last executing test programs:

14.563635046s ago: executing program 0 (id=2765):
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x5, 0x0, 0x8002, 0xffffffff, 0x3, 0x8, 0x1, 0x2, r2}, &(0x7f0000000180)=0x20)

14.181594678s ago: executing program 0 (id=2767):
r0 = socket$inet6(0xa, 0x3, 0x9)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x6, &(0x7f0000000140)={0x7f, {{0x29, 0x0, 0x37000000, @local}}}, 0x88)
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
r2 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x10, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000200)={0x100, r3}, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000280)={0x100, r4}, 0x0)
close(r4)
close(r3)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000340)={0x100, r5}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r2, 0x0)
close(r2)
mknodat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file0\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000003c0)='./file2\x00', 0x81c0, 0x0)
unshare(0x20020480)
setsockopt$sock_attach_bpf(r1, 0x1, 0x31, 0x0, 0x42)
socket$nl_audit(0x10, 0x3, 0x9)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r7, 0xffffffffffffffff, 0x11, 0x0, @val=@kprobe_multi=@syms={0x0, 0x0, 0x0, 0x0, 0xff}}, 0x40)
r8 = syz_open_dev$evdev(&(0x7f0000000100), 0x0, 0x0)
fcntl$dupfd(r8, 0x0, r6)

13.795399686s ago: executing program 0 (id=2768):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000700)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000100), 0x20000000}, 0x20)
memfd_secret(0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x275a, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r2)
setgroups(0x1, &(0x7f0000000200)=[r2])
socket$inet6(0xa, 0x2, 0x3a)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000016c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@data_writeback}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x81}}, {@orlov}, {@nodiscard}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}], [{@fowner_gt}]}, 0x3, 0x448, &(0x7f0000001240)="$eJzs28tvG8UfAPDvruP019cvoZRHH0CgICIeSZMW6IELCCQOICHBoRxDklalboOaINGqgoJQOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sLJaO3dxHbsNAlOnNafj7TJzO44M1/Pjnd2Jw6gb41kP5KIPRHxe0QM1bPNBUbqv24tXp7+e/HydBLV6lt/JbVyNxcvTxdFi9ftzjOjaUT6WRKH2tQ7f/HS2alKZfZCnh9fOPf++PzFS8+eOTd1evb07PnJEyeOH5t44fnJ57oSZ9ammwc/mjt84LV3rr0xffLauz9/mxTxt8TRJSOrHXyiWu1ydb21tyGdDPSwIaxLKSKy7irXxv9QlGK584bi1U972jhgU1Wr1eruzoevVIG7WBJrLXk2/7wA7g7FhT67/y22LZp6bAs3XqrfAGVx38q3+pGBSPMy5Zb7224aiYiTV/75Kttic55DAAA0+T6b/zzTbv6Xxv0N5f6frw0NR8Q9EbEvIu6NiP0RcV9ErewDEfHgOutvXSRZOf9Jr28osDXK5n8v5mtbzfO/YvYXw6U8t7cWfzk5daYyezR/T0ajvCPLT6xSxw+v/PZFp2ON879sy+ov5oJ5O64P7Gh+zczUwtR/ibnRjU8iDg60iz9ZWglIIuJARBzcYB1nnvrmcKdjneIvr+UPd2Gdqfp1xJP1/r8SLfEXktXXJ8f/F5XZo+PFWbHSL79efbNT/bfv/82V9f+utuf/UvzDSeN67fz667j6x+cd72k2ev4PJm/X0oP5vg+nFhYuTEQMJq/XG924f3L5tUW+KJ/FP3qk/fjfF8vvxKGIyE7ihyLi4Yh4JG/7oxHxWEQcWSX+n15+/L2Nx7+5svhn1tX/y4nBaN3TPlE6++N3TZUOryf+rP+P11Kj+Z61fP6tpV0bO5sBAADgzpNGxJ5I0rGldJqOjdX/X35/7Eorc/MLT5+a++D8TP07AsNRTosnXUMNz0Mn8tv6Ij/Zkj+WPzf+srSzlh+bnqvM9Dp46HO7O4z/zJ+lXrcO2HS+rwX9a2BFAugXqwz7nVvZDmDruexD/2oz/l33oU+0u/5/3IN2AFuvZfxb9oM+4v4f+pfxD/3L+Ie+NL8zbv8leQmJFYlIt0UzmhPFstV2ac8dnOjxBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECX/BsAAP//XGvf3Q==")
dup(r4)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x40, 0x0, 0x5, 0x0, 0x0, {0x4, 0x74, 0x600}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:udev_helper_exec_t:s0\x00'}]}, 0x40}, 0x1, 0xffffffff00000003}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x56, &(0x7f00000004c0)=[{&(0x7f0000000640)="a6dd10154eae5588333a0309e91cc5e16af5c44251b238d99a74e4f558447fa635c685f062d42da23f0e6bc75fdd8c28021bde9a93296cff2c129a29b07a1f85be5ee592ea12733bac889db86e1268033b2973c5091a4af73afa050019e1e8ec2f0c12eef8870d5e041c98919e5523d4f6494df85607d4a2b06e7cef02df24ed431a0539757f4d324a10b509fb037ce369211b9097419da127af0ece4bae11c7ecf3cca9b9db37151223be609f8098696b4b7e09b75687e1dca8b700e395a1d41320c986c733851c5bf3b0bbad2285cbdc5be094c5ef984495c98cfb8db4195fb7e96b19408606358ecc47663e819fa3eac7f97bdfe0047993352b3e46ecebf87b32760bd6ce3d49968289945632afb5bab6cd0572a35a3310de0d4f5af07c16d3e27c6e1a194d8ee0f65dfc35762203d428c2a8ca104b77b46da04be3f62249189c6c9caaaeaaed8b0cca03e77549c87c745e883c8ecf69f999c51b48a78d82d69f3ff7345472d9fa862bae5cd3c9698c36f28b554331bed72960024b761a7a3e3d997c6bf37ce0f02617aec379665df22bec814ae14470a9f0f1b16a2cf14fb095b82f9c466e117a97023883585bdd4da624599f958df08bf7a6e2bdfab57663ed83cc8c0294195394f2161ed1373d90c4447a573a7a0c595f6afaac13c9975e886417bb56462fc05b3b2381ebbb49319d99629e1e6651df07b69eda145254730926f721e156ac37092025b06320e96f0e3d130870c8ddde1c22484900d2af30991afb74cc82b62640c743b58b38c5bbf12b1400decc8bb46bf91c4a94937dfc4b5d3d3d927ffacdf555247c70f59c0118aa9f7c632fb9764e55e978db25efa68c8aac37921702a3fca2ae380d88f7779be190aa6c2e0c4ede7c83f2db7aff301227556083e571cd42f1c0dfd89e1c961cd82ca5d8f3a8f38b50c728e2fe25bbd7bdd693bd1cf1f947a85fc4d2302d78245bc149e63ea80c80971b196c448ae960951de0acf3910c23894538e1ceacbfb1e5dad460a54487cf84f5f542be7b5795fdb9f9a56dc41c0e6965fd29f633b97918fb5959f86edece2987d192b3a73cfd47533dd63478749d67561e737ebea0f213dd4ea9c23254ef0903ba52383409389404478d8c23d08fd8cf6acfcbae0b102ee0ea0c11177fb23c54f7cfeaefae260b6b9a07145a57fcd1389de9377d44f6c63c1d410c132ff8339b11676970cf7723816eb9adc63c00e3ac1b2890e0a67392fc5091c627e0b14cfc9eb4235bd9f409fca9f8fb0f03abdbb1fa15de4e27f3bbf265acfa9adf6d8ed4b60121b6b803b982db50c57eb5be8e383d72ab7b991a60fa656227158bbe63f107515506cdb71b8f16bcc0382e372ff3efe3d5d0c1dcebeb60126bcbba6d26d5bb525c0ce9592e50ce5041966b9f7e476e5c9fb1a64416489a3e1517b50ebfd491ef78a7c871a8b542c76b7305e007addf2d70004e6056e6e9cac6bf701b802550d4e9e2ab24bea0e0e3c216c7470528d5f28fc9f84db3ec3fc19ae5833a8985e2346629376f28ea37313cd272bbd5bd40b2181b8d4889aa8a0058f3610e9aac4df03eaa876beee81d73ed441c501de4ff3150d87f0c8a2cf137978be35e482daceed7c07ac16f07c9d248ec68a8f40288d679df4d04080ada7683b07afdc725458e92db998430f884e5a6c88f34910a45ab9e23cf63a335e60b0a3ccc0aa707136361510823c7988d7d65ca122e6d9bfe9049cda1af47c5fc44c80e17abbb22cf69e206e2e8314b6e4684390eab2d05ad596ff229c286d428c1f93421bc66a72a6d825b89631baa06b7300e5e5e6e84a7c11cf0cb2433f29c807078f39cfc201924b75960e37d3792dd5cd2e2f960b8071e80a99390ff930086284ae64b3cfb6a936ee65ef507ac91ac86b6f4eda086aed8671fa3506b81432f9f1aa19c42a750f35a5419d49bc780be79cd91c964b91fcbaedf9d9b493d92e0a642332653d83637655a111311d1ba7d5a671abb2db3fc789de2d1a8a15a13daeac79ea4fcebd172c627065870a311efd0dbac4b35650f7d0cd7d260c04d3990f8d6c0c3d0a272ae1c6e9af2e412ef94d1463cb0b7c32fa44407c59a20172a53a4467b5e2b0c5022ec23c1ababf1bdf853cbbaf25cb637aeb80af99eda97f869e163a69c80e407cf0f28f5e2446124ee3faef3b0f4a419d5e81c75e95e810c2dccbccdc25075d6fcc8e9a7e6b449af5cb99fb02390eb04eff579364ccede49fea8164009cf1b0b632b6a02c1e1cde4411d93e96592ab580944142a753ea2eba7c43cc5b4c13275267f30914c06ad49afa2a4fba84a22d5c0f4a8b56fba8492467de9e811efb48d08ad59045c3b2a2055f76d89394e28cbc5015da8c4ff50935463dea2a44110e763a2d552fa92d98b50ad5d8274623c9ee98e53708f02fba46ae232e947f783554d279343c048dec127d41426dea7cfd4c3879b7b251fd549861fb4a585dd64b20664bec834a2e9ea723f0cee7060b3e3c9023928cab5866741a9cdc88118a244ca89518e29965f7c9e31709838a7c590a6f2de8b99182b6d2f2b0cb99bb808077a27f0403c82ebfe72f7deea3a5d4f061fca6a98efacb08e776bd04a6b456055e6f6d76267983d25cd37b6c16d0e7c757a56542c88950a8edd763f4f500cbd18da65cd78451f445a1cb5229b333869f392174a54c43fa22eb9279641f8c964468c1a548b33a74d61ee1960e349caf7d30eb241ea03ef3bb1489fddb8c635b8bc39ac5f53b07191fd1a0b57cc432aefe84f824625be7cd6082b6a4efac51cb230f83da7280b5783b91d3774fc4d00164e032dc52e8cfddbbe6769083a7ab7de07391d98af8cf7d953a4ee3a70d339d9dc4fe936676a8fb6c4d439deb1eb5c3225a9f10892986dc775381c5619fee6271f50a15bb14f77cff07574f23368db1973ac148dd16fab08bf3f7668bc705ee7ac4c82ec8b6054ac3ea2b8733d1546ae71f2428b1544e069a9e14325c3a6217c0e0df0ef753cff90a60631de534152154b84a34b3771eabaf8cd8b6aef44f4259200f6dab7d6c72c7226d882e5eba90e66bc7bbf31080deeffe758d7b9d2e4cd543c0650a15a12f04c0a045969b264d65afe78b402cbd0d37dcedc89424a728ec2014dd7d591535d38c156d00b8d75a016688014922b6cc585abcf66f744e8f17224a0f217e390e9c937072086ec028e1ffc5d312169b71e30b6d4f24288a382a40897c65dafdd8b2eb78291deb1e3213c7f243b30f9431a067131bc521328fa1bb4fd619895931131586a069d10813c7547e4e51cfa2e38f6c5899bd1db38afdcfb488fb3f145f48edff41bee99d511ee110a4b202d4a3e1e7eafa7e39ec82a77742c6a55cbca47ab52af0ba7dc496647975f7f180c9c7c2ed877ca16fa07e2bb3e632ee4509c58e924da4505a74dfca0b9f137173ac2c59e6a05c3bd433aaf2e302614aeddb99c666ab7a243fe3239b44a1468b8399737be83c1c6c7782fd950b053a53d98d55eb1f40d2cd94f088a6927cfc61df4d6ad7aede4f20444f768322db3d4d8d2ce9a7fac41115ec0a82f7e8c792c26be30f2d8e397eb6a50e3d59dd13d473411a56867d0938db978405fbb5068ea77ce40daa5390f4ed409a1cc70bfc54afaadd04c4671c02b826fc558f3585b256def184d2f69cc67539e26d03fa20d12721ad6ed9f5fcec41588b93fe9fa93f71caaca99987d1a65ef2773b160d74871b5b0e30e12585c609240d0eed3697cbf03c292407fc7a8c80a8e0369b6e8f311cf8fdb8cf1a3caaa32f2147b8fd0cb359e8f585c975f8c96b5648ff94823a67c976be601", 0xa94}], 0x1}, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

