last executing test programs:

15m17.009889135s ago: executing program 0 (id=477):
r0 = socket$kcm(0x21, 0x2, 0x2)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, 0x0, &(0x7f0000000040))
preadv(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000080), 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r2, &(0x7f0000000040), &(0x7f0000000080), 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$inet(r0, 0x0, 0x0)

15m10.095020547s ago: executing program 0 (id=483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_open_procfs(0x0, &(0x7f0000000100)='numa_maps\x00')

15m6.894880284s ago: executing program 0 (id=486):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x2efb, 0x4)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmmsg$inet(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}], 0x400000000000171, 0x8800)

15m4.691799857s ago: executing program 0 (id=490):
truncate(0x0, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@delqdisc={0x24, 0x25, 0x200, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x8}, {0x3, 0xd}, {0x8, 0x2}}}, 0x24}}, 0x40004)
pipe2$watch_queue(0x0, 0x80)
socket$packet(0x11, 0x3, 0x300)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION(r5, 0x79f, 0x0)
sendfile(r4, r3, &(0x7f0000002080)=0x64, 0x23b)

14m58.004522185s ago: executing program 0 (id=500):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='numa_maps\x00')
pread64(r0, &(0x7f0000001180)=""/4107, 0x100b, 0x200280)

14m55.860053086s ago: executing program 0 (id=511):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x1000003, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143142, 0x40)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r1, 0x4b4b, &(0x7f0000000200))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x111, 0x0, 0x0, &(0x7f0000000280))
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000009060102000000e0ffffff00000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c000280080001407f"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

14m38.305818775s ago: executing program 32 (id=511):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x1000003, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x143142, 0x40)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r1, 0x4b4b, &(0x7f0000000200))
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x111, 0x0, 0x0, &(0x7f0000000280))
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000009060102000000e0ffffff00000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c000280080001407f"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

13m42.143898161s ago: executing program 1 (id=601):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0x4a, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'veth0_to_team\x00'})
r2 = syz_clone(0x21004000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
chdir(0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x50)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)=@generic={&(0x7f0000000040)='./file0\x00', r3}, 0x18)
r4 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000440)={0xaa, 0xb15b45e01133b222})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000cc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x24}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000080)={{0x2, 0x0, @broadcast}, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x4}}, 0x8, {0x2, 0x0, @empty}, 'team_slave_1\x00'})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
syz_open_dev$usbmon(0x0, 0x0, 0x20002)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
semget(0x0, 0x0, 0x1)
preadv(r5, 0x0, 0x0, 0xfff, 0x0)

13m40.83981197s ago: executing program 1 (id=604):
socket$netlink(0x10, 0x3, 0x12)
r0 = socket(0x200000000000011, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r5 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, 0x0, 0x2f00)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x0, 0x0, 0x0, 0x5}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000020c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x0)

13m37.379672571s ago: executing program 1 (id=607):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
poll(0x0, 0x0, 0x5)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='yeah\x00', 0x5)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x4000800)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x10408, 0x8}}, 0x50)
socket$inet_udp(0x2, 0x2, 0x0)

13m35.177250784s ago: executing program 1 (id=610):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='numa_maps\x00')
pread64(r3, &(0x7f0000001180)=""/4107, 0x100b, 0x200280)

13m33.935598282s ago: executing program 1 (id=612):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r1, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)

13m31.089203204s ago: executing program 1 (id=616):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
socket(0x11, 0x3, 0xff)
mount$bpf(0x0, 0x0, 0x0, 0x1800040, &(0x7f0000000100)=ANY=[])
mount(0x0, 0x0, &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
r2 = socket(0x11, 0x3, 0x0)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f00000001c0)=0x5, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0x4e6f, 0x4)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)

13m14.213738752s ago: executing program 33 (id=616):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@perf_event={0x4}}, 0x18)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
socket(0x11, 0x3, 0xff)
mount$bpf(0x0, 0x0, 0x0, 0x1800040, &(0x7f0000000100)=ANY=[])
mount(0x0, 0x0, &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
r2 = socket(0x11, 0x3, 0x0)
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f00000001c0)=0x5, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'gre0\x00'})
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000240)=0x4e6f, 0x4)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x0)

