0x10/0x10
[ 1434.054006][T14964]  ret_from_fork_asm+0x1a/0x30
[ 1434.058820][T14964]  </TASK>
[ 1434.062129][T14964] Kernel Offset: disabled
[ 1434.066451][T14964] Rebooting in 86400 seconds..