13.475420652s ago: executing program 2 (id=2769):
socket$inet6(0xa, 0x3, 0x84) (async)
r0 = socket$inet6(0xa, 0x3, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff) (async)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000040)={0x34, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_STA_FLAGS={0xc, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_SHORT_PREAMBLE={0x29}]}]}, 0x34}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000f00)={'team0\x00', <r5=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@mcast2, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, r5}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@local, 0x0, 0x6c}, 0xa, @in6=@private2, 0x0, 0x4}}, 0xe8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
socket$inet6_sctp(0xa, 0x801, 0x84) (async)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0xe, &(0x7f0000000340), 0x1c)

12.900906552s ago: executing program 2 (id=2771):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000000)={0x0, 0x2710}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000000180)='i', 0x20086}], 0x1}}], 0x1, 0x0)
sendmmsg$inet6(r0, &(0x7f00000071c0)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c, &(0x7f0000000140)}}], 0x1, 0x0)

12.437095286s ago: executing program 0 (id=2773):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f0000000100)=[{0x30, 0x0, 0x0, 0xfffff03c}, {0x80000006}]}, 0x10)
syz_mount_image$cramfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="009c226566351e0e655dd724924aa3183f7789cb213f77230216392b77974e707989ce9b24f7fcca6cad6ea7bd8b4d9b1cf8c0275cea82a7a53aec6d0485f3008a274272e4ecebe1c52d7667d1dbb20006e6ae775cd09ef29d04eb9af6c0d11442d9c13ce89e11c4c57b00666388dbc7a4137a2efc1f46ec6cdcf6acb641266b6a4efa426e7451df86ae559a40b2f83d5f00aa25166baaa2aa31e6b240f8cb00"/178], 0x1, 0x13c, &(0x7f0000000240)="$eJzs0LFLOnEcxvHnfudPojSLDCzIhIaOxDxPrKlBI0noOghcmgS7IFCMhHI0oq0haHWohCbxbyhrse4g7O+4rd0470KMlvbntd37czzDd2vDlBABRDg2K+XjE71a1Q8ie5qa7Qfc7gUwNnJ3+mPai2/WOWDnZz9weFTSV4uVkv1tpQEJQGbC6bL777jdgk5LuE1aAjqzTlN+aUm3zXuATGC4178Dlu296eHeJ4BaI9puve4a3Vxs5WFBxGUuujgjjPawfqVk55q+kIi8/nKPzOD+Ee/G3uPtVs801B1N1cykoqwl5YQsp3ram5FL1a/h2fadAvs/9rwIhT154EIAbgY360nwA+gAWnly/dZ9r/qZGAGEWqNYCP1vFoJT/yBKEEBERERERERERERERERERPRXXwEAAP//txRg7A==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x201, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c8d6a340ac050a038c65000000010902"], 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004cb], 0x100000})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioperm(0x0, 0x2, 0x2)
socket$inet_udp(0x2, 0x2, 0x0)
madvise(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x68)
msgrcv(0x0, &(0x7f0000000180)={0x0, ""/15}, 0xffffffffffffff4c, 0x0, 0x3800)

12.073724381s ago: executing program 2 (id=2774):
socket(0x1d, 0x2, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00f70000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1900000004000000080000000700000002020000086062dc756796538ef68441ab400b04f6dd5f10743b7eafd14ec0b6bcaf4153dd18a2daeec2127e92ea6a7ec41cb4a657bccc3647e51d88fb3ca4401ee14bbb080b8b9f3653b01b0132b2ae756d913eff1b1a27c8ef010a0f5bd472d1307e66f3c7d60ea402bbca1db1f7b0749da8f884072debf78449cf6fe0202a57fa8af824f2d9b0e22d7bdbae97250cdc2d72378acd42c095b136e577fcc1a6bf0f8a666d34d1504669db812a089d611b0dfc2dd3e463e8ffa18e265f66350000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000140)=ANY=[], 0x8)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r2, &(0x7f00000004c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/190, 0xbe}}], 0x1, 0x0, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r3 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000040)='syz1\x00', 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000300)="ab1a", &(0x7f0000000400)=@tcp=r4, 0x2}, 0x20)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f000000e0c0)=@generic={&(0x7f000000e080)='./file0\x00', r4}, 0x18)
r6 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
syz_usb_disconnect(r5)
readv(r6, &(0x7f0000000840)=[{&(0x7f0000000280)=""/217, 0xd9}], 0x1)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r7, 0x27, 0x0, 0x120, 0x0, 0x0, 0xc00, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2000}, 0x50)
r8 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x2322}, &(0x7f0000000240)=<r9=>0x0, &(0x7f00000000c0)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r8, 0x47f6, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r4, &(0x7f000000e040)={&(0x7f000000df40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f000000e000)={&(0x7f000000df80)=ANY=[@ANYBLOB="5c000c545970dbac5fb00000000000000000000808001a4000080005400002801400018008000100ac1e0101080002000a01010006000340000300000c00028005000100b600000006000340000100000c000280050001003a000000"], 0x5c}}, 0x0)
openat$pfkey(0xffffff9c, &(0x7f000000ef40), 0xc000, 0x0)

10.941018252s ago: executing program 1 (id=2778):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
r0 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0xee01, r1, 0xffffffffffffffff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
stat(&(0x7f00000029c0)='./file1\x00', &(0x7f0000002a00))

10.889724252s ago: executing program 3 (id=2779):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x8008af26, &(0x7f0000000040))

10.797204751s ago: executing program 4 (id=2780):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r0, 0x101)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r1, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000004400)=[{{0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f0000000a00)="ca", 0x1}], 0x1, 0x0, 0x0, 0x4000000}}], 0x448, 0x0)