4m19.041347998s ago: executing program 4 (id=1469):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x446, &(0x7f00000001c0)={[{@stripe={'stripe', 0x3d, 0x2}}, {@journal_dev={'journal_dev', 0x3d, 0x1045}}, {@oldalloc}, {@noquota}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@delalloc}, {@errors_continue}, {@orlov}, {@user_xattr}, {@quota}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x20040050)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$xfs(&(0x7f000000c740), &(0x7f00000001c0)='./file0\x00', 0x2, &(0x7f00000002c0)={[{@lazytime}, {@nogrpid}, {@bsdgroups}]}, 0x1, 0xc718, &(0x7f000000c800)="$eJzs3X1sXXX9wPFzu7ZrR37A4AeDITBBniTQdWW0QKC93WhXmEUdQhV0q6OMsY6HbcjGhEJQMYjTRNREjErIwoP+IShGYkxINEExRCJBFmTxj0X5g0yiCxlBXc3pvbe0d12zfrfvtxl7vZL13HNuP6e3932/54aH7PZ1LevMstqs5N6s2o3Lnru9+OMls369efnuRx5ufLZ0tGNe+e6O8rZY3nZmIycbOVxTOlS/4ufP1uQ7NWPPO6uxsXBklq2sOk9rabNpdeX7hquUD1d+fvmk+eMuPFj6M+qI/Msdux5+Icuyo8fMF7Ise36vX/Qw1Vfs7io/J9mYbjPKdxfev29kW1v60/5ilrWPPIcTvz6mVf44Oy46fvur0/1ADgV9xe6eqv4d5c6F8nrsqF6Dh6Pq1/mG4p6F5aewMOb6dcjpK3YtzSZZx9u+fvaZw6XrZl1+Mc+ybGaWZQ3T3YODo9jZkr9n11T2y9kr679jotfFW8sfvDbLsuPzt/HSa7/d+ykcgoqdLYsmWP/1k63/d/6xvdv6h0NfT7GzJV/rVeu/YbL1v/Xq+ZtL676jtTS1Z3p/CQAAAABgQus33bWmf3BwYJ0bbrjhxuiN6b4yAbG9v+in+5EAAAAAAAAAAAAA+yvF/0483b8jAAAAAAAAAAAAAHxQ9PQWd84ojDs0Y+zOyS8NjGwv2N1309atv5hd2ZbvvnKCU477nP/h4eHh3z/d1lfenVn1edkN1cP5+YeeebCtvLvX5w/WjRyty1bcuHpwYH7+oxbVZRvzneb8vF112TfznQX5Tndd9kS+0zKy05g9n++cv/LWwRvyA0sCn7EPlp7ee7MZ44pl414NY/sPPfPkxsp2klNWzlablfvvWHvdQ1X3Veyj/+j5i/v6XHIOjqn1f3Z+ZTvJKfda/6c2vNQw0X377j96/k7945rg+j+uUfV1v+r6P2+CU47O/+upwnF5//e2FCrvE7X7c/0fc/5F1f1HTj56/c9Ptbhy/c/fWy4/oCfjMNTTe9/Oydb/5P1r55a/rWbM7OjZau6Yd0Hef9nftuwoH6qbYv/Fk63/wry9ridMUU/vo8NV638K/bOzJjjlaJO+c387lPe/7NIT/z7mvqn0v7y6f9OGtbc1rd9013mr1/avGlg1cMuC5tbmhW0tbRe2NY1cEkpfD+xJOYwc2Pof+fz/sTOFLDtjdP78C+8+J++/fejIU8qHGqbYv2vS9b9i/GNljNNqsvr6bGP/hg3rmktfK7sLSl9L3zZB/ym8/59+dvnbGsvbQpadMDo/+553v5f3f3nOG+vKh+qn2L970v73jv5cAh3g+r+hamZc/7rF374k7//nnz7+y8qhKfZfMln/mh9Z/weqp7fqX/gcZHn/OZesWhw43uOf/+JK0X/puWvOCxy/Qv+4UvT/8kdunRU4fqX+caXo/94R64cDx5fqH1eK/i21d24LHP+Y/nGl6H/T/29+OnC8V/+4UvR/9KSh7wSOX6V/XCn6H3de6xmB4x/XP64U/d84rSX0v9N8Qv+4UvR/YEH7msDxT+ofV4r+vZdesjRwfJn+caXo33zMWc8Fjl+tf1wp+r978uk/CBz/lP5xpej/2P817Q4cv0b/uFL0v7nm3JcDx6/VP64U/X9yxr9PCBzv0z+uFP0HPjrcHjj+af3jStH/sot3XRM4/hn940rRf/fC3bcHjl+nf1wp+n917ltfChy/Xv+4UvQvHvf2Y4Hjn9U/rhT959bteDFw/HP6x5Wi/yuz3twZOL5c/7hS9L//lB8+GTi+Qv+4UvS/YvYjWwLH+/WPK0X/2YXvvhk4/nn940rRf9uR33o+cHyl/nGl6P/4h7+xMHD8Bv3jStH/lvO/dkzg+ID+caXov/CyBzYHjt+of1wp+v+n+f7rA8dX6R9Xiv4XH7/s4cDxm/SPK0X/XSde+7PA8dX6x5Wi/xON170eOH6z/nGl6N9fv/y/geNr9I8rRf9Tzlm019/zs58G9Y8rRf/XzuxuChxfq39cKfo/dOGVXYHjt+gfV4r+l190VX/g+K36x5Wi/z+PmvmnwPHb9I8rRf+2bMY7geO36x9Xiv4rjz7q+4Hj6/SPK0X/p0494leB4+v1jytF/1fnz+kNHN+gf1wp+n+o/djVgeN36B9Xiv7dTaeGjn9B/7hS9N8y76SJPidkf9ypf1wp+i+Z+Ye3A8c36h9Xiv73Nfzxd4Hjm/SPK0X/10/4zaOB43fpH1eK/sfOeeErgeOb9Y8rRf/Btr+sDxz/ov5xpei/tfWvVweO361/XCn67znrlUsDx+/RP64U/VvPfm1u4PiQ/gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrC3l2HXVYW+v9/ZugQASVEUSQERLoFhaG7u7u7u7u7u7u7VURFUbBFxQAFRUBBBMnfNcwMB8cPHM+5/H0553xer+t69t5r7/2suff9Xms9G/65AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4N9vjcVWXmhgYNThWwf80+ubrXznjkOuXmLse/de/5WzTxnr1mHPLjjF8JcXfHskA+/sbMGhrw0e9pbRN7jl0sFDNwa/d79jjzXWoPEGBm2cR7Xnaf/JsEf8+8N3OnTcg44a9vOucYbePD/J/M8ODAyM/5/sr9YaQxZfbOjkDft5t9sow18e/vy7j0cd9jPv6QMD875zsOTj48P3zIEX7/Vhj+F/gzWGLL7kSP0Hhnd+p/vI53erkY/znd5e48YPNdy/yRpDFltmaOv3O49nn/+2rd8edl0fbejFfGBgYIyBgYExP+we/HsMWWj2hYZe80dsD6t+wIgvBOn6PuilDd54emBgYKyBgYFJBgZGP2DE3wLgf5chC82+cDj/Rx/xejr/n3vs6lec//C/35JDFpp94D3f84c9e8CYI15P5/9TS70w6Yc3YgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh/763n7rpv+FrfgwcG9hsYab33dwxfF3DQDQ88+uiHNtD/GcI62f/rlz4d2nnMq6YYGNhu1Q97KHwIBn3YA+BDpX83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276F3uf9f8XHHH/yDoXjjP8rdOsueRO//T7Q58b8//1oD88/1fX/x/YctCwlgMDA+NvOTAwsNyQlVaZbujWTkuuOeXAu6/NM/S1+SYcZWCUd371nXcMLPo+O15w+P0UQ2/GfncfN7yz/yXfvnCUQSMN4j0muO3SS7dY45U5Rr6f9v0/x+ARD/Z/cIY13n777bf/4cnh3u9YHbH/EZ9l5M7Dxz7d0LHPvMu2O8y88557zbjlthtuvunmm24326xzzzrnPLPPM9c8M2+25TabzjLs9n3m7J3ZGFj4X5mz0Uees+eGvHfORv5s7zdnU3zwnL2zx4kGXfXiiDkb9b84Zwt/8JxNseWIsS442sAG70zN0H9ykdEG9hi6MesYQw+h4e+ddOh7559w8MDACf/xQYc+GuPdY3DQAUPfs8ZiKy/0HyP953Pwn8/TdwYwxUjTPGT4/ULDPvaC75nW0Te45dbBQzf+YZrHHmusQeMNDGw80n7mHXa308sj3vf2SIY/PcV7J37YuAcdNeznXe9cb99ebbZlhp6LI/3+/x/+W3///6nXPIPenahBw3+Gv2dYryGLL/kf/9aCI25GHf7c3EO3R56zf6d/Gu8Ug989rtN4lxyy0OxDnx5p/t89FdLx9eLNs2837HMtOPew33rrv9vkfa4dy/zH7AX/cO0Y+OBrxyj/8fA/nt30kclHvnYs/f5D/IfzYsQcjTHSm97v2jHPUTftP3T/I8b8PteOZYaOfbSB9147hv6zC4+4dgwd+2KjDZwwdGO2oRuLjzZwxdCN2d/ZGGvggaEbM228/TabDH1iiX8+bqcb9O4EvM9xu9hIx+3g90zfoPfM36Dhx/OoAwMLPDwwsMAD6XO9/3Rm6bgd/QPGO2Sh2YdejgePdNyO+JU0nkFvPnH9aQMDAxMP+ys99EMOG/t/RxrvqB883oXCeEf9gPEOPLn9q4f9m8f77nn2zrE2MP47t0u8z+/8w3k2/j+dZweO8p4z41/9XrNJeP+wx5O+u7f5Tl1ktBFzNNpI+/3P/kaP+Cyp/4jvfO81+IKBQR80N4v/K3Mz3gfPzb/6/WW6qYa9PtYHzM1Zr+43wYi5Gf2/ODeLv8/cvPf78HsNOmBgrH+cm1Hf+Q489fC5WexfmZtx/z3Hzdjh/cMeT/PuU9PvO9dMI+YmzEX8+z9i/4v9V+dmg3ePm6nfeW3KwQOjjz6wx4a77LLTrMNuR2zONuz2g8/BRf6VuRzz3zOXkw2/6gz+58l596k5pth18H/3HFzkvzqXUwwMHvHf3FuOfLL8+/j/P93076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/2Pus/3/AiPX/d9z/+YuGL7c42rp7zbfAhz3eD9n/6fX/h/f9h/X/F5hvr3UHD7z72geuzz7sPf8j12efe9jdnu8usTny+uDDn/6X12ffYYYxH/p/tD77f8uIc/VfWDfU9b+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+lf7H3W/39g+P0Be+45y5vDF0IfbYfXNzn1wx7vh+z/9Pr/w/v+w/r/p27y+g6DB9597QPX/x/2no71/88bfbmF/yev/z/iXLX+P/8J/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/WF7/f9Dw+4EH1hl18jmH3g/dfualxx7/sMf7Ifu/uv7/mFdNMTCw3aof9lD4ELj+d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/bvp303/bvp307+b/t3076Z/N/276d9N/276d9O/m/7d9O+mfzf9u+nfTf9u+nfTv5v+3fTvpn83/YsNX/9/YNj6/yMMWtBxEYX1//93e5/+Q/SPWvovpH/U0n9h/aOW/ovoH7X0X1T/qKX/YvpHLf0X1z9q6b+E/lFL/yX1j1r6L6V/1NJ/af2jlv7L6B+19F9W/6il/3L6Ry39l9c/aum/gv5RS/8V9Y9a+q+kf9TSf2X9o5b+q+gftfRfVf+opf9q+kct/VfXP2rpv4b+UUv/NfWPWvqvpX/U0n9t/aOW/uvoH7X0X1f/qKX/evpHLf3X1z9q6b+B/lFL/w31j1r6b6R/1NJ/Y/2jlv6b6B+19N9U/6il/2b6Ry39N9c/aum/hf5RS/8t9Y9a+m+lf9TSf2v9o5b+2+gftfTfVv+opf92+kct/bfXP2rpv4P+UUv/HfWPWvrvpH/U0n9n/aOW/rvoH7X031X/qKX/bvpHLf131z9q6b+H/lFL/z31j1r676V/1NJ/b/2jlv776B+19N9X/6il/376Ry3999c/aul/gP5RS/8D9Y9a+h+kf9TS/2D9o5b+h+gftfQ/VP+opf9h+kct/Q/XP2rpf4T+UUv/I/WPWvofpX/U0v9o/aOW/sfoH7X0P1b/qKX/cfpHLf2P1z9q6X+C/lFL/xP1j1r6n6R/1NL/ZP2jlv6n6B+19D9V/6il/2n6Ry39T9c/aul/hv5RS/8z9Y9a+p+lf9TS/2z9o5b+5+gftfQ/V/+opf95+kct/c/XP2rpf4H+UUv/C/WPWvpfpH/U0v9i/aOW/pfoH7X0v1T/qKX/ZfpHLf0v1z9q6X+F/lFL/yv1j1r6X6V/1NL/av2jlv7X6B+19L9W/6il/3X6Ry39r9c/aul/g/5RS/8b9Y9a+t+kf9TS/2b9o5b+t+gftfS/Vf+opf9t+kct/W/XP2rpf4f+UUv/O/WPWvrfpX/U0v9u/aOW/vfoH7X0v1f/qKX/ffpHLf3v1z9q6f+A/lFL/6/oH7X0/6r+UUv/r+kftfR/UP+opf/X9Y9a+j+kf9TS/xv6Ry39v6l/1NL/W/pHLf0f1j9q6f9t/aOW/t/RP2rp/4j+UUv/7+oftfT/nv5RS/9H9Y9a+j+mf9TS//v6Ry39f6B/1NL/h/pHLf1/pH/U0v/H+kct/X+if9TS/6f6Ry39f6Z/1NL/cf2jlv4/1z9q6f8L/aOW/r/UP2rp/4T+UUv/X+kftfT/tf5RS//f6B+19P+t/lFL/yf1j1r6P6V/1NL/d/pHLf1/r3/U0v9p/aOW/s/oH7X0/4P+UUv/P+oftfR/Vv+opf+f9I9a+j+nf9TS/3n9o5b+L+gftfT/s/5RS/+/6B+19H9R/6il/0v6Ry39/6p/1NL/Zf2jlv5/0z9q6f+K/lFL/1f1j1r6/13/qKX/a/pHLf1f1z9q6f+G/lFL/zf1j1r6v6V/1NL/bf2jkv7vPNT/n7X0H6R/1NJ/sP5RS/9R9I9a+o+qf9TSfzT9o5b+o+sftfQfQ/+opf+Y+kct/cfSP2rpP7b+UUv/cfSPWvqPq3/U0v8j+kct/cfTP2rp/1H9o5b+4+sftfSfQP+opf+E+kct/T+mf9TS/+P6Ry39J9I/auk/sf5RS/9J9I9a+k+qf9TS/xP6Ry39J9M/aun/Sf2jlv6f0j9q6T+5/lFL/0/rH7X0/4z+UUv/KfSPWvp/Vv+opf+U+kct/afSP2rpP7X+UUv/afSPWvp/Tv+opf+0+kct/afTP2rpP73+UUv/z+sftfSfQf+opf8X9I9a+s+of9TSfyb9o5b+M+sftfSfRf+opf+s+kct/WfTP2rpP7v+UUv/OfSPWvrPqX/U0n8u/aOW/nPrH7X0n0f/qKX/vPpHLf2/qH/U0n8+/aOW/vPrH7X0/5L+UUv/L+sftfRfQP+opf+C+kct/YfoH7X0X0j/qKX/wvpHLf0X0T9q6b+o/lFL/8X0j1r6L65/1NJ/Cf2jlv5L6h+19F9K/6il/9L6Ry39l9E/aum/rP5RS//l9I9a+i+vf9TSfwX9o5b+K+oftfRfSf+opf/K+kct/VfRP2rpv6r+UUv/1fSPWvqvrn/U0n8N/aOW/mvqH7X0X0v/qKX/2vpHLf3X0T9q6b+u/lFL//X0j1r6r69/1NJ/A/2jlv4b6h+19N9I/6il/8b6Ry39N9E/aum/qf5RS//N9I9a+m+uf9TSfwv9o5b+W+oftfTfSv+opf/W+kct/bfRP2rpv63+UUv/7fSPWvpvr3/U0n8H/aOW/jvqH7X030n/qKX/zvpHLf130T9q6b+r/lFL/930j1r6765/1NJ/D/2jlv576h+19N9L/6il/976Ry3999E/aum/r/5RS//99I9a+u+vf9TS/wD9o5b+B+oftfQ/SP+opf/B+kct/Q/RP2rpf6j+UUv/w/SPWvofrn/U0v8I/aOW/kfqH7X0P0r/qKX/0fpHLf2P0T9q6X+s/lFL/+P0j1r6H69/1NL/BP2jlv4n6h+19D9J/6il/8n6Ry39T9E/aul/qv5RS//T9I9a+p+uf9TS/wz9o5b+Z+oftfQ/S/+opf/Z+kct/c/RP2rpf67+UUv/8/SPWvqfr3/U0v8C/aOW/hfqH7X0v0j/qKX/xfpHLf0v0T9q6X+p/lFL/8v0j1r6X65/1NL/Cv2jlv5X6h+19L9K/6il/9X6Ry39r9E/aul/rf5RS//r9I9a+l+vf9TS/wb9o5b+N+oftfS/Sf+opf/N+kct/W/RP2rpf6v+UUv/2/SPWvrfrn/U0v8O/aOW/nfqH7X0v0v/qKX/3fpHLf3v0T9q6X+v/lFL//v0j1r6369/1NL/Af2jlv5f0T9q6f9V/aOW/l/TP2rp/6D+UUv/r+sftfR/SP+opf839I9a+n9T/6il/7f0j1r6P6x/1NL/2/pHLf2/o3/U0v8R/aOW/t/VP2rp/z39o5b+j+oftfR/TP+opf/39Y9a+v9A/6il/w/1j1r6/0j/qKX/j/WPWvr/RP+opf9P9Y9a+v9M/6il/+P6Ry39f65/1NL/F/pHLf1/qX/U0v8J/aOW/r/SP2rp/2v9o5b+v9E/aun/W/2jlv5P6h+19H9K/6il/+/0j1r6/17/qKX/0/pHLf2f0T9q6f8H/aOW/n/UP2rp/6z+UUv/P+kftfR/Tv+opf/z+kct/V/QP2rp/2f9o5b+f9E/aun/ov5RS/+X9I9a+v9V/6il/8v6Ry39/6Z/1NL/Ff2jlv6v6h+19P+7/lFL/9f0j1r6v65/1NL/Df2jlv5v6h+19H9L/6il/9v6RyX9RxnQP2rpP0j/qKX/YP2jlv6j6B+19B9V/6il/2j6Ry39R9c/auk/hv5RS/8x9Y9a+o+lf9TSf2z9o5b+4+gftfQfV/+opf9H9I9a+o+nf9TS/6P6Ry39x9c/auk/gf5RS/8J9Y9a+n9M/6il/8f1j1r6T6R/1NJ/Yv2jlv6T6B+19J9U/6il/yf0j1r6T6Z/1NL/k/pHLf0/pX/U0n9y/aOW/p/WP2rp/xn9o5b+U+gftfT/rP5RS/8p9Y9a+k+lf9TSf2r9o5b+0+gftfT/nP5RS/9p9Y9a+k+nf9TSf3r9o5b+n9c/auk/g/5RS/8v6B+19J9R/6il/0z6Ry39Z9Y/auk/i/5RS/9Z9Y9a+s+mf9TSf3b9o5b+c+gftfSfU/+opf9c+kct/efWP2rpP4/+UUv/efWPWvp/Uf+opf98+kct/efXP2rp/yX9o5b+X9Y/aum/gP5RS/8F9Y9a+g/RP2rpv5D+UUv/hfWPWvovon/U0n9R/aOW/ovpH7X0X1z/qKX/EvpHLf2X1D9q6b+U/lFL/6X1j1r6L6N/1NJ/Wf2jlv7L6R+19F9e/6il/wr6Ry39V9Q/aum/kv5RS/+V9Y9a+q+if9TSf1X9o5b+q+kftfRfXf+opf8a+kct/dfUP2rpv5b+UUv/tfWPWvqvo3/U0n9d/aOW/uvpH7X0X1//qKX/BvpHLf031D9q6b+R/lFL/431j1r6b6J/1NJ/U/2jlv6b6R+19N9c/6il/xb6Ry39t9Q/aum/lf5RS/+t9Y9a+m+jf9TSf1v9o5b+2+kftfTfXv+opf8O+kct/XfUP2rpv5P+UUv/nfWPWvrvon/U0n9X/aOW/rvpH7X0313/qKX/HvpHLf331D9q6b+X/lFL/731j1r676N/1NJ/X/2jlv776R+19N9f/6il/wH6Ry39D9Q/aul/kP5RS/+D9Y9a+h+if9TS/1D9o5b+h+kftfQ/XP+opf8R+kct/Y/UP2rpf5T+UUv/o/WPWvofo3/U0v9Y/aOW/sfpH7X0P17/qKX/CfpHLf1P1D9q6X+S/lFL/5P1j1r6n6J/1NL/VP2jlv6n6R+19D9d/6il/xn6Ry39z9Q/aul/lv5RS/+z9Y9a+p+jf9TS/1z9o5b+5+kftfQ/X/+opf8F+kct/S/UP2rpf5H+UUv/i/WPWvpfon/U0v9S/aOW/pfpH7X0v1z/qKX/FfpHLf2v1D9q6X+V/lFL/6v1j1r6X6N/1NL/Wv2jlv7X6R+19L9e/6il/w36Ry39b9Q/aul/k/5RS/+b9Y9a+t+if9TS/1b9o5b+t+kftfS/Xf+opf8d+kct/e/UP2rpf5f+UUv/u/WPWvrfo3/U0v9e/aOW/vfpH7X0v1//qKX/A/pHLf2/on/U0v+r+kct/b+mf9TS/0H9o5b+X9c/aun/kP5RS/9v6B+19P+m/lFL/2/pH7X0f1j/qKX/t/WPWvp/R/+opf8j+kct/b+rf9TS/3v6Ry39H9U/aun/mP5RS//v6x+19P+B/lFL/x/qH7X0/5H+UUv/H+sftfT/if5RS/+f6h+19P+Z/lFL/8f1j1r6/1z/qKX/L/SPWvr/Uv+opf8T+kct/X+lf9TS/9f6Ry39f6N/1NL/t/pHLf2f1D9q6f+U/lFL/9/pH7X0/73+UUv/p/WPWvo/o3/U0v8P+kct/f+of9TS/1n9o5b+f9I/aun/nP5RS//n9Y9a+r+gf9TS/8/6Ry39/6J/1NL/Rf2jlv4v6R+19P+r/lFL/5f1j1r6/03/qKX/K/pHLf1f1T9q6f93/aOW/q/pH7X0f13/qKX/G/pHLf3f1D9q6f+W/lFL/7f1j0r6jzqgf9TSf5D+UUv/wfpHLf1H0T9q6T+q/lFL/9H0j1r6j65/1NJ/DP2jlv5j6h+19B9L/6il/9j6Ry39x9E/auk/rv5RS/+P6B+19B9P/6il/0f1j1r6j69/1NJ/Av2jlv4T6h+19P+Y/lFL/4/rH7X0n0j/qKX/xPpHLf0n0T9q6T+p/lFL/0/oH7X0n0z/qKX/J/WPWvp/Sv+opf/k+kct/T+tf9TS/zP6Ry39p9A/aun/Wf2jlv5T6h+19J9K/6il/9T6Ry39p9E/aun/Of2jlv7T6h+19J9O/6il//T6Ry39P69/1NJ/Bv2jlv5f0D9q6T+j/lFL/5n0j1r6z6x/1NJ/Fv2jlv6z6h+19J9N/6il/+z6Ry3959A/auk/p/5RS/+59I9a+s+tf9TSfx79o5b+8+oftfT/ov5RS//59I9a+s+vf9TS/0v6Ry39v6x/1NJ/Af2jlv4L6h+19B+if9TSfyH9o5b+C+sftfRfRP+opf+i+kct/RfTP2rpv7j+UUv/JfSPWvovqX/U0n8p/aOW/kvrH7X0X0b/qKX/svpHLf2X0z9q6b+8/lFL/xX0j1r6r6h/1NJ/Jf2jlv4r6x+19F9F/6il/6r6Ry39V9M/aum/uv5RS/819I9a+q+pf9TSfy39o5b+a+sftfRfR/+opf+6+kct/dfTP2rpv77+UUv/DfSPWvpvqH/U0n8j/aOW/hvrH7X030T/qKX/pvpHLf030z9q6b+5/lFL/y30j1r6b6l/1NJ/K/2jlv5b6x+19N9G/6il/7b6Ry39t9M/aum/vf5RS/8d9I9a+u+of9TSfyf9o5b+O+sftfTfRf+opf+u+kct/XfTP2rpv7v+UUv/PfSPWvrvqX/U0n8v/aOW/nvrH7X030f/qKX/vvpHLf330z9q6b+//lFL/wP0j1r6H6h/1NL/IP2jlv4H6x+19D9E/6il/6H6Ry39D9M/aul/uP5RS/8j9I9a+h+pf9TS/yj9o5b+R+sftfQ/Rv+opf+x+kct/Y/TP2rpf7z+UUv/E/SPWvqfqH/U0v8k/aOW/ifrH7X0P0X/qKX/qfpHLf1P0z9q6X+6/lFL/zP0j1r6n6l/1NL/LP2jlv5n6x+19D9H/6il/7n6Ry39z9M/aul/vv5RS/8L9I9a+l+of9TS/yL9o5b+F+sftfS/RP+opf+l+kct/S/TP2rpf7n+UUv/K/SPWvpfqX/U0v8q/aOW/lfrH7X0v0b/qKX/tfpHLf2v0z9q6X+9/lFL/xv0j1r636h/1NL/Jv2jlv436x+19L9F/6il/636Ry39b9M/aul/u/5RS/879I9a+t+pf9TS/y79o5b+d+sftfS/R/+opf+9+kct/e/TP2rpf7/+UUv/B/SPWvp/Rf+opf9X9Y9a+n9N/6il/4P6Ry39v65/1NL/If2jlv7f0D9q6f9N/aOW/t/SP2rp/7D+UUv/b+sftfT/jv5RS/9H9I9a+n9X/6il//f0j1r6P6p/1NL/Mf2jlv7f1z9q6f8D/aOW/j/UP2rp/yP9o5b+P9Y/aun/E/2jlv4/1T9q6f8z/aOW/o/rH7X0/7n+UUv/X+gftfT/pf5RS/8n9I9a+v9K/6il/6/1j1r6/0b/qKX/b/WPWvo/qX/U0v8p/aOW/r/TP2rp/3v9o5b+T+sftfR/Rv+opf8f9I9a+v9R/6il/7P6Ry39/6R/1NL/Of2jlv7P6x+19H9B/6il/5/1j1r6/0X/qKX/i/pHLf1f0j9q6f9X/aOW/i/rH7X0/5v+UUv/V/SPWvq/qn/U0v/v+kct/V/TP2rp/7r+UUv/N/SPWvq/qX/U0v8t/aOW/m/rH5X0H21A/6il/yD9o5b+g/WPWvqPon/U0n9U/aOW/qPpH7X0H13/qKX/GPpHLf3H1D9q6T+W/lFL/7H1j1r6j6N/1NJ/XP2jlv4f0T9q6T+e/lFL/4/qH7X0H1//qKX/BPpHLf0n1D9q6f8x/aOW/h/XP2rpP5H+UUv/ifWPWvpPon/U0n9S/aOW/p/QP2rpP5n+UUv/T+oftfT/lP5RS//J9Y9a+n9a/6il/2f0j1r6T6F/1NL/s/pHLf2n1D9q6T+V/lFL/6n1j1r6T6N/1NL/c/pHLf2n1T9q6T+d/lFL/+n1j1r6f17/qKX/DPpHLf2/oH/U0n9G/aOW/jPpH7X0n1n/qKX/LPpHLf1n1T9q6T+b/lFL/9n1j1r6z6F/1NJ/Tv2jlv5z6R+19J9b/6il/zz6Ry3959U/aun/Rf2jlv7z6R+19J9f/6il/5f0j1r6f1n/qKX/AvpHLf0X1D9q6T9E/6il/0L6Ry39F9Y/aum/iP5RS/9F9Y9a+i+mf9TSf3H9o5b+S+gftfRfUv+opf9S+kct/ZfWP2rpv4z+UUv/ZfWPWvovp3/U0n95/aOW/ivoH7X0X1H/qKX/SvpHLf1X1j9q6b+K/lFL/1X1j1r6r6Z/1NJ/df2jlv5r6B+19F9T/6il/1r6Ry3919Y/aum/jv5RS/919Y9a+q+nf9TSf339o5b+G+gftfTfUP+opf9G+kct/TfWP2rpv4n+UUv/TfWPWvpvpn/U0n9z/aOW/lvoH7X031L/qKX/VvpHLf231j9q6b+N/lFL/231j1r6b6d/1NJ/e/2jlv476B+19N9R/6il/076Ry39d9Y/aum/i/5RS/9d9Y9a+u+mf9TSf3f9o5b+e+gftfTfU/+opf9e+kct/ffWP2rpv4/+UUv/ffWPWvrvp3/U0n9//aOW/gfoH7X0P1D/qKX/QfpHLf0P1j9q6X+I/lFL/0P1j1r6H6Z/1NL/cP2jlv5H6B+19D9S/6il/1H6Ry39j9Y/aul/jP5RS/9j9Y9a+h+nf9TS/3j9o5b+J+gftfQ/Uf+opf9J+kct/U/WP2rpf4r+UUv/U/WPWvqfpn/U0v90/aOW/mfoH7X0P1P/qKX/WfpHLf3P1j9q6X+O/lFL/3P1j1r6n6d/1NL/fP2jlv4X6B+19L9Q/6il/0X6Ry39L9Y/aul/if5RS/9L9Y9a+l+mf9TS/3L9o5b+V+gftfS/Uv+opf9V+kct/a/WP2rpf43+UUv/a/WPWvpfp3/U0v96/aOW/jfoH7X0v1H/qKX/TfpHLf1v1j9q6X+L/lFL/1v1j1r636Z/1NL/dv2jlv536B+19L9T/6il/136Ry3979Y/aul/j/5RS/979Y9a+t+nf9TS/379o5b+D+gftfT/iv5RS/+v6h+19P+a/lFL/wf1j1r6f13/qKX/Q/pHLf2/oX/U0v+b+kct/b+lf9TS/2H9o5b+39Y/aun/Hf2jlv6P6B+19P+u/lFL/+/pH7X0f1T/qKX/Y/pHLf2/r3/U0v8H+kct/X+of9TS/0f6Ry39f6x/1NL/J/pHLf1/qn/U0v9n+kct/R/XP2rp/3P9o5b+v9A/aun/S/2jlv5P6B+19P+V/lFL/1/rH7X0/43+UUv/3+oftfR/Uv+opf9T+kct/X+nf9TS//f6Ry39n9Y/aun/jP5RS/8/6B+19P+j/lFL/2f1j1r6/0n/qKX/c/pHLf2f1z9q6f+C/lFL/z/rH7X0/4v+UUv/F/WPWvq/pH/U0v+v+kct/V/WP2rp/zf9o5b+r+gftfR/Vf+opf/f9Y9a+r+mf9TS/3X9o5b+b+gftfR/U/+opf9b+kct/d/WPyrpP/qA/lFL/0H6Ry39B+sftfQfRf+opf+o+kct/UfTP2rpP7r+UUv/MfSPWvqPqX/U0n8s/aOW/mPrH7X0H0f/qKX/uPpHLf0/on/U0n88/aOW/h/VP2rpP77+UUv/CfSPWvpPqH/U0v9j+kct/T+uf9TSfyL9o5b+E+sftfSfRP+opf+k+kct/T+hf9TSfzL9o5b+n9Q/aun/Kf2jlv6T6x+19P+0/lFL/8/oH7X0n0L/qKX/Z/WPWvpPqX/U0n8q/aOW/lPrH7X0n0b/qKX/5/SPWvpPq3/U0n86/aOW/tPrH7X0/7z+UUv/GfSPWvp/Qf+opf+M+kct/WfSP2rpP7P+UUv/WfSPWvrPqn/U0n82/aOW/rPrH7X0n0P/qKX/nPpHLf3n0j9q6T+3/lFL/3n0j1r6z6t/1NL/i/pHLf3n0z9q6T+//lFL/y/pH7X0/7L+UUv/BfSPWvovqH/U0n+I/lFL/4X0j1r6L6x/1NJ/Ef2jlv6L6h+19F9M/6il/+L6Ry39l9A/aum/pP5RS/+l9I9a+i+tf9TSfxn9o5b+y+oftfRfTv+opf/y+kct/VfQP2rpv6L+UUv/lfSPWvqvrH/U0n8V/aOW/qvqH7X0X03/qKX/6vpHLf3X0D9q6b+m/lFL/7X0j1r6r61/1NJ/Hf2jlv7r6h+19F9P/6il//r6Ry39N9A/aum/of5RS/+N9I9a+m+sf9TSfxP9o5b+m+oftfTfTP+opf/m+kct/bfQP2rpv6X+UUv/rfSPWvpvrX/U0n8b/aOW/tvqH7X0307/qKX/9vpHLf130D9q6b+j/lFL/530j1r676x/1NJ/F/2jlv676h+19N9N/6il/+76Ry3999A/aum/p/5RS/+99I9a+u+tf9TSfx/9o5b+++oftfTfT/+opf/++kct/Q/QP2rpf6D+UUv/g/SPWvofrH/U0v8Q/aOW/ofqH7X0P0z/qKX/4fpHLf2P0D9q6X+k/lFL/6P0j1r6H61/1NL/GP2jlv7H6h+19D9O/6il//H6Ry39T9A/aul/ov5RS/+T9I9a+p+sf9TS/xT9o5b+p+oftfQ/Tf+opf/p+kct/c/QP2rpf6b+UUv/s/SPWvqfrX/U0v8c/aOW/ufqH7X0P0//qKX/+fpHLf0v0D9q6X+h/lFL/4v0j1r6X6x/1NL/Ev2jlv6X6h+19L9M/6il/+X6Ry39r9A/aul/pf5RS/+r9I9a+l+tf9TS/xr9o5b+1+oftfS/Tv+opf/1+kct/W/QP2rpf6P+UUv/m/SPWvrfrH/U0v8W/aOW/rfqH7X0v03/qKX/7fpHLf3v0D9q6X+n/lFL/7v0j1r6361/1NL/Hv2jlv736h+19L9P/6il//36Ry39H9A/aun/Ff2jlv5f1T9q6f81/aOW/g/qH7X0/7r+UUv/h/SPWvp/Q/+opf839Y9a+n9L/6il/8P6Ry39v61/1NL/O/pHLf0f0T9q6f9d/aOW/t/TP2rp/6j+UUv/x/SPWvp/X/+opf8P9I9a+v9Q/6il/4/0j1r6/1j/qKX/T/SPWvr/VP+opf/P9I9a+j+uf9TS/+f6Ry39f6F/1NL/l/pHLf2f0D9q6f8r/aOW/r/WP2rp/xv9o5b+v9U/aun/pP5RS/+n9I9a+v9O/6il/+/1j1r6P61/1NL/Gf2jlv5/0D9q6f9H/aOW/s/qH7X0/5P+UUv/5/SPWvo/r3/U0v8F/aOW/n/WP2rp/xf9o5b+L+oftfR/Sf+opf9f9Y9a+r+sf9TS/2/6Ry39X9E/aun/qv5RS/+/6x+19H9N/6il/+v6Ry3939A/aun/pv5RS/+39I9a+r+tf1TSf4wB/aOW/oP0j1r6D9Y/auk/iv5RS/9R9Y9a+o+mf9TSf3T9o5b+Y+gftfQfU/+opf9Y+kct/cfWP2rpP47+UUv/cfWPWvp/RP+opf94+kct/T+qf9TSf3z9o5b+E+gftfSfUP+opf/H9I9a+n9c/6il/0T6Ry39J9Y/auk/if5RS/9J9Y9a+n9C/6il/2T6Ry39P6l/1NL/U/pHLf0n1z9q6f9p/aOW/p/RP2rpP4X+UUv/z+oftfSfUv+opf9U+kct/afWP2rpP43+UUv/z+kftfSfVv+opf90+kct/afXP2rp/3n9o5b+M+gftfT/gv5RS/8Z9Y9a+s+kf9TSf2b9o5b+s+gftfSfVf+opf9s+kct/WfXP2rpP4f+UUv/OfWPWvrPpX/U0n9u/aOW/vPoH7X0n1f/qKX/F/WPWvrPp3/U0n9+/aOW/l/SP2rp/2X9o5b+C+gftfRfUP+opf8Q/aOW/gvpH7X0X1j/qKX/IvpHLf0X1T9q6b+Y/lFL/8X1j1r6L6F/1NJ/Sf2jlv5L6R+19F9a/6il/zL6Ry39l9U/aum/nP5RS//l9Y9a+q+gf9TSf0X9o5b+K+kftfRfWf+opf8q+kct/VfVP2rpv5r+UUv/1fWPWvqvoX/U0n9N/aOW/mvpH7X0X1v/qKX/OvpHLf3X1T9q6b+e/lFL//X1j1r6b6B/1NJ/Q/2jlv4b6R+19N9Y/6il/yb6Ry39N9U/aum/mf5RS//N9Y9a+m+hf9TSf0v9o5b+W+kftfTfWv+opf82+kct/bfVP2rpv53+UUv/7fWPWvrvoH/U0n9H/aOW/jvpH7X031n/qKX/LvpHLf131T9q6b+b/lFL/931j1r676F/1NJ/T/2jlv576R+19N9b/6il/z76Ry3999U/aum/n/5RS//99Y9a+h+gf9TS/0D9o5b+B+kftfQ/WP+opf8h+kct/Q/VP2rpf5j+UUv/w/WPWvofoX/U0v9I/aOW/kfpH7X0P1r/qKX/MfpHLf2P1T9q6X+c/lFL/+P1j1r6n6B/1NL/RP2jlv4n6R+19D9Z/6il/yn6Ry39T9U/aul/mv5RS//T9Y9a+p+hf9TS/0z9o5b+Z+kftfQ/W/+opf85+kct/c/VP2rpf57+UUv/8/WPWvpfoH/U0v9C/aOW/hfpH7X0v1j/qKX/JfpHLf0v1T9q6X+Z/lFL/8v1j1r6X6F/1NL/Sv2jlv5X6R+19L9a/6il/zX6Ry39r9U/aul/nf5RS//r9Y9a+t+gf9TS/0b9o5b+N+kftfS/Wf+opf8t+kct/W/VP2rpf5v+UUv/2/WPWvrfoX/U0v9O/aOW/nfpH7X0v1v/qKX/PfpHLf3v1T9q6X+f/lFL//v1j1r6P6B/1NL/K/pHLf2/qn/U0v9r+kct/R/UP2rp/3X9o5b+D+kftfT/hv5RS/9v6h+19P+W/lFL/4f1j1r6f1v/qKX/d/SPWvo/on/U0v+7+kct/b+nf9TS/1H9o5b+j+kftfT/vv5RS/8f6B+19P+h/lFL/x/pH7X0/7H+UUv/n+gftfT/qf5RS/+f6R+19H9c/6il/8/1j1r6/0L/qKX/L/WPWvo/oX/U0v9X+kct/X+tf9TS/zf6Ry39f6t/1NL/Sf2jlv5P6R+19P+d/lFL/9/rH7X0f1r/qKX/M/pHLf3/oH/U0v+P+kct/Z/VP2rp/yf9o5b+z+kftfR/Xv+opf8L+kct/f+sf9TS/y/6Ry39X9Q/aun/kv5RS/+/6h+19H9Z/6il/9/0j1r6v6J/1NL/Vf2jlv5/1z9q6f+a/lFL/9f1j1r6v6F/1NL/Tf2jlv5v6R+19H9b/6ik/5gD+kct/QfpH7X0H6x/1NJ/FP2jlv6j6h+19B9N/6il/+j6Ry39x9A/auk/pv5RS/+x9I9a+o+tf9TSfxz9o5b+4+oftfT/iP5RS//x9I9a+n9U/6il//j6Ry39J9A/auk/of5RS/+P6R+19P+4/lFL/4n0j1r6T6x/1NJ/Ev2jlv6T6h+19P+E/lFL/8n0j1r6f1L/qKX/p/SPWvpPrn/U0v/T+kct/T+jf9TSfwr9o5b+n9U/auk/pf5RS/+p9I9a+k+tf9TSfxr9o5b+n9M/auk/rf5RS//p9I9a+k+vf9TS//P6Ry39Z9A/aun/Bf2jlv4z6h+19J9J/6il/8z6Ry39Z9E/auk/q/5RS//Z9I9a+s+uf9TSfw79o5b+c+oftfSfS/+opf/c+kct/efRP2rpP6/+UUv/L+oftfSfT/+opf/8+kct/b+kf9TS/8v6Ry39F9A/aum/oP5RS/8h+kct/RfSP2rpv7D+UUv/RfSPWvovqn/U0n8x/aOW/ovrH7X0X0L/qKX/kvpHLf2X0j9q6b+0/lFL/2X0j1r6L6t/1NJ/Of2jlv7L6x+19F9B/6il/4r6Ry39V9I/aum/sv5RS/9V9I9a+q+qf9TSfzX9o5b+q+sftfRfQ/+opf+a+kct/dfSP2rpv7b+UUv/dfSPWvqvq3/U0n89/aOW/uvrH7X030D/qKX/hvpHLf030j9q6b+x/lFL/030j1r6b6p/1NJ/M/2jlv6b6x+19N9C/6il/5b6Ry39t9I/aum/tf5RS/9t9I9a+m+rf9TSfzv9o5b+2+sftfTfQf+opf+O+kct/XfSP2rpv7P+UUv/XfSPWvrvqn/U0n83/aOW/rvrH7X030P/qKX/nvpHLf330j9q6b+3/lFL/330j1r676t/1NJ/P/2jlv776x+19D9A/6il/4H6Ry39D9I/aul/sP5RS/9D9I9a+h+qf9TS/zD9o5b+h+sftfQ/Qv+opf+R+kct/Y/SP2rpf7T+UUv/Y/SPWvofq3/U0v84/aOW/sfrH7X0P0H/qKX/ifpHLf1P0j9q6X+y/lFL/1P0j1r6n6p/1NL/NP2jlv6n6x+19D9D/6il/5n6Ry39z9I/aul/tv5RS/9z9I9a+p+rf9TS/zz9o5b+5+sftfS/QP+opf+F+kct/S/SP2rpf7H+UUv/S/SPWvpfqn/U0v8y/aOW/pfrH7X0v0L/qKX/lfpHLf2v0j9q6X+1/lFL/2v0j1r6X6t/1NL/Ov2jlv7X6x+19L9B/6il/436Ry39b9I/aul/s/5RS/9b9I9a+t+qf9TS/zb9o5b+t+sftfS/Q/+opf+d+kct/e/SP2rpf7f+UUv/e/SPWvrfq3/U0v8+/aOW/vfrH7X0f0D/qKX/V/SPWvp/Vf+opf/X9I9a+j+of9TS/+v6Ry39H9I/aun/Df2jlv7f1D9q6f8t/aOW/g/rH7X0/7b+UUv/7+gftfR/RP+opf939Y9a+n9P/6il/6P6Ry39H9M/aun/ff2jlv4/0D9q6f9D/aOW/j/SP2rp/2P9o5b+P9E/aun/U/2jlv4/0z9q6f+4/lFL/5/rH7X0/4X+UUv/X+oftfR/Qv+opf+v9I9a+v9a/6il/2/0j1r6/1b/qKX/k/pHLf2f0j9q6f87/aOW/r/XP2rp/7T+UUv/Z/SPWvr/Qf+opf8f9Y9a+j+rf9TS/0/6Ry39n9M/aun/vP5RS/8X9I9a+v9Z/6il/1/0j1r6v6h/1NL/Jf2jlv5/1T9q6f+y/lFL/7/pH7X0f0X/qKX/q/pHLf3/rn/U0v81/aOW/q/rH7X0f0P/qKX/m/pHLf3f0j9q6f+2/lFJ/7EG9I9a+g/SP2rpP1j/qKX/KPpHLf1H1T9q6T+a/lFL/9H1j1r6j6F/1NJ/TP2jlv5j6R+19B9b/6il/zj6Ry39x9U/aun/Ef2jlv7j6R+19P+o/lFL//H1j1r6T6B/1NJ/Qv2jlv4f0z9q6f9x/aOW/hPpH7X0n1j/qKX/JPpHLf0n1T9q6f8J/aOW/pPpH7X0/6T+UUv/T+kftfSfXP+opf+n9Y9a+n9G/6il/xT6Ry39P6t/1NJ/Sv2jlv5T6R+19J9a/6il/zT6Ry39P6d/1NJ/Wv2jlv7T6R+19J9e/6il/+f1j1r6z6B/1NL/C/pHLf1n1D9q6T+T/lFL/5n1j1r6z6J/1NJ/Vv2jlv6z6R+19J9d/6il/xz6Ry3959Q/auk/l/5RS/+59Y9a+s+jf9TSf179o5b+X9Q/auk/n/5RS//59Y9a+n9J/6il/5f1j1r6L6B/1NJ/Qf2jlv5D9I9a+i+kf9TSf2H9o5b+i+gftfRfVP+opf9i+kct/RfXP2rpv4T+UUv/JfWPWvovpX/U0n9p/aOW/svoH7X0X1b/qKX/cvpHLf2X1z9q6b+C/lFL/xX1j1r6r6R/1NJ/Zf2jlv6r6B+19F9V/6il/2r6Ry39V9c/aum/hv5RS/819Y9a+q+lf9TSf239o5b+6+gftfRfV/+opf96+kct/dfXP2rpv4H+UUv/DfWPWvpvpH/U0n9j/aOW/pvoH7X031T/qKX/ZvpHLf031z9q6b+F/lFL/y31j1r6b6V/1NJ/a/2jlv7b6B+19N9W/6il/3b6Ry39t9c/aum/g/5RS/8d9Y9a+u+kf9TSf2f9o5b+u+gftfTfVf+opf9u+kct/XfXP2rpv4f+UUv/PfWPWvrvpX/U0n9v/aOW/vvoH7X031f/qKX/fvpHLf331z9q6X+A/lFL/wP1j1r6H6R/1NL/YP2jlv6H6B+19D9U/6il/2H6Ry39D9c/aul/hP5RS/8j9Y9a+h+lf9TS/2j9o5b+x+gftfQ/Vv+opf9x+kct/Y/XP2rpf4L+UUv/E/WPWvqfpH/U0v9k/aOW/qfoH7X0P1X/qKX/afpHLf1P1z9q6X+G/lFL/zP1j1r6n6V/1NL/bP2jlv7n6B+19D9X/6il/3n6Ry39z9c/aul/gf5RS/8L9Y9a+l+kf9TS/2L9o5b+l+gftfS/VP+opf9l+kct/S/XP2rpf4X+UUv/K/WPWvpfpX/U0v9q/aOW/tfoH7X0v1b/qKX/dfpHLf2v1z9q6X+D/lFL/xv1j1r636R/1NL/Zv2jlv636B+19L9V/6il/236Ry39b9c/aul/h/5RS/879Y9a+t+lf9TS/279o5b+9+gftfS/V/+opf99+kct/e/XP2rp/4D+UUv/r+gftfT/qv5RS/+v6R+19H9Q/6il/9f1j1r6P6R/1NL/G/pHLf2/qX/U0v9b+kct/R/WP2rp/239o5b+39E/aun/iP5RS//v6h+19P+e/lFL/0f1j1r6P6Z/1NL/+/pHLf1/oH/U0v+H+kct/X+kf9TS/8f6Ry39f6J/1NL/p/pHLf1/pn/U0v9x/aOW/j/XP2rp/wv9o5b+v9Q/aun/hP5RS/9f6R+19P+1/lFL/9/oH7X0/63+UUv/J/WPWvo/pX/U0v93+kct/X+vf9TS/2n9o5b+z+gftfT/g/5RS/8/6h+19H9W/6il/5/0j1r6P6d/1NL/ef2jlv4v6B+19P+z/lFL/7/oH7X0f1H/qKX/S/pHLf3/qn/U0v9l/aOW/n/TP2rp/4r+UUv/V/WPWvr/Xf+opf9r+kct/V/XP2rp/4b+UUv/N/WPWvq/pX/U0v9t/aOS/mMP6B+19B+kf9TSf7D+UUv/UfSPWvqPqn/U0n80/aOW/qPrH7X0H0P/qKX/mPpHLf3H0j9q6T+2/lFL/3H0j1r6j6t/1NL/I/pHLf3H0z9q6f9R/aOW/uPrH7X0n0D/qKX/hPpHLf0/pn/U0v/j+kct/SfSP2rpP7H+UUv/SfSPWvpPqn/U0v8T+kct/SfTP2rp/0n9o5b+n9I/auk/uf5RS/9P6x+19P+M/lFL/yn0j1r6f1b/qKX/lPpHLf2n0j9q6T+1/lFL/2n0j1r6f07/qKX/tPpHLf2n0z9q6T+9/lFL/8/rH7X0n0H/qKX/F/SPWvrPqH/U0n8m/aOW/jPrH7X0n0X/qKX/rPpHLf1n0z9q6T+7/lFL/zn0j1r6z6l/1NJ/Lv2jlv5z6x+19J9H/6il/7z6Ry39v6h/1NJ/Pv2jlv7z6x+19P+S/lFL/y/rH7X0X0D/qKX/gvpHLf2H6B+19F9I/6il/8L6Ry39F9E/aum/qP5RS//F9I9a+i+uf9TSfwn9o5b+S+oftfRfSv+opf/S+kct/ZfRP2rpv6z+UUv/5fSPWvovr3/U0n8F/aOW/ivqH7X0X0n/qKX/yvpHLf1X0T9q6b+q/lFL/9X0j1r6r65/1NJ/Df2jlv5r6h+19F9L/6il/9r6Ry3919E/aum/rv5RS//19I9a+q+vf9TSfwP9o5b+G+oftfTfSP+opf/G+kct/TfRP2rpv6n+UUv/zfSPWvpvrn/U0n8L/aOW/lvqH7X030r/qKX/1vpHLf230T9q6b+t/lFL/+30j1r6b69/1NJ/B/2jlv476h+19N9J/6il/876Ry39d9E/aum/q/5RS//d9I9a+u+uf9TSfw/9o5b+e+oftfTfS/+opf/e+kct/ffRP2rpv6/+UUv//fSPWvrvr3/U0v8A/aOW/gfqH7X0P0j/qKX/wfpHLf0P0T9q6X+o/lFL/8P0j1r6H65/1NL/CP2jlv5H6h+19D9K/6il/9H6Ry39j9E/aul/rP5RS//j9I9a+h+vf9TS/wT9o5b+J+oftfQ/Sf+opf/J+kct/U/RP2rpf6r+UUv/0/SPWvqfrn/U0v8M/aOW/mfqH7X0P0v/qKX/2fpHLf3P0T9q6X+u/lFL//P0j1r6n69/1NL/Av2jlv4X6h+19L9I/6il/8X6Ry39L9E/aul/qf5RS//L9I9a+l+uf9TS/wr9o5b+V+oftfS/Sv+opf/V+kct/a/RP2rpf63+UUv/6/SPWvpfr3/U0v8G/aOW/jfqH7X0v0n/qKX/zfpHLf1v0T9q6X+r/lFL/9v0j1r6365/1NL/Dv2jlv536h+19L9L/6il/936Ry3979E/aul/r/5RS//79I9a+t+vf9TS/wH9o5b+X9E/aun/Vf2jlv5f0z9q6f+g/lFL/6/rH7X0f0j/qKX/N/SPWvp/U/+opf+39I9a+j+sf9TS/9v6Ry39v6N/1NL/Ef2jlv7f1T9q6f89/aOW/o/qH7X0f0z/qKX/9/WPWvr/QP+opf8P9Y9a+v9I/6il/4/1j1r6/0T/qKX/T/WPWvr/TP+opf/j+kct/X+uf9TS/xf6Ry39f6l/1NL/Cf2jlv6/0j9q6f9r/aOW/r/RP2rp/1v9o5b+T+oftfR/Sv+opf/v9I9a+v9e/6il/9P6Ry39n9E/aun/B/2jlv5/1D9q6f+s/lFL/z/pH7X0f07/qKX/8/pHLf1f0D9q6f9n/aOW/n/RP2rp/6L+UUv/l/SPWvr/Vf+opf/L+kct/f+mf9TS/xX9o5b+r+oftfT/u/5RS//X9I9a+r+uf9TS/w39o5b+b+oftfR/S/+opf/b+kcl/ccZ0D9q6T9I/6il/2D9o5b+o+gftfQfVf+opf9o+kct/UfXP2rpP4b+UUv/MfWPWvqPpX/U0n9s/aOW/uPoH7X0H1f/qKX/R/SPWvqPp3/U0v+j+kct/cfXP2rpP4H+UUv/CfWPWvp/TP+opf/H9Y9a+k+kf9TSf2L9o5b+k+gftfSfVP+opf8n9I9a+k+mf9TS/5P6Ry39P6V/1NJ/cv2jlv6f1j9q6f8Z/aOW/lPoH7X0/6z+UUv/KfWPWvpPpX/U0n9q/aOW/tPoH7X0/5z+UUv/afWPWvpPp3/U0n96/aOW/p/XP2rpP4P+UUv/L+gftfSfUf+opf9M+kct/WfWP2rpP4v+UUv/WfWPWvrPpn/U0n92/aOW/nPoH7X0n1P/qKX/XPpHLf3n1j9q6T+P/lFL/3n1j1r6f1H/qKX/fPpHLf3n1z9q6f8l/aOW/l/WP2rpv4D+UUv/BfWPWvoP0T9q6b+Q/lFL/4X1j1r6L6J/1NJ/Uf2jlv6L6R+19F9c/6il/xL6Ry39l9Q/aum/lP5RS/+l9Y9a+i+jf9TSf1n9o5b+y+kftfRfXv+opf8K+kct/VfUP2rpv5L+UUv/lfWPWvqvon/U0n9V/aOW/qvpH7X0X13/qKX/GvpHLf3X1D9q6b+W/lFL/7X1j1r6r6N/1NJ/Xf2jlv7r6R+19F9f/6il/wb6Ry39N9Q/aum/kf5RS/+N9Y9a+m+if9TSf1P9o5b+m+kftfTfXP+opf8W+kct/bfUP2rpv5X+UUv/rfWPWvpvo3/U0n9b/aOW/tvpH7X0317/qKX/DvpHLf131D9q6b+T/lFL/531j1r676J/1NJ/V/2jlv676R+19N9d/6il/x76Ry3999Q/aum/l/5RS/+99Y9a+u+jf9TSf1/9o5b+++kftfTfX/+opf8B+kct/Q/UP2rpf5D+UUv/g/WPWvofon/U0v9Q/aOW/ofpH7X0P1z/qKX/EfpHLf2P1D9q6X+U/lFL/6P1j1r6H6N/1NL/WP2jlv7H6R+19D9e/6il/wn6Ry39T9Q/aul/kv5RS/+T9Y9a+p+if9TS/1T9o5b+p+kftfQ/Xf+opf8Z+kct/c/UP2rpf5b+UUv/s/WPWvqfo3/U0v9c/aOW/ufpH7X0P1//qKX/BfpHLf0v1D9q6X+R/lFL/4v1j1r6X6J/1NL/Uv2jlv6X6R+19L9c/6il/xX6Ry39r9Q/aul/lf5RS/+r9Y9a+l+jf9TS/1r9o5b+1+kftfS/Xv+opf8N+kct/W/UP2rpf5P+UUv/m/WPWvrfon/U0v9W/aOW/rfpH7X0v13/qKX/HfpHLf3v1D9q6X+X/lFL/7v1j1r636N/1NL/Xv2jlv736R+19L9f/6il/wP6Ry39v6J/1NL/q/pHLf2/pn/U0v9B/aOW/l/XP2rp/5D+UUv/b+gftfT/pv5RS/9v6R+19H9Y/6il/7f1j1r6f0f/qKX/I/pHLf2/q3/U0v97+kct/R/VP2rp/5j+UUv/7+sftfT/gf5RS/8f6h+19P+R/lFL/x/rH7X0/4n+UUv/n+oftfT/mf5RS//H9Y9a+v9c/6il/y/0j1r6/1L/qKX/E/pHLf1/pX/U0v/X+kct/X+jf9TS/7f6Ry39n9Q/aun/lP5RS//f6R+19P+9/lFL/6f1j1r6P6N/1NL/D/pHLf3/qH/U0v9Z/aOW/n/SP2rp/5z+UUv/5/WPWvq/oH/U0v/P+kct/f+if9TS/0X9o5b+L+kftfT/q/5RS/+X9Y9a+v9N/6il/yv6Ry39X9U/aun/d/2jlv6v6R+19H9d/6il/xv6Ry3939Q/aun/lv5RS/+39Y9K+o87oH/U0n+Q/lFL/8H6Ry39R9E/auk/qv5RS//R9I9a+o+uf9TSfwz9o5b+Y+oftfQfS/+opf/Y+kct/cfRP2rpP67+UUv/j+gftfQfT/+opf9H9Y9a+o+vf9TSfwL9o5b+E+oftfT/mP5RS/+P6x+19J9I/6il/8T6Ry39J9E/auk/qf5RS/9P6B+19J9M/6il/yf1j1r6f0r/qKX/5PpHLf0/rX/U0v8z+kct/afQP2rp/1n9o5b+U+oftfSfSv+opf/U+kct/afRP2rp/zn9o5b+0+oftfSfTv+opf/0+kct/T+vf9TSfwb9o5b+X9A/auk/o/5RS/+Z9I9a+s+sf9TSfxb9o5b+s+oftfSfTf+opf/s+kct/efQP2rpP6f+UUv/ufSPWvrPrX/U0n8e/aOW/vPqH7X0/6L+UUv/+fSPWvrPr3/U0v9L+kct/b+sf9TSfwH9o5b+C+oftfQfon/U0n8h/aOW/gvrH7X0X0T/qKX/ovpHLf0X0z9q6b+4/lFL/yX0j1r6L6l/1NJ/Kf2jlv5L6x+19F9G/6il/7L6Ry39l9M/aum/vP5RS/8V9I9a+q+of9TSfyX9o5b+K+sftfRfRf+opf+q+kct/VfTP2rpv7r+UUv/NfSPWvqvqX/U0n8t/aOW/mvrH7X0X0f/qKX/uvpHLf3X0z9q6b++/lFL/w30j1r6b6h/1NJ/I/2jlv4b6x+19N9E/6il/6b6Ry39N9M/aum/uf5RS/8t9I9a+m+pf9TSfyv9o5b+W+sftfTfRv+opf+2+kct/bfTP2rpv73+UUv/HfSPWvrvqH/U0n8n/aOW/jvrH7X030X/qKX/rvpHLf130z9q6b+7/lFL/z30j1r676l/1NJ/L/2jlv576x+19N9H/6il/776Ry3999M/aum/v/5RS/8D9I9a+h+of9TS/yD9o5b+B+sftfQ/RP+opf+h+kct/Q/TP2rpf7j+UUv/I/SPWvofqX/U0v8o/aOW/kfrH7X0P0b/qKX/sfpHLf2P0z9q6X+8/lFL/xP0j1r6n6h/1NL/JP2jlv4n6x+19D9F/6il/6n6Ry39T9M/aul/uv5RS/8z9I9a+p+pf9TS/yz9o5b+Z+sftfQ/R/+opf+5+kct/c/TP2rpf77+UUv/C/SPWvpfqH/U0v8i/aOW/hfrH7X0v0T/qKX/pfpHLf0v0z9q6X+5/lFL/yv0j1r6X6l/1NL/Kv2jlv5X6x+19L9G/6il/7X6Ry39r9M/aul/vf5RS/8b9I9a+t+of9TS/yb9o5b+N+sftfS/Rf+opf+t+kct/W/TP2rpf7v+UUv/O/SPWvrfqX/U0v8u/aOW/nfrH7X0v0f/qKX/vfpHLf3v0z9q6X+//tH/uf4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/sQMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwUwAAAP//07arGg==")
open(&(0x7f000000ac80)='./bus\x00', 0x6827e, 0x1e5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="15"], 0x1)
mremap(&(0x7f0000e1b000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000f2b000/0x4000)=nil)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x5, [@enum={0x3, 0x2, 0x0, 0xf, 0x4000000, [{0x7}, {0x2, 0x42}]}, @struct={0xc}]}, {0x0, [0x0, 0x0, 0x2e]}}, 0x0, 0x45, 0x0, 0x1}, 0x28)
mremap(&(0x7f0000532000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000190000/0x1000)=nil)
openat$mice(0xffffffffffffff9c, 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xff7e82)