10.566712079s ago: executing program 3 (id=2781):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000380)=@filter={'filter\x00', 0xe, 0x2, 0x90, [0x0, 0x20000040, 0x20000070, 0x200000a0], 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000816f0166d300000000000000000000000000e3ffffff0000feffffff0000b60000000000000000000000000000000000000000000000000001000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffff000000"]}, 0x108)
r1 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000380)=0x2, 0x4)
setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000280)={{}, 0x78}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20200000000a01010000000000000000010000000900010073797a30000000002c000000030a01020000000000000000000000000900010073797a30000000000900030073797a310000000050000000060a010400000000000000000100000008000b40000000002800048024000180090001006d6574610000000014000280080001400000000008000240000000070900010073797a3000000000140000001100010000000000000000000000000a"], 0xc4}}, 0x0)

10.157997059s ago: executing program 3 (id=2782):
syz_io_uring_complete(0x0) (async)
r0 = syz_io_uring_complete(0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=<r1=>0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)) (async)
io_setup(0x3, &(0x7f0000000180)=<r2=>0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00') (async)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r2, 0x1, &(0x7f0000002340)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r3, 0x0}])
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$P9_RGETLOCK(r4, &(0x7f00000003c0)={0x23, 0x37, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5, '\'](]#'}}, 0x23)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, <r5=>0x0})
sendmsg$nl_generic(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="180300000a00000125bd7000fddbdf251400000008001a00", @ANYRES32=r1, @ANYBLOB="0c0043000cf100000000000208000b00ffffffff4802bc8008002a00", @ANYRES32=r5, @ANYBLOB="5a81374c5f9770ad285afefc2ac4b0299bc0f023148fd786f692e7b859ada7ba23adfa6e4e5f790c968cbd724cf3fd0960e9118e63442a3b6f68c968d65ff3ce546c5604e2d28f36f3cf2306bfda3c6059307c8d90b00a3ff8977ec0598ab9c185c2dddc6c1894b06731bcc301501805f27be8d4cbdbd1669abce7dd7da63687062efffd41e7a19fd4f798d891663e26b9165a582db8c5b088d555c69ef395f1b36c21322f34573215dffc30560437c50390f9f18eeca6607e33292ebefdcee4ee3adae9c8fd444cb990dd2300d0d53081c67afd6e76b45dfbacb35a6cfdf72a3e3eeecda754a456d73b2364b758568b0d95090f172b12847eee7a6333b3171d25f0a5af93263b85f6e0e15054678d4740b8116af385c1376a86bc7bd2cafc99c7a1fa8a09d521a90e1b185805dd3b0e97bb73a920910192ea15e1a28c789fa56833a0a99fd9ebbeeb99a2ac4f9f9225ab82bce670ae1c64d8e0762bfbc6e5d9c2807b712b87a4d4dbbea6d892be4d22add7391cc47283817a277d19efc2d9fbdc88daf4b0dcb957760fd92b0f2fe16667cc0794b1b37c0f911a47e6eb9135fca429b9a36cf007685caecd4284d4934e6f9abc0ad6480b5a4bf6c3c12357687ce543cfe79f815cc6d8f188a437209050d50039c6cb080d08649e22a18497bc6cff217fba440d46321c5bf1fb8edb9f1aa2dd1e7567c533649387f655fa4730807b79394211beb956e9fd54ab450c22a57e352f14f19de77e537f6db9fcd37b38a7983ee446d7d4d97770a669a36eea973074db4997834742fdfda6a0790a856d4c0c71d40d76d5438bb0dca04d336cf638f8391cfcc7ec24a7ac8196994adc55fcf4060382bd77c17bd92819e5aa51cf4a0c05529e54d9df20232d19cdd26d93098ac1442a3142c5455e3ae77e3025ad7bf2acba4523b18a6d8ce2d1120dac8c1eabf7f12b8acc7a6483435d2d75ca45391ae5d6353bc50a339c0d22dc3b86431fc19f938af22464c2c0751e27888bc6d5326f46d7f587e8ad91a000"], 0x318}, 0x1, 0x0, 0x0, 0xc004}, 0x51)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000180)='enc=\xecd|\xb9\xb8\xc1N\x8f\xa6\x85JR\xccw\xe1\a5;g\x05\xd9\xc9F\x94\xa7\xdf=\x15\xa4\xe2\xea$\xd7\x1b\xf9\xcd\xc6.[\x9a\x15g\xd2\x91\xf5\x8bo>?\x1a\xed1\xf2\xdc\x1fTw\xe7\xd0I\xb1\x1c\ry\x90\x1eC\'\x05\x9e\x03d\xae\x94\xf6\xf04\xdd\r\x9183\xddD)\xe0-\xaa\x1c\xa7\x10\xc8\xdc\x9d\x1a\x8e\"\f\xa3\xcd\x8d\xe2\xaf.\n#\xcdn\xc1\xf1\xef\x92\xe0\xfc\x83\xabC', 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async)
r6 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r7 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
setsockopt$rose(r7, 0x104, 0x6, &(0x7f0000000080)=0x1, 0x4)
r8 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1e7d, 0x2ced, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r8, 0x0, 0x0) (async)
syz_usb_control_io(r8, 0x0, 0x0)
syz_usb_control_io(r8, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x57, {0x57, 0x0, "a7ea3163fd3bc518194b120c1e73d54cfc4ad2841ef4f6a3fd7c59ccb785025f2e7b3504ff87cbfd10f3c080b73385a7015d3a32ed6b5217cdbb6fadb2ea7a288982d5337c364daf03bd400d66293b0a2b103dd93f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
write$binfmt_misc(r6, &(0x7f00000001c0), 0x4) (async)
write$binfmt_misc(r6, &(0x7f00000001c0), 0x4)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0) (async)
r9 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000002c0), 0x1, 0x0)
write$tcp_congestion(r9, 0x0, 0x0)