4m16.246517349s ago: executing program 4 (id=1476):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r4, 0xc1105511, &(0x7f0000000040)={0xb, 0x3, 0x40, 0xad2, 'syz1\x00'})
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0xc1105511, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x95d, 0xfa39, 0x61, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47fa, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x5008, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(0xffffffffffffffff, 0x800c5012, &(0x7f0000000200))

4m14.411630656s ago: executing program 4 (id=1481):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_open_procfs(0x0, &(0x7f0000000100)='numa_maps\x00')
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
listen(0xffffffffffffffff, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

4m13.424999951s ago: executing program 4 (id=1482):
syz_emit_ethernet(0xda, &(0x7f0000000040)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010104, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x2b, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @loopback, @multicast2]}, @cipso={0x86, 0x46, 0x0, [{0x5, 0x7, "4b6cefc500"}, {0x1, 0x12, "8c9300"/16}, {0x0, 0xa, "2189ea43a2149b84"}, {0x0, 0x12, "ffd11634eea26b0faffa0dea2e903528"}, {0x0, 0x7, "02a20948fd"}, {0x0, 0x4, "ccf0"}]}, @timestamp_prespec={0x44, 0x3c, 0x48, 0x3, 0x3, [{@remote, 0x3}, {@multicast2, 0x4}, {@loopback, 0xdab}, {@empty, 0xffffffff}, {@local, 0x6}, {@private=0xa010100, 0x222}, {@multicast1, 0x1}]}]}}, "a815a23d"}}}}}, 0x0)

4m13.239831453s ago: executing program 4 (id=1483):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800003777e51295c871506f77b1cb7243f20000000000000000000000000095000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
socket(0x400000000010, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
syz_pidfd_open(0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000003c0)=[{{&(0x7f0000000580)=@nfc, 0x80, 0x0, 0x0, &(0x7f0000000280)=""/25, 0x19}, 0x7}], 0x1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4000005)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x20, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019380)=""/102400, 0x19000)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000009640), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r3, 0x401c5504, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x1, 0x0)

4m8.490033403s ago: executing program 4 (id=1493):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x5, 0xc8, 0x5}}}, 0x7)

3m51.876105558s ago: executing program 34 (id=1493):
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x5, 0xc8, 0x5}}}, 0x7)

23.650786002s ago: executing program 3 (id=2343):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='batadv0\x00', 0x50)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="84", 0x1}, {&(0x7f0000000180)="ca", 0x1}], 0x2}}], 0x1, 0x4400c800)
sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)

23.546022904s ago: executing program 3 (id=2344):
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f00000000c0)="90", 0x1)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000440)="cb", 0x1)
r3 = accept4(r2, 0x0, 0x0, 0x800)
splice(r0, 0x0, r3, 0x0, 0x7ffd, 0xa)

23.423868425s ago: executing program 3 (id=2345):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x10, &(0x7f0000000240)={[{@nodiscard}, {@nocheckpoint_merge}, {@fastboot}, {@background_gc_off}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@compress_cache}, {@alloc_mode_def}, {@noextent_cache}, {@grpjquota}, {@nocheckpoint_merge}]}, 0x1, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)

22.388144071s ago: executing program 3 (id=2355):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)

21.811936419s ago: executing program 3 (id=2359):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r2, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r0, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0}})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x36}, 0x4, [0x7, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x5, 0x10, 0x6, 0x7, 0xe4, 0x9, 0xfc000000, 0x3, 0xbc2, 0x4a732f64, 0x1000, 0x9, 0xd, 0x2, 0x12a3, 0x6, 0x3, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x558e0d31, 0x4, 0x0, 0x91, 0x5, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7ffc, 0x5, 0x7, 0x81, 0x6, 0xf9a2, 0x80000001, 0x7, 0x0, 0x2, 0x2, 0x3, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x3, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0x10001, 0x7, 0x5, 0xf, 0xfffffff3, 0x4, 0x5, 0x1000, 0x800, 0x200b398, 0x400000, 0x0, 0x2, 0x1c, 0x28, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00000, 0x5, 0x6, 0x2, 0x5, 0x7fffffff, 0x1ff, 0x1, 0x1000, 0x10, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x2, 0x8000, 0x5, 0xfffffff9, 0x200004, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf785, 0x80000001, 0xb, 0x1, 0x491, 0x8d3, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x40, 0x6, 0x7, 0x7, 0x5, 0x18c, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x100006, 0x8000, 0x400, 0x3e55, 0xff, 0xd3, 0x7, 0x3435, 0x5, 0x9, 0xfd, 0x401, 0x101, 0x7ff, 0x60a2, 0x17fc, 0x9d26, 0x5, 0x0, 0x2, 0x2, 0x9, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x800077, 0x9, 0xf66, 0x810000, 0x1, 0x5, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0xfffffff8, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0x4, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8008, 0x40f1, 0x2, 0x3, 0x101, 0x3b, 0x7777, 0xfff, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x5, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x1000, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x14000, 0x1, 0x1b18]}, 0x45c)
io_uring_enter(r2, 0x27e2, 0x0, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

21.447863214s ago: executing program 3 (id=2362):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xf, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xe85, 0x1, 0xc}, {0x4, 0x80000000, 0x3, 0x1, 0xf, 0x1}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0)

21.05599462s ago: executing program 35 (id=2362):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x20800, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xf, 0xf}, {}, {0x7}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0xe85, 0x1, 0xc}, {0x4, 0x80000000, 0x3, 0x1, 0xf, 0x1}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x8}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0)

11.044402178s ago: executing program 7 (id=2436):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x4, 0x0, 0x19, "0062ba7d820000a75e0000000000fcff00"})
r1 = syz_open_pts(r0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000003, 0x6031, 0xffffffffffffffff, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x44)

10.282855389s ago: executing program 7 (id=2441):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000e00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adffa87d2255f674412d020000000000005ab527ee3697f1ec4436dd1164aa93cc5800075557165397000a63f6b9b3f427f6ba6b34f98125f30e697fffffffffffffffa30b273683626e0003254d570dca6b78ad833488cfe4109eaf009edd3e69613d3cd6aaa300006eee8501000000520a0000151d010000000100bf00000000cc587424363dc6ad7f3bbd424c6e6cafbe9309aba218a52001a3cd000041f0db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de4758c1096a1dc52f29e470a000517ebc406e89dcbb7677e6528b0856e31ed9474ac24cf609068f645ce971fc0480737a55ebb0bd701f7ff21e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d933bed759ff232cebc68b91af50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56d06c759da324a39f7f51b870b2851c3f0a1aab71587a21c8f1b3369ebfcba105a6ccdd01b0f04edb256c604f068773f6ff000000000000006ffbfe5ca32142b0195531458b7d1e341c6f864f983d745f5865aad41d2915aae7602a2d6cd415e8351ebc4223f54d6bec664709ff03f1aa3dc7f1580ace9bf2afd28d7157e67fb98d121ad6eb372713255012e028cb2654d493a0b4b35faae176c89b745eda2967199cc936859a537e8e4871d4acf3e3dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0cff28235a3cbb5d33b09bc30cf2880c586272c3f4d79bc36305745cb1cb385e6add14652003c7cdd3324f07d134d3ed07f1c10900000009dd872ec66ea6c718bbd1aa59114000f0be4c6f8df084c5e9734ae30aa9afdc719bf01ab03a9b1074407136b4506000f0916a39d3057d50183612b39e73aeeb6eaf14652dda68e98ef938e6515a94a71836469e2051d9b7eb85f3f2d5ae2c51944da8d7391d6d6b97419a3b7660df4c5124ca425d374b371867a79b31c6617fc3327191fbf514573f0e30d1d60be2168fe6c2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257b84000000b749ccd74089ed6b86f81ca3d247d8f71d290ed1b1a11f7a67125170c88c3b6a50696332226401b110da9c786eeca22debc99335583b54c13c3130978fa069af8223b38ced735c2d905f51ca85ffa4add5647489b3960127696cf2f16625c0c102000000000000009ef52134842e64171f3963841086e3797a4825d081f2d987f05c5341877386ec55d7dc958fd235d6071619a65d4b82d9c162f3556076b80550d961ca74f1ffdaccf0ea5f02e0fca8b27ff3983ab74fd3d560700a1fbb44e77e312b3b129e000302d613916c9bcf9f0000fac73adb6bfb27f88dba816020be760f7b45e001efada800000000000000fdaf4660402f7b3b79a433e08074ea2462974ab2cbd247eb1cfa2638f56daee57ed14bc74de0fd87a9ce638190f3570e0b4c80ef682df22237270955afb6008846557ee3bc09fda6dbb6542e597300eb82a184c96ffde5a30e5433d86666cb045bdd02c804c22ff2635c7bfbf5c0d586cda5e1e88a4d41dee7cc74f822278d124638fec58faeb48afe324369cc51204158bb440df2a694f4cdcaa4f65c22f000000000000000000000000000d503d79906958102000000000000000000001ffff0ef89b2a635edb2dd163e863315e84498dfb52b7f54da6398cbedaa42cc17c4563c859656a357770289a61faa95a82bf1cfb7f2fd7252e9322abe282c3344fc6738b4467893b9bf0d1c8130ae6b226900110635376413c29f7c6f7b7e29b9f4bddd5e328661f4046e01f7d7dc22174e5e627a6f608ad53a4168d4d8f7fbc71104512efe8e5d7d934aa289b4db2b870000000000000000000000000000000000000000009b777883a0f9cf4ad155110cd3ace2b322ac31bfa27847dc99c8a69a1ea5b98e525e6393ad7fd9795170e7b11e4fa990b9386910a6a1a66a70eaff01247603c2ff49d3979676bffb3049166ab84a0f061991bd57c2566c10c282352a5105b6164e3f2491e4793e590dcc71de10da96fdff40dd44a2c9882d3aa0f8a797b8fea6efcfb5046b7679f15559cdaa977504c40b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd50c5e22ade17556abb722d9c085b189b5fd1f30e8dc813f60400fde1f88d830b11002135e8e7262f299ed7923bfbe00ad88be179e56b41ff3792cee2fc37eee739c3e3af923e8738d93d583a9cf00b946960fc38cf85aae7cf708f9a9d166f2e352a06d99b8be476d1cc2a53a859ae4fdab2a987925d12422474ac044ffe9fe2bf9bf9bbdf36c4ca89c516647542ac45545337829fa7039d155ebda42d4c14f4ca7f8b5d5842658c62d0a03092b94fa1b19f190000000000000000000000000000009e75a32b9fafeffd890f2759b0fe3add33fa43a4c3995458f86a926ad56b23571c46728c039cd3b4bb7d69dfa27782b953a7b81cc161912b3e5716360686e126311a7e21bfa2efd0f57b90c203528c8f620d3c7b31c7abcffae382f53500f7cd5d00159e5f741d3e2d2cbd1a04b3f39b50a4683daa7d117b7f4a149c954d69d8ab001339e464c8eb5f0c63899010757c9a3b69f4920531b83f71d5a34ef9405819afee15b77c015ea755c95127ff2274bb9a8463ce4b8c08ad70596ad2b2b044e660ed144b9dce372450ea69d25da2b6deed67fac26e765aa7d5532ba1044f62db049486acde2294127cb767c23da7d8f9844d3be5b6aa83ee4ce1876af5130efe1b64ccb6bbd349bcc0e8deec8ab3bd1b35bbc8ab8a152771744baa576b9223d26b5603a7f091be1264cabaf661fe2dbe7990a61f710f923f2337818a3983d06c11a6bee7fccb78a53c56db5c18f920d2194374db665dcadf53b8d0014e682ec721d67a7ab6c817fe53c86f8900000000000000000000000000000060b7b827c56e973a2ab5bc5c558ada68c4ec3762f5957b20b919af5d53c87de056a397bdcb614c34761e2c815698e1f9f5521a385c2910850929040a4eba573e91ca21fc855358120ecd79a5d7007693ef3ff9d2b993d114443d53c53094e516f675b2a7074584714e7a2015e05e507811b4ca89c39281c9ada5f58ceb55893cca783ab09c9a19836a3a2c715b10436a5731549e364679ecd8461a68433ab52b1108831edb9654dc602183c1170d6881647f6dca15d57fb76357d815c5f1000000000000000000f49e327c0b6e511494466cec78650f0a6267"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0x436, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x7}, 0x48)
r1 = socket$kcm(0x29, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x803, 0x6)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000180)={r2, r0})
socket$kcm(0x29, 0x5, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r3, &(0x7f00000014c0)=[{&(0x7f0000000340)=""/191, 0xfffffd90}], 0x1, 0x182, 0x0)

10.17972446s ago: executing program 7 (id=2442):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000000)=0x10000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@local})
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(r0, 0x7b2, &(0x7f0000001680)={&(0x7f0000000680)=[0x100000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe3, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcb776f6, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7357c35c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x9, 0x0, 0x0, 0x5, 0x4, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1cd5a44b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x4], 0x1, 0x400})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@local})

10.161839s ago: executing program 7 (id=2443):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
lseek(r0, 0x10001, 0x0)

10.100393851s ago: executing program 7 (id=2444):
socket$key(0xf, 0x3, 0x2)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000000)={'team0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)

8.523456235s ago: executing program 7 (id=2458):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x8000)
openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4e3, &(0x7f0000000480)={0x0, 0x938c, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r1, 0x708, 0x41e3, 0x0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write$dsp(r0, &(0x7f0000002200)="44e211a385424bf02640ba0d3a219de1033222bea86d14dc6bc540f652f0873cec4d2b540364b6e4ff506bf40b976a8485725d9cfab14bb4c91a5fd888b8b983ef960999942529696b90b853c1f1a3b01af9b0cdc6a605c13de44b58eaf66b597768a5a9bccdb34c1aa1c48b2484cf0f1d68f8b5c1d9f6179459a466a2e865c2a66274717ef95f59fcf4d5b05c4540a35bb64a8fab9af3ad51f3c648121e933ea77809f3901ca59ed3e990ff80d87a814eb6fb68e3305fd9420d4a163ad5654ce60386346b6d1154ecef0f4a782c4459c0a8ca7278655e6f806c4bc2e870000bfcb1346232b0ccce39ee18152165cf3f85e87ae23c4113586cf300b39d7589b28372e554f7d748b618bca2a4298d82864e0d8212f4fbd80fd854691ccac21279bb85aacac8a3301ad2ece3d6061dbcc63e4af0fefc68fab6e5319f6d9e6a2708e41e60b2673d62ec952bae35b854fe7e87bc78e2d1a56cc383e5a1783ce35eaa20868d97eb1198ecae2d6375d7cd6992883aa3bbbdcb93b92b6eca3d6cde5baa92a6adda4540d5fce6d4772e5711b3744210587c05833966b300da0a378787ad06e9d5cba6e569b14c013b8428dad38eb6d2bc547615dac42aca90ac891e6db4d1dd029fe628170433f9229a286a814d39afd5a019db11c185b72c34e01ea5e82a5008a059e6791c9b807c4aab4e9807a5a7896a4c5bfa42f15284c1481618461ce3501cf24a722e74923d01bd7d586eec5d5ccba03eee1c8fc83bc5d73675a11eaaebdcd25fb806155f5e669ed8af3267b214f7d23cf8600ab7e909e7347783b94f235ea797d2c1bd83c7f499c04532f2b63a55b336fa9e5305a4a22cdde74360995ffd241c9592043df3dc99dac462dd43443604ffed04b1ee23b6665e0955e0b38fa71f73af930a9762d6d4d762e11df043a78b90f49f1645acffe61094a20b4caaeca22feca5f66c549cfcda38a1a7b6b79b71aba7a696975a257a94344bf65b7b79212a61f465ee55b530582e8b1dc993c379dd40ab5dd860c5828e2c27afae20539978340db55a68897920c1019e75e0b43b4c93cb1061c98f683f8d407fae9b1a87f2f9cd2b8252059ac39766fc174c344c5224b43bbea978d722c93e727292c738b293da0b9f12b4f11c8f354ae91d644131ce3873612146d79fe3ace49c1446a79e0a324f23cc0b6fb673fc6c34315fa0baf03fb5bd36656a2272c9a4d80a312dfbec125af5aacd2faf633650e3ab54f9fd2c6ee76d5abd9fac547fe7880d0dd9341ac0f095c529d3232447a0d1b28c101a2a95c4a9040041fbdf47ff7da3abe4ee7d8acac57b6553e58f1c5f832e7b920ef3708b98e4917f5b855928344da2ad0a9755d3f90d31f3e427bc869a163844b5e38c62302cc2938b03c132caa4d8044ed92680d406b7d635026f38082b26d6d3dfe80e8f659f1101cec8ea74418699a4fedfcd4ce6f2693cce43123c03122f61b62497bc2fdc2307786943feb7325d645657ae5e58d1e2587003ed4712aba34973199238d3f3d29704ba86538a764abb4d69b9efabcd956fa688536e0661a2a2e0fc84d3e4152187fd90dfbd5023aa12e964d1f3bff4e2c2915f2600a3ab701b177bda95ba8203a45182e03cc07db3b20342cd45d4f8954edebb32fb7fdf49d1952477da9ead5d4ba6de96c42f5923e3dce7188b9e9ec1862dd2fd39d256e1de8cd0906f67a8423b29f0b5bf81539828a1f8ae7e747e6b43bd639c6d6a52a29a0e4944f6b07390fc390770154135acf448ed23c507009af66d20b175723069f8eef06c2cd3edc86bd80ebbe2f5cd56c379d655632b62794aa3757ea10fb232414a9477277261879e88c49e8eb5253c91551c13ed725f3551939533d7c131109d10b4300e24db600f8020b10e9aac24d8572873fac24d149398a3306707c5c3de875eca837e140d23b02637ef888d539b6f0c7fd6d97fd8b9edf9a82bf19d75cec625237a6b9716ac0003d1b8c8db5d04f5231bed4aac9e93da9b6bfea002af81eb77a3ef8cab9878fac2574742277e5403e44844e50e64d1471213c724cf14142291a44ff108c1334fd2aa086aff52cdf1e7c53a3c9757a6717ad360137a50c4968865083c132abfc3a5eba97a4387bd5affdf091f8396b443dad822a15150d68a0d9728c548fb793e6c9d5420561fe683b8b5e89227d357873891e95d87db4a33056f3af5aabdffa3cbaacc44bdbcca971d8e84586545ae5b0e5eb5c7fada201db84c3faf06eb3812c560d7b0c680e9c4908837c5fb10627eb828dc34718004c066b8d999d34fe25b831771eda169c2bd54aab176e851db66c2623a01b8ef09c006c9aeb2fc87502231f75f5e4e01cc2674847c4c4eef86afee4ae3646b25d11d885befe01c43a34d60eff675eabefceba4664fbc211b3f014e315ea8e4c95f5088b82c590695616127cf63ebcee2fd78f3856443d3cb529376d34db3db1a6949cb7c80bc403ba92952b694dec72c540763ce3901d262087bf5a16a89c4151ce2d2d97eb77dce3d93d99e087bc5352cbda39935c686cf294c3ba66fab0135acb713281c90d562fc473df7133df5af7d42e183e4b860ee7b624038141ee757cb14db143ef8e8617eb6cb24a0eb73ef230e417d543f4afc5858c43ad20819bf6eda31bd5c258e66e9703a9b1daa8b34f9db16cae43b131ef258da25272320e2b357357b1d12fd87d9a00551185f3d494426d3f33b0ee84e1ae65508b9916fec12805783a857ac5d70a661fce59088437cf991821d3cf5b0db477dc8f6bb38c8455bb628e563ca45cb65383db9ecfc80386cd05f92ab32bf825a0953c101609ca8239b6ef1fb5a7fcc55642f9b2911df108d64b8c72c5bd31645955056968d4917cbab525ae5994b5dcbd33de392081819012a16be8c1b4f164fa6a1c2d88fd957bd62f28a3e87ba1ffcf644116ffdcf26937d4e64b4e87bd4771b9e0a8d8eba4605a8eac0f8e320b1204eeab358a5a5b2caf3e534c28f9da5598fedc5f13b4a7930a569439c3bc43ac5f5195a29280042278f194f84f8e5ee210223f8a486d568fe4a51bf8ef813c1bd02a669e4e0ea79d1e6bad48257ace2e7feba18123a5e67fd7212a341f92061df472db87f1158b0a2088e48a3680edc29ce3d3156108c04e3b16a1cf18cd70c5f5eeeb59824fb869906679eceb4a6ab8ec8733e72db06403f357e128e3383e2b35269b20f032cc21da717ba3febe02fba9f4893074ee2fd98e85499e36ffe2077348bc541548a34bc32fa0f7c00d84cabfd31e5c75b6769a1ba5770c5217cb03d1f0a8c91ba8d524b42c7365e09d94d95cf43f7ec896718f210fd0ba4ef91a5262daf7cd2bae3c2aad3e2eb925bec9ca7c1b874776dc28784a3719cb191cc317ff897698b2667081cc9db30c96c6510766b65c55c5fd4b8564faca924e6f52c2b181561ee5403184a822f0a207d747602f616c5513cabfe55e525b2bce4d662ae0b9ea68c015d6ca87bc752ed3e527826191a36d23e8032e15f65b3d60a517f16c4ece8bc8b09681bad96a5300f7e30e6848612d67ad853bc1523799c568e46b1dfe0d37cbc202c1332718cfadd4d6938bc0bfb21fc15ad19a0506f669d5c8790b685d81c4acbdb8e1b06918e934b459e3f2b46fe0999e6eae4185edac1cb3e85e8b61de24794d339014c03a285a3d7ba91e00bed2d63b0edb933c290ddd62fb1c56b6d08cb99f47dabd72a667805d63a7784450a1bd1af6dfc2ec785ddb8b86fe4a44a7c8f86c4b19a61fdb701a81bd720bb70f8657e256b0f531ab7848b6206ba7cd4c32b866735a4b46091a0bb6c47c923a3efa99a09c0344228ed412f94c4eca96e6bf6ee75f23a1ae8415a892ff19bd190e1d67b8e1212be638eb179176e4074435ed381a7c2faaee9acbcf873823abd906e92f308b36c6c259e43d13b328ded6bf3c1f4a93a76e9a6d0483875456cf8f30eda231d9f26d6b3861a3f2db165758b0d7aacb7b5a8e9f4d775798556cee8dbe8a94fae8df837f71d66a0aaa48df5c36afa9033ec5283e713806d5a07f82729f9e888d309b713db36256757292443f00f1af08058057373ae710d90cefa5872bbeac931ddd145ba9a64997c0bc53cc59a954f8ee2670caac75e2a63b5a1ca6ca6e3f9287f080b271f34b2e63be2ad4c2b85b7c9683245b12491d221314ab2685e2a44787733af58502245e19af646f65dd26b44dda320d583d9ddd6567d6021dc2d7d731963d6cc790d8b082889045cb749de9857ee4388d0f3c2ef83d405d0a2328bd7f76fa4d3d0a2e8238c979babe572ab3e8ae2768ca212bad33249523fa89fc0498f5f29a68aa7aae681e41284f46b47cc996679c4f1d9936647cb9b47ca8dac8e161b5cc0ff29f48f4a42b6a567f1116a5c239e67069b96862e2ba0cb3d424d4c4810cc1f3da1c61f39e7cca3e519159c057a440db9838f9f14351f64ec24c70a21a874da100af89d4753d274bd87c6574de363d44ee5aa37bb360b3acf347b3a72fac5e66c939daf4c6cbfacb43ab73229cc0badacc30b6c771bee9a7a8e36a5839cf5d68ffac084e69cb7bb34f71fc2244e5d16d056f97f581e3c50112e81d8410b6aa6b33b924cbafbc8dcb163f22f0e7b618ecd22296328e3fafdc2366e49a7ab08fa0d5b55c8aaffa8c9fc2899c07cabcf35748b0f30edb03a8a55807b6c73cd0b64cdd1a77ec0dcb8be359715b284a9476a0013d69c825274f45b6ffa59df58ca07756af102a6bb0efa1b4b356f89c504097cf79c76ca07d325375bfac4d7c8483cabd8d7c9141c96948c32ec87c231b69d6776160b8b31dada7e0837b4c2dc2ecb28f9b0400589c12cde99dc7db30a9d4c4f8a904f6b2f2fba1d0c36544f84db803bef904ec5b1f976345f67688df6e2d866d9eda4a87395b8953c0dc1e93ca742d2141b3591bb0bfdb56a0f8eabf710a3479d8b8f7e3f0e73a6fd29fc946909f77a6ad3044495e4d6e661bc633f4eb63204dd9f47ee85676ec0aa8b713819a280c27f086445d62f258379ffd77ced5d2c8cdf7d87135d6806f340a111f42b042058b96daa2633a6975dc0c5580f93a38e3daba8fdfb21fd94ebb30a2e165a75c1788c1cfe2687af2c3d3908514722e19afb385a74d6ac8cb12ca6232cde2e99d4ac651b280e65b3b897e39984a64d55eb4f65ab0912675c3f334d7c7ce6ecd84044125d98ef9eb6cf46c5d5d01b3ba01fa4bb5ff70ba1d18cba8b28f3980fca9c75441ada9122d497ac2e779277edece11bd175bf79657c37b982acb078591520792cf8278b75177ad1aad8133b2e4a61c561b42f6ab11ff8227d75303720d121ad3f3ad2e350b4cbfb6c5476e0f73e58dd25a18f3b50d0b30a629b2f5e053422c5a18decb3ad311ca978dcb53d44c64f43ceec7f803370a9b4b91e837371c4ed274d636423cb189cfe1302c6605142d5765239c6c86384b7c6de980764793956cacff762f8c4feaef7dee318a977e942e3a2ef45e220857162ac83b0fd4f1deef6510005737e7588dac6679fd8ae630d60bb9509d848f00939134f0c52b2b122bcf7e46ce5ca2592d649ff00252e57d9541bafdfeb6492113f401eb428e543168a96bd06b31a9becd8f0fbb2b89d19479411bbe4e265480cf2a6f34e5bc02a98b9f29b8adc10f9096aa5096fe12ef67d9690388459664f9583095f9bef69f9725a76a2bab82cdefe92fefa283ad56c21ab3e8ea602130ad2d831c0a4fbbb7779476e74674034c6051272ca292540de9bfcb34536604865c759b639c6f1e58699635e037d3a8c", 0x1000)