9.499835884s ago: executing program 4 (id=2783):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000700)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xa, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r1}, &(0x7f0000000440), &(0x7f0000000480)=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000000c0)={r1, &(0x7f0000000100), 0x20000000}, 0x20)
memfd_secret(0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x101c0ca, &(0x7f0000000400)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c666d61736b3d30303030303030303030303030303030303030303036362c696f636861727365743d69736f383835392d312c6572726f72733d636f6e74696e75652c756e695f786c6174653d302c696f636861727365743d61736369692c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d302c757466383d302c757466383d302c756e695f786c6174653d312c64656275672c756e695f786c6174653d312c666d61736b3d30303030303030303030303030303030303030303030332c6e6f63617365aec489af6ba9723d4b17106f6d47b9ade1c253d4e3b08066427cae9f41fd1e1dd25a22ec22ad6e8bf6f67e052de91b544f2f4541f87a0c0b36e8d444150b35c110bda57fe7a9c06ba087cc975447082aaf95213301f3e04b70ea67a8aa0d582ca1a9525dba7116d80f126f782a78428b878fc79c0be9ad98cb6950995e6edba78e5301e8c8e69cc85beceb8b54f84a84787815ef9a18f1fe1c81b4c1830102f7e3236e2533e486ecb46ee53991c5bfe6289a474582b2e57741fd8de78f42097851bee74d4201c7767e0e0f4b34523150639b1291441ad01f2f72ed3679d7bca0e8b4e0689f883196af0d0dfe7344f276c1b4bd333882cf7879248ad423e3f21cd0cae2309519f9d40df23cf05d9c8d8f9d07da771ea1e3bcd8478fb989f770da17f700000000000000"], 0x6, 0x2c0, &(0x7f0000000900)="$eJzs3U9rK1UUAPAz+TOJukgWrkRwQBeuHu+9rZsUeQ/ErnxkoS60+FqQJggtFKri2JVbNy78DILgB3HjNxDcCu6sUBiZyaRJ2pg2palof79Fe3vnnLlnboZ2WujJx6+O959nsXfy5a/R7SbRGMQgTpPoRyOmvo4Fg28DAPgvOy2K+KOYWCcviYju5soCADboej//W7PhT3dSFgCwQc/e/+Ddre3tJ+9lWTeejr85Gpa/2ZefJ8e39uLTGMVuPIxenEVUDwrtqJ4WyuHToijyVlbqxxvj/GhYZo4/+rk+/9bv9R8LSv3q4/nTRpX/zvaTR9nEXH5e1vFivf6gXP9x9OLl8+SF/MdL8mOYxpuvz9X/IHrxyyfxWYzieVXELP+rR1n2dvHdn198WJZX5if50bBTxc0UzTt8WQAAAAAAAAAAAAAAAAAAAAAA+J97UPfO6UTVv6ecqvvvNM/KL9qRTfUX+/NM8qetfRb6AxVFkVftcib9dR5mWVbUgbP8VrzSmm8sCAAAAAAAAAAAAAAAAAAAAPfX4fHn+zuj0e7BrQym3QBaEfHXs4ibnmcwN/NarA7u1GvujEaNergY05qfieY0JolYWUZ5Ebe0LVcNXrhUcz344cd1T9i9Oqa9fK3D4+ZNX6/84sz07trfSZbvYSemM9160e/TiFlMGtdcPf2nQ0Wsc/ulSw/11t6N9KVqkK+IiWRVYW/9Ntm5eia5eBVptatL09v1YC79wr1xrfs5upP0y98rEt06AAAAAAAAAAAAAAAAAABgo2b//bvk4MnK1EbR2VhZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCnZu//v8Ygj4h2fYIrgtM4OPyXLxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB74O8AAAD//0aWVl0=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.stat\x00', 0x275a, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r2=>0x0}, &(0x7f0000cab000)=0xc)
setregid(0x0, r2)
setgroups(0x1, &(0x7f0000000200)=[r2])
socket$inet6(0xa, 0x2, 0x3a)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext3\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f00000016c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@data_writeback}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x81}}, {@orlov}, {@nodiscard}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}], [{@fowner_gt}]}, 0x3, 0x448, &(0x7f0000001240)="$eJzs28tvG8UfAPDvruP019cvoZRHH0CgICIeSZMW6IELCCQOICHBoRxDklalboOaINGqgoJQOaJK3BFHJP4CTnBBwAmJK9xRpQrl0sLJaO3dxHbsNAlOnNafj7TJzO44M1/Pjnd2Jw6gb41kP5KIPRHxe0QM1bPNBUbqv24tXp7+e/HydBLV6lt/JbVyNxcvTxdFi9ftzjOjaUT6WRKH2tQ7f/HS2alKZfZCnh9fOPf++PzFS8+eOTd1evb07PnJEyeOH5t44fnJ57oSZ9ammwc/mjt84LV3rr0xffLauz9/mxTxt8TRJSOrHXyiWu1ydb21tyGdDPSwIaxLKSKy7irXxv9QlGK584bi1U972jhgU1Wr1eruzoevVIG7WBJrLXk2/7wA7g7FhT67/y22LZp6bAs3XqrfAGVx38q3+pGBSPMy5Zb7224aiYiTV/75Kttic55DAAA0+T6b/zzTbv6Xxv0N5f6frw0NR8Q9EbEvIu6NiP0RcV9ErewDEfHgOutvXSRZOf9Jr28osDXK5n8v5mtbzfO/YvYXw6U8t7cWfzk5daYyezR/T0ajvCPLT6xSxw+v/PZFp2ON879sy+ov5oJ5O64P7Gh+zczUwtR/ibnRjU8iDg60iz9ZWglIIuJARBzcYB1nnvrmcKdjneIvr+UPd2Gdqfp1xJP1/r8SLfEXktXXJ8f/F5XZo+PFWbHSL79efbNT/bfv/82V9f+utuf/UvzDSeN67fz667j6x+cd72k2ev4PJm/X0oP5vg+nFhYuTEQMJq/XG924f3L5tUW+KJ/FP3qk/fjfF8vvxKGIyE7ihyLi4Yh4JG/7oxHxWEQcWSX+n15+/L2Nx7+5svhn1tX/y4nBaN3TPlE6++N3TZUOryf+rP+P11Kj+Z61fP6tpV0bO5sBAADgzpNGxJ5I0rGldJqOjdX/X35/7Eorc/MLT5+a++D8TP07AsNRTosnXUMNz0Mn8tv6Ij/Zkj+WPzf+srSzlh+bnqvM9Dp46HO7O4z/zJ+lXrcO2HS+rwX9a2BFAugXqwz7nVvZDmDruexD/2oz/l33oU+0u/5/3IN2AFuvZfxb9oM+4v4f+pfxD/3L+Ie+NL8zbv8leQmJFYlIt0UzmhPFstV2ac8dnOjxBxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECX/BsAAP//XGvf3Q==")
dup(r4)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x40, 0x0, 0x5, 0x0, 0x0, {0x4, 0x74, 0x600}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:udev_helper_exec_t:s0\x00'}]}, 0x40}, 0x1, 0xffffffff00000003}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000940), 0xffffffffffffffff)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x56, &(0x7f00000004c0)=[{&(0x7f0000000640)="a6dd10154eae5588333a0309e91cc5e16af5c44251b238d99a74e4f558447fa635c685f062d42da23f0e6bc75fdd8c28021bde9a93296cff2c129a29b07a1f85be5ee592ea12733bac889db86e1268033b2973c5091a4af73afa050019e1e8ec2f0c12eef8870d5e041c98919e5523d4f6494df85607d4a2b06e7cef02df24ed431a0539757f4d324a10b509fb037ce369211b9097419da127af0ece4bae11c7ecf3cca9b9db37151223be609f8098696b4b7e09b75687e1dca8b700e395a1d41320c986c733851c5bf3b0bbad2285cbdc5be094c5ef984495c98cfb8db4195fb7e96b19408606358ecc47663e819fa3eac7f97bdfe0047993352b3e46ecebf87b32760bd6ce3d49968289945632afb5bab6cd0572a35a3310de0d4f5af07c16d3e27c6e1a194d8ee0f65dfc35762203d428c2a8ca104b77b46da04be3f62249189c6c9caaaeaaed8b0cca03e77549c87c745e883c8ecf69f999c51b48a78d82d69f3ff7345472d9fa862bae5cd3c9698c36f28b554331bed72960024b761a7a3e3d997c6bf37ce0f02617aec379665df22bec814ae14470a9f0f1b16a2cf14fb095b82f9c466e117a97023883585bdd4da624599f958df08bf7a6e2bdfab57663ed83cc8c0294195394f2161ed1373d90c4447a573a7a0c595f6afaac13c9975e886417bb56462fc05b3b2381ebbb49319d99629e1e6651df07b69eda145254730926f721e156ac37092025b06320e96f0e3d130870c8ddde1c22484900d2af30991afb74cc82b62640c743b58b38c5bbf12b1400decc8bb46bf91c4a94937dfc4b5d3d3d927ffacdf555247c70f59c0118aa9f7c632fb9764e55e978db25efa68c8aac37921702a3fca2ae380d88f7779be190aa6c2e0c4ede7c83f2db7aff301227556083e571cd42f1c0dfd89e1c961cd82ca5d8f3a8f38b50c728e2fe25bbd7bdd693bd1cf1f947a85fc4d2302d78245bc149e63ea80c80971b196c448ae960951de0acf3910c23894538e1ceacbfb1e5dad460a54487cf84f5f542be7b5795fdb9f9a56dc41c0e6965fd29f633b97918fb5959f86edece2987d192b3a73cfd47533dd63478749d67561e737ebea0f213dd4ea9c23254ef0903ba52383409389404478d8c23d08fd8cf6acfcbae0b102ee0ea0c11177fb23c54f7cfeaefae260b6b9a07145a57fcd1389de9377d44f6c63c1d410c132ff8339b11676970cf7723816eb9adc63c00e3ac1b2890e0a67392fc5091c627e0b14cfc9eb4235bd9f409fca9f8fb0f03abdbb1fa15de4e27f3bbf265acfa9adf6d8ed4b60121b6b803b982db50c57eb5be8e383d72ab7b991a60fa656227158bbe63f107515506cdb71b8f16bcc0382e372ff3efe3d5d0c1dcebeb60126bcbba6d26d5bb525c0ce9592e50ce5041966b9f7e476e5c9fb1a64416489a3e1517b50ebfd491ef78a7c871a8b542c76b7305e007addf2d70004e6056e6e9cac6bf701b802550d4e9e2ab24bea0e0e3c216c7470528d5f28fc9f84db3ec3fc19ae5833a8985e2346629376f28ea37313cd272bbd5bd40b2181b8d4889aa8a0058f3610e9aac4df03eaa876beee81d73ed441c501de4ff3150d87f0c8a2cf137978be35e482daceed7c07ac16f07c9d248ec68a8f40288d679df4d04080ada7683b07afdc725458e92db998430f884e5a6c88f34910a45ab9e23cf63a335e60b0a3ccc0aa707136361510823c7988d7d65ca122e6d9bfe9049cda1af47c5fc44c80e17abbb22cf69e206e2e8314b6e4684390eab2d05ad596ff229c286d428c1f93421bc66a72a6d825b89631baa06b7300e5e5e6e84a7c11cf0cb2433f29c807078f39cfc201924b75960e37d3792dd5cd2e2f960b8071e80a99390ff930086284ae64b3cfb6a936ee65ef507ac91ac86b6f4eda086aed8671fa3506b81432f9f1aa19c42a750f35a5419d49bc780be79cd91c964b91fcbaedf9d9b493d92e0a642332653d83637655a111311d1ba7d5a671abb2db3fc789de2d1a8a15a13daeac79ea4fcebd172c627065870a311efd0dbac4b35650f7d0cd7d260c04d3990f8d6c0c3d0a272ae1c6e9af2e412ef94d1463cb0b7c32fa44407c59a20172a53a4467b5e2b0c5022ec23c1ababf1bdf853cbbaf25cb637aeb80af99eda97f869e163a69c80e407cf0f28f5e2446124ee3faef3b0f4a419d5e81c75e95e810c2dccbccdc25075d6fcc8e9a7e6b449af5cb99fb02390eb04eff579364ccede49fea8164009cf1b0b632b6a02c1e1cde4411d93e96592ab580944142a753ea2eba7c43cc5b4c13275267f30914c06ad49afa2a4fba84a22d5c0f4a8b56fba8492467de9e811efb48d08ad59045c3b2a2055f76d89394e28cbc5015da8c4ff50935463dea2a44110e763a2d552fa92d98b50ad5d8274623c9ee98e53708f02fba46ae232e947f783554d279343c048dec127d41426dea7cfd4c3879b7b251fd549861fb4a585dd64b20664bec834a2e9ea723f0cee7060b3e3c9023928cab5866741a9cdc88118a244ca89518e29965f7c9e31709838a7c590a6f2de8b99182b6d2f2b0cb99bb808077a27f0403c82ebfe72f7deea3a5d4f061fca6a98efacb08e776bd04a6b456055e6f6d76267983d25cd37b6c16d0e7c757a56542c88950a8edd763f4f500cbd18da65cd78451f445a1cb5229b333869f392174a54c43fa22eb9279641f8c964468c1a548b33a74d61ee1960e349caf7d30eb241ea03ef3bb1489fddb8c635b8bc39ac5f53b07191fd1a0b57cc432aefe84f824625be7cd6082b6a4efac51cb230f83da7280b5783b91d3774fc4d00164e032dc52e8cfddbbe6769083a7ab7de07391d98af8cf7d953a4ee3a70d339d9dc4fe936676a8fb6c4d439deb1eb5c3225a9f10892986dc775381c5619fee6271f50a15bb14f77cff07574f23368db1973ac148dd16fab08bf3f7668bc705ee7ac4c82ec8b6054ac3ea2b8733d1546ae71f2428b1544e069a9e14325c3a6217c0e0df0ef753cff90a60631de534152154b84a34b3771eabaf8cd8b6aef44f4259200f6dab7d6c72c7226d882e5eba90e66bc7bbf31080deeffe758d7b9d2e4cd543c0650a15a12f04c0a045969b264d65afe78b402cbd0d37dcedc89424a728ec2014dd7d591535d38c156d00b8d75a016688014922b6cc585abcf66f744e8f17224a0f217e390e9c937072086ec028e1ffc5d312169b71e30b6d4f24288a382a40897c65dafdd8b2eb78291deb1e3213c7f243b30f9431a067131bc521328fa1bb4fd619895931131586a069d10813c7547e4e51cfa2e38f6c5899bd1db38afdcfb488fb3f145f48edff41bee99d511ee110a4b202d4a3e1e7eafa7e39ec82a77742c6a55cbca47ab52af0ba7dc496647975f7f180c9c7c2ed877ca16fa07e2bb3e632ee4509c58e924da4505a74dfca0b9f137173ac2c59e6a05c3bd433aaf2e302614aeddb99c666ab7a243fe3239b44a1468b8399737be83c1c6c7782fd950b053a53d98d55eb1f40d2cd94f088a6927cfc61df4d6ad7aede4f20444f768322db3d4d8d2ce9a7fac41115ec0a82f7e8c792c26be30f2d8e397eb6a50e3d59dd13d473411a56867d0938db978405fbb5068ea77ce40daa5390f4ed409a1cc70bfc54afaadd04c4671c02b826fc558f3585b256def184d2f69cc67539e26d03fa20d12721ad6ed9f5fcec41588b93fe9fa93f71caaca99987d1a65ef2773b160d74871b5b0e30e12585c609240d0eed3697cbf03c292407fc7a8c80a8e0369b6e8f311cf8fdb8cf1a3caaa32f2147b8fd0cb359e8f585c975f8c96b5648ff94823a67c976be601", 0xa94}], 0x1}, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

9.339715256s ago: executing program 3 (id=2784):
r0 = socket(0x1, 0x6, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000005c0)={'ip_vti0\x00', &(0x7f0000000500)={'syztnl0\x00', <r2=>0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x4, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}}}})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000340)=0x3, 0x12)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x15, 0x2000000a, 0x1, 0x2, 0x4800, r3, 0x80000000, '\x00', r2, r3, 0x6, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
pwritev(r4, &(0x7f0000000400)=[{&(0x7f0000000380)}], 0x1, 0x246, 0xff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000240)='kfree\x00', r5}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3})
mremap(&(0x7f0000934000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000a6f000/0x4000)=nil)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$UFFDIO_ZEROPAGE(r6, 0xc020aa04, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs2/custom1\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x100a, 0x3})
getpid()
r8 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_inet_SIOCDARP(r8, 0x8954, &(0x7f0000000380)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x0, @broadcast}, 0x2e, {0x2, 0x0, @empty}, 'caif0\x00'})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00'}, 0x10)
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000000)=[{}, {}, {}, {}, {}], 0x5, &(0x7f00000000c0), &(0x7f0000000240)={[0x7]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b7e26ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x40086607, 0x20001419)
timer_getoverrun(0x0)

8.365618212s ago: executing program 2 (id=2785):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x22, 0x2, 0x25)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./bus\x00', 0x0, &(0x7f0000000100), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(0xffffffffffffffff, 0x1)
creat(0x0, 0x0)
mount(&(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1a, 0x0, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7895263bdbcef0100a197fce47ddfdd753abd9501ce721b6ae9b49600002a000000000000000000000000000018c900", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
pwritev2(r2, &(0x7f0000000000)=[{&(0x7f0000000140)='y', 0x1}], 0x1, 0x0, 0x0, 0x0)

7.027705945s ago: executing program 1 (id=2786):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
madvise(&(0x7f00007d7000/0x2000)=nil, 0x2000, 0xd)
r1 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r1, 0x6628)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x9)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000002080)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x400, '\x00', 0x0, r1, 0x5, 0x3, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000002180)={r2, &(0x7f0000002100)="30105e0117ff93f456a092c6767efbd90bcbca4cee2dc6a6dfc90e00bb496eaa4676d53e21d1a45db33f76aed45afddc990207fd594f212a59a14598dd60", &(0x7f0000002140)=""/18}, 0x20)
madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)

6.910395289s ago: executing program 3 (id=2787):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x22, 0x2, 0x25)
syz_open_dev$sndmidi(0x0, 0x2, 0x42502)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./bus\x00', 0x0, &(0x7f0000000100), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000000)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @private1}, 0x55)
shutdown(r0, 0x1)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
pwritev2(r2, &(0x7f0000000000)=[{&(0x7f0000000140)='y', 0x1}], 0x1, 0x0, 0x0, 0x0)

5.765914697s ago: executing program 1 (id=2788):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4000, &(0x7f0000000e00)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYRESDEC=0x0, @ANYBLOB="303030304e303030303030303030303030462ca0179058936d6561737572652c00"], 0x2, 0xc34, &(0x7f0000001340)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb53Z15b+a9mfUMTfDNCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4g9euXT6THrYrQAAHqQro189fdb9HwAeK1f9/z8AAAAAAAAAAAAAABx0KYp4MlLMXVlL49X7jvrldt+t22NDw9tXO5Kqmoeq8uVX/czZc+e/9MLghW5ebs98QP377bPx2ujVS42XZ2/OzU8tLExNNsZm2hOzk1O73sJe6291sjoAjZuv35q8fn2hcfb5c5tW3x54v/+J4wMXB5899Uy37NjQ8PDoRpF6b/naPTekY6cRHoejiFOR4rnv/TS1IqKIvR+L+oM991sdqTpxsurE2NBw1ZHpdmtmsVw50j0QRUSjp1Kze4y2PxdR63ugfdhZM2KpbH7Z4JNl90bnWvOta9NTjZHW/GJ7sT07M5I6rS3704giLqSI5YhY7b97c31RRC1SfOfYWroWEYe6x+GL1cDgndtR7GMfd6FsZ6MvYrl4BM7ZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyg/G+Yj3tvkc8WiqRRF/WZ7/i2tpsroedK8rl7/W+MrM9dmest3ryke8P9x1pXhI94cjW/LBOODXpnoU0aqu+Gvp3n/YAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1KNK45qXPqxi4N/OPCrvWPGn/6Q7ZRln4+IpWJ3Y3IP54GBI2kkpYc8lvhxVo8i/jSP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd07x9syNxtXWtenOrLDduX+7c6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc9bz/lbz+ziU6+ds5hzPuZRzOedKztWcUcv1czZzjudcyrmccyXnas44IHP3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8nBRRxC8ixbe/sZYiRUQzYjw6udL/sFsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJT6UxHfjxSNP2reWVaLiFT923Gi/HY+mofL/GQ0B8t8KZqXcraqrDW/9RDaz970pSJ+HCn662/fOeH5/Pd13t35GMRb39x499laJw91Vw683//E8WMXB4d/4+mdXqftGnDycnvm1u3G2NDw8GjP4lre+yd7lg3k/Rb3p+tExMIbb77emp6emr/3F+VHYA/VH6EXqfa49NSL6kXUDkQzHk7feQyU9//3IsXvvvuf3Rt+5/5fj1/pvLtzh4+f/9nG/f/FrRva5f2/trVevv+X9/Tt7v9P9ix7Mf800leLqC/enOs7HlFfeOPNU+2brRtTN6Zmzp8+/eXBwS+fO913OKJ+vT091fPqvhwuAAAAAAAAAAAAAAAAgAcnFfH7kaL147XUiIjb1XitgYuDz5565lAcqsZbbRq3/dro1UuNl2dvzs1PLSxMTTbGZtoTs5NTu91dvRruNTY0vC+d+VBH9rn9R+ovz869Md++8ceL264/Wr90bWFxvjWx/eo4EkVEs3fJyarBY0PDVaOn262ZqurItoPpP7q+VMR/RYqJ8430+bwsj//fOsJ/0/j/pa0b2qfx/5/oWVbuM6Uifh4pfuevno7PV+08Gncds1zu7yLFyQufy+XicFmu24bOcwU6IwPLsv8XKf7pF5vLdsdDPrlR9syuD+wjojz/xyLF9//iu/Gbednm5z9sf/6Pbt3QPp3/p3qWHd30vII9d518/k9FipeefDt+Ky/7oOd/dJ+9cSIXvvN8jn06/5/qWTaQ9/vb96frAAAAAAAAAAAAj7S+VMTfR4ofDtfSC3nZbv7+b3Lrhvbp778+vbGo3ondT2TS/Vu1jzr9yR4OJwAAAAAcKH2piJ9EihuLb98ZQ715/HfP+M/f2xj/OZS2rK1+z/dr1XMD7ufv/3oN5P2O773bAAAAAAAAAAAAAAAAAAAAcKCkVMQLeT718Wo8/+SO86mvRIpX/ue5XC4dL8t154EfqL7Xr8zOnLo0PT070VpsXZueaozOtSamyrpPRYq1v/1crltU86t355vvzPG+MRf7fKQY/odu2c5c7N25yZ/aKHumLPuJSPHf/7i5bHce609tlD1blv2bSPH1f9m+7PGNsufKst+NFD/6eqNb9mhZtvt81E9vlH1+YrbYh7MCAAAAAAAAAAAAAAAAAADA46YvFfHnkeJ/by7fGcuf5//v63lbeeubPfP9b3G7mud/oJr/f6fX9zL/f/VcgaWd9goAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB9PKYp4M1LMXVlLK/3l+4765fbMrdtjQ8PbVzuSqpqHqvLlV/3M2XPnv/TC4IVufnD9++0z8dro1UuNl2dvzs1PLSxMTTbGZtoTs5NTu97CXutvdbI6AI2br9+avH59oXH2+XObVt8eeL//ieMDFwefPfVMt+zY0PDwaE+ZWt897/0uaYflh6OIv44Uz33vp+mH/RFF7P1YfMhnZ78dqTpxsurE2NBw1ZHpdmtmsVw50j0QRUSjp1Kze4wewLnYk2bEUtn8ssEny+6NzrXmW9empxojrfnF9mJ7dmYkdVpb9qcRRVxIEcsRsdp/9+b6oojXI8V3jq2lf+2PONQ9Dl+8MvrV02d3bkexj33chbKdjb6I5eIROGcHWH8U8c+R4mfvnIh/64+oRecrvhDxapk/iHgrOuc7lR+M8xHvbfM54tFUiyL+vzz/F9fSO/3l9aB7Xbn8tcZXZq7P9pTtXlce+fvDg3TAr031KOJH1RV/Lf27/64BAAAAAAAAAAAAAAAADpAifj1SvPjuiVSND74zprg9c6NxtXVtujOsrzv2rztmen19fb2ROtnMOZ5zKedyzpWcqzmjyPVzNsusr6+P5/dLOZdzruRczRmHcv2czZzjOZdyLudcybmaM2q5fs5mzvGcSzmXc67kXM0ZB2TsHgAAAAAAAAAAAAAAAAAA8PFSVP+k+PY31tJ6f2d+6fHo5Ir5QD/2fhkAAP//PPHzLw==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, 0x0, 0x0, 0x2000, 0x0, 0x3)