7.817591125s ago: executing program 36 (id=2458):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x8000)
openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r1 = syz_io_uring_setup(0x4e3, &(0x7f0000000480)={0x0, 0x938c, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r1, 0x708, 0x41e3, 0x0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write$dsp(r0, &(0x7f0000002200)="44e211a385424bf02640ba0d3a219de1033222bea86d14dc6bc540f652f0873cec4d2b540364b6e4ff506bf40b976a8485725d9cfab14bb4c91a5fd888b8b983ef960999942529696b90b853c1f1a3b01af9b0cdc6a605c13de44b58eaf66b597768a5a9bccdb34c1aa1c48b2484cf0f1d68f8b5c1d9f6179459a466a2e865c2a66274717ef95f59fcf4d5b05c4540a35bb64a8fab9af3ad51f3c648121e933ea77809f3901ca59ed3e990ff80d87a814eb6fb68e3305fd9420d4a163ad5654ce60386346b6d1154ecef0f4a782c4459c0a8ca7278655e6f806c4bc2e870000bfcb1346232b0ccce39ee18152165cf3f85e87ae23c4113586cf300b39d7589b28372e554f7d748b618bca2a4298d82864e0d8212f4fbd80fd854691ccac21279bb85aacac8a3301ad2ece3d6061dbcc63e4af0fefc68fab6e5319f6d9e6a2708e41e60b2673d62ec952bae35b854fe7e87bc78e2d1a56cc383e5a1783ce35eaa20868d97eb1198ecae2d6375d7cd6992883aa3bbbdcb93b92b6eca3d6cde5baa92a6adda4540d5fce6d4772e5711b3744210587c05833966b300da0a378787ad06e9d5cba6e569b14c013b8428dad38eb6d2bc547615dac42aca90ac891e6db4d1dd029fe628170433f9229a286a814d39afd5a019db11c185b72c34e01ea5e82a5008a059e6791c9b807c4aab4e9807a5a7896a4c5bfa42f15284c1481618461ce3501cf24a722e74923d01bd7d586eec5d5ccba03eee1c8fc83bc5d73675a11eaaebdcd25fb806155f5e669ed8af3267b214f7d23cf8600ab7e909e7347783b94f235ea797d2c1bd83c7f499c04532f2b63a55b336fa9e5305a4a22cdde74360995ffd241c9592043df3dc99dac462dd43443604ffed04b1ee23b6665e0955e0b38fa71f73af930a9762d6d4d762e11df043a78b90f49f1645acffe61094a20b4caaeca22feca5f66c549cfcda38a1a7b6b79b71aba7a696975a257a94344bf65b7b79212a61f465ee55b530582e8b1dc993c379dd40ab5dd860c5828e2c27afae20539978340db55a68897920c1019e75e0b43b4c93cb1061c98f683f8d407fae9b1a87f2f9cd2b8252059ac39766fc174c344c5224b43bbea978d722c93e727292c738b293da0b9f12b4f11c8f354ae91d644131ce3873612146d79fe3ace49c1446a79e0a324f23cc0b6fb673fc6c34315fa0baf03fb5bd36656a2272c9a4d80a312dfbec125af5aacd2faf633650e3ab54f9fd2c6ee76d5abd9fac547fe7880d0dd9341ac0f095c529d3232447a0d1b28c101a2a95c4a9040041fbdf47ff7da3abe4ee7d8acac57b6553e58f1c5f832e7b920ef3708b98e4917f5b855928344da2ad0a9755d3f90d31f3e427bc869a163844b5e38c62302cc2938b03c132caa4d8044ed92680d406b7d635026f38082b26d6d3dfe80e8f659f1101cec8ea74418699a4fedfcd4ce6f2693cce43123c03122f61b62497bc2fdc2307786943feb7325d645657ae5e58d1e2587003ed4712aba34973199238d3f3d29704ba86538a764abb4d69b9efabcd956fa688536e0661a2a2e0fc84d3e4152187fd90dfbd5023aa12e964d1f3bff4e2c2915f2600a3ab701b177bda95ba8203a45182e03cc07db3b20342cd45d4f8954edebb32fb7fdf49d1952477da9ead5d4ba6de96c42f5923e3dce7188b9e9ec1862dd2fd39d256e1de8cd0906f67a8423b29f0b5bf81539828a1f8ae7e747e6b43bd639c6d6a52a29a0e4944f6b07390fc390770154135acf448ed23c507009af66d20b175723069f8eef06c2cd3edc86bd80ebbe2f5cd56c379d655632b62794aa3757ea10fb232414a9477277261879e88c49e8eb5253c91551c13ed725f3551939533d7c131109d10b4300e24db600f8020b10e9aac24d8572873fac24d149398a3306707c5c3de875eca837e140d23b02637ef888d539b6f0c7fd6d97fd8b9edf9a82bf19d75cec625237a6b9716ac0003d1b8c8db5d04f5231bed4aac9e93da9b6bfea002af81eb77a3ef8cab9878fac2574742277e5403e44844e50e64d1471213c724cf14142291a44ff108c1334fd2aa086aff52cdf1e7c53a3c9757a6717ad360137a50c4968865083c132abfc3a5eba97a4387bd5affdf091f8396b443dad822a15150d68a0d9728c548fb793e6c9d5420561fe683b8b5e89227d357873891e95d87db4a33056f3af5aabdffa3cbaacc44bdbcca971d8e84586545ae5b0e5eb5c7fada201db84c3faf06eb3812c560d7b0c680e9c4908837c5fb10627eb828dc34718004c066b8d999d34fe25b831771eda169c2bd54aab176e851db66c2623a01b8ef09c006c9aeb2fc87502231f75f5e4e01cc2674847c4c4eef86afee4ae3646b25d11d885befe01c43a34d60eff675eabefceba4664fbc211b3f014e315ea8e4c95f5088b82c590695616127cf63ebcee2fd78f3856443d3cb529376d34db3db1a6949cb7c80bc403ba92952b694dec72c540763ce3901d262087bf5a16a89c4151ce2d2d97eb77dce3d93d99e087bc5352cbda39935c686cf294c3ba66fab0135acb713281c90d562fc473df7133df5af7d42e183e4b860ee7b624038141ee757cb14db143ef8e8617eb6cb24a0eb73ef230e417d543f4afc5858c43ad20819bf6eda31bd5c258e66e9703a9b1daa8b34f9db16cae43b131ef258da25272320e2b357357b1d12fd87d9a00551185f3d494426d3f33b0ee84e1ae65508b9916fec12805783a857ac5d70a661fce59088437cf991821d3cf5b0db477dc8f6bb38c8455bb628e563ca45cb65383db9ecfc80386cd05f92ab32bf825a0953c101609ca8239b6ef1fb5a7fcc55642f9b2911df108d64b8c72c5bd31645955056968d4917cbab525ae5994b5dcbd33de392081819012a16be8c1b4f164fa6a1c2d88fd957bd62f28a3e87ba1ffcf644116ffdcf26937d4e64b4e87bd4771b9e0a8d8eba4605a8eac0f8e320b1204eeab358a5a5b2caf3e534c28f9da5598fedc5f13b4a7930a569439c3bc43ac5f5195a29280042278f194f84f8e5ee210223f8a486d568fe4a51bf8ef813c1bd02a669e4e0ea79d1e6bad48257ace2e7feba18123a5e67fd7212a341f92061df472db87f1158b0a2088e48a3680edc29ce3d3156108c04e3b16a1cf18cd70c5f5eeeb59824fb869906679eceb4a6ab8ec8733e72db06403f357e128e3383e2b35269b20f032cc21da717ba3febe02fba9f4893074ee2fd98e85499e36ffe2077348bc541548a34bc32fa0f7c00d84cabfd31e5c75b6769a1ba5770c5217cb03d1f0a8c91ba8d524b42c7365e09d94d95cf43f7ec896718f210fd0ba4ef91a5262daf7cd2bae3c2aad3e2eb925bec9ca7c1b874776dc28784a3719cb191cc317ff897698b2667081cc9db30c96c6510766b65c55c5fd4b8564faca924e6f52c2b181561ee5403184a822f0a207d747602f616c5513cabfe55e525b2bce4d662ae0b9ea68c015d6ca87bc752ed3e527826191a36d23e8032e15f65b3d60a517f16c4ece8bc8b09681bad96a5300f7e30e6848612d67ad853bc1523799c568e46b1dfe0d37cbc202c1332718cfadd4d6938bc0bfb21fc15ad19a0506f669d5c8790b685d81c4acbdb8e1b06918e934b459e3f2b46fe0999e6eae4185edac1cb3e85e8b61de24794d339014c03a285a3d7ba91e00bed2d63b0edb933c290ddd62fb1c56b6d08cb99f47dabd72a667805d63a7784450a1bd1af6dfc2ec785ddb8b86fe4a44a7c8f86c4b19a61fdb701a81bd720bb70f8657e256b0f531ab7848b6206ba7cd4c32b866735a4b46091a0bb6c47c923a3efa99a09c0344228ed412f94c4eca96e6bf6ee75f23a1ae8415a892ff19bd190e1d67b8e1212be638eb179176e4074435ed381a7c2faaee9acbcf873823abd906e92f308b36c6c259e43d13b328ded6bf3c1f4a93a76e9a6d0483875456cf8f30eda231d9f26d6b3861a3f2db165758b0d7aacb7b5a8e9f4d775798556cee8dbe8a94fae8df837f71d66a0aaa48df5c36afa9033ec5283e713806d5a07f82729f9e888d309b713db36256757292443f00f1af08058057373ae710d90cefa5872bbeac931ddd145ba9a64997c0bc53cc59a954f8ee2670caac75e2a63b5a1ca6ca6e3f9287f080b271f34b2e63be2ad4c2b85b7c9683245b12491d221314ab2685e2a44787733af58502245e19af646f65dd26b44dda320d583d9ddd6567d6021dc2d7d731963d6cc790d8b082889045cb749de9857ee4388d0f3c2ef83d405d0a2328bd7f76fa4d3d0a2e8238c979babe572ab3e8ae2768ca212bad33249523fa89fc0498f5f29a68aa7aae681e41284f46b47cc996679c4f1d9936647cb9b47ca8dac8e161b5cc0ff29f48f4a42b6a567f1116a5c239e67069b96862e2ba0cb3d424d4c4810cc1f3da1c61f39e7cca3e519159c057a440db9838f9f14351f64ec24c70a21a874da100af89d4753d274bd87c6574de363d44ee5aa37bb360b3acf347b3a72fac5e66c939daf4c6cbfacb43ab73229cc0badacc30b6c771bee9a7a8e36a5839cf5d68ffac084e69cb7bb34f71fc2244e5d16d056f97f581e3c50112e81d8410b6aa6b33b924cbafbc8dcb163f22f0e7b618ecd22296328e3fafdc2366e49a7ab08fa0d5b55c8aaffa8c9fc2899c07cabcf35748b0f30edb03a8a55807b6c73cd0b64cdd1a77ec0dcb8be359715b284a9476a0013d69c825274f45b6ffa59df58ca07756af102a6bb0efa1b4b356f89c504097cf79c76ca07d325375bfac4d7c8483cabd8d7c9141c96948c32ec87c231b69d6776160b8b31dada7e0837b4c2dc2ecb28f9b0400589c12cde99dc7db30a9d4c4f8a904f6b2f2fba1d0c36544f84db803bef904ec5b1f976345f67688df6e2d866d9eda4a87395b8953c0dc1e93ca742d2141b3591bb0bfdb56a0f8eabf710a3479d8b8f7e3f0e73a6fd29fc946909f77a6ad3044495e4d6e661bc633f4eb63204dd9f47ee85676ec0aa8b713819a280c27f086445d62f258379ffd77ced5d2c8cdf7d87135d6806f340a111f42b042058b96daa2633a6975dc0c5580f93a38e3daba8fdfb21fd94ebb30a2e165a75c1788c1cfe2687af2c3d3908514722e19afb385a74d6ac8cb12ca6232cde2e99d4ac651b280e65b3b897e39984a64d55eb4f65ab0912675c3f334d7c7ce6ecd84044125d98ef9eb6cf46c5d5d01b3ba01fa4bb5ff70ba1d18cba8b28f3980fca9c75441ada9122d497ac2e779277edece11bd175bf79657c37b982acb078591520792cf8278b75177ad1aad8133b2e4a61c561b42f6ab11ff8227d75303720d121ad3f3ad2e350b4cbfb6c5476e0f73e58dd25a18f3b50d0b30a629b2f5e053422c5a18decb3ad311ca978dcb53d44c64f43ceec7f803370a9b4b91e837371c4ed274d636423cb189cfe1302c6605142d5765239c6c86384b7c6de980764793956cacff762f8c4feaef7dee318a977e942e3a2ef45e220857162ac83b0fd4f1deef6510005737e7588dac6679fd8ae630d60bb9509d848f00939134f0c52b2b122bcf7e46ce5ca2592d649ff00252e57d9541bafdfeb6492113f401eb428e543168a96bd06b31a9becd8f0fbb2b89d19479411bbe4e265480cf2a6f34e5bc02a98b9f29b8adc10f9096aa5096fe12ef67d9690388459664f9583095f9bef69f9725a76a2bab82cdefe92fefa283ad56c21ab3e8ea602130ad2d831c0a4fbbb7779476e74674034c6051272ca292540de9bfcb34536604865c759b639c6f1e58699635e037d3a8c", 0x1000)

4.299995047s ago: executing program 6 (id=2477):
r0 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
r1 = socket(0x2, 0x2, 0x0)
r2 = syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x80040)
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
ioctl$NBD_SET_SIZE_BLOCKS(r0, 0xab07, 0x6)
ioctl$NBD_DO_IT(r2, 0xab03)

4.06001692s ago: executing program 6 (id=2479):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x18)
syz_mount_image$udf(&(0x7f00000019c0), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000680)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303030372c6e6f7374726963742c7569643d69676e6f72652c6769643d666f726765742c6c6f6e6761642c6e6f7672732c756e64656c6574652c6d6f64653d30303030303030303030303030303030303033353031362c646d6f64653d30303030303030303030303030303030303030303031312c00e3cc6abaa52ef118fcbe734b47a6bf66bdd357c81c22ed4c07659e40ba6f24e50fafda55f8d6b01f7fa9505996c5c8e5fac082523b41c69e892f8f3372228da85b089c449c8243489693fc724dc3a34a1c85226b306f86ba0484aad17849d21905bbe3dbc20bf4c98777720c05637db44ef1224790223b183be4cbccef28b6dc7701cf3b6d45babe7a0177b34116f8033c0614d351a01526a5e4626159b2d7a3176575b87ce23efc23d6fc182ecb01ea4d182720d93ab9a99e432ce3c68dcdeec61f9cc21345ccd818e18d6d9c4bb97e0f79e4cfb80641"], 0x1, 0xc56, &(0x7f0000002680)="$eJzs3U9sHNd9B/DfGy21S7mtmdhVnDQONm2Ryorl6l9MxSrcVU2zLSDLQijmFoArkVIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEXQI9O6QHLxocipJ6KFjaDogS0CBCgQMJjZt+KKIhNaFEVK/nxs6Ts7897MezPrGVrQmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvvXrh5Km0xYZD+9AYAOChuDT2pZOnt3r+AwCPrSvb/f8/AAAAAAAAAAAAAABwUKQo4qlIMXdpLU1Un7saFzsDt26Pj4xuXW0wVTUPVeXLX41Tp8+c/cKLw+d6ebEz83PqP2ifitfHrlxovjJ7c25+amFharI5PtO5Njs5teM97Lb+ZserE9C8+catyevXF5qnXzhz1+bbQx/Unzg6dH74uRPP9sqOj4yOjm0UafSXr913Q7q2G+FxOIo4ESme//aPUjsiitj9uWg83Gu/2WDVieNVJ8ZHRquOTHfaM4vlxsu9E1FENPsqtXrnaOtrEbWBh9qH7bUilsrmlw0+XnZvbK493746PdW83J5f7Cx2Zmcup25ry/40o4hzKWI5Ilbr9+5uIIqoRYpvPrmWrua3flTn4fPVwODt21HsYR93oGxncyBiuXgErtkBVo8iXosUP373WFzL95nqXvO5iNfK/G7E22W+HJHKL8bZiPe3+B7xaKpFEX9RXv/za2myuh/07isXv9z8w5nrs31le/eVD/l8uOdOsU/Ph8FN+XAc8HtTI4poV3f8tXT/P+wAAAAAAAAAAAAAAAAA8KANRhGfjBSv/vsfV+OKoxqX/uT54d8f+uX+MePP/IL9lGVfiIilYmdjcg/ngYGX0+WU9nks8UdZI4r4kzz+7+v73RgAAAAAAAAAAAAAAAAAAICPtCJ+GCleeu9YWo7+OcU7MzeaV9pXp7uzwvbm/u3Nmb6+vr7eTN1s5ZzIuZRzOedKztWcUeT69e6OWvnzRM6lnMs5V3Ku5oxDuX7OVs6JnEs5l3Ou5FzNGbVcP2cr50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4aKb7x1bUUKSJaERPRzZX6frcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjVUxHfiRTNP2jdWVeLiFT923Ws/O1stA6X+fFoDZf5crQu5GxXWWt9fR/az+4MpCJ+ECnqjXfuXPB8/Qe6n+58DeLtr0UM5uVP1bp5qLdx6IP6E0efPD88+plntltOWzXg+MXOzK3bzfGR0dGxvtW1fPSP960bysctHkzXiYiFN996oz09PTV/PwuHq4XyK3Bf1R+5hVTbh57WPzKn9+AtRO1ANGN/+n6Xxn7doNhT5fP//Ujx2+/9R++B333+N+KXup/uPOHjJ3+68dPAS5t3tMPnf21zvfz8L5/pWz3/n+pb91L+aWSgFtFYvDk3cDSisfDmWyc6N9s3pm5MzZw9efKLw8NfPHNy4HBE43pneqpv6YGcLgAAAAAAAAAAAAAAAICHJxXxu5Gi/YO11IyI29V4raHzw8+dePZQHKrGW901bvv1sSsXmq/M3pybn1pYmJpsjs90rs1OTu30cI1quNf4yOiedOYXGtzj9g82Xpmde3O+c+OPFrfcfqRx4erC4nz72tabYzCKiFb/muNVg8dHRqtGT3faM1XVy1sOpv/wBlIR/xkprp1tps/mdXn8/+YR/tX4/95hlzbv6AGO///MkY3xfx/rK1oeM6UifhIpfusvn4nPVu08Evecs1zubyPF8XOfzuXicFmu14buewW6IwPLsv8bKf7xp3eX7Y2HfGqj7KkPdXIfAeX1fzJSfOfPvxW/ntfd/f6Hra//kc072qP3Pzzdt+7IXe8r2HXXydf/RKR4+al34jeqNf//c9//0Xv3xrFu4Y33c+zR9f/VvnVD+bi/+aA6DwAAAAAAAAAA8AgbSEX8XaT43mgtvZjX7eTv/01u3tEe/f2vT/Stm9ztfEU7XNj1SQUAAACAA2IgFfHDSHFj8Z07Y6jvHv/dN/7zdzbGf46kTVurP+f7leq9AQ/yz//6DeXjTuy+2wAAAAAAAAAAAAAAAAAAAHCgpFTEi3k+9YlqPP/ktvOpr0SKV//7+VwuHS3L9eaBH6p+b1yanTlxYXp6thGL7avTU82xufa1qbLu05Fi7W8+nesW1fzqvfnmu3O8b8zFPh8pRv++V7Y7F3tvbvKnN8qeKst+LFL81z/cXTZPTZ3njq7Kni7L/nWk+Mo/b1326EbZM2XZb0WK73+l2St7pCzbez/qJzbKvnBtttiDqwIAAAAAAAAAAAAAAAAAAMBHzUAq4s8ixf/cXL4zlj/P/z/Q97Hy9tf65vvf5HY1z/9QNf//dsv3M/9/9V6Bpe2OCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj6cURbwVKeYuraWVevm5q3GxU8Tt8ZHRrasNpqrmoap8+atx6vSZs194cfhcLy92Zm5tX/9B+2S8PnblQvOV2Ztz81MLC1OTzfGZzrXZyakd72G39Tc7Xp2A5s03bk1ev77QPP3Cmbs23x76oP7E0aHzw8+deLZXdnxkdHSsr0xt4L6Pfo+0zfrDUcRfRYrnv/2j9L16RBG7PxeNh3vtNxusOnG86sT4yGjVkelOe2ax3Hi5dyKKiGZfpVbvHD2Ea7ErrYilsvllg4+X3Ruba8+3r05PNS+35xc7i53Zmcup29qyP80o4lyKWI6I1fq9uxuIIt6IFN98ci39Sz3iUO88fP7S2JdOnt6+HcUe9nEHynY2ByKWi+2v2eF9bN+joh5F/FOk+PG7x+Jf6xG16P6Kz0W8VuZ3I96O7vVO5RfjbMT7W3yPeDTVooj/K6//+bX0br28H/TuKxe/nJYiZvvK9u4rj/zz4WE64M+TRhTx/eqOv5b+zX/XAAAAAAAAAAAAAAAAAAdIEb8WKV5671iqxgffGVPcmbnRvNK+Ot0d1tcb+9cbM72+vr7eTN1s5ZzIuZRzOedKztWcUeT6OVtlNtbXJ/LnpZzLOVdyruaMQ7l+zlbOiZxLOZdzruRczRm1XD9nK+dEzqWcyzlXcq7mjAMydg8AAAAAAAAAAAAAAAAAAHi8FNU/Kb7x1bW0Xu/OLz0R3VwxH+hj72cBAAD///9X9JQ=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x9c93, 0x0, 0x1, 0x0, &(0x7f00000000c0))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x60803)

3.902001613s ago: executing program 5 (id=2480):
bpf$PROG_LOAD(0x5, &(0x7f0000001a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')

3.783975314s ago: executing program 2 (id=2481):
r0 = openat$kvm(0x0, &(0x7f0000000080), 0x2382, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e24, 0x4, @loopback, 0x8}], 0x1c)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000400000004"])
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000180)={0x4, 0x2007})

3.702304325s ago: executing program 6 (id=2482):
r0 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, 0x0, 0x0)
pread64(r0, &(0x7f0000000100)=""/253, 0xfd, 0xadc)

3.702143985s ago: executing program 5 (id=2483):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0xb1ea, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x2ded, 0xef92, 0x0, 0x0, 0x0)
r5 = eventfd2(0x0, 0x0)
read$eventfd(r5, &(0x7f0000000040), 0x8)

3.655096836s ago: executing program 2 (id=2484):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10000}, 0x28)
r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x862b01)
r1 = syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
read$hiddev(r1, &(0x7f0000002300)=""/102, 0x66)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

3.41997374s ago: executing program 2 (id=2485):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f00000001c0)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000140), r1, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x0, @empty}, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x48)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0x2, 0x4e22, 0x0, @empty}, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}, r1}}, 0x48)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)="d80000001c0081044e81f782db44b904021d080201000000120000a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x20000804)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

2.70322324s ago: executing program 5 (id=2486):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbff, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'team_slave_1\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000080)={'team0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$team(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x60, r5, 0x1, 0x0, 0x0, {}, [{{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r3}}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004}, 0x40000)

1.35900437s ago: executing program 6 (id=2487):
unshare(0x24020400)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndpcmc(0x0, 0xb, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000100)=0x100ca, 0x4)

1.263993301s ago: executing program 2 (id=2488):
socket$l2tp(0x2, 0x2, 0x73)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4080}, 0x20005004)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x7, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$kcm(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e22, @broadcast}, 0x10)

1.263773981s ago: executing program 5 (id=2489):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000380)={&(0x7f0000000300), 0x0, 0x80800})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0xff, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.175913142s ago: executing program 6 (id=2490):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$pptp(0x18, 0x1, 0x2)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
io_uring_setup(0x1de0, &(0x7f00000000c0)={0x0, 0x45d6})
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r2, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})
close_range(r1, 0xffffffffffffffff, 0x0)

1.160777133s ago: executing program 2 (id=2491):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1000}, 0x4)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x73220c8b}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)=""/27, 0x1b}], 0x1, 0x0, 0xfffffffffffffed9}, 0x5}, {{0x0, 0x0, 0x0}, 0x8}], 0x2, 0x0, 0x0)

900.018487ms ago: executing program 5 (id=2492):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x108c8, &(0x7f0000000080)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c00598f2f223a0a12f76404ad3bd59a04fbd75d1008c039c51a2a013e63af1c9ed7416faa1e2ea98d0f1c7337a5c81920988a4299a77054cdb12285fd7a0e5b43382d962372b73042593a5bd6b7db4a1b3721c62f11018727c29f3a1bd1e554474ea0d1da2a20b205df342a04a34b65e16a23e8e7811a984963073ebcbead85f9e4332bdef4c1ce54a1c6f7a47b75aa95b9e8cb616be40a0000b1309ee426d1803ef09abb9509846c34b9ac0bf109cedbd12c850effda9ae677566159f9c83da7ff6e247e3ac43c0a663c8c83650692e474bac2c047b238601bd5187d6bed82fe2034512ef11b74a98252198c4402bcf3165561157678e9d50831c27d1094a04d8c7607d7164033cda7a81704824d3107f232de8c31f57de3f78727828e8206403db4", @ANYRES32], 0x1, 0x445c, &(0x7f000000c300)="$eJzs3cFvVNUaAPBzpwVaHvBaHiS85CVvkkfyXp6maVmpJbGUQmmhYqoQ42aYtgNUpx3STo0LFnVH4srEhXFBMNFVV4SFW/wT3LhwgSsXRF2YGBMTYs3M3Gl7b2fsQDptir/fgjv3nHvO+Zjv3jvnNrn3ZmLlm7OL2dnFbH4+W5q+vngq+16puDRXCJkd0nD8fTs3Pq1px36y2/veX9nls+ffuHoqhK9mvnm8urq6Gio6Q0MDGz7/+vPt6Y3LukyqTaXfxr1tl7dDCMc2xVXREUJ468sQohDCmbhsOF52hxAOh1rd1dsfXstuUzT3HxVO555M3HkweHJ85e6D5v/3KIRPi/988cbcj//pGPzu/9s0PAAAAAAAAAAAAAAAAAAAe9zo5OUrr/cPhIdR6FyJNt+vOxovm90fu7pt/t00xh/SNxUDAAAAAAAAAAAAAAAAAADAc2b9/v9sdLTB/f8j8XKoSfvVV9sfI+0z9trlkXP9A/H736NN9S/FRT+d6Qi9Dd77nn7/+5lU+8bvf988zrOqx1cftydEmb7EeibT1xfCZ/GL309EBzPF0mL5heulpfmZbQtjz0rmv/agjUR24mdvtJr/4VT/7X///z827U2V9Wvbt4s915L572i63ecfRC3l/2yq3U7k/2l5nMy6ZP47q2XdGzcYqn1blfx/1Ll1/kdS/bcr/0dCCNmoEms2cQaozGEq5c3mKyQl87+vWpY4dcZfZLPj/7dU/s+l+t+t8/9y+oeIhpL5318t60pssX789/4SP6rrT47/86n+dyP/lfiXq4WTX7R37L0vmf8DtcLOxCbVb7LV8/9ooun+tuX/SiaO80iU2ANWolp5s+fVkZTMf9em+vXrv0xL878LqfY7df1XH7cnhOr1X/30/7+odv1HY8n8d6ervz0eX0i1evyPpTpo9/l/qDr/41kl83+wWpacO/dU/201/+Op/tP5//5v2xN3dVbSVc//+vnk9wO18nvmfy1J5j9OTmbj3wGWq/9W53/R1vP/i6n+d2P+V9k5llMX+fvbG8Selcz/oXT18cH4QyX/X7fw+38p1UH78x9Cv7/1PbNk/g833a56/Hdtnf+JVLt25/+/W9Snf48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnjfD8bInRJm+xHom09cXwtl4/UQ4GE3lZ3JTxdL0u4shjMTl2XA0ulEsTeWLudn50kwhly8WS9MhnIvrj4WuaLFYKufm8rfOr/XVHd0s5BfKU4V8OYQwGpf/Kxyu9zU1W57L3wohXFir+3umtHDrZn4+NzO78Ep/f39/GFuLoTcqvF8uzJdro9dqQxhfa9sTbQiuWn1xLZZD0TulpYX5fLFafmlDm2JpOl/c0GYirvs49EblhaX56Xy5kCuWbtTH201D8XJkbPLNyUsDm+qvRbXl8M6GBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBTejj48ichhM7aWiaEMFT/EDXa/v6jwunck4k7DwZPjq/cvfe42XYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwB/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYZeOUSIGojAAvxmb2HkMq5B0thFFtDAieAI9hofRo3gJ72BhYWsluDOwZCewzW71fc2D/IT3YH4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjPzeP89DCMESm6HBEfL59f2/ldmW+X7f9PjnAjh3N7P19dD2N597STX5RP31P+T39/Xp+jMav3RU+Wfdqoe05X72r1rWuUrd5X955Fyn1ETCU/Tzn3/eoaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCPHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAsQAAAACAMH/rLLo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmBUAAP//gYsn+A==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x7351, 0x8001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
ftruncate(r1, 0xc17a)
write$UHID_INPUT(r0, &(0x7f0000000480)={0x8, {"ecd07015c2ddd9f28f58092fc7befc25b08dc1391b661e8deb3e7871f532a04aff144d883e93736112b9ee812243c276d2fe2dd38cad989cc1ce0f0c8664ef73a4f3a8210300f764ecbccaf3af4f342fc3479bef5c8f2f92e0ab896b4d88fc54714147745e2c118db1ca3a8c35791842c00d89d24a61875010b546b1f69424255d29bd729bccf5b65e7eae4a33fcf2ef9902e16cd282bf6cbdc4fcd2754648ba3ca3fb8ca1c6e1fafc4dbeee2126b99a902bc14be0eab0d524a1ec75df9910e6681c7149ce1fd860efbc990a1cd686181dffbd4b612d2eb3f484a1f395318685fa9625f13f928514bfc11ca81dea68dd0288c0b4734718c1c8fb1198992483fc24189c526ce12c7c66ba2d2052b3688a60a9c0ec21fcf406e7012a7945a8fbea5ac63e0431f5c8727729b84f834c5d4dd74ff18b3c088d12abe93fa70b642e2153a2518b9d347da06e4f661c8c59762688ad6ea5322be40eaa6d5a0294ba02cee92e7a4d54051ffd3a6cef8a25af1c9816056f3a15d8e0315c5200b72e389519231a8bb13497be96208c70b223b7ecad0a7b3a23cabcea1045f6ebcdcdd008061fb9c6138da8330563682a36f6cd8d142ea3d8b3f3d98184576fc6cf613a29b0f41a02a7a11657108b675296f1ff5a892f0d96f192fed4c14f3fe6b4588d784287fbe7a296909c8464851625509d94fa098237d668ea615a6df139551d11f82a7616a70c00dfb67c8df779d1256c74eb9673e7f006c297bfe725e47c39ca50169ca3ac2de847c388b435447e7204f7cae66fa4e7808f9f6ef53c51aa1d04532a1f6ee147e2f3687853851a62fc3356ff22133923ea0bb726eb465747cf1dbe62f7f9c330830b1e7467b49d21c090dfb25cab6895b373930a3cb2dde4bdc5f91cac648eaece893af2eb4bd423fbf0ae671750ee185fcd347f653099f617122a90a1b39c3e23c120d6cd0fea9b1d01ffcb4dbba922a3bd3b14b1edd478bef322ff55751736df0567324e91fbfc497a7ceabe7dec4d09296668c6d218482b1625b7b3ed8032bd88b53340fd8a19b04a7c11456968ba2455fc594961578b6c9958d19e050fd99c49e55ea82bdf5a7bd7ac8855386288f6b1b5db1e7a6d586b3553dc0807bcb610df23867c81300152bfe26e165aee0d5a16fbb80c5628d9b0f889f2600b60e47906a35e3012e46f9586e156b2df22548efab53074641eb48680307a18bf66a50516871ee01967a9fa37a71f0bb7e5e42d77120675922ee2cabb7b3a799baf998b7ce50a33f40161311b13d06b9df0cbb65b9ce5db2af2e0882912020a69db8b4cdd6ea2cfcb4c25508e39b23e0f59ce6a08d0cb4427117f5520d0e9f9c808fe28c2bb7581a177f927db8b3905c4af2d0fbf37c4854f492934df94a004492e20e4c7bf87f436853bff17c43033ee104aeea899fa2a2ccb57e9b8509ccb0b7cf562585b60c273984e59faad877476b803b31dce3ccd6efa4195a588a0a258e0049e4ec2404270115f58c5bf82e99ff94fb5e5a172c56335898ecb016a69fefd849ef69b603d237b797744f3937598e2c9cedb6111506a6702808db0586d5aec233445774328ed364321fa6cc7ed00af6c679cd66f43c595a0734b4e44c2b8e4cd2cf000c63bba11a0e6c18662a91d8230282bebdb47859e1f658545323f4de5d3bf1fd3ef6bf68def13de293415438cc696040359e926131c420ef030ac0140dcda897c377fe149d11035d32c94625dbb71bcccf7285e8635bf21f8389d93737eb749b2220f5973441ae346acf0f3618eee184725b78d2d9c4e29a766e3d02d330c0f7f670915c8e958e9839e58742e1fb39d6d0c4d97ec57417bf902fc8cad98081a501ccec86a44bc118f461e8fa5e92d04b689135bb83c757d7d736f6ad1b7d76a18e16f4f7ce5d40bdc47d4d1b821da9a50e4c295aee812d015919884727e13b439093c30c5e3d92d160691cfe3e3d5e92096bd9546a17974d774cfa9b6c04b8a2353f074c6e85f56b9649eb1c53fe428a90d1c6493c19970b4e76e0a02fc37cc891bee2cf434a546dbf81262a273cd744f475489ab1370445841f37be991dc1e22e47350cf0e53ea2efce791e66d54ec8ff2caadc4138d8c704cc744fbe93857c6ffec29c0b751d3f263d68e5f29d9532f8e4d0239fb6d2ce65115cc7fae6b5cbb16f104b27d2a87dce5753d9f973bdcdac48f1b941d0928d37d66607257e16e13eeadc5911333cdb4fec7acbabc5840dfd56c17f29f2350b294904db08ab1ed8babc09896b85339adb0617fb4c05f7165430e3ba7669e25a8a85250c61a7a35fa13585ae308e2bf578a085187259ce1f0067737715a8862cdb95f71d38131972a6306cff49e6639f6c113c8f96ba5edfde9b625fd54b361c122629b3664357f88e63098dd0b068d03297f50d3d1d798ddda85552e75c1569f4853fe85d6b945b878358acdcc0edc0b4641a3e8512eb38d66a909f04359a22ef1b4cb5f135e54b2caacdb4eabd513ee1a694a74241423320e858b48253c960631b1bb611e48ad429b85daf24dda9660fb95a29215b36eb6a43d0420f58c1bb789e6b61a7920b8145aa6d8eda453dc5567dfc41ce413ae653b4d33fb50352b0652923a2a71060a62ef2fdf5b0c826afca287f1db9ea3f8124338ed35e5e2fa9f91808eb3c0cfdfd86f58d624004f21c3001d807079b8e74247aa44b12583dcc15317b5e99040ecfdbecfe27b2d6c17a8ec48055b0085e8203dbebf0b6a1be3ac662be57fd0d6bdce6d39330bd16090a895f41bbd10fe86644a7cdf81efdb1b1e9caef2cfe68510a11a0a4a3808a2d85d301836e15ac0d9db760d7b2b4641e551daf0f86334dc51067eda6ff2509a1306cca27a0b443b0762cf2f3f9de71b8afa5d246c46abf19e3f203a79bfee6c188f1893532e2f9398f5962430ee639133d854777e346f34d5522af50c1274dfba189f1bcd246e65afaade086aec7a30c4281cacdbad543bd9ae52650deb4c24278edce0f16404c43699aff268dac93968bb116f06a046fb5e0f0347eb6b606cbfdf15ce1f26ef9daaa3678aecf42e29229f29608fd752e8cbd5f00d3b57e4f238da8900d17141d01fc269d5c1829f7d1eab3839f88f0cee1193e0d655775ea4c8940ee6e0a5df423b01dca8e099a9f60839fbe6bb363846f999bca55fe763ae32a626ed36176bc8751619527ba5c16a7092bca2ecb712f2eb3de1450219928037a765a2e9630821d93abda3d8c4a6b25b366968d9de41c3c3ee92680c4ba3741fb37aadf83d1e44ce78c47669ef81450b61e216192ae7744b112a21f1fdfc3f9d791af760cf6223c13cfc33e6506c160dabcc6b7ae083c3187a56ba5615c18e1fde926720ffc1786de833ddae3228e22a584097420fadb107d11e89e4b6b560996450b4011c53b5b2034c0768e0f77b2448c6cce89846a7b10549407891470a7e8a7fee7c74ea014e072223088c8d0ff88b6dc32a42774b330ff14931ce04097ac1332a149733040055ccce0b3a5a59445a149d99a075be1aaa59b3cde0e9cbba08567c5734ee1f8941440057846b407086bddcd6c75757c534e6fccda911d9135cdbc1fded3dfb1329fca1506d35762d9ed24a22ba3ac6f04673f0afaa25365bf12a8526eaddc7270e6a72e9fb26bf93bc626c7cdec22ee6e9820faf719159a23c7918f873eac14fc21ea54d383ee2917769125b94abb4293f176c2536ea7f1dda4e4776bf1b8a25e7a996573d314c897c02feadccf05fb78e22ad9c9c9e407143ec93c671a346a79ef54f784747e838eedccee871502907dcf8581adcbfb293c36394f057fef6518f0db32cf3c20c339b365b9bd1afc4afa06c2f0e54b1b49ed46c5e282e07aee5e2015924fa086dc48b303acb5a939213039db8396ba71939592834c3893d1f61813545a7fb0a0b6be369e653aa1dbaf5794e80583b77a31afa868f4d189777192f09a87e6d262f854c95d45109db4f8ef4ff5119af11fe0a3c84b2ef01fc76c7cdee548958a02d7056d8e5bb5e31d661e3b4ca594daa5965baa99884e8a73845ff3bfeb470dc01ec5ede65d00a66d6fe310721bfdfb97689f61a527664b585efe7e3f031cbe946b587432725b782df79b850b6e1fab25100042afb3ccc11bfd87b058b9c1de1aaa1545a05bdaee5ee57d1bfe74c7487e46252e63c9e4b9412660410dea986f3cd5d602ede74731a1671a84963c9ee81e1eac602575b5d491dace37d1a623636db0cde6cae6ed5e00e7f036ce60fd95aa2d2153f32561e0f4595600b059831e7cb62002611cd0a31ee24aac1add7ef068896ead2e65a3eab6bc1179d560ce54b6f2f87beb0d2c563cb860b793a778376a1f0b877a96b840ddba45bc20a8c730955581fd91e5364bf16212180bc3572245b36c6d2301aa97eba17a6e40b4ec58d1bdf2396805fdc406d6c2bfc09a7c549f05dc720db520e0679fffad2588ef456e6145c403c0db02ba5cb62d7929a56024437df0c6911027eaaeee42a39b108ba450d6271a7dafefaf7a95a8bb4fd2e7783e71b6d5278a86f34b176770c208b57185ccb6441d14affbe527d703515930510a7aca7a49d90fe40fe1a3ea0a0fb3a0b5eedc5b0244bbd00abcf9019b60177a81ff9723220111b87ad7453e42e57c29390afe428a3a74817228eb825e158e37a8ec5941668cc01827e325eeea099fb3a24cd466db809035a0b2d47acabbe99ea449be6e6dfd97349ad87649d357ff13a2c21f34204ff1621df4113fb75348d42af80549da891842098566727b73f7e8f3ea0ac26da3764733366263c47c569a81566b2e498f754599c76d47a76cef5cf3cf39b72e42d5d946dfe4cec07a0f26022990f303e0926f373bab761eb3b84729b10c4c7c842d8e08ea2ae84865c611fffb7fbf68f813740f7e4594024d92f63e2c5813d5ddf7e6e65b89736ecd901e10e761edaa687cfeea5366ea101ffd9ba97ead4cd5b206f78f84fd0209b524c3a1088e8017c350b957cb05a2d3698ac19fd79fe2fe0050072586c5c9f59b53c24e576ec827338baaf1b326d61abd52541dbbca4088a82e3722bc79527dc227be5002724a1cb0126b03e8848aae2e299a6c9b04a54bbbfe8f34d1a6e74768f21c34f6c534a611444ac81ea47ac2c5dffef42d59121a8d97fa9cb5a043e16bec8147a1186076585a2258bd1bc332292359830d31785aafcc2da6516b14bfdec6fe688b39c07f6f20902f03009d96010f54b80fcb86295fd1f4714f376ecd30f96ba396e40de7146fdf08672adfc491378414396375ad2cfeea36cf3ee00066ec98d2a03a1d34c63597d693810262b42bf163e4fb32b8bd12d9b517dc908f70443119aa354e5cfdacb5e5c238882285598599c812fc200772db5f00865585bae1c93356acb77d84f3ab1e8cf797c2ab1ce98ef4ab7bdcd73f70d2c8b6882f5b1e5cded8261429989c3e28d69683622162ed9d2c6d849ed8902d27fcea2ffac5a8ab89f3be26a66d7479567a0ff9ccc3822b1723394f7f1a92b673b3a10290410d78eb5d7ecf9eda95cfedc2948a4d711f8ece2c07f3e1068e0ae53d37d67f1bb7d793316baf65f1e457062c9b3e6caee279c077bf6a1060d13e844032b7f0ded53a4cbd49a60f3191eb89e7b1a2d2b529fd55be6951a16d5b93156acaff5c2b2bb8ea7f67ad05227298b1a406e64cefb3e0680c6758601aaf8c67cb62418c71da3e2b04d7ff234b2c4a05508deb5437c77df215f6a1c28a8ba59000aa70fdf897598109878bf4337b7249949488a318b11ff59b6a8", 0x1000}}, 0x1006)
ioctl$FITRIM(r0, 0x40406f06, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x100})

793.645509ms ago: executing program 6 (id=2493):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60303, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_usb_connect_ath9k(0x3, 0x56, &(0x7f0000000080)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e38e38e38e402, [{{0x9, 0x2, 0xfffffffffffffc3f, 0x1, 0x1, 0x0, 0x80, 0xfa, {{0x9, 0x4, 0x0, 0x0, 0x6, 0xff, 0x0, 0x0, 0x0, "", {{0x3}}}}}}]}}, 0x7fe782539b0b)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="9fa000001a0007000200000000000000000000010001e080008900000000000001"], 0xec}}, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@x86={0xa0, 0xfd, 0x5, 0x0, 0x3, 0x3, 0xb, 0x1, 0xf8, 0x19, 0x7, 0x3, 0x0, 0x9d, 0x1, 0x7, 0x6, 0x40, 0x0, '\x00', 0x4, 0xcaa})

77.550949ms ago: executing program 2 (id=2494):
r0 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r1, 0x0, 0xd2, 0x0, 0x0)
pread64(r0, &(0x7f0000000100)=""/253, 0xfd, 0xadc)

0s ago: executing program 5 (id=2495):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f0000000000)={[{@user_xattr}, {@errors_remount}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x573, &(0x7f0000000ec0)="$eJzs3T1sG+UbAPDnzvG/X/mTIoEEqEMFSEWq6iT9gMLUrohKlTogsUDkuFEVJ47iBJooQ7pXiA4IUJeywcAIYmBALIysLCBmpIpGIDUdwMhfaZo4wSl1XHK/n3T2vfee/bzvnZ/XvtOdHEBmHa0/pBHPRsTFJGJoXd1AtCqPNtdbXVkq3ltZKiZRq136LYkkIu6uLBXb6yet50MRsRwRz0TEd/mI4+nmuNWFxcmxcrk02yoPz03NDFcXFk9cmRqbKE2Upk+98uqZs6fPjJ4cXf+ye7X1pfzO+nr95xvvX//h9Vs3Pv/iyHLxw7EkzsVgq259Px6l5jbJx7kNy0/3IlgfJf1uAA8l18rzeio9HUORa2V9J7WhXW0a0GO1fRE1IKMS+Q8Z1f4dUD/+bU+7+fvj9vnmAUg97mpratYMNM9NxP7GscnB35MHjkzqx5uHd7Oh7EnL1yJiZGBg8+c/aX3+Ht7Io2ggPfXt+eaO2rz/07XxJzqMP4Ptc6f/Unv8W900/t2Pn9ti/LvYZYw/3/rlky3jX4t4rmP8ZC1+0iF+GhHvdBn/5ptfn92qrvZpxLHoHL8t2f788PDlK+XSSPOxY4xvjh15bbv+H9wifvOc7f7G10yn7T/TZf+/+v7L55e3if/SC9vv/07b/0BEfNBl/CfvfvbGVnW3ryV36r8Cdrr/68tudRn/5XNHf+pyVQAAAAAAAAAAYAfSxrVsSVpYm0/TQqF5D+9TcTAtV6pzxy9X5qfHm9e8HY582r7SaqhZTurl0db1uO3yyQ3lU7lWwNyBRrlQrJTH+9x3AAAAAAAAAAAAAAAAAAAAeFwc2nD//x+5xv3/G/+uGtirtv7Lb2Cvk/+QXQ/mf9K3dgC7z/c/ZFZN/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv8AAAAAAAAAAAAAAAAAAAAAAAAAANATFy9cqE+1eytLxXp5fGBhfrLy7onxUnWyMDVfLBQrszOFiUplolwqFCtT//R+SaUyMxLT81eH50rVueHqwuLbU5X56fZ/ipbyPe8RAAAAAAAAAAAAAAAAAAAA/PcMNqYkLURE2phP00Ih4v8RcTjyyeUr5dJIRDwRET/m8vvq5dF+NxoAAAAAAAAAAAAAAAAAAAD2mOrC4uRYuVyazcjMwE5WjojlR9uM+jvu+FX51r56XLahmSzM9HlgAgAAAAAAAAAAAAAAAACADLp/02+3r/irtw0CAAAAAAAAAAAAAAAAAACATEp/TSKiPh0benFwY+3/ktVc4zki3rt56aOrY3Nzs6P15XfWls993Fp+sh/tB7rVztN2HgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3VRcWJ8fK5dJsD2f63UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh/F3AAAA///pCdd8")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f0000000180)='n', 0x1, 0x8000c61)
fallocate(r1, 0x0, 0x0, 0x8000c62)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
creat(&(0x7f00000000c0)='./file1\x00', 0x4)

kernel console output (not intermixed with test programs):