5.765397658s ago: executing program 4 (id=2789):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x5, 0x0, 0x8002, 0xffffffff, 0x3, 0x8, 0x1, 0x2, r2}, &(0x7f0000000180)=0x20)

5.138250556s ago: executing program 2 (id=2790):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x80400c, &(0x7f0000000380), 0x3, 0x55a3, &(0x7f0000005640)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
connect$inet(0xffffffffffffffff, 0x0, 0x0)
arch_prctl$ARCH_GET_GS(0x1004, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x828801, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5405, 0x0, 0x0)
r1 = open(&(0x7f0000000040)='./bus\x00', 0x64142, 0x0)
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffb)
sendfile(r1, r2, 0x0, 0x1000000201005)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "d20bddda7de5eaacb0565c1c2204000000216dbbe9d78d6e2100"}})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f00000004c0)={0x200, 0x7, &(0x7f00000002c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4], &(0x7f00000003c0)=[0x10], &(0x7f0000000440), &(0x7f0000000480)=[0x3, 0x3, 0x10000], 0x0, 0x4})
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(r1, 0x28, 0x6, &(0x7f0000000180), 0x10)
sched_setscheduler(0x0, 0x3, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000002100)='numa_maps\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001040)='cpuset.effective_mems\x00', 0x275a, 0x0)
mmap(&(0x7f00001f9000/0x14000)=nil, 0x14000, 0x0, 0x10012, r6, 0x0)
read$FUSE(r5, 0x0, 0x0)
openat$fuse(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)

4.876981231s ago: executing program 1 (id=2791):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0xfe, 0xab, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000040)="00000000f800ecb91156000000000000000ae000005c812000f0dbf00fd55a2937235794a2352b6fcd3a81789023c16faeb9afe6532c879751306ef500df1d108b74c74cfc7120eacdecbd78d45a991b2b415d5ec90364a507b023b2f1f192cf70e28a17414de2324db50c854b94664324625eff54dc8fd042bba6c32987cbbac439fa31a411a515981bc84b66e8ed822f6b899e059b94613350913d23b4c0fc9f4f3733a1b4fd1f7359ff822240497532842ec76489d9dfc084ac7aa185b1776ffc02b2be3f6f2cb0a0ec013b06a3bd64dea4b22cae17892b7604b105d83ad628f6d6f7b76bf61519e0bf12f6da45a9a480bf6303f1b2b6a419d000829d", 0xfffffffffffffffd, 0xd, 0x2, 0x0, 0x0})

4.793662275s ago: executing program 4 (id=2792):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x0, @empty}, {0x2, 0x0, @dev}, {0x2, 0x0, @multicast1}, 0x2a0})
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000080)={0x0, {}, {0x2, 0x0, @multicast2}, {0x2, 0x0, @empty}, 0xab852ebbeefbd6b1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x23c, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, [@tmpl={0x184, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@remote, 0x0, 0x33}, 0x0, @in6=@dev}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in=@local}, {{@in6=@remote, 0x0, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @empty}}, {{@in6=@rand_addr=' \x01\x00', 0x0, 0x6c}, 0x0, @in=@private}, {{@in=@dev}, 0xa, @in6=@private1}]}]}, 0x23c}}, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000100)={0x73, @rand_addr=0x64010100, 0x4e20, 0x2, 'nq\x00', 0x42dd1de97723b880, 0x800, 0x5}, 0x2c)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x30, r0, 0xed2f9000)
syz_usb_connect(0x0, 0x3f, &(0x7f00000006c0)=ANY=[@ANYBLOB="12010000413b88400819151300000000000109022d00010000000009040000026bb22b000904"], 0x0)
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r2, &(0x7f00000000c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0xd, [@null, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast]}, 0x40)
r3 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.log\x00', 0x200000, 0x194)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000180)=0x2, 0x4)
r4 = socket$phonet(0x23, 0x2, 0x1)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f00000001c0)={0x200, r4})

4.675167502s ago: executing program 0 (id=2793):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1200"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
socket$kcm(0x29, 0x4, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000b40)={r3}, &(0x7f0000002a40)=0x8)

3.952709953s ago: executing program 1 (id=2794):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xc2, &(0x7f0000000540)=ANY=[], 0x0, 0x152, &(0x7f00000007c0)="$eJzs0E1LKnEUx/Hf3Bnlcq/eBzKwFia0aEjMacRatdBIEtKBwk0rwSYKFCOhXBrRrkXQ1oXlVnwLlrWxRgh7E23cBS0n/o7Rw67977MZ5nsOh2FWlnoqgoAMx3KpuLdvlsvmVnDdSCc3ntrtuOhuAD8/zZ39qziwI54KMDgCRL7xAtu7BXMuXyqI90EcUAEkfjtdg7P7SzSf0+YhSaKp00Bn3Gn6aO9ji47apAIk/r7fsy+AGXHv/9s94BlApRZquZCxbNu2xfeepEJTY5LTm3cZq5sKzwbMUz050fD4ZWTN20skhvPHSDf8EGk1+z0rvWakjV5U1xeimqJpsb5xb6Vi1TMoq54DYPPLPTf8ASULHEvA+XA2uJa8ADr1F6P4Z7E++tfVQzkISJVaPud3NXK+fz8gq5BARERERERERERERERERET0Xa8BAAD//wFeZcY=")
chroot(&(0x7f0000000180)='./file0\x00')
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000240)='./file0\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000000540)={{}, {0x1, 0x7}, [], {0x4, 0x4, 0x79}, [], {0x10, 0x4}, {0x20, 0x2}}, 0x24, 0x1)