4): ext4_mb_mark_diskspace_used:4036: comm syz.4.1469: Allocating blocks 449-513 which overlap fs metadata
[ 1041.097669][T12638] EXT4-fs (loop4): pa ffff888078a52e80: logic 256, phys. 385, len 8
[ 1041.106533][T12638] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5377: group 0, free 0, pa_free 4
[ 1041.424850][ T8264] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1041.701835][T12645] loop3: detected capacity change from 0 to 8
[ 1042.127501][T12645] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1042.259150][T12645] SQUASHFS error: Failed to read block 0x91: -5
[ 1042.280061][T12645] SQUASHFS error: Unable to read metadata cache entry [8f]
[ 1042.331453][T12645] SQUASHFS error: Unable to read inode 0x11f
[ 1051.710206][T12717] loop5: detected capacity change from 0 to 512
[ 1051.730761][T12717] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.1499: casefold flag without casefold feature
[ 1051.744495][T12717] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.1499: couldn't read orphan inode 15 (err -117)
[ 1051.768225][T12717] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1051.905950][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1052.198458][    T9] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[ 1052.264684][    T9] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1052.371074][    T9] usb 4-1: config 220 has no interface number 2
[ 1052.450582][    T9] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1052.571591][    T9] usb 4-1: config 220 interface 0 has no altsetting 0
[ 1052.667912][    T9] usb 4-1: config 220 interface 76 has no altsetting 0
[ 1052.674867][    T9] usb 4-1: config 220 interface 1 has no altsetting 0
[ 1052.706518][    T9] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1052.731289][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1052.755424][    T9] usb 4-1: Product: syz
[ 1052.759671][    T9] usb 4-1: Manufacturer: syz
[ 1052.771213][    T9] usb 4-1: SerialNumber: syz
[ 1052.797292][ T8789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1053.086648][    T9] usb 4-1: selecting invalid altsetting 0
[ 1053.093576][   T28] audit: type=1326 audit(2000000991.958:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12727 comm="syz.2.1502" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x0
[ 1053.140238][    T9] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[ 1053.148636][    T9] usb 4-1: No valid video chain found.
[ 1053.189176][    T9] usb 4-1: selecting invalid altsetting 0
[ 1053.195812][    T9] usbtest: probe of 4-1:220.1 failed with error -22
[ 1053.214548][    T9] usb 4-1: USB disconnect, device number 10
[ 1055.514749][T12742] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1505'.
[ 1055.902249][ T9780] Bluetooth: hci0: unexpected event for opcode 0x2002
[ 1055.913739][T12754] overlay: Unknown parameter '/'
[ 1056.459075][   T28] audit: type=1326 audit(2000000995.091:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.483242][   T28] audit: type=1326 audit(2000000995.091:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.533691][   T28] audit: type=1326 audit(2000000995.091:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.557298][   T28] audit: type=1326 audit(2000000995.091:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.584247][   T28] audit: type=1326 audit(2000000995.091:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.607276][   T28] audit: type=1326 audit(2000000995.091:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.639577][   T28] audit: type=1326 audit(2000000995.091:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.662555][   T28] audit: type=1326 audit(2000000995.091:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1056.685964][   T28] audit: type=1326 audit(2000000995.091:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12759 comm="syz.2.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1065.968759][ T9780] Bluetooth: hci1: unexpected event for opcode 0x0c56
[ 1066.997479][ T6029] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1067.469690][ T6029] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.176169][ T5795] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1068.189146][T12819] loop5: detected capacity change from 0 to 32768
[ 1068.199485][ T5795] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1068.202727][ T5795] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1068.217203][ T5795] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1068.227996][ T5795] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1068.235979][ T5795] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1068.264298][ T6029] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.286778][T12819] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.1527 (12819)
[ 1068.342630][T12819] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1068.417236][T12819] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[ 1068.449587][T12819] BTRFS info (device loop5): disabling free space tree
[ 1068.464991][T12819] BTRFS info (device loop5): enabling auto defrag
[ 1068.471989][T12819] BTRFS info (device loop5): doing ref verification
[ 1068.480436][T12819] BTRFS info (device loop5): use no compression
[ 1068.493373][ T6029] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.514421][T12819] BTRFS info (device loop5): force clearing of disk cache
[ 1068.523979][T12819] BTRFS info (device loop5): trying to use backup root at mount time
[ 1068.533244][T12819] BTRFS error (device loop5): support for check_integrity* not compiled in!
[ 1068.554100][T12819] BTRFS error (device loop5): open_ctree failed: -22
[ 1068.802750][T12521] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by udevd (12521)
[ 1069.377627][T12848] PKCS7: Unknown OID: [4] 0.38.107.217331280.32(bad)
[ 1069.420516][T12848] PKCS7: Only support pkcs7_signedData type
[ 1070.113515][T12859] loop3: detected capacity change from 0 to 4096
[ 1070.824940][ T5795] Bluetooth: hci3: command tx timeout
[ 1072.306335][T12862] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1072.984079][T12864] loop5: detected capacity change from 0 to 8192
[ 1073.011797][T12864] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1073.055623][ T5795] Bluetooth: hci3: command tx timeout
[ 1073.067666][T12864] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal
[ 1073.099841][T12864] REISERFS (device loop5): using ordered data mode
[ 1073.136016][T12864] reiserfs: using flush barriers
[ 1073.191007][T12864] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1073.292417][T12864] REISERFS (device loop5): checking transaction log (loop5)
[ 1073.411554][T12864] REISERFS (device loop5): Using rupasov hash to sort names
[ 1073.611208][T12864] REISERFS (device loop5): using 3.5.x disk format
[ 1073.775733][T12864] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[ 1073.988560][T12864] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[ 1074.000258][T12864] REISERFS warning: green-16003 errcatch_is_left_mergeable: Invalid item type observed, run fsck ASAP
[ 1074.070275][T12864] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 UNKNOWN] (nlink == 1) not found (pos 2)
[ 1074.127447][T12864] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[ 1074.196228][T12839] chnl_net:caif_netlink_parms(): no params data found
[ 1075.078083][T12903] loop5: detected capacity change from 0 to 256
[ 1075.137951][T12903] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1075.276800][ T5795] Bluetooth: hci3: command tx timeout
[ 1076.478111][T12839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1076.503471][T12839] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1077.029355][T12839] bridge_slave_0: entered allmulticast mode
[ 1077.510040][T12839] bridge_slave_0: entered promiscuous mode
[ 1077.520616][ T5795] Bluetooth: hci3: command tx timeout
[ 1077.680238][T12926] loop3: detected capacity change from 0 to 1024
[ 1078.676720][T12839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.683960][T12839] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1078.714016][T12926] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1078.735843][T12839] bridge_slave_1: entered allmulticast mode
[ 1078.743509][T12839] bridge_slave_1: entered promiscuous mode
[ 1079.086065][T12940] loop5: detected capacity change from 0 to 4096
[ 1079.111178][T12940] ntfs3: loop5: Different NTFS sector size (2048) and media sector size (512).
[ 1080.031709][T12947] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 1080.291874][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1080.368379][T12839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1080.428869][T12839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1080.987328][T12958] loop3: detected capacity change from 0 to 256
[ 1081.057145][T12958] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1084.766410][T12839] team0: Port device team_slave_0 added
[ 1084.955136][T12839] team0: Port device team_slave_1 added
[ 1085.608006][T12839] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1085.620750][T12979] syz.5.1566: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[ 1085.629541][T12839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1085.752545][T12839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1085.762969][T12979] CPU: 0 PID: 12979 Comm: syz.5.1566 Not tainted 6.6.98-syzkaller #0
[ 1085.763108][T12979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1085.763123][T12979] Call Trace:
[ 1085.763132][T12979]  <TASK>
[ 1085.763142][T12979]  dump_stack_lvl+0x16c/0x230
[ 1085.763185][T12979]  ? show_regs_print_info+0x20/0x20
[ 1085.797393][T12979]  ? load_image+0x3b0/0x3b0
[ 1085.801913][T12979]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1085.808485][T12979]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[ 1085.814993][T12979]  warn_alloc+0x210/0x300
[ 1085.819336][T12979]  ? stack_trace_save+0x9c/0xe0
[ 1085.824236][T12979]  ? zone_watermark_ok_safe+0x230/0x230
[ 1085.829887][T12979]  ? kasan_set_track+0x5f/0x70
[ 1085.834663][T12979]  ? kasan_set_track+0x4e/0x70
[ 1085.839451][T12979]  ? __kasan_kmalloc+0x8f/0xa0
[ 1085.844226][T12979]  ? xsk_init_queue+0xb0/0x110
[ 1085.849001][T12979]  ? xsk_setsockopt+0x43c/0x6f0
[ 1085.853860][T12979]  ? do_sock_setsockopt+0x254/0x3e0
[ 1085.859087][T12979]  ? __x64_sys_setsockopt+0x1be/0x250
[ 1085.864493][T12979]  __vmalloc_node_range+0x126/0x1320
[ 1085.869836][T12979]  ? free_vm_area+0x50/0x50
[ 1085.874414][T12979]  vmalloc_user+0x74/0x80
[ 1085.878805][T12979]  ? xskq_create+0xbf/0x170
[ 1085.883366][T12979]  xskq_create+0xbf/0x170
[ 1085.887753][T12979]  xsk_init_queue+0xb0/0x110
[ 1085.892390][T12979]  xsk_setsockopt+0x43c/0x6f0
[ 1085.897081][T12979]  ? xsk_poll+0x670/0x670
[ 1085.901426][T12979]  ? aa_sock_opt_perm+0x74/0x100
[ 1085.906459][T12979]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[ 1085.912022][T12979]  ? security_socket_setsockopt+0x7e/0xa0
[ 1085.917749][T12979]  ? xsk_poll+0x670/0x670
[ 1085.922093][T12979]  do_sock_setsockopt+0x254/0x3e0
[ 1085.927136][T12979]  ? __ia32_sys_recv+0xb0/0xb0
[ 1085.931922][T12979]  ? __fdget+0x180/0x210
[ 1085.936183][T12979]  __x64_sys_setsockopt+0x1be/0x250
[ 1085.941404][T12979]  do_syscall_64+0x55/0xb0
[ 1085.945833][T12979]  ? clear_bhb_loop+0x40/0x90
[ 1085.950517][T12979]  ? clear_bhb_loop+0x40/0x90
[ 1085.955202][T12979]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1085.961112][T12979] RIP: 0033:0x7f31c238e929
[ 1085.965535][T12979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1085.985165][T12979] RSP: 002b:00007f31c313a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1085.993593][T12979] RAX: ffffffffffffffda RBX: 00007f31c25b5fa0 RCX: 00007f31c238e929
[ 1086.001576][T12979] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000007
[ 1086.009555][T12979] RBP: 00007f31c2410b39 R08: 0000000000000004 R09: 0000000000000000
[ 1086.017534][T12979] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1086.025513][T12979] R13: 0000000000000000 R14: 00007f31c25b5fa0 R15: 00007ffd0ec41ed8
[ 1086.033505][T12979]  </TASK>
[ 1086.043798][ T6029] hsr_slave_0: left promiscuous mode
[ 1086.051987][ T6029] hsr_slave_1: left promiscuous mode
[ 1086.164640][T12979] Mem-Info:
[ 1086.167933][T12979] active_anon:9199 inactive_anon:0 isolated_anon:0
[ 1086.167933][T12979]  active_file:16177 inactive_file:40238 isolated_file:0
[ 1086.167933][T12979]  unevictable:770 dirty:126 writeback:0
[ 1086.167933][T12979]  slab_reclaimable:6426 slab_unreclaimable:98446
[ 1086.167933][T12979]  mapped:25755 shmem:4271 pagetables:793
[ 1086.167933][T12979]  sec_pagetables:0 bounce:0
[ 1086.167933][T12979]  kernel_misc_reclaimable:0
[ 1086.167933][T12979]  free:1334157 free_pcp:9946 free_cma:0
[ 1086.222374][ T6029] veth1_macvtap: left promiscuous mode
[ 1086.229006][ T6029] veth0_macvtap: left promiscuous mode
[ 1086.243440][ T6029] veth1_vlan: left promiscuous mode
[ 1086.262301][ T6029] veth0_vlan: left promiscuous mode
[ 1086.276111][T12979] Node 0 active_anon:36696kB inactive_anon:0kB active_file:64708kB inactive_file:160752kB unevictable:1544kB isolated(anon):0kB isolated(file):0kB mapped:103120kB dirty:500kB writeback:0kB shmem:15548kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12044kB pagetables:3172kB sec_pagetables:0kB all_unreclaimable? no
[ 1086.288035][T12981] Bluetooth: hci0: Opcode 0x0c03 failed: -112
[ 1086.382266][T12979] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[ 1086.532071][T12979] Node 0 DMA free:15344kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1086.629735][T12979] lowmem_reserve[]: 0 2525 2526 2526 2526
[ 1086.636431][T12979] Node 0 DMA32 free:1411416kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:48348kB inactive_anon:0kB active_file:64708kB inactive_file:159428kB unevictable:1544kB writepending:496kB present:3129332kB managed:2589592kB mlocked:0kB bounce:0kB free_pcp:21540kB local_pcp:5244kB free_cma:0kB
[ 1087.771254][T12998] loop3: detected capacity change from 0 to 40427
[ 1087.930052][T12998] F2FS-fs (loop3): invalid crc value
[ 1087.961953][T12998] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1088.000155][T12998] F2FS-fs (loop3): Start checkpoint disabled!
[ 1088.028946][T12998] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1088.237506][T12979] lowmem_reserve[]: 0 0 1 1 1
[ 1088.299149][T12979] Node 0 Normal free:12kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:4kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1088.532384][ T5795] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1088.586774][T12979] lowmem_reserve[]: 0 0 0 0 0
[ 1088.633802][T12979] Node 1 Normal free:3901796kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:14080kB local_pcp:544kB free_cma:0kB
[ 1088.806904][T12979] lowmem_reserve[]: 0 0 0 0 0
[ 1088.811868][T12979] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15344kB
[ 1088.826932][T12979] Node 0 DMA32: 33*4kB (UME) 72*8kB (E) 66*16kB (ME) 320*32kB (ME) 401*64kB (ME) 124*128kB (UME) 93*256kB (UME) 47*512kB (UME) 25*1024kB (UME) 8*2048kB (UME) 306*4096kB (UM) = 1396772kB
[ 1088.845876][T12979] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[ 1088.859274][T12979] Node 1 Normal: 201*4kB (UME) 54*8kB (UME) 43*16kB (UME) 251*32kB (UME) 82*64kB (UME) 26*128kB (UME) 7*256kB (UME) 1*512kB (U) 2*1024kB (UE) 2*2048kB (UE) 946*4096kB (M) = 3901796kB
[ 1089.041825][T12979] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1089.055943][T12979] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=1 hugepages_size=2048kB
[ 1089.065531][T12979] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1089.075680][T12979] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1089.085678][T12979] 68607 total pagecache pages
[ 1089.090842][T12979] 0 pages in swap cache
[ 1089.095045][T12979] Free swap  = 124392kB
[ 1089.099926][T12979] Total swap = 124996kB
[ 1089.782909][T12979] 2097051 pages RAM
[ 1089.786796][T12979] 0 pages HighMem/MovableOnly
[ 1089.791498][T12979] 416139 pages reserved
[ 1089.899826][T12979] 0 pages cma reserved
[ 1091.029412][T13015] loop3: detected capacity change from 0 to 4096
[ 1091.038647][T13015] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[ 1091.592897][ T5794] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1091.847052][ T5794] usb 4-1: Using ep0 maxpacket: 8
[ 1091.922033][ T5794] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1092.002370][ T5794] usb 4-1: config 0 has an invalid interface number: 88 but max is 0
[ 1092.115554][ T5794] usb 4-1: config 0 has no interface number 0
[ 1092.135610][ T5794] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1092.151343][ T5794] usb 4-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[ 1092.161943][ T5794] usb 4-1: config 0 interface 88 has no altsetting 0
[ 1092.186891][ T5794] usb 4-1: string descriptor 0 read error: -22
[ 1092.210336][ T5794] usb 4-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[ 1092.219493][ T5794] usb 4-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[ 1092.281145][ T5794] usb 4-1: config 0 descriptor??
[ 1092.299652][ T5794] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.88/input/input16
[ 1093.102692][ T5794] usb 4-1: USB disconnect, device number 11
[ 1093.153046][T11987] udevd[11987]: Error opening device "/dev/input/event4": Input/output error
[ 1093.203326][T11987] udevd[11987]: Unable to EVIOCGABS device "/dev/input/event4"
[ 1093.224416][T11987] udevd[11987]: Unable to EVIOCGABS device "/dev/input/event4"
[ 1096.832246][   T28] kauditd_printk_skb: 33 callbacks suppressed
[ 1096.832263][   T28] audit: type=1326 audit(2000001032.854:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2932f8e929 code=0x7ffc0000
[ 1096.885475][   T28] audit: type=1326 audit(2000001032.854:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2932f8e929 code=0x7ffc0000
[ 1096.921311][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1096.931398][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1096.942453][   T28] audit: type=1326 audit(2000001032.900:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2932f8e929 code=0x7ffc0000
[ 1096.985786][   T28] audit: type=1326 audit(2000001032.900:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2932f8e929 code=0x7ffc0000
[ 1097.069205][   T28] audit: type=1326 audit(2000001032.900:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2932f8e929 code=0x7ffc0000
[ 1097.109160][   T28] audit: type=1326 audit(2000001032.900:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2932f8e929 code=0x7ffc0000
[ 1097.155552][   T28] audit: type=1326 audit(2000001032.900:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2932f2ab19 code=0x7ffc0000
[ 1097.189163][   T28] audit: type=1326 audit(2000001032.900:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2932f2ab19 code=0x7ffc0000
[ 1097.239215][   T28] audit: type=1326 audit(2000001032.900:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2932f2ab19 code=0x7ffc0000
[ 1097.291884][   T28] audit: type=1326 audit(2000001032.900:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13038 comm="syz.3.1576" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2932f2ab19 code=0x7ffc0000
[ 1097.340971][    T9] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[ 1097.529119][ T6029] bond0 (unregistering): Released all slaves
[ 1097.674427][T12839] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1097.689598][T12839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1097.748152][T12839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1099.192778][T12839] hsr_slave_0: entered promiscuous mode
[ 1099.320290][T12839] hsr_slave_1: entered promiscuous mode
[ 1099.341490][T12839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1099.350113][T12839] Cannot create hsr debugfs directory
[ 1099.597563][   T27] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1099.824658][   T27] usb 6-1: Using ep0 maxpacket: 8
[ 1099.878968][   T27] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1099.923595][   T27] usb 6-1: config 0 has an invalid interface number: 88 but max is 0
[ 1099.938887][   T27] usb 6-1: config 0 has no interface number 0
[ 1099.960171][   T27] usb 6-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1100.027046][   T27] usb 6-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[ 1100.116393][   T27] usb 6-1: config 0 interface 88 has no altsetting 0
[ 1100.187447][   T27] usb 6-1: string descriptor 0 read error: -22
[ 1100.193823][   T27] usb 6-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[ 1100.216773][   T27] usb 6-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[ 1100.224129][ T6029] IPVS: stop unused estimator thread 0...
[ 1100.234618][   T27] usb 6-1: config 0 descriptor??
[ 1100.274384][   T27] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.88/input/input17
[ 1100.468892][T12037] udevd[12037]: Error opening device "/dev/input/event4": Input/output error
[ 1100.496523][T12037] udevd[12037]: Unable to EVIOCGABS device "/dev/input/event4"
[ 1100.504309][T12037] udevd[12037]: Unable to EVIOCGABS device "/dev/input/event4"
[ 1100.729189][   T27] usb 6-1: USB disconnect, device number 8
[ 1100.805714][T13088] loop3: detected capacity change from 0 to 256
[ 1101.774010][T13088] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1102.278868][T12839] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1102.408746][T12839] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1102.457601][T12839] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1102.475910][ T5795] Bluetooth: hci1: unexpected event for opcode 0x0c0d
[ 1102.558986][T12839] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1103.542434][T12839] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1103.616128][T12839] 8021q: adding VLAN 0 to HW filter on device team0
[ 1103.752978][T12839] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1103.763718][T12839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1103.856590][ T6066] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1103.863859][ T6066] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1103.874086][ T6066] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1103.881296][ T6066] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1105.231224][T12839] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1105.328174][   T28] kauditd_printk_skb: 204 callbacks suppressed
[ 1105.328191][   T28] audit: type=1326 audit(2000001040.814:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1105.396845][   T28] audit: type=1326 audit(2000001040.842:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.492808][   T28] audit: type=1326 audit(2000001040.842:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.551493][   T28] audit: type=1326 audit(2000001040.842:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.606084][   T28] audit: type=1326 audit(2000001040.842:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.658236][   T28] audit: type=1326 audit(2000001040.842:466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.701035][   T28] audit: type=1326 audit(2000001040.842:467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.755006][   T28] audit: type=1326 audit(2000001040.851:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f07c2b2ab19 code=0x7ffc0000
[ 1105.859577][   T28] audit: type=1326 audit(2000001040.851:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1105.911601][T12839] veth0_vlan: entered promiscuous mode
[ 1105.947624][   T28] audit: type=1326 audit(2000001040.851:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13124 comm="syz.2.1595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f07c2b8e929 code=0x7ffc0000
[ 1105.963494][T12839] veth1_vlan: entered promiscuous mode
[ 1106.123729][T12839] veth0_macvtap: entered promiscuous mode
[ 1106.144537][T12839] veth1_macvtap: entered promiscuous mode
[ 1106.226428][T12839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.242359][T12839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.254617][T12839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.271274][T12839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.283427][T12839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1106.299044][T12839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.320506][T12839] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1106.341297][T12839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1106.361523][T12839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.376482][T12839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1106.396900][T12839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.417272][T12839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1106.442130][T12839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1106.461931][T12839] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1106.508913][T12839] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.528083][T12839] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.537249][T12839] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.547440][T12839] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1106.797436][ T6017] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1106.822734][ T6017] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1106.916792][ T6017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1106.957677][ T6017] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1109.164957][T13172] loop6: detected capacity change from 0 to 40427
[ 1111.255813][T13172] F2FS-fs (loop6): invalid crc value
[ 1111.289682][T13172] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1111.324953][T13172] F2FS-fs (loop6): Start checkpoint disabled!
[ 1111.341109][T13172] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[ 1111.672910][T13180] loop3: detected capacity change from 0 to 256
[ 1111.995174][T13180] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1113.721201][   T23] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1113.840510][T13191] input: syz1 as /devices/virtual/input/input18
[ 1113.932691][   T23] usb 7-1: Using ep0 maxpacket: 8
[ 1113.950927][   T23] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1113.967978][   T23] usb 7-1: config 0 has an invalid interface number: 88 but max is 0
[ 1113.986972][   T23] usb 7-1: config 0 has no interface number 0
[ 1114.045705][   T23] usb 7-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1114.098049][   T23] usb 7-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[ 1114.157200][   T23] usb 7-1: config 0 interface 88 has no altsetting 0
[ 1114.192191][   T23] usb 7-1: string descriptor 0 read error: -22
[ 1114.200077][   T23] usb 7-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[ 1114.236764][   T23] usb 7-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[ 1114.321878][   T23] usb 7-1: config 0 descriptor??
[ 1114.335859][   T23] input: USB Acecad Flair Tablet 0460:0004 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.88/input/input19
[ 1114.863605][T11987] udevd[11987]: Error opening device "/dev/input/event4": Input/output error
[ 1114.908241][ T5877] usb 7-1: USB disconnect, device number 2
[ 1114.914302][T11987] udevd[11987]: Unable to EVIOCGABS device "/dev/input/event4"
[ 1115.114460][T11987] udevd[11987]: Unable to EVIOCGABS device "/dev/input/event4"
[ 1115.136270][T11987] udevd[11987]: Assertion 'close_nointr(fd) != -EBADF' failed at util.c:228, function safe_close(). Aborting.
[ 1116.049865][ T5156] udevd[5156]: worker [11987] terminated by signal 6 (Aborted)
[ 1116.106249][ T5156] udevd[5156]: worker [11987] failed while handling '/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.88/input/input19/event4'
[ 1116.844696][T13227] loop5: detected capacity change from 0 to 256
[ 1117.635193][T13227] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1120.487127][T13247] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1123.160097][T13286] input: syz1 as /devices/virtual/input/input20
[ 1124.335320][T13292] loop5: detected capacity change from 0 to 64
[ 1126.218839][T13308] loop5: detected capacity change from 0 to 512
[ 1126.227629][T13308] EXT4-fs: Ignoring removed i_version option
[ 1128.932670][T13308] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1128.977479][T13308] EXT4-fs (loop5): 1 truncate cleaned up
[ 1128.984571][T13308] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1129.171148][ T8789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1130.150536][T13332] loop3: detected capacity change from 0 to 256
[ 1130.731888][T13332] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1132.345480][ T5795] Bluetooth: hci3: link tx timeout
[ 1132.351712][ T5795] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1132.823229][T13347] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1640'.
[ 1132.861913][T13347] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1640'.
[ 1133.111900][T13353] loop3: detected capacity change from 0 to 1024
[ 1133.142306][T13353] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1133.194653][T13353] EXT4-fs: Ignoring removed i_version option
[ 1133.255578][T13353] EXT4-fs: inline encryption not supported
[ 1134.075228][T13353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1134.188488][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1134.606995][ T9780] Bluetooth: hci3: command 0x0406 tx timeout
[ 1134.613402][ T5856] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[ 1134.814317][ T5856] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1134.896594][T13379] loop6: detected capacity change from 0 to 64
[ 1135.235657][ T5856] usb 4-1: not running at top speed; connect to a high speed hub
[ 1135.477672][ T5856] usb 4-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1135.491844][ T5856] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1135.593563][ T5856] usb 4-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.40
[ 1135.615096][ T5856] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1135.645253][ T5856] usb 4-1: Product: syz
[ 1135.656254][ T5856] usb 4-1: Manufacturer: syz
[ 1135.678024][ T5856] usb 4-1: SerialNumber: syz
[ 1136.048974][ T5856] usbhid 4-1:1.0: can't add hid device: -71
[ 1136.058759][ T5856] usbhid: probe of 4-1:1.0 failed with error -71
[ 1136.167033][T13386] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 1136.181839][T13386] ubi: mtd0 is already attached to ubi31
[ 1136.857831][ T5856] usb 4-1: USB disconnect, device number 13
[ 1143.571044][T13453] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1659'.
[ 1144.197592][T13466] genirq: Flags mismatch irq 8. 00000000 (comedi_parport) vs. 00000000 (rtc0)
[ 1148.213338][T13494] 9pnet: Could not find request transport: Kdæ)W