3.801522782s ago: executing program 0 (id=2795):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="120100003ebc67402505a3a4081c0102030109021b0001000000000904000301e6efa2000905ff11"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b705000000000000611074000000000004000000000000049500000000000000"], &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2a)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0)
r4 = syz_mount_image$udf(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x240080, &(0x7f00000015c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYBLOB="303030304e303030303030303030303030462ca0179058936d6561737572652c00", @ANYRESDEC, @ANYBLOB="cdf7c0c4ada580d5d36bd90806b670b73bb5112f75ca483652cf9b8a22555c3af34a84c5747ac51aa890ca205a0f27d7dde81ad3a01f21810b6de2d56be05416c54e1c6e8459e1643b129327581f7716b38db3d3f3bbeb6d1b846a2aad654e1795850a1f82ac738387d9c3009d18eb2a78258fcc4ac4eb6a12a5650e10ebf077d9ab33f24de7cbffe0", @ANYRES8], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r5, 0x0, 0x0)
renameat(r5, &(0x7f0000001cc0)='./file0\x00', r4, &(0x7f0000001d00)='./file1\x00')
r6 = syz_open_dev$audion(&(0x7f0000000500), 0x9, 0x60000)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000680)=@bpf_ext={0x1c, 0xe, &(0x7f00000001c0)=ANY=[@ANYBLOB="184700000700000000000000000000001801000020207825000020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000085000000650000008520000003000000186b000001000000000000000900000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x7b4, 0x6, &(0x7f0000000480)=""/6, 0x41100, 0x31, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000004c0)={0x2, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x189d5, 0xffffffffffffffff, 0xa, &(0x7f0000000540)=[r6], &(0x7f0000000580)=[{0x1, 0x5, 0x1}, {0x2, 0x3, 0xb, 0xb}, {0x5, 0x5, 0xd, 0x7}, {0x3, 0x1, 0x3, 0x1}, {0x5, 0x2, 0xc}, {0x4, 0x2, 0x2, 0xc}, {0x0, 0x4, 0x10, 0x9}, {0x3, 0x1, 0xb, 0x1}, {0x1, 0x2, 0xb, 0x1}, {0x2, 0x1, 0x10, 0x5}], 0x10, 0x3, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x15, 0x5, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20041, 0x0)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001780)='net/protocols\x00')
syz_fuse_handle_req(r8, &(0x7f0000001a40)="8086e4551987760861fd2b1e5135100670623bf5a5d48c6cee556471426b554399de6770a9fdae37ffcfccce60776b5a30be37c7772ddb62694ae2c24cab674da01734549438f7a79955d81060f65b100f3601640619e0a3d8f04a22dbefaae911f00f123ce6598ad9e618afbac6224b29e4a3b58698378487dcaec088ab7bea892183b39533a1325abf86dbe3d2ff20da7eafb6e6ec06a271c25ae1f892b3880574f8aa422ad42941148f0b9039b4abdd933b3644af7aee5731cec3067d76aae6d3a344d0b89dbe532bbd34c6bb97567a6639f5ba6858b15271f6d686df8459a6750bf8b221fedceeed42759d548dd3dc33aa9cc997e941ff5e6d00fdd2c094acaae8909a075ded3406633c38648f97015bb3913537d176bc101c066603b64002859a58e39f6e973f1d8603eb8202b73b323663b2e241c05481437b19f5585f5979d33fe3e369f4e12a15873ee1d053b1c98706352c8dbf80f7b5004453c7d1315f7046db038c10adf734c933ebd31ba49646a1b1fd59fafd0f3755c6d433c03e3592c5d2eff298c08d9acf8a257a5d79cd48bad04906b77741380b6ca0686ef0e7b289172228614dfed3b2cd13f4dff4ca266d89d4f61deaaff2f8f6f835d6c1277134f26ea2a465346e26af5fdebf7b70d8a9ac98943b2a9afec79a4181cc7c06d981a774ec4e90b3a0d7c9630d2ef4e2ab2b221e054d4d2ebc76136bb6701c486e20d1f3f8eda421cd659f00ae8a73d36fbfe8ae5b13f46c150f93481e1ec555bfea011c985cc0fe396c2fab407df612e04f479947aff1c3c94944cae9ba77e68b1ffd02887cc55d7e1de99b4ab35fdffd6adecebae5bc9b600a7b4ae050da951fa08eac35eebdac160635545938336d55151b67707a6512697635882f6dfa0b07f09f603459cacadd98cd322e637f75fc0af2ae525ce2a350e67bf1721b75ae22ddf2c8f1a00d50529902c7b077a4f24cb8a2f7c500519720afa177fc05cf03dd6354e35ecf03035eacbe18445fba64ddf7cc2af22a8114f5f7d12b4a67e1ff236edd4ecbeffab175e29a99625b4b2bbcc06eae175d10ea94986a7dec12a2ed8dee55f7474662dd394dafc7169403577fb2d04ce1501e72e5d4e316aa955d17184078866cae3fb2a1dbcb2b9e9885ff4a795359ceebceb6d5c04cb405e6f3020b92714676359c3339669ed29dc5ed228355b6e74488da335d7cf0aa30f75e486f98723bbceeec20d8986e0be1e2ab8d2755d85f22f1ffd9b37d0aec955bbdcec638b489feaf97ec1554f937406ba0306ebad2e02088db0d45f78d269188dd53b5dfee5ca23486f82a8ec84b4524e5fcb5570a80877298c35197edca98e1d7143827bb2e0773f88560549b7592a09c16a58e60addd5cde3b592581f2d982944d2aafe7bfc2b3b71be47f1c4c88c43429baf4b7e406423133bce18202085242fdb5d3e2960f655be49c61ab5f5ce0dcc95a16c24b1432f554d52f46e59dd8bc748b722072f147858d989434c1d5260536c1c5d80cc297483d7a3b1d4cf71a9f5f80f1ee3fa75e9e6e8e9f2459e2f9c99e2d2eb17693c36358a94cd15542ba0e5b435548afd4e8a9a799fd7c9f34a4cace085846cd4fb15b022f6be08d2aa7376b78287171bce3f03846e2294b6a8b6e9d1e0dd1fb38f07361365a1fe2f1b8512c506cbd5a5ce6e55a2b2f92d8d9f167dbbd93aea8425ed0e702a6d8a89c1fb9049c43033f6f441faeca86ec4602cc4e2c2a548e2ca96c8562fc96dccbe28caca40644ee9407a727bcd32657b05559f790581d5e391ba55707015f718f68fd725606acbca984139383cdbfa9327aac458eb558caa89761fd7c933dd8a8642ce3b92daff9211b1835540193488a44583d9a6c579c139c725b7a846abf7f28b72529a49e13a3fcbc48be1f14d57fa742465b1feea0069cb8493207f81c106b85e7578d8325f8bdf6a09ca65913e7ea45118d0d13a12afff25b8f7c7c13263591bbe20e80dfb37c8e63fcddfa977f25b0a681e5cb82405c8a99c5f892962e325d8d7a308f534830d523acc7d42cbda7dedad481065301e3371943d61bd9c2cf3839d77330ce6a962e7ea88070b2ba8a47ade15974a326306e1ed22bd47381a2c09a1465dede8ddb40599bb7f5cd1c3682bd1b5ed9250f1de2b46cb3604de83833adac704679006ea29d8295c9aab6b34df927ae112d441b1cd6e41bba89411451c17eb67187d11b90e75ed02eb26b49014288488d5cd77efa538e798386220cd8a5674953165fc6548d3ffaa1b748435de0df1e5c831ae62df0059fa217ddd1ea40fb2f0285af6cf79ce594b25879f0484e426e50cf392bb34b76cced3eb1c0a6b99dff2e859271847ff323b03ee94d3ac77ca7e68da14ac4ccde38fb478e9ac50f2773d30a2a9efaf928651cec7828fbfcbba8e106e70c942ecdf8992a6e77b5391d29c9b527ea8ddfb34052bb0d6699064130bafd1d1bf230ae1461fedc61c2b22509cbe5600920a764b4541fdd0c115db82237da167d4ea18ff5d6d7bed587ae0e871b3482f5033cdf9b463926d9a00e6a401feebb5f3e899f286e7247d66d52966bb1509c893acba16b07018b0e637eebd2459e303ea1f3e3f4acf995f8f6a549cd3722647ea5b626b5d133dc7c0469fe84a78d32041d5c8f9f6b301f46b5b3e78cdb05072d7ab1bec449d491891679f553f9ab1d1169732f236c5bbca5d3027cf16871ea5161084d091578830afd4026f59c422205cdfe045ee33066a072646c1bbb8a895e9282ecf20d7aefd1e0202f1613daa7e2e82d0021822c57fe0f52893ecddac4ddac30d4260c8114b489434731cbf4b519451c5b2f5479f09f227c14c20f6d79ac7fef0ea9abe0238c084498f18c0b42eaa3e69ff64b83513b9a8b8e47767f0aeba1fb696422937e9caf5c3014da1d17b90f4612fb7508085f1377829a0e8985eadee70910da29fd8e844eac0b0fd8800aa70df775df88a44ca878e3c9b0d27970973caad8c1c93018b6110422f2463f4633116a8602ba6b0f29b1da44fda8fcd4a19ff2594a21e46d40dd62f8b91f2124045fcc794d8ae9e34b952f67dacbc7adf8c8435ed6d7a5bde75c4b094e3fefe4a4f082d09037845cb0648a7a0bfc0977930df8a5152c73c4815282c89ed571b74e97228e09ea4cd911dc4f329bc3469e7ecdc1b379fb1ca04c51c1d90d0705772922fdc265be41bb6e264376b75e663999393f0c6d3dc62b679e24fb4fb0b73e795d2709f03a7be99b2fb86cfbb6aa3de4cb4cbce2c4ab4d3755346f4e5d8b9e196ef4028e900b34d6cd86faca0107a498c28765b7826fa26555a73c982ca5771a8cfb6a0eb78ac041a95877f16fe1a1b10bc24c95bc94b5a9619a1aa3c750c812273281b0809eb7c7c4981f56743b428313adb0bf29940c1d94f1f933b8073a5e41c860cc91f851c0d649144855a85cefa5cbd37bd9984d61366775050a0a68a0dbbdf0586cd09b63312a822