[ 1148.727338][ T9780] Bluetooth: hci1: unexpected event for opcode 0x042c
[ 1149.982329][   T23] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1150.566298][   T23] usb 4-1: Using ep0 maxpacket: 32
[ 1150.625003][   T23] usb 4-1: config 0 has an invalid interface number: 35 but max is 0
[ 1150.633179][   T23] usb 4-1: config 0 has no interface number 0
[ 1150.822449][   T23] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 1150.847354][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1150.855425][   T23] usb 4-1: Product: syz
[ 1150.859941][   T23] usb 4-1: Manufacturer: syz
[ 1150.864580][   T23] usb 4-1: SerialNumber: syz
[ 1150.881402][   T23] usb 4-1: config 0 descriptor??
[ 1150.948014][T13535] loop6: detected capacity change from 0 to 256
[ 1151.997044][   T23] radio-si470x 4-1:0.35: could not find interrupt in endpoint
[ 1152.005812][T13535] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1152.023967][   T23] radio-si470x: probe of 4-1:0.35 failed with error -5
[ 1152.505377][   T23] radio-raremono 4-1:0.35: this is not Thanko's Raremono.
[ 1152.513069][   T23] usbhid 4-1:0.35: couldn't find an input interrupt endpoint
[ 1152.844033][   T23] usb 4-1: USB disconnect, device number 14
[ 1152.974260][T13543] loop5: detected capacity change from 0 to 64
[ 1153.017917][ T9780] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1153.029110][ T9780] Bluetooth: hci1: Injecting HCI hardware error event
[ 1153.040078][ T9780] Bluetooth: hci1: hardware error 0x00
[ 1153.369454][T13544] Bluetooth: hci1: unexpected event for opcode 0x1005
[ 1153.451891][T13540] loop6: detected capacity change from 0 to 32768
[ 1153.514991][T13540] (syz.6.1682,13540,1):ocfs2_find_slot:468 ERROR: no free slots available!
[ 1153.539111][T13540] (syz.6.1682,13540,1):ocfs2_mount_volume:1809 ERROR: status = -22
[ 1153.581630][T13540] (syz.6.1682,13540,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1154.441991][T13561] loop3: detected capacity change from 0 to 40427
[ 1154.484532][T13561] F2FS-fs (loop3): invalid crc value
[ 1155.504474][T13561] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1155.531505][ T9780] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1155.557102][T13561] F2FS-fs (loop3): Start checkpoint disabled!
[ 1155.905724][T13561] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1157.295201][T13588] vivid-000: =================  START STATUS  =================
[ 1157.316214][T13588] vivid-000: Generate PTS: true
[ 1157.357548][T13588] vivid-000: Generate SCR: true
[ 1157.431427][T13588] tpg source WxH: 1280x720 (R'G'B)
[ 1157.437402][T13588] tpg field: 1
[ 1157.440984][T13588] tpg crop: 16x16@0x0
[ 1157.445697][T13588] tpg compose: 16x16@0x0
[ 1157.450580][T13588] tpg colorspace: 1
[ 1157.458176][T13588] tpg transfer function: 0/0
[ 1157.462937][T13588] tpg quantization: 0/0
[ 1157.467891][T13588] tpg RGB range: 0/1
[ 1157.472133][T13588] vivid-000: ==================  END STATUS  ==================
[ 1159.150075][T13602] loop6: detected capacity change from 0 to 40427
[ 1159.282972][T13602] F2FS-fs (loop6): invalid crc value
[ 1159.331881][T13602] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1159.386460][T13602] F2FS-fs (loop6): Start checkpoint disabled!
[ 1159.424812][T13603] sp0: Synchronizing with TNC
[ 1159.466717][T13602] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[ 1162.602885][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1162.610748][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1163.573544][T13655] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1164.277761][T13654] loop3: detected capacity change from 0 to 40427
[ 1164.370603][T13654] F2FS-fs (loop3): invalid crc value
[ 1164.391208][T13649] loop5: detected capacity change from 0 to 16
[ 1164.403940][T13649] erofs: Unknown parameter 'GPL'
[ 1164.451863][T13654] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1164.500995][T13654] F2FS-fs (loop3): Start checkpoint disabled!
[ 1164.519366][T13654] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1164.700761][T13371] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1166.869377][T13671] sp0: Synchronizing with TNC
[ 1167.455996][T13678] loop5: detected capacity change from 0 to 1024
[ 1170.398031][T11360] hfsplus: b-tree write err: -5, ino 4
[ 1170.506318][T13701] xt_addrtype: ipv6 does not support BROADCAST matching
[ 1170.565040][T13702] netlink: 80 bytes leftover after parsing attributes in process `syz.6.1722'.
[ 1174.776566][T13734] loop6: detected capacity change from 0 to 256
[ 1175.730558][T13734] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1176.507087][T13744] loop3: detected capacity change from 0 to 256
[ 1178.571984][T13744] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1179.087354][T13748] loop5: detected capacity change from 0 to 64
[ 1179.116984][T13748] hfs: unable to locate alternate MDB
[ 1179.122404][T13748] hfs: continuing without an alternate MDB
[ 1179.240879][T13748] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[ 1179.352604][ T9780] Bluetooth: hci0: unexpected cc 0x0c2d length: 69 > 4
[ 1179.369992][ T9780] Bluetooth: hci0: unexpected event for opcode 0x0c2d
[ 1179.487714][T13755] netlink: 'syz.2.1736': attribute type 10 has an invalid length.
[ 1180.197938][T13760] loop3: detected capacity change from 0 to 64
[ 1180.925811][T13755] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1182.579700][T13780] loop5: detected capacity change from 0 to 256
[ 1183.011149][T13780] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1183.439747][T13772] loop3: detected capacity change from 0 to 4096
[ 1183.496631][T13772] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[ 1183.747946][T13794] netlink: 'syz.6.1746': attribute type 1 has an invalid length.
[ 1183.905712][T13794] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1183.981509][T13772] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[ 1184.019400][T13797] unsupported nlmsg_type 40
[ 1184.065235][T13799] loop6: detected capacity change from 0 to 1024
[ 1184.098961][T13796] bond1: (slave gretap1): making interface the new active one
[ 1184.109841][T13796] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 1184.561121][ T9780] Bluetooth: hci3: Malformed Event: 0x02
[ 1186.483649][T13823] loop5: detected capacity change from 0 to 256
[ 1187.301451][T13823] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1187.417962][T13828] loop3: detected capacity change from 0 to 256
[ 1188.351997][T13798] bond1 (unregistering): (slave gretap1): Releasing active interface
[ 1188.426453][T13798] bond1 (unregistering): Released all slaves
[ 1188.427113][T13845] loop3: detected capacity change from 0 to 1024
[ 1188.603933][ T6017] hfsplus: b-tree write err: -5, ino 4
[ 1189.665973][ T6066] hfsplus: b-tree write err: -5, ino 4
[ 1190.133644][T13882] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1190.403027][ T5877] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[ 1190.657621][ T5877] usb 6-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1190.829877][ T5877] usb 6-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1191.032072][ T5877] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1191.110525][ T5877] aiptek 6-1:17.0: interface has no int in endpoints, but must have minimum 1
[ 1191.157771][T13894] loop6: detected capacity change from 0 to 1024
[ 1191.310854][ T6066] hfsplus: b-tree write err: -5, ino 4
[ 1191.356103][   T23] usb 6-1: USB disconnect, device number 9
[ 1192.380785][T13923] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1786'.
[ 1192.428741][T13902] loop6: detected capacity change from 0 to 32768
[ 1193.814248][T13948] loop3: detected capacity change from 0 to 256
[ 1195.840231][T13974] loop6: detected capacity change from 0 to 256
[ 1195.868769][T13974] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1196.203942][T13984] UBIFS error (pid: 13984): cannot open "./file0", error -22
[ 1198.514384][T14021] netlink: 'syz.3.1818': attribute type 1 has an invalid length.
[ 1198.701530][T14027] pim6reg: entered allmulticast mode
[ 1198.737965][T14027] pim6reg: left allmulticast mode
[ 1199.066346][T14043] netlink: 160 bytes leftover after parsing attributes in process `syz.6.1826'.
[ 1199.189994][T14046] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1828'.
[ 1199.310856][    T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1199.574410][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 1199.584621][    T9] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1199.593454][    T9] usb 4-1: config 0 has no interface number 0
[ 1199.604910][    T9] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1199.615543][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.626137][    T9] usb 4-1: Product: syz
[ 1199.631291][    T9] usb 4-1: Manufacturer: syz
[ 1199.636543][    T9] usb 4-1: SerialNumber: syz
[ 1199.647652][    T9] usb 4-1: config 0 descriptor??
[ 1199.656895][    T9] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1199.666609][    T9] usb 4-1: selecting invalid altsetting 1
[ 1199.672744][    T9] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1199.684626][    T9] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1199.704037][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1199.725180][    T9] usb 4-1: media controller created
[ 1199.769755][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1199.878574][    T9] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 1199.917636][    T9] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 1199.939564][    T9] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1200.115039][    T9] usb 4-1: USB disconnect, device number 15
[ 1200.151254][T14072] loop6: detected capacity change from 0 to 1024
[ 1200.345011][T14076] loop5: detected capacity change from 0 to 256
[ 1200.579320][T14076] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1200.959902][T14072] hfsplus: xattr searching failed
[ 1201.041548][   T28] kauditd_printk_skb: 298 callbacks suppressed
[ 1201.041564][   T28] audit: type=1800 audit(2000001130.341:769): pid=14072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1834" name="file1" dev="loop6" ino=20 res=0 errno=0
[ 1201.616845][T14092] loop3: detected capacity change from 0 to 256
[ 1201.644715][T14092] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d)
[ 1201.750947][T14090] loop5: detected capacity change from 0 to 4096
[ 1201.831564][T14094] loop6: detected capacity change from 0 to 4096
[ 1201.842061][T14090] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1201.903741][   T28] audit: type=1800 audit(2000001131.145:770): pid=14090 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1843" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1202.111396][ T8789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1202.590086][    T9] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1202.698869][T14098] loop3: detected capacity change from 0 to 32768
[ 1202.727538][T14098] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[ 1202.790851][T14098] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1202.805581][    T9] usb 6-1: Using ep0 maxpacket: 16
[ 1202.819364][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1202.846875][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1202.863368][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1202.876937][    T9] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1202.886391][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1202.898195][    T9] usb 6-1: config 0 descriptor??
[ 1202.973988][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[ 1203.253361][T14109] loop6: detected capacity change from 0 to 32768
[ 1203.286488][T14109] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1203.312069][T14109] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[ 1203.338401][T14109] BTRFS info (device loop6): use zlib compression, level 3
[ 1203.370743][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.384756][T14109] BTRFS info (device loop6): turning on sync discard
[ 1203.394806][T14113] loop3: detected capacity change from 0 to 256
[ 1203.401465][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.409237][T14109] BTRFS info (device loop6): doing ref verification
[ 1203.416904][T14113] exfat: Deprecated parameter 'utf8'
[ 1203.422244][T14113] exfat: Deprecated parameter 'utf8'
[ 1203.427689][T14109] BTRFS info (device loop6): disabling tree log
[ 1203.434023][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.456174][T14109] BTRFS info (device loop6): enabling tree log
[ 1203.462432][T14109] BTRFS info (device loop6): enabling ssd optimizations
[ 1203.478203][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.490591][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.498435][T14109] BTRFS info (device loop6): using spread ssd allocation scheme
[ 1203.507695][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.515123][T14109] BTRFS info (device loop6): not using ssd optimizations
[ 1203.522283][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.529515][T14109] BTRFS info (device loop6): not using spread ssd allocation scheme
[ 1203.540420][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.547719][T14109] BTRFS info (device loop6): using free space tree
[ 1203.557333][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.572370][    T9] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[ 1203.588588][T14113] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d)
[ 1203.700639][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0005/input/input22
[ 1203.832799][    T9] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[ 1203.852121][    T9] usb 6-1: USB disconnect, device number 10
[ 1204.007047][T14138] netlink: 'syz.3.1855': attribute type 10 has an invalid length.
[ 1204.113090][T14135] fido_id[14135]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1204.131714][T14138] team0: Port device geneve1 added
[ 1204.137529][T12839] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1205.284019][T12521] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 9 /dev/loop6 scanned by udevd (12521)
[ 1206.253967][T14160] loop5: detected capacity change from 0 to 256
[ 1206.351315][T14160] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1206.424132][T14166] netlink: 'syz.6.1867': attribute type 8 has an invalid length.
[ 1206.624527][T14171] netlink: 92 bytes leftover after parsing attributes in process `syz.6.1870'.
[ 1206.820780][T14174] loop3: detected capacity change from 0 to 2048
[ 1206.866135][T14174] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1206.974253][   T28] audit: type=1800 audit(2000001135.888:771): pid=14174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1871" name="file1" dev="loop3" ino=1346 res=0 errno=0
[ 1207.366632][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1207.701592][    T9] usb 7-1: Using ep0 maxpacket: 32
[ 1207.725000][    T9] usb 7-1: config 0 has an invalid interface number: 132 but max is 0
[ 1207.754875][    T9] usb 7-1: config 0 has no interface number 0
[ 1207.775072][    T9] usb 7-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1207.816232][    T9] usb 7-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 1207.844191][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1207.881767][    T9] usb 7-1: Product: syz
[ 1207.897867][    T9] usb 7-1: Manufacturer: syz
[ 1207.902527][    T9] usb 7-1: SerialNumber: syz
[ 1207.914864][    T9] usb 7-1: config 0 descriptor??
[ 1207.939775][    T9] em28xx 7-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 1207.980546][    T9] em28xx 7-1:0.132: Video interface 132 found:
[ 1208.558420][   T23] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1209.013281][   T23] usb 4-1: Using ep0 maxpacket: 16
[ 1209.186088][    T9] em28xx 7-1:0.132: chip ID is em2840
[ 1209.258726][   T23] usb 4-1: too many endpoints for config 0 interface 0 altsetting 1: 255, using maximum allowed: 30
[ 1209.282503][   T23] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1209.292324][   T23] usb 4-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[ 1209.306681][   T23] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1209.313366][   T23] usb 4-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[ 1209.323593][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1209.342522][   T23] usb 4-1: config 0 descriptor??
[ 1209.351021][    T9] em28xx 7-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[ 1209.371929][    T9] em28xx 7-1:0.132: board has no eeprom
[ 1209.475265][    T9] em28xx 7-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 1209.483660][    T9] em28xx 7-1:0.132: analog set to bulk mode.
[ 1209.491734][ T5877] em28xx 7-1:0.132: Registering V4L2 extension
[ 1209.502850][    T9] usb 7-1: USB disconnect, device number 3
[ 1209.510179][    T9] em28xx 7-1:0.132: Disconnecting em28xx
[ 1209.669626][ T5877] em28xx 7-1:0.132: Config register raw data: 0xffffffed
[ 1209.677556][ T5877] em28xx 7-1:0.132: AC97 chip type couldn't be determined
[ 1209.684854][ T5877] em28xx 7-1:0.132: No AC97 audio processor
[ 1209.701464][ T5877] usb 7-1: Decoder not found
[ 1209.706776][ T5877] em28xx 7-1:0.132: failed to create media graph
[ 1209.715470][ T5877] em28xx 7-1:0.132: V4L2 device video103 deregistered
[ 1209.726650][ T5877] em28xx 7-1:0.132: Remote control support is not available for this card.
[ 1209.736137][    T9] em28xx 7-1:0.132: Closing input extension
[ 1209.751378][    T9] em28xx 7-1:0.132: Freeing device
[ 1209.804054][   T23] wacom 0003:056A:0015.0006: Unknown device_type for 'HID 056a:0015'. Assuming pen.
[ 1209.849230][   T23] wacom 0003:056A:0015.0006: hidraw0: USB HID v0.21 Device [HID 056a:0015] on usb-dummy_hcd.3-1/input0
[ 1209.891729][ T5794] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1209.904929][   T23] input: Wacom Graphire4 4x5 Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:056A:0015.0006/input/input23
[ 1210.080981][   T23] usb 4-1: USB disconnect, device number 16
[ 1210.105510][ T5794] usb 6-1: Using ep0 maxpacket: 8
[ 1210.141037][ T5794] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1210.159920][ T5794] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1210.169919][ T5794] usb 6-1: Product: syz
[ 1210.174322][ T5794] usb 6-1: Manufacturer: syz
[ 1210.184757][ T5794] usb 6-1: SerialNumber: syz
[ 1210.210437][ T5794] usb 6-1: config 0 descriptor??
[ 1210.238211][ T5794] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1210.268465][ T5794] usb 6-1: setting power ON
[ 1210.273979][ T5794] dvb-usb: bulk message failed: -22 (2/0)
[ 1210.329038][ T5794] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1210.364357][ T5794] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1210.395244][ T5794] usb 6-1: media controller created
[ 1210.444836][T14203] dvb-usb: bulk message failed: -22 (4/0)
[ 1210.468955][T14203] cxusb: i2c read failed
[ 1210.485667][ T5794] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1210.551121][ T5794] usb 6-1: selecting invalid altsetting 6
[ 1210.582099][ T5794] usb 6-1: digital interface selection failed (-22)
[ 1210.607492][ T5794] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1210.634345][ T5794] usb 6-1: setting power OFF
[ 1210.663849][ T5794] dvb-usb: bulk message failed: -22 (2/0)
[ 1210.670442][ T5794] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1210.720197][ T5794] (NULL device *): no alternate interface
[ 1211.349054][ T5794] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1211.418981][ T5794] usb 6-1: USB disconnect, device number 11
[ 1212.067806][T14240] loop5: detected capacity change from 0 to 4096
[ 1212.109428][T14240] ntfs3: loop5: ino=3, Correct links count -> 2.
[ 1212.126631][T14242] loop3: detected capacity change from 0 to 1024
[ 1212.806447][T14247] loop5: detected capacity change from 0 to 1024
[ 1212.910436][T14236] loop6: detected capacity change from 0 to 32768
[ 1213.015666][T14236] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1213.393465][T14236] XFS (loop6): Ending clean mount
[ 1213.425735][T14236] XFS (loop6): Quotacheck needed: Please wait.
[ 1213.510683][T14248] loop3: detected capacity change from 0 to 32768
[ 1213.847788][T14248] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1901 (14248)
[ 1214.099716][T14236] XFS (loop6): Quotacheck: Done.
[ 1214.171751][T14248] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1214.204117][T14248] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[ 1214.230350][T14248] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[ 1214.262868][T14248] BTRFS info (device loop3): force lzo compression, level 0
[ 1214.284694][T14248] BTRFS info (device loop3): turning on sync discard
[ 1214.304600][T14248] BTRFS info (device loop3): force clearing of disk cache
[ 1214.334013][T14248] BTRFS info (device loop3): enabling disk space caching
[ 1214.357264][T14248] BTRFS info (device loop3): turning off discard
[ 1214.481727][T14248] BTRFS info (device loop3): disk space caching is enabled
[ 1214.754926][T14269] loop5: detected capacity change from 0 to 4096
[ 1214.778629][T14248] BTRFS info (device loop3): enabling ssd optimizations
[ 1214.809618][T12839] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1214.834167][T14248] BTRFS info (device loop3): rebuilding free space tree
[ 1214.922612][T14248] BTRFS info (device loop3): disabling free space tree
[ 1214.934677][T14248] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1214.948815][T14248] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1214.959372][T14269] ntfs3: loop5: Failed to initialize $Extend/$ObjId.
[ 1215.070135][T14268] ntfs3: loop5: ino=1e, "file1" attr_set_size
[ 1215.092564][T14268] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[ 1215.371741][ T5787] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1216.655610][T14303] netlink: 'syz.5.1913': attribute type 1 has an invalid length.
[ 1216.974574][T14306] loop5: detected capacity change from 0 to 1024
[ 1217.398685][T14303] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1217.747470][ T9780] Bluetooth: hci0: Malformed Event: 0x02
[ 1218.237193][T14304] bond1: (slave gretap1): making interface the new active one
[ 1218.834039][T14304] bond1: (slave gretap1): Enslaving as an active interface with an up link
[ 1219.700643][T14326] loop3: detected capacity change from 0 to 512
[ 1219.751971][T14328] loop6: detected capacity change from 0 to 64
[ 1219.752007][T14326] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1219.842804][T14305] bond1 (unregistering): (slave gretap1): Releasing active interface
[ 1219.853545][ T6017] hfsplus: b-tree write err: -5, ino 4
[ 1219.898570][T14326] EXT4-fs (loop3): 1 truncate cleaned up
[ 1219.932991][T14326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1219.969732][T14305] bond1 (unregistering): Released all slaves
[ 1220.046530][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1221.277336][ T5945] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1221.502137][ T5945] usb 6-1: Using ep0 maxpacket: 16
[ 1221.536257][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1221.563935][ T5945] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1221.585371][ T5945] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1221.619224][ T5945] usb 6-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[ 1221.639272][ T5945] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.676239][ T5945] usb 6-1: config 0 descriptor??
[ 1222.162072][ T5945] magicmouse 0003:05AC:0265.0007: unknown main item tag 0x0
[ 1222.181271][ T5945] magicmouse 0003:05AC:0265.0007: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.5-1/input0
[ 1222.898152][ T5945] usb 6-1: USB disconnect, device number 12
[ 1222.920975][T14357] loop6: detected capacity change from 0 to 40427
[ 1222.942916][T14357] F2FS-fs (loop6): Invalid SB checksum offset: 0
[ 1222.973459][T14357] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[ 1223.005803][T14357] F2FS-fs (loop6): invalid crc value
[ 1223.273503][T14357] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0
[ 1223.582165][ T9780] Bluetooth: hci3: link tx timeout
[ 1223.598177][ T9780] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1223.622978][T14357] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1223.974266][T14394] netlink: 'syz.2.1943': attribute type 4 has an invalid length.
[ 1223.985928][T14394] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1943'.
[ 1224.017995][T14357] syz.6.1930: attempt to access beyond end of device
[ 1224.017995][T14357] loop6: rw=2049, sector=53248, nr_sectors = 16 limit=40427
[ 1224.064008][T14396] loop5: detected capacity change from 0 to 512
[ 1224.120647][T14396] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1224.198840][T12839] syz-executor: attempt to access beyond end of device
[ 1224.198840][T12839] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1224.218466][T14396] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1224.250441][T12839] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1224.259715][T14396] ext4 filesystem being mounted at /279/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1225.107494][ T8789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1225.431978][T13544] Bluetooth: hci3: link tx timeout
[ 1225.437579][T13544] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1225.445416][T13544] Bluetooth: hci3: link tx timeout
[ 1225.455622][T13544] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1225.799299][T13544] Bluetooth: hci3: command 0x0406 tx timeout
[ 1226.335682][T14424] loop6: detected capacity change from 0 to 64
[ 1226.428543][   T28] audit: type=1800 audit(2000001154.081:772): pid=14424 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1947" name="file1" dev="loop6" ino=5 res=0 errno=0
[ 1226.449025][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1226.983528][T14417] loop5: detected capacity change from 0 to 40427
[ 1227.000133][T14417] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1227.013159][T14417] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1227.043121][T14417] F2FS-fs (loop5): invalid crc value
[ 1227.072248][T14417] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1227.233723][T14426] loop3: detected capacity change from 0 to 32768
[ 1227.241082][T14417] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1227.252808][T14426] XFS: ikeep mount option is deprecated.
[ 1227.265205][T14426] XFS: noikeep mount option is deprecated.
[ 1227.296385][T14417] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1227.418767][T14426] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1227.628908][T14426] XFS (loop3): Ending clean mount
[ 1227.648064][T14426] XFS (loop3): Quotacheck needed: Please wait.
[ 1227.786700][T14429] loop6: detected capacity change from 0 to 40427
[ 1227.803819][T14426] XFS (loop3): Quotacheck: Done.
[ 1227.895351][T14429] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x7
[ 1227.941101][T14429] F2FS-fs (loop6): invalid crc value
[ 1227.955577][T14429] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1228.010537][ T5787] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[ 1228.064407][T14429] F2FS-fs (loop6): Start checkpoint disabled!
[ 1228.113450][T14429] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[ 1228.290753][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1228.297138][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1228.471414][ T6017] kworker/u4:10: attempt to access beyond end of device
[ 1228.471414][ T6017] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1228.522185][ T6017] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1228.534430][ T6017] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1231.044654][T14481] loop3: detected capacity change from 0 to 736
[ 1231.102686][ T9780] Bluetooth: hci3: command 0x0406 tx timeout
[ 1231.326533][   T23] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1231.582839][   T23] usb 7-1: Using ep0 maxpacket: 8
[ 1231.602020][   T23] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1231.617693][   T23] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1231.691841][   T23] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1231.701628][   T23] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1231.770928][   T23] hub 7-1:1.0: bad descriptor, ignoring hub
[ 1231.777088][   T23] hub: probe of 7-1:1.0 failed with error -5
[ 1232.388815][T14479] loop5: detected capacity change from 0 to 32768
[ 1232.493319][T14479] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1232.676437][   T23] usb 7-1: reset high-speed USB device number 4 using dummy_hcd
[ 1232.769774][ T8789] ocfs2: Unmounting device (7,5) on (node local)
[ 1233.582232][T13544] Bluetooth: hci3: command 0x0406 tx timeout
[ 1234.063460][    T9] usb 7-1: USB disconnect, device number 4
[ 1234.092539][T14496] loop3: detected capacity change from 0 to 32768
[ 1234.106350][T14496] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[ 1234.186551][T14496] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1234.354179][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[ 1234.787620][T14503] loop5: detected capacity change from 0 to 32768
[ 1234.864208][T14503] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 9
[ 1234.971823][   T23] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1234.986049][T12521] BTRFS error: device /dev/loop5 already registered with a higher generation, found 8 expect 9
[ 1235.174963][   T23] usb 4-1: Using ep0 maxpacket: 32
[ 1235.184924][   T23] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1235.204347][   T23] usb 4-1: config 0 has no interface number 0
[ 1235.217445][   T23] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1235.242998][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1235.268253][   T23] usb 4-1: Product: syz
[ 1235.290623][   T23] usb 4-1: Manufacturer: syz
[ 1235.328082][   T23] usb 4-1: SerialNumber: syz
[ 1235.362177][   T23] usb 4-1: config 0 descriptor??
[ 1235.392378][   T23] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1235.418887][   T23] usb 4-1: selecting invalid altsetting 1
[ 1235.449434][   T23] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1235.594424][   T23] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1235.608169][   T23] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1235.635103][   T23] usb 4-1: media controller created
[ 1235.935748][   T23] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1236.159807][T14516] loop6: detected capacity change from 0 to 32768
[ 1236.224732][T14516] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1236.295617][T14516] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[ 1236.334934][T14516] BTRFS info (device loop6): enabling disk space caching
[ 1236.352033][T14516] BTRFS info (device loop6): turning off barriers
[ 1236.371818][T14516] BTRFS info (device loop6): force clearing of disk cache
[ 1236.394003][T14516] BTRFS info (device loop6): enabling ssd optimizations
[ 1236.430224][T14516] BTRFS info (device loop6): using spread ssd allocation scheme
[ 1236.467576][T14516] BTRFS info (device loop6): enabling free space tree
[ 1236.507087][T14516] BTRFS info (device loop6): using free space tree
[ 1236.722534][T14516] BTRFS info (device loop6): rebuilding free space tree
[ 1236.850789][T14516] BTRFS info (device loop6): checking UUID tree
[ 1237.346050][T13544] Bluetooth: hci3: command 0x0406 tx timeout
[ 1237.382003][T12839] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1237.795688][T14532] loop5: detected capacity change from 0 to 131072
[ 1237.804520][T14532] F2FS-fs (loop5): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1237.812875][T14532] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1237.822107][   T23] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[ 1237.834723][T14532] F2FS-fs (loop5): invalid crc value
[ 1237.847179][   T23] zl10353_read_register: readreg error (reg=127, ret==-110)
[ 1237.860087][   T23] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1237.906369][   T23] usb 4-1: USB disconnect, device number 17
[ 1237.947321][T12521] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop6 scanned by udevd (12521)
[ 1237.971323][T14532] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1238.061214][T14532] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1238.069192][T14532] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[ 1239.717811][T14568] loop6: detected capacity change from 0 to 32768
[ 1240.092407][  T112] ERROR: (device loop6): diUpdatePMap: the iag is outside the map
[ 1240.092407][  T112] 
[ 1240.127531][  T112] ERROR: (device loop6): remounting filesystem as read-only
[ 1240.144865][  T112] ERROR: (device loop6): diUpdatePMap: the iag is outside the map
[ 1240.144865][  T112] 
[ 1240.582969][T14600] loop5: detected capacity change from 0 to 512
[ 1240.612075][T14600] EXT4-fs: Ignoring removed oldalloc option
[ 1240.700460][T14600] EXT4-fs error (device loop5): ext4_xattr_inode_iget:445: comm syz.5.2004: error while reading EA inode 32 err=-116
[ 1240.719238][T14600] EXT4-fs (loop5): Remounting filesystem read-only
[ 1240.732273][T14600] EXT4-fs (loop5): 1 orphan inode deleted
[ 1240.743584][T14600] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1240.974414][ T8789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1241.108985][ T9780] Bluetooth: hci3: command 0x0406 tx timeout
[ 1242.412502][ T5945] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1242.615704][ T5945] usb 6-1: Using ep0 maxpacket: 32
[ 1242.635012][ T5945] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1242.645142][ T5945] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.669233][ T5945] usb 6-1: config 0 descriptor??
[ 1242.704505][T14610] loop3: detected capacity change from 0 to 40427
[ 1242.753476][T14610] F2FS-fs (loop3): invalid crc value
[ 1242.805304][T14610] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1242.936546][ T5945] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1242.952485][T14610] F2FS-fs (loop3): Start checkpoint disabled!
[ 1242.967915][ T5945] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1242.975966][T14610] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1243.005783][ T5945] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1243.033780][ T5945] usb 6-1: media controller created
[ 1243.081779][ T5945] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1243.164584][ T5945] az6027: usb out operation failed. (-71)
[ 1243.215481][ T5945] az6027: usb out operation failed. (-71)
[ 1243.235835][ T5945] stb0899_attach: Driver disabled by Kconfig
[ 1243.241928][ T5945] az6027: no front-end attached
[ 1243.241928][ T5945] 
[ 1243.271881][ T5945] az6027: usb out operation failed. (-71)
[ 1243.293125][ T5945] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1243.315960][ T5945] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input26
[ 1243.355826][ T5945] dvb-usb: schedule remote query interval to 400 msecs.
[ 1243.373838][ T5945] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1243.393158][ T5945] usb 6-1: USB disconnect, device number 13
[ 1243.476428][ T5945] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1243.539485][T11360] kworker/u4:1: attempt to access beyond end of device
[ 1243.539485][T11360] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1243.577888][T11360] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1243.585215][T11360] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1243.592352][T13544] Bluetooth: hci3: command 0x0406 tx timeout
[ 1244.250476][T14648] loop6: detected capacity change from 0 to 40427
[ 1244.295901][T14648] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x7ffff
[ 1244.313534][T14648] F2FS-fs (loop6): Image doesn't support compression
[ 1244.338231][T14648] F2FS-fs (loop6): invalid crc value
[ 1244.365408][T14648] F2FS-fs (loop6): Found nat_bits in checkpoint
[ 1244.491176][T14648] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1244.618241][T14648] syz.6.2024: attempt to access beyond end of device
[ 1244.618241][T14648] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1244.658590][T14648] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1244.686195][T14667] syz.6.2024: attempt to access beyond end of device
[ 1244.686195][T14667] loop6: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1244.714335][T14667] syz.6.2024: attempt to access beyond end of device
[ 1244.714335][T14667] loop6: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1245.428087][T14683] netlink: 'syz.5.2037': attribute type 2 has an invalid length.
[ 1246.129169][T14699] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[ 1247.357234][T14731] loop6: detected capacity change from 0 to 128
[ 1247.384631][T14731] EXT4-fs: Ignoring removed nobh option
[ 1247.432041][T14731] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1247.449709][T14731] ext4 filesystem being mounted at /101/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1247.550350][T12839] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1247.938304][T14724] loop3: detected capacity change from 0 to 32768
[ 1248.683984][T14759] loop3: detected capacity change from 0 to 512
[ 1248.700919][T14759] EXT4-fs: Ignoring removed i_version option
[ 1248.717006][T14759] EXT4-fs: Ignoring removed nobh option
[ 1248.724977][T14759] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1248.784215][T14759] EXT4-fs (loop3): 1 truncate cleaned up
[ 1248.793918][T14759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1248.932653][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1249.110697][T14770] tipc: Started in network mode
[ 1249.119797][T14770] tipc: Node identity 7365725f69643d3, cluster identity 4711
[ 1249.140172][T14770] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1249.331694][T14778] netlink: 44 bytes leftover after parsing attributes in process `syz.6.2073'.
[ 1249.569334][   T28] audit: type=1326 audit(2000001175.736:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14760 comm="syz.5.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c238e929 code=0x7fc00000
[ 1250.127121][T14780] loop3: detected capacity change from 0 to 32768
[ 1250.152795][T14780] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1250.276696][T14784] loop6: detected capacity change from 0 to 32768
[ 1250.330654][T14784] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1250.333783][T14780] XFS (loop3): Ending clean mount
[ 1250.592971][ T5787] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1250.601794][T14784] XFS (loop6): Ending clean mount
[ 1250.626644][T14784] XFS (loop6): Quotacheck needed: Please wait.
[ 1250.855466][T14784] XFS (loop6): Quotacheck: Done.
[ 1251.209784][T12839] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1251.442876][T14832] loop5: detected capacity change from 0 to 4096
[ 1252.080571][T12521] udevd[12521]: failed to send result of seq 16517 to main daemon: Connection refused
[ 1252.302599][T14829] loop3: detected capacity change from 0 to 32768
[ 1252.368024][T14829] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1252.477687][T14858] loop6: detected capacity change from 0 to 8192
[ 1252.491517][T14829] XFS (loop3): Ending clean mount
[ 1252.522457][T14829] XFS (loop3): Quotacheck needed: Please wait.
[ 1252.620871][T14829] XFS (loop3): Quotacheck: Done.
[ 1252.677342][ T5787] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1253.254372][T14886] futex_wake_op: syz.6.2112 tries to shift op by -1; fix this program
[ 1253.667208][T14906] loop5: detected capacity change from 0 to 64
[ 1253.953603][T14915] vcan0: tx drop: invalid sa for name 0x0000000000000001
[ 1254.257141][T14930] loop5: detected capacity change from 0 to 128
[ 1254.554529][T14941] netlink: 9286 bytes leftover after parsing attributes in process `syz.6.2135'.
[ 1255.522749][T14978] loop5: detected capacity change from 0 to 256
[ 1255.558429][T14978] FAT-fs (loop5): Directory bread(block 64) failed
[ 1255.570198][T14978] FAT-fs (loop5): Directory bread(block 65) failed
[ 1255.584389][T14978] FAT-fs (loop5): Directory bread(block 66) failed
[ 1255.590993][T14978] FAT-fs (loop5): Directory bread(block 67) failed
[ 1255.601784][T14978] FAT-fs (loop5): Directory bread(block 68) failed
[ 1255.609031][T14978] FAT-fs (loop5): Directory bread(block 69) failed
[ 1255.616492][T14978] FAT-fs (loop5): Directory bread(block 70) failed
[ 1255.623566][T14978] FAT-fs (loop5): Directory bread(block 71) failed
[ 1255.631584][T14978] FAT-fs (loop5): Directory bread(block 72) failed
[ 1255.643110][T14978] FAT-fs (loop5): Directory bread(block 73) failed
[ 1255.805852][ T6023] kworker/u4:13: attempt to access beyond end of device
[ 1255.805852][ T6023] loop5: rw=1, sector=1224, nr_sectors = 12 limit=256
[ 1256.021009][T14982] loop3: detected capacity change from 0 to 32768
[ 1256.031717][T14982] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2153 (14982)
[ 1256.059550][T14982] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1256.073933][T14982] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[ 1256.083428][T14982] BTRFS info (device loop3): turning on sync discard
[ 1256.095496][T14982] BTRFS info (device loop3): use zlib compression, level 3
[ 1256.104283][T14982] BTRFS info (device loop3): turning off barriers
[ 1256.117067][T14982] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1256.135142][T14982] BTRFS info (device loop3): trying to use backup root at mount time
[ 1256.143782][T14982] BTRFS info (device loop3): enabling auto defrag
[ 1256.155835][T14982] BTRFS info (device loop3): max_inline at 0
[ 1256.165630][T14982] BTRFS info (device loop3): using free space tree
[ 1256.230031][T15001] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2156'.
[ 1256.253831][ T6023] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[ 1256.278427][T14982] BTRFS error (device loop3): failed to load root extent
[ 1256.285593][T14982] BTRFS warning (device loop3): try to load backup roots slot 1
[ 1256.321478][ T6017] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[ 1256.352003][T14982] BTRFS warning (device loop3): couldn't read tree root
[ 1256.374355][T14982] BTRFS warning (device loop3): try to load backup roots slot 2
[ 1256.393759][ T6023] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[ 1256.412956][T14982] BTRFS warning (device loop3): couldn't read tree root
[ 1256.423543][T14982] BTRFS warning (device loop3): try to load backup roots slot 3
[ 1256.444804][T14982] BTRFS info (device loop3): enabling ssd optimizations
[ 1256.453164][T14982] BTRFS info (device loop3): rebuilding free space tree
[ 1256.488805][T14982] BTRFS info (device loop3): checking UUID tree
[ 1256.553675][   T28] audit: type=1800 audit(2000001182.265:774): pid=14982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2153" name="file1" dev="loop3" ino=257 res=0 errno=0
[ 1256.605305][   T28] audit: type=1326 audit(2000001182.302:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c238e929 code=0x7ffc0000
[ 1256.657765][   T28] audit: type=1326 audit(2000001182.302:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c238e929 code=0x7ffc0000
[ 1256.661887][ T5787] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1256.737861][   T28] audit: type=1326 audit(2000001182.302:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f31c232ab19 code=0x7ffc0000
[ 1256.760714][   T28] audit: type=1326 audit(2000001182.302:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f31c232ab19 code=0x7ffc0000
[ 1256.790350][   T28] audit: type=1326 audit(2000001182.302:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c238e929 code=0x7ffc0000
[ 1256.816701][   T28] audit: type=1326 audit(2000001182.302:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c238e929 code=0x7ffc0000
[ 1256.845513][ T9780] Bluetooth: hci4: command 0x1003 tx timeout
[ 1256.853759][T13544] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1256.876475][   T28] audit: type=1326 audit(2000001182.302:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f31c232ab19 code=0x7ffc0000
[ 1256.900170][   T28] audit: type=1326 audit(2000001182.302:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f31c232ab19 code=0x7ffc0000
[ 1256.923326][   T28] audit: type=1326 audit(2000001182.302:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15009 comm="syz.5.2159" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f31c238e929 code=0x7ffc0000
[ 1257.522627][T15026] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1257.547905][T15031] netlink: 'syz.6.2167': attribute type 12 has an invalid length.
[ 1257.556117][T15031] netlink: 'syz.6.2167': attribute type 29 has an invalid length.
[ 1257.564715][T15031] netlink: 148 bytes leftover after parsing attributes in process `syz.6.2167'.
[ 1257.679993][T15035] loop3: detected capacity change from 0 to 16
[ 1257.689899][T15035] erofs: (device loop3): mounted with root inode @ nid 36.
[ 1257.833821][T15041] loop3: detected capacity change from 0 to 128
[ 1258.127870][   T27] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[ 1258.148499][T15052] loop3: detected capacity change from 0 to 128
[ 1258.182141][T15052] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1258.222618][T15052] ext4 filesystem being mounted at /552/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1258.284052][T15043] loop5: detected capacity change from 0 to 32768
[ 1258.312188][T15043] 
[ 1258.312188][T15043]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1258.312188][T15043] 
[ 1258.331182][ T5787] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1258.345502][   T27] usb 7-1: config 0 has no interfaces?
[ 1258.351061][   T27] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1258.380294][   T27] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1258.407019][   T27] usb 7-1: config 0 descriptor??
[ 1258.439194][T15043] 
[ 1258.439194][T15043]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1258.439194][T15043] 
[ 1258.466819][T15043] 
[ 1258.466819][T15043]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1258.466819][T15043] 
[ 1258.534750][T15062] read_mapping_page failed!
[ 1258.540020][T15062] ERROR: (device loop5): txCommit: 
[ 1258.540020][T15062] 
[ 1258.639327][ T6023] ERROR: (device loop5): diWrite: ixpxd invalid
[ 1258.639327][ T6023] 
[ 1258.652680][   T27] usb 7-1: USB disconnect, device number 5
[ 1258.678675][T15068] loop3: detected capacity change from 0 to 1024
[ 1258.684672][ T6023] ERROR: (device loop5): txCommit: 
[ 1258.684672][ T6023] 
[ 1258.686504][T15068] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1258.699989][ T6023] jfs_write_inode: jfs_commit_inode failed!
[ 1258.707231][ T8789] 
[ 1258.707231][ T8789]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1258.707231][ T8789] 
[ 1258.718693][ T8789] 
[ 1258.718693][ T8789]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1258.718693][ T8789] 
[ 1258.735580][T15068] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1258.912113][ T5787] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1259.414130][T15092] loop5: detected capacity change from 0 to 164
[ 1259.424618][T15090] loop6: detected capacity change from 0 to 4096
[ 1259.437445][T15092] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1259.437447][T15090] ntfs3: loop6: Different NTFS sector size (2048) and media sector size (512).
[ 1259.458219][T15092] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1259.492063][T15092] Symlink component flag not implemented
[ 1259.502099][T15092] Symlink component flag not implemented
[ 1259.518469][T15092] Symlink component flag not implemented (7)
[ 1259.546406][T15092] Symlink component flag not implemented (116)
[ 1259.785299][T15084] loop3: detected capacity change from 0 to 32768
[ 1259.824941][T15101] loop6: detected capacity change from 0 to 1024
[ 1259.836379][T15084] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1259.859927][T11360] (kworker/u4:1,11360,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[ 1259.944123][ T5787] (syz-executor,5787,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 70
[ 1259.954826][T15106] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[ 1259.966964][ T5787] (syz-executor,5787,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[ 1259.967945][T15105] IPVS: stopping master sync thread 15106 ...
[ 1259.994516][T11360] hfsplus: b-tree write err: -5, ino 3
[ 1260.009789][ T5787] ocfs2: Unmounting device (7,3) on (node local)
[ 1260.016354][   T27] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1260.033375][T12839] hfsplus: node 4:3 still has 2 user(s)!
[ 1260.247038][   T27] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1260.268981][   T27] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1260.293575][   T27] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1260.308547][   T27] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1260.329327][   T27] usb 6-1: Product: syz
[ 1260.338762][   T27] usb 6-1: Manufacturer: syz
[ 1260.370405][   T27] usb 6-1: SerialNumber: syz
[ 1260.384942][   T27] cdc_mbim 6-1:1.0: skipping garbage
[ 1260.606554][T15099] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1260.725279][T15110] loop6: detected capacity change from 0 to 32768
[ 1260.734330][T15110] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.2200 (15110)
[ 1260.753607][T15110] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1260.765675][T15110] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[ 1260.779972][T15110] BTRFS info (device loop6): turning off barriers
[ 1260.786579][T15110] BTRFS info (device loop6): setting nodatasum
[ 1260.805794][T15110] BTRFS info (device loop6): enabling auto defrag
[ 1260.814301][T15110] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1260.827346][T15110] BTRFS info (device loop6): use zstd compression, level 3
[ 1260.834878][T15110] BTRFS info (device loop6): using free space tree
[ 1260.916871][T15110] BTRFS info (device loop6): auto enabling async discard
[ 1261.101544][T12839] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1261.284780][T15099] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1261.312246][   T27] cdc_mbim 6-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[ 1261.335253][   T27] cdc_mbim 6-1:1.0: setting rx_max = 2048
[ 1261.452533][T15148] input: syz1 as /devices/virtual/input/input27
[ 1261.535070][   T27] cdc_mbim 6-1:1.0: setting tx_max = 184
[ 1261.554259][   T27] cdc_mbim 6-1:1.0: cdc-wdm0: USB WDM device
[ 1261.571426][   T27] wwan wwan0: port wwan0mbim0 attached
[ 1261.597171][   T27] cdc_mbim 6-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.5-1, CDC MBIM, d6:fc:f5:34:40:5c
[ 1261.616438][   T27] usb 6-1: USB disconnect, device number 14
[ 1261.623835][   T27] cdc_mbim 6-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.5-1, CDC MBIM
[ 1261.704366][   T27] wwan wwan0: port wwan0mbim0 disconnected
[ 1262.768162][   T27] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1263.003008][   T27] usb 6-1: Using ep0 maxpacket: 8
[ 1263.011753][   T27] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1263.033125][   T27] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1263.056011][   T27] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1263.067310][   T27] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1263.077954][   T27] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1263.091603][   T27] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1263.101113][   T27] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.338942][   T27] usb 6-1: GET_CAPABILITIES returned 0
[ 1263.345379][   T27] usbtmc 6-1:16.0: can't read capabilities
[ 1263.561556][   T27] usb 6-1: USB disconnect, device number 15
[ 1263.662107][T15201] loop6: detected capacity change from 0 to 32768
[ 1263.707861][T15201] JBD2: Ignoring recovery information on journal
[ 1263.772748][T15201] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[ 1264.022524][T12839] ocfs2: Unmounting device (7,6) on (node local)
[ 1264.133089][T15221] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1264.222150][   T27] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1264.422203][T15227] loop6: detected capacity change from 0 to 2048
[ 1264.431165][T15227] NILFS (loop6): unrecognized mount option "order¥Û¾Èp‡D"
[ 1264.439760][   T27] usb 4-1: Using ep0 maxpacket: 8
[ 1264.478456][   T27] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1264.499350][   T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1264.509427][   T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1264.545157][   T27] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1264.606172][   T27] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1264.626210][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1264.877323][   T27] usb 4-1: GET_CAPABILITIES returned 0
[ 1264.882906][   T27] usbtmc 4-1:16.0: can't read capabilities
[ 1265.130199][   T55] usb 4-1: USB disconnect, device number 18
[ 1265.298614][T15249] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2250'.
[ 1265.460784][T15249] team0: Port device team_slave_0 removed
[ 1266.413606][T15282] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1266.425337][T15282] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1266.827791][T15306] loop9: detected capacity change from 0 to 7
[ 1266.859890][T15306]  loop9: [POWERTEC] p1 p2
[ 1266.868102][T15306] loop9: p1 start 1600481121 is beyond EOD, truncated
[ 1266.875520][T15306] loop9: p2 size 1680801792 extends beyond EOD, truncated
[ 1267.315328][T15329] loop6: detected capacity change from 0 to 256
[ 1267.357986][T15329] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d)
[ 1267.664787][   T55] kernel write not supported for file /input/event2 (pid: 55 comm: kworker/0:2)
[ 1267.768757][T15340] trusted_key: syz.6.2289 sent an empty control message without MSG_MORE.
[ 1267.829615][T15325] loop5: detected capacity change from 0 to 32768
[ 1267.865476][T15325] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.2280 (15325)
[ 1267.885020][T15325] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1267.905550][T15325] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[ 1267.920703][T15325] BTRFS info (device loop5): turning off barriers
[ 1267.927354][T15325] BTRFS info (device loop5): setting nodatasum
[ 1267.934006][T15325] BTRFS info (device loop5): enabling auto defrag
[ 1267.941764][T15325] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1267.951787][T15325] BTRFS info (device loop5): use zstd compression, level 3
[ 1267.959583][T15325] BTRFS info (device loop5): using free space tree
[ 1268.028930][T15325] BTRFS info (device loop5): auto enabling async discard
[ 1268.216189][ T8789] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1268.351850][T15371] netlink: 'syz.3.2296': attribute type 1 has an invalid length.
[ 1268.393805][T15371] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1268.498461][T15371] bond1: (slave veth0_to_bond): making interface the new active one
[ 1268.538484][T15371] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[ 1268.567848][T15373] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1268.664644][   T28] kauditd_printk_skb: 76 callbacks suppressed
[ 1268.664662][   T28] audit: type=1326 audit(2000001193.574:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15375 comm="syz.6.2298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f863918e929 code=0x0
[ 1269.319079][T15382] loop5: detected capacity change from 0 to 32768
[ 1269.365342][T15382] JBD2: Ignoring recovery information on journal
[ 1269.502470][T15382] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1269.837064][ T8789] ocfs2: Unmounting device (7,5) on (node local)
[ 1270.283346][T15400] loop6: detected capacity change from 0 to 32768
[ 1270.291682][T15400] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.2306 (15400)
[ 1270.309385][T15400] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1270.319686][T15400] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[ 1270.328495][T15400] BTRFS info (device loop6): enabling disk space caching
[ 1270.335578][T15400] BTRFS info (device loop6): doing ref verification
[ 1270.342496][T15400] BTRFS info (device loop6): use zlib compression, level 3
[ 1270.349875][T15400] BTRFS info (device loop6): force clearing of disk cache
[ 1270.357027][T15400] BTRFS info (device loop6): doing ref verification
[ 1270.370132][T15400] BTRFS info (device loop6): disk space caching is enabled
[ 1270.404981][T15400] BTRFS info (device loop6): auto enabling async discard
[ 1270.418227][T15400] BTRFS info (device loop6): rebuilding free space tree
[ 1270.444367][T15400] BTRFS info (device loop6): disabling free space tree
[ 1270.451324][T15400] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1270.464058][T15400] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1270.510781][T12839] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1270.518310][    T9] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[ 1270.750547][    T9] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1270.767394][    T9] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[ 1270.779841][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1270.792684][    T9] usb 6-1: New USB device found, idVendor=04d9, idProduct=a067, bcdDevice= 0.00
[ 1270.803324][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.821495][    T9] usb 6-1: config 0 descriptor??
[ 1270.827676][T15408] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1270.972260][T15427] ip6gre1: entered allmulticast mode
[ 1271.014381][T15429] loop6: detected capacity change from 0 to 16
[ 1271.025447][T15429] erofs: (device loop6): mounted with root inode @ nid 36.
[ 1271.136587][T15431] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2315'.
[ 1271.277469][    T9] holtek_mouse 0003:04D9:A067.0008: unknown main item tag 0x7
[ 1271.298646][    T9] holtek_mouse 0003:04D9:A067.0008: hidraw0: USB HID v0.00 Device [HID 04d9:a067] on usb-dummy_hcd.5-1/input0
[ 1271.507604][    T9] usb 6-1: USB disconnect, device number 16
[ 1271.615985][T15454] tipc: Can't add remote ip to TIPC UDP multicast bearer
[ 1272.373206][T15479] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2333'.
[ 1272.397834][T15481] 9pnet_fd: Insufficient options for proto=fd
[ 1273.190180][T15473] loop3: detected capacity change from 0 to 40427
[ 1273.220485][T15473] F2FS-fs (loop3): invalid crc value
[ 1273.397089][T15496] 9pnet_fd: Insufficient options for proto=fd
[ 1273.399600][T15473] F2FS-fs (loop3): inconsistent node block, nid:3, node_footer[nid:83886083,ino:3,ofs:0,cpver:144115189295547873,blkaddr:4098]
[ 1273.463190][T15473] F2FS-fs (loop3): Failed to read root inode
[ 1273.509583][T15484] loop5: detected capacity change from 0 to 40427
[ 1273.534539][T15484] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1273.554234][T15484] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1273.588802][T15484] F2FS-fs (loop5): invalid crc value
[ 1273.623513][T15484] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1273.661148][T15503] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[ 1273.692260][T15484] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[ 1273.704960][T15484] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1274.475851][T15513] netlink: 88 bytes leftover after parsing attributes in process `syz.5.2342'.
[ 1274.495100][T15513] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2342'.
[ 1274.650062][T15515] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1274.688749][T15515] batadv_slave_0: entered promiscuous mode
[ 1274.819378][T15511] loop3: detected capacity change from 0 to 40427
[ 1274.852490][T15511] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[ 1274.865673][   T28] audit: type=1326 audit(2000001199.392:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.6.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f863918e929 code=0x7fc00000
[ 1274.888995][T15511] F2FS-fs (loop3): Image doesn't support compression
[ 1274.925425][T15511] F2FS-fs (loop3): invalid crc value
[ 1274.934556][T15511] F2FS-fs (loop3): Found nat_bits in checkpoint
[ 1275.007780][T15511] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[ 1275.102696][T15511] syz.3.2345: attempt to access beyond end of device
[ 1275.102696][T15511] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1275.121208][T15511] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1275.145726][T15511] syz.3.2345: attempt to access beyond end of device
[ 1275.145726][T15511] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[ 1275.163132][T15511] syz.3.2345: attempt to access beyond end of device
[ 1275.163132][T15511] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1275.261231][T15536] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1275.543015][   T28] audit: type=1326 audit(2000001200.028:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15516 comm="syz.6.2347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f863912ab19 code=0x7fc00000
[ 1275.971924][    T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1276.181162][    T9] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1276.199935][    T9] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1276.234056][    T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1276.254811][ T6023] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.258899][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1276.308618][    T9] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[ 1276.346468][    T9] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1276.363296][    T9] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1276.389908][    T9] usb 7-1: Product: syz
[ 1276.394147][    T9] usb 7-1: Manufacturer: syz
[ 1276.435300][    T9] cdc_wdm 7-1:1.0: skipping garbage
[ 1276.456506][    T9] cdc_wdm 7-1:1.0: skipping garbage
[ 1276.474265][    T9] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[ 1276.475110][ T6023] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.480215][    T9] cdc_wdm 7-1:1.0: Unknown control protocol
[ 1276.635277][ T6023] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.657649][    T9] usb 7-1: USB disconnect, device number 6
[ 1276.680362][T15554] netlink: 'syz.5.2364': attribute type 4 has an invalid length.
[ 1276.750370][T15558] netlink: 'syz.5.2364': attribute type 4 has an invalid length.
[ 1276.829090][ T6023] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.877953][T15563] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2367'.
[ 1277.093373][ T6023] tipc: Disabling bearer <udp:syz2>
[ 1277.120686][ T6023] tipc: Left network mode
[ 1277.121646][ T9780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1277.139761][ T9780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1277.159263][ T9780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1277.183011][ T9780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1277.193844][ T9780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1277.201514][ T9780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1278.131433][T15566] chnl_net:caif_netlink_parms(): no params data found
[ 1278.546308][T15566] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1278.567530][T15566] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1278.586250][T15566] bridge_slave_0: entered allmulticast mode
[ 1278.605361][T15566] bridge_slave_0: entered promiscuous mode
[ 1278.654450][T15566] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1278.685239][T15566] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1278.704791][T15566] bridge_slave_1: entered allmulticast mode
[ 1278.726835][T15566] bridge_slave_1: entered promiscuous mode
[ 1278.871906][T15631] loop6: detected capacity change from 0 to 16
[ 1278.904357][T15631] erofs: (device loop6): mounted with root inode @ nid 36.
[ 1278.928625][T15566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1278.950827][T15566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1279.025156][ T6023] hsr_slave_0: left promiscuous mode
[ 1279.035840][ T6023] hsr_slave_1: left promiscuous mode
[ 1279.054053][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1279.070477][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1279.079547][ T6023] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1279.093746][ T6023] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1279.138218][ T6023] veth1_macvtap: left promiscuous mode
[ 1279.145944][ T6023] veth0_macvtap: left promiscuous mode
[ 1279.153119][ T6023] veth1_vlan: left promiscuous mode
[ 1279.159242][ T6023] veth0_vlan: left promiscuous mode
[ 1279.390585][ T5945] infiniband syz1: ib_query_port failed (-19)
[ 1279.435947][T13544] Bluetooth: hci2: command tx timeout
[ 1279.761175][ T6023] bond1 (unregistering): (slave veth0_to_bond): Releasing active interface
[ 1279.764562][T15652] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2396'.
[ 1279.790144][ T6023] bond1 (unregistering): Released all slaves
[ 1279.920304][ T6023] team0 (unregistering): Port device geneve1 removed
[ 1280.637876][ T6023] team0 (unregistering): Port device team_slave_1 removed
[ 1280.713341][ T6023] team0 (unregistering): Port device team_slave_0 removed
[ 1280.819051][ T6023] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1280.907715][ T6023] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1280.916750][ T5794] infiniband syz1: ib_query_port failed (-19)
[ 1281.656761][T13544] Bluetooth: hci2: command tx timeout
[ 1281.758143][ T6023] bond0 (unregistering): Released all slaves
[ 1281.868842][T15566] team0: Port device team_slave_0 added
[ 1281.878184][T15641] netlink: 'syz.6.2393': attribute type 4 has an invalid length.
[ 1281.926265][T15656] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2398'.
[ 1281.993844][T15566] team0: Port device team_slave_1 added
[ 1282.028472][T15658] sg_write: process 451 (syz.6.2399) changed security contexts after opening file descriptor, this is not allowed.
[ 1282.067949][T15566] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1282.096791][T15566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1282.157417][T15566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1282.171020][T15566] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1282.178041][T15566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1282.207918][T15566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1282.363887][T15566] hsr_slave_0: entered promiscuous mode
[ 1282.382094][T15566] hsr_slave_1: entered promiscuous mode
[ 1282.658923][ T6023] IPVS: stop unused estimator thread 0...
[ 1282.943739][T15566] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1282.966335][T15566] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1282.998035][T15566] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1283.061437][T15566] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1283.362441][T15566] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1283.407697][T15566] 8021q: adding VLAN 0 to HW filter on device team0
[ 1283.427459][ T6017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1283.434812][ T6017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1283.470502][ T6017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1283.477800][ T6017] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1283.748392][T15685] loop6: detected capacity change from 0 to 32768
[ 1283.784429][T15685] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop6 scanned by syz.6.2409 (15685)
[ 1283.813407][T15685] BTRFS info (device loop6): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1283.834639][T15685] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[ 1283.844570][T15685] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1283.861364][T15685] BTRFS info (device loop6): use zstd compression, level 3
[ 1283.868650][T15685] BTRFS info (device loop6): using free space tree
[ 1283.878377][T13544] Bluetooth: hci2: command tx timeout
[ 1283.915507][T15685] BTRFS info (device loop6): enabling ssd optimizations
[ 1283.922753][T15685] BTRFS info (device loop6): auto enabling async discard
[ 1283.976705][T15566] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1284.177684][T12839] BTRFS info (device loop6): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1284.774762][T15566] veth0_vlan: entered promiscuous mode
[ 1284.885046][T15566] veth1_vlan: entered promiscuous mode
[ 1285.018918][T15566] veth0_macvtap: entered promiscuous mode
[ 1285.045641][T15566] veth1_macvtap: entered promiscuous mode
[ 1285.102763][T15566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1285.132108][T15566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1285.142023][T15566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1285.176331][T15566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1285.198897][T15566] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1285.255838][T15566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1285.280532][T15566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1285.302951][T15566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1285.335140][T15566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1285.345064][T15566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1285.384997][T15566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1285.419911][T15566] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1285.445313][T15566] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.481605][T15566] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.494744][T15566] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1285.513990][T15566] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.018289][T12959] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1286.028711][T12959] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1286.094547][T13544] Bluetooth: hci2: command tx timeout
[ 1286.119966][ T6046] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1286.153830][ T6046] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1286.507082][   T28] audit: type=1326 audit(2000001210.280:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15795 comm="syz.7.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e5b8e929 code=0x7ffc0000
[ 1286.576767][   T28] audit: type=1326 audit(2000001210.280:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15795 comm="syz.7.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f47e5b8e929 code=0x7ffc0000
[ 1286.668637][   T28] audit: type=1326 audit(2000001210.280:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15795 comm="syz.7.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e5b8e929 code=0x7ffc0000
[ 1286.745530][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.746886][   T28] audit: type=1326 audit(2000001210.280:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15795 comm="syz.7.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f47e5b8e929 code=0x7ffc0000
[ 1286.764545][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.798543][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.809825][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.820822][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.830458][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.847772][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.852752][   T28] audit: type=1326 audit(2000001210.280:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15795 comm="syz.7.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e5b8e929 code=0x7ffc0000
[ 1286.878633][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.894588][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.906574][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.921655][   T28] audit: type=1326 audit(2000001210.280:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15795 comm="syz.7.2435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47e5b8e929 code=0x7ffc0000
[ 1286.922318][ T5945] hid-generic 00A0:0006:0003.0009: unknown main item tag 0x0
[ 1286.986781][ T5945] hid-generic 00A0:0006:0003.0009: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[ 1288.711795][T15845] loop5: detected capacity change from 0 to 128
[ 1289.334887][   T11] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1289.453221][   T11] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1289.585913][   T11] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1289.748681][   T11] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1290.683167][ T9780] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1290.719831][ T9780] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1290.730784][ T9780] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1290.742711][ T9780] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1290.751908][ T9780] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1290.759788][ T9780] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1290.820515][T15866] loop6: detected capacity change from 0 to 32768
[ 1290.866047][T15866] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1290.884215][T15866] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[ 1290.893755][T15866] BTRFS info (device loop6): using free space tree
[ 1290.986180][T15866] BTRFS info (device loop6): enabling ssd optimizations
[ 1291.003241][T15866] BTRFS info (device loop6): auto enabling async discard
[ 1291.551076][T15869] overlayfs: failed to clone upperpath
[ 1291.560858][T12839] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1291.602282][T15869] overlayfs: failed to clone upperpath
[ 1292.394847][T15874] chnl_net:caif_netlink_parms(): no params data found
[ 1292.573238][   T11] hsr_slave_0: left promiscuous mode
[ 1292.586494][   T11] hsr_slave_1: left promiscuous mode
[ 1292.608977][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1292.623444][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1292.632876][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1292.643051][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1292.653384][   T11] bridge_slave_1: left allmulticast mode
[ 1292.660234][   T11] bridge_slave_1: left promiscuous mode
[ 1292.666883][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1292.706890][   T11] bridge_slave_0: left allmulticast mode
[ 1292.722229][   T11] bridge_slave_0: left promiscuous mode
[ 1292.731251][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1292.936386][ T9780] Bluetooth: hci2: command tx timeout
[ 1293.051090][   T11] veth1_macvtap: left promiscuous mode
[ 1293.057212][   T11] veth0_macvtap: left promiscuous mode
[ 1293.062942][   T11] veth1_vlan: left promiscuous mode
[ 1293.085961][   T11] veth0_vlan: left promiscuous mode
[ 1293.372271][T15927] nbd6: detected capacity change from 0 to 12
[ 1293.390359][T15927] block nbd6: shutting down sockets
[ 1293.677230][T15932] loop6: detected capacity change from 0 to 2048
[ 1293.694846][T15932] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1293.978588][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[ 1293.985238][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[ 1294.826002][   T11] team0 (unregistering): Port device team_slave_1 removed
[ 1294.954656][   T11] team0 (unregistering): Port device team_slave_0 removed
[ 1295.036292][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1295.124726][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1295.160127][ T9780] Bluetooth: hci2: command tx timeout
[ 1296.097023][   T11] bond0 (unregistering): Released all slaves
[ 1296.212434][T15947] netlink: 132 bytes leftover after parsing attributes in process `syz.2.2485'.
[ 1296.360801][T15874] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1296.380335][T15874] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1296.395911][T15874] bridge_slave_0: entered allmulticast mode
[ 1296.409550][T15874] bridge_slave_0: entered promiscuous mode
[ 1296.428908][T15874] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1296.459891][T15874] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1296.467552][T15874] bridge_slave_1: entered allmulticast mode
[ 1296.480245][T15874] bridge_slave_1: entered promiscuous mode
[ 1296.614232][T15874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1296.627503][T15874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1296.738248][T15874] team0: Port device team_slave_0 added
[ 1296.811485][T15874] team0: Port device team_slave_1 added
[ 1296.893832][T15874] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1296.919315][T15874] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1296.966565][T15874] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1296.987474][T15874] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1297.005432][T15874] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1297.031928][T15874] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1297.135278][T15874] hsr_slave_0: entered promiscuous mode
[ 1297.147006][T15874] hsr_slave_1: entered promiscuous mode
[ 1297.201876][   T27] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1297.250083][T15971] loop5: detected capacity change from 0 to 32768
[ 1297.277679][T15971] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1297.384689][ T9780] Bluetooth: hci2: command tx timeout
[ 1297.398791][   T27] usb 7-1: config index 0 descriptor too short (expected 64575, got 68)
[ 1297.407536][   T27] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1297.420160][   T27] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
[ 1297.435620][   T27] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1297.450666][   T27] usb 7-1: config index 1 descriptor too short (expected 64575, got 68)
[ 1297.459271][   T27] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1297.473046][   T27] usb 7-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 3, skipping
[ 1297.484371][   T27] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[ 1297.575269][   T27] usb 7-1: string descriptor 0 read error: -71
[ 1297.598356][   T27] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1297.607816][   T27] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1297.628288][ T8789] 
[ 1297.629182][   T27] usb 7-1: can't set config #1, error -71
[ 1297.630746][ T8789] ======================================================
[ 1297.630754][ T8789] WARNING: possible circular locking dependency detected
[ 1297.630771][ T8789] 6.6.98-syzkaller #0 Not tainted
[ 1297.630781][ T8789] ------------------------------------------------------
[ 1297.630788][ T8789] syz-executor/8789 is trying to acquire lock:
[ 1297.630798][ T8789] ffff88807c40b498 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: __ocfs2_flush_truncate_log+0x351/0x10b0
[ 1297.649587][   T27] usb 7-1: USB disconnect, device number 7
[ 1297.650621][ T8789] 
[ 1297.650621][ T8789] but task is already holding lock:
[ 1297.650631][ T8789] ffff888060afdf58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_flush_truncate_log+0x47/0x60
[ 1297.707892][ T8789] 
[ 1297.707892][ T8789] which lock already depends on the new lock.
[ 1297.707892][ T8789] 
[ 1297.718305][ T8789] 
[ 1297.718305][ T8789] the existing dependency chain (in reverse order) is:
[ 1297.727318][ T8789] 
[ 1297.727318][ T8789] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}:
[ 1297.737869][ T8789]        down_write+0x97/0x1f0
[ 1297.742653][ T8789]        __ocfs2_move_extents_range+0x1a65/0x3360
[ 1297.749088][ T8789]        ocfs2_move_extents+0x379/0x940
[ 1297.754698][ T8789]        ocfs2_ioctl_move_extents+0x4e1/0x6c0
[ 1297.760797][ T8789]        ocfs2_ioctl+0x195/0x750
[ 1297.765846][ T8789]        __se_sys_ioctl+0xfd/0x170
[ 1297.770982][ T8789]        do_syscall_64+0x55/0xb0
[ 1297.775941][ T8789]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1297.782375][ T8789] 
[ 1297.782375][ T8789] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}:
[ 1297.792908][ T8789]        __lock_acquire+0x2ddb/0x7c80
[ 1297.798292][ T8789]        lock_acquire+0x197/0x410
[ 1297.803341][ T8789]        down_write+0x97/0x1f0
[ 1297.808111][ T8789]        __ocfs2_flush_truncate_log+0x351/0x10b0
[ 1297.814462][ T8789]        ocfs2_flush_truncate_log+0x4f/0x60
[ 1297.820472][ T8789]        ocfs2_sync_fs+0x117/0x310
[ 1297.825636][ T8789]        sync_filesystem+0x1c2/0x220
[ 1297.830956][ T8789]        generic_shutdown_super+0x6f/0x2b0
[ 1297.836876][ T8789]        kill_block_super+0x44/0x90
[ 1297.842272][ T8789]        deactivate_locked_super+0x97/0x100
[ 1297.848180][ T8789]        cleanup_mnt+0x429/0x4c0
[ 1297.853135][ T8789]        task_work_run+0x1ce/0x250
[ 1297.858259][ T8789]        exit_to_user_mode_loop+0xe6/0x110
[ 1297.864084][ T8789]        exit_to_user_mode_prepare+0xb1/0x140
[ 1297.870168][ T8789]        syscall_exit_to_user_mode+0x1a/0x50
[ 1297.876155][ T8789]        do_syscall_64+0x61/0xb0
[ 1297.881110][ T8789]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1297.887535][ T8789] 
[ 1297.887535][ T8789] other info that might help us debug this:
[ 1297.887535][ T8789] 
[ 1297.897769][ T8789]  Possible unsafe locking scenario:
[ 1297.897769][ T8789] 
[ 1297.905219][ T8789]        CPU0                    CPU1
[ 1297.910586][ T8789]        ----                    ----
[ 1297.915957][ T8789]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
[ 1297.923348][ T8789]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
[ 1297.933166][ T8789]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
[ 1297.942985][ T8789]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
[ 1297.950291][ T8789] 
[ 1297.950291][ T8789]  *** DEADLOCK ***
[ 1297.950291][ T8789] 
[ 1297.958440][ T8789] 2 locks held by syz-executor/8789:
[ 1297.963726][ T8789]  #0: ffff888079cfa0e0 (&type->s_umount_key#100){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0
[ 1297.974024][ T8789]  #1: ffff888060afdf58 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_flush_truncate_log+0x47/0x60
[ 1297.987202][ T8789] 
[ 1297.987202][ T8789] stack backtrace:
[ 1297.993114][ T8789] CPU: 0 PID: 8789 Comm: syz-executor Not tainted 6.6.98-syzkaller #0
[ 1298.001288][ T8789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1298.011373][ T8789] Call Trace:
[ 1298.014679][ T8789]  <TASK>
[ 1298.017665][ T8789]  dump_stack_lvl+0x16c/0x230
[ 1298.022380][ T8789]  ? load_image+0x3b0/0x3b0
[ 1298.026905][ T8789]  ? show_regs_print_info+0x20/0x20
[ 1298.032132][ T8789]  ? print_circular_bug+0x12b/0x1a0
[ 1298.037358][ T8789]  check_noncircular+0x2bd/0x3c0
[ 1298.042335][ T8789]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1298.047744][ T8789]  ? lockdep_lock+0xe0/0x220
[ 1298.052376][ T8789]  ? _find_first_zero_bit+0xd3/0x100
[ 1298.057688][ T8789]  __lock_acquire+0x2ddb/0x7c80
[ 1298.062572][ T8789]  ? ocfs2_get_system_file_inode+0x1e3/0x7b0
[ 1298.068584][ T8789]  ? __lock_acquire+0x7c80/0x7c80
[ 1298.073671][ T8789]  ? verify_lock_unused+0x140/0x140
[ 1298.078892][ T8789]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[ 1298.084545][ T8789]  ? do_raw_spin_lock+0x121/0x2c0
[ 1298.089585][ T8789]  ? mutex_unlock+0x10/0x10
[ 1298.094126][ T8789]  lock_acquire+0x197/0x410
[ 1298.098643][ T8789]  ? __ocfs2_flush_truncate_log+0x351/0x10b0
[ 1298.104655][ T8789]  ? ocfs2_get_system_file_inode+0x1f1/0x7b0
[ 1298.110667][ T8789]  ? __might_sleep+0xe0/0xe0
[ 1298.115273][ T8789]  ? read_lock_is_recursive+0x20/0x20
[ 1298.120663][ T8789]  ? ocfs2_fast_symlink_read_folio+0x530/0x530
[ 1298.126835][ T8789]  ? __wake_up+0x11f/0x190
[ 1298.131270][ T8789]  down_write+0x97/0x1f0
[ 1298.135528][ T8789]  ? __ocfs2_flush_truncate_log+0x351/0x10b0
[ 1298.141526][ T8789]  ? down_read_killable+0x340/0x340
[ 1298.146756][ T8789]  ? _raw_write_unlock+0x28/0x40
[ 1298.151762][ T8789]  ? jbd2_journal_unlock_updates+0x84/0xe0
[ 1298.157587][ T8789]  __ocfs2_flush_truncate_log+0x351/0x10b0
[ 1298.163422][ T8789]  ? ocfs2_truncate_log_needs_flush+0x2e0/0x2e0
[ 1298.169684][ T8789]  ? read_lock_is_recursive+0x20/0x20
[ 1298.175071][ T8789]  ? down_write+0x162/0x1f0
[ 1298.179600][ T8789]  ? down_read_killable+0x340/0x340
[ 1298.184847][ T8789]  ? __rwlock_init+0x150/0x150
[ 1298.189648][ T8789]  ocfs2_flush_truncate_log+0x4f/0x60
[ 1298.195050][ T8789]  ocfs2_sync_fs+0x117/0x310
[ 1298.199660][ T8789]  ? ocfs2_put_super+0x1c0/0x1c0
[ 1298.204638][ T8789]  ? writeback_inodes_sb_nr+0x30/0x30
[ 1298.210032][ T8789]  ? get_nr_dirty_inodes+0x1d4/0x220
[ 1298.215451][ T8789]  sync_filesystem+0x1c2/0x220
[ 1298.220237][ T8789]  generic_shutdown_super+0x6f/0x2b0
[ 1298.225539][ T8789]  kill_block_super+0x44/0x90
[ 1298.230234][ T8789]  deactivate_locked_super+0x97/0x100
[ 1298.235629][ T8789]  cleanup_mnt+0x429/0x4c0
[ 1298.240078][ T8789]  task_work_run+0x1ce/0x250
[ 1298.244692][ T8789]  ? task_work_cancel+0x240/0x240
[ 1298.249733][ T8789]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1298.255210][ T8789]  exit_to_user_mode_loop+0xe6/0x110
[ 1298.260511][ T8789]  exit_to_user_mode_prepare+0xb1/0x140
[ 1298.266094][ T8789]  syscall_exit_to_user_mode+0x1a/0x50
[ 1298.271618][ T8789]  do_syscall_64+0x61/0xb0
[ 1298.276063][ T8789]  ? clear_bhb_loop+0x40/0x90
[ 1298.280762][ T8789]  ? clear_bhb_loop+0x40/0x90
[ 1298.285494][ T8789]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1298.291408][ T8789] RIP: 0033:0x7f31c238fc57
[ 1298.295866][ T8789] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[ 1298.315577][ T8789] RSP: 002b:00007ffd0ec41168 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1298.324008][ T8789] RAX: 0000000000000000 RBX: 00007f31c2410925 RCX: 00007f31c238fc57
[ 1298.331993][ T8789] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0ec41220
[ 1298.339972][ T8789] RBP: 00007ffd0ec41220 R08: 0000000000000000 R09: 0000000000000000
[ 1298.347956][ T8789] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd0ec422b0
[ 1298.355936][ T8789] R13: 00007f31c2410925 R14: 000000000012f4ac R15: 00007ffd0ec422f0
[ 1298.363954][ T8789]  </TASK>
[ 1298.369797][T15874] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1298.381354][T15874] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1298.393088][T15874] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1298.407697][ T8789] (syz-executor,8789,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[ 1298.422462][T15874] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1298.444315][ T8789] ocfs2: Unmounting device (7,5) on (node local)
[ 1298.548397][T15874] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1298.584862][T15874] 8021q: adding VLAN 0 to HW filter on device team0
[ 1298.597786][ T6046] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1298.605033][ T6046] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1298.611465][T15988] loop5: detected capacity change from 0 to 1024
[ 1298.627386][ T6046] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1298.634621][ T6046] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1298.656085][T15988] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1298.679604][T15988] ext4 filesystem being mounted at /411/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1298.718254][T15988] EXT4-fs error (device loop5): ext4_map_blocks:718: inode #15: block 1: comm syz.5.2495: lblock 1 mapped to illegal pblock 1 (length 15)
[ 1298.737910][T15988] EXT4-fs (loop5): Remounting filesystem read-only
[ 1298.767689][ T8789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1298.840972][T15874] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1299.043351][T15874] veth0_vlan: entered promiscuous mode
[ 1299.056043][T15874] veth1_vlan: entered promiscuous mode
[ 1299.084441][T15874] veth0_macvtap: entered promiscuous mode
[ 1299.093728][T15874] veth1_macvtap: entered promiscuous mode
[ 1299.111173][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1299.122995][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1299.132991][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1299.143684][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1299.155083][T15874] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1299.169368][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1299.180570][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1299.190565][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1299.203515][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1299.213475][T15874] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1299.223980][T15874] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1299.235227][T15874] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1299.249285][T15874] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1299.258175][T15874] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1299.267460][T15874] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1299.276204][T15874] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1299.308005][T15874] ieee80211 phy19: Selected rate control algorithm 'minstrel_ht'
[ 1299.333833][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1299.335849][T15874] ieee80211 phy20: Selected rate control algorithm 'minstrel_ht'
[ 1299.355491][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1299.377199][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1299.385816][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1299.607191][ T9780] Bluetooth: hci2: command tx timeout