cb2be959bcaa553036cb389c5aee832083e0026d323ac64d63572297868df5dcea503ec680d5c6b639b746352072f49ddb8d4b012aef12e0f35a1f0a3c842294bf7586680762c123ae9c83efc941ce0b8da6334389e97233cd4dd3990d3bae086d90e4ac165503484df0c5c09cb45cc46a398926be4eccee93ac2bba0c0930249123b38cfee950183a34594771dff51ee801b4cc0f3f2dbdfa722911f7917b7a911d924672936a74b32439304d99be483345a848751020dcfe7f72f4138a91199aeb3f1c47b8b54142e1d4e14f7d8723c6d2d4a89960f22b9c889a7839f2e0083b8a2e5216752a389c91f7c9f6ce258ecc9605069e61baa5b1f2541c5440018487f7ba2a54bb47eba888486ac67531cc86bf8f1a70651a80d6f7bdc3aa0f2e6da0412a2c6c67cf785baa3b206da61987defc9084b3586aaf64c7ebff8826f0a15a466cd79560cc705b4f3894deed290683bdcfd560246bc49be4579a2870e27dcc151f6413143ad4fb0985e8c129c58b5f7915de2e3f3591fd0b91d3859fde18f8d4116602c9865ca06db0f0d619aa1094f8a655bccb0fbbfc55fb3bbbb94b6af55bab58500006018a6d3893043756767615052828e3326e1c61bdfc2bc45979b2d713e50d40ee5d27b342f8475a7f76e254dcd60b87e1ae52063f31c9af2a3734412c60d10fcc6a5286aeefd2bdcc72d2830bd721dd2615a14896126f8e3d4c7ce6a125c2b32b167f0d5cfa2605ea4df98488dc9d7cc64ff59404c4a4487aa9104ae7c0555b611d2a27b99702c99259fe23e71e48f2749887d0b63894feeaaee264cb9ae160901838f9adff65ff87515200d07a836466533d54f56ba7771fe4327d078c8fc554a29fd470b278bba1666dde82519ee951ae2c1d910c76b706afeb9e3fa6a3e4f57f594330c2568a3da9a643e54c5515aa79b6bf77ed8508ae59962b50adb87dfeae488035b48d89b4c901289f2531d243d34f6e0635deb23fb4176ab11b7d2c3b706ee2225aa08898c3a33c0dc233ca2f7209436d5f01878f10aaa5d1cbbf6b902bd2ab5db111bebe0238f90d3b9ffebdb6dc8ba896815e386d9064d97e7a8c51e949da78e3bc1dd66082153f2645e3902985e2016074b71f853928a0c09552ce1931ca8544323b7c417be4f371214786fda5b4aff399f2c1cde41c760d93732b112a8faabcf6ba8db734f76b69fc9c06421a9d05f24f77740f490c2b3535db501eeb85cfbbe0d94396a3b18777e1aa563b9a4da82ab1971941a797fafeb96e51bd48674e0eb2904ee5ac8c12f2ff1e845a373542c8f9472b97f0031b7aad218605b8ff4446dabe1f320755f0c0c214429a92a01a6e356ff770ee209cb2497ca73edcd556c76f943d9f3d2d48df5ab2ce388c00b5b7fa7e9181a7c4a2009bba26dfdfba444368ab98140940fb8e96cf179c71dde7196a6d29b35dd4416d3ba5f04824152ebcddd7d4be72958d0251bcfa7e4b07d6a4b815878947960a3c672440b7dcc8ea48caf42e01da060eac4876f1101f710c4ee35c62a082a845c470eda1d98444a472a15665a450eff397eab988cc59c0a20a4b33f70a9de62d2e1d27a2855f67973c0839b57d83d1e8c8b1fc2b45a2e04a64045b7253e18b71ecc352c7705343d4aae453f107659ea643f12df6e99e0e9fd30d9d3f214a6816f4638f36cd53e534a8b870988d98d08daedf1374c36abe5aebcdeaa241af1ee2808626c6e26f13629319d6d6654f70723b9bab1ad35c6de1cd7e7644293d7cc3ecc44022177bbcc30c32382837d58d00f7263623dd8f57a7c94c17052e3f59feb40c957d601cb78264932f362adbfd09734f7f794fa62a4afd6f1d9bec1923a10a2e9d2d69507d62772d40d92ab545583e0696a64a0b4a27ebd04a04c8b7abd1ce07e892d3cb7d222e0da16eaba99fd3e5b33ea48e653ceb25d0d9b406092a5e7e244c92d2a6d2a45e1811a4792fcd0c6311bd41387750d80be327befea624a28e1b70056d1028347c9f709cfe48d50ca3244a506d34f3477eadb611d523ebac39b71c3f216938bb969d8b447428b5c2139079d1416a59d774103c7fe199c405b38a3f2260492a7a4bc5118146033686c42adc525120073e242a23288dfd4a6f3ba9fd68533a9a6c946dbd5be0a5406fc30b58aa695cbe75bc536dc0184af107be18ac4becccc3ae72775b491c84302ac0d85f2010103715c7d49a90144b78af52ffe6be4624fcf1aa91acbcc90952030bbcfcc5b96a06256cf5bed280ff6755f3e82d6685f44f8d8097786e0e19b33a788d2f7514a1a2869c8b2754cc7feafd1f9bb376c89383f9c90da598369b963cb02b1ebaedda8d876c63af9aec1f2a09739752652e0151a99300113998f4a4d0eaf51c9024de1c7727d902211f969e998d80c623d4b1d975e8c5135a72c5278396f34fe898e21b32f6ca8485e25a45d3ef3b42ff20a8f195efadd5b9f3b3728cc7bfa574d550839e7e97476562d175135a16f25cb5a504b222782b3a9e2c939e506990e6f651da6d6a319cee9658cc44c3423225fe4e81673e2cebeb68f8d89fe6c19d7fb6ab27bf6c6d299cf82b76b0b0e79f318f2372ca3f9eaaffef84cdb44afe0aca0ab406ca6010d5c5ea35dd4ed74bef0431662d1257952df6a80df06e7c3a1bfae5dd9c18d9979ca6ad681867370e0a9f81cc340719bbb15230b9896e3c8f04f32cf2ee7168d69981a15a4c905b4d58880b5b4d04a4ad4cda50317758000a3d9c7068293d89ed04e9e134d662e8d397f05b92004a74c947adcaaf7a745cbc25548911acff46c2891963ad2395a7d396129f7b96695b186f0da5af66a8f59c8c7b6681710d79076cc4502865f0a837c51284fd85002def2445ae37de2837a4775f81b8ec836fd89a005e79d8dd457ca8c2503f1d60faf58611074c2adfe53d237380482605877aaccd752cfe9c1a15e3fdb8e11563748dee6f902eb23aeb9d49e061966196f462c738ed39f3f95e48666e049510ab281d7cc67b3a95904a2fe65860ffebe965b56536319905ae77287608c7b97c1e9024e0b93add82d93f862e1aafc8e20beba45bd5ada968dc5e234d4b1819e489130593529b036d485d481301e21180a9fa637fcdc9b7976b402d70c390bff5a9c4f25b1303a46f4ef01848bca20e18acc5ac1e142db5ac8a101032fdf81d0b65fcfc5abfb4f9d9d3c0c68e83fd1cf2f2dd0aa35b1cdfb8ea304801ba7cb82b140d9a40f5c8f50950f5c4d7f9e0a164ace9201043dc4cd16ba90dc85c116b3ed54873330cc5860d6fc0955531a46b72143b8f8b686b4d200a1b283c542c81ee05a36d34a080f7a9b64bcf8ac94e4c7f840acbf3414115421c51ddea0f957648840f1f9d556580c84462ef2f6ccfef028aecb50c131f378f68e27c45d496e2572a0651a0ce3f0a38ec7014a83ca3ff78e88bb9c1d8d4a19e33b0cec7bd4e2283119a96a44b5a6b6da3da68fd47ff2ed454a9e8db7d88784234944c5c44780f33d83f185a27dbca1613956c2866913cd8cf416198f87b1c0ba65cfaa7ca78e6053258870e5edda713d91915035ff0d68e744c967e0c19f19a2521194e99ef3a11a79029d4f39c8427b8f47de48222a5f5b4f11274223a9f67e2248dc5238bf0ebe97630dddaf356c12e27de62516dbe5a85a7d19c96a9e91ba54366a7e4bd4ac4cd2caa9d3117d1f615a6a7a392d59d8f571d002184c8f6e851fe10d21fb6d34cad733f01a1891f3d79b0d93d7bb871f9b86ca91ffbdf3e5e1dc10ba17f9bed400d8072d6035f4a1764a615ffd62ccce7dea4a32f15eb2da653026412511db952fd766a19620796ec89c10abf2943afc9777451cf91755e64bbec40d701ed1fda0c7216bf46a82e089c647a94bd3463e8999da45e9bc0e1789d4c0b64e0101d5b68f4221ac3c60de54b3c7b1557936ae1f0e6b45cac083683720c56602b79e56f9179dfe9191f8749e77d342b20ab6fe41c0b1ff7aeab33ef77d665318532184fbaa75c2587c6a9ee580a6d4a6731a49db1959444fb809fd0d14e5adc5a6e792457720291418083ccec7bd1eaa501a04da1d7d005aa00c0cc366db852205b00a19cf15e05fa89d247ee16d60ac2c12b8035cd8382edee5a8ae68789254ed6f747423b9fa5e571dcae2ea3164d55db0df18b8d0beb41508f54229cd26a1c580ad29b3bd943a00d94e3e2228d2d609d8d4d6db969bb5a7749b34e67bb0a449f9c33d89701b725124da2c7ab1bad96e0efaac6c17e39ce7e2786fb18ba4f3baf9b9dfefb4e628da609cde8b1e44818df8905d712b60aff756431a619f438538a167c8c878affb70765ea6deaf99e5f5a5e3a098a455d718151cbde33d988933fdf4823246547c368c14784d3fecbd2b21ae7911c40449093d2403b52b237b35d46e6f63893e312a2a478e9e651bacd20fced60edf00eab431aa8edf5ca6bc9ef1357edcbacc3923e3879b0a4523a74c640b5a2bf75803099e1c46c6bdc0996c3bd14f666ab6e7634af88a2b4f9ea82fd317cff13c8365fce8d81e1855b0afaa0afdb2e261a4d031346a50ada30654fb9e761ffab6d6e1c96f5e6e20304acd443ea2ab09cbb0b4479b4c374179536c2c69944a071b6fd8663705b63c35c8b397430ed2b3997718908859c3d1108807bf8876a32a21a545dbb4c5cd04cc43555c232867c313c18028651ee02a0c91d8bf3439de0ee471c75056c11d6aeb1fb7b7f345aac20398bf59f99fe2058c896cd072878e5c782f108a4d15e838038eeebe00d73ebc337141aae891d7cb66809cb2e3f37cdaa853feb5936168540467d34a2809e6740d7091e329d02262220eb1729c32f52fdb34b7ec62da05015e5e77c9d160b6cfed4fd56da7849cec9b6433b4b516eaa8aab96ef161570c70d8144590c1198fef1a519b6d38b69fdc37ff01caaee41a2fe2bc45dc3df7d12b32c50b0506b84534da167e7feeed40db80dd77e0fc41ff8341fa8e9af04ab4afd3ce41dba0ddb7030279c7f53019efe8a00a2663775bc6a3714d8d2185cb8290f7b24d886cb22a61bf5ca61f2af3e8f6d6a34d2e30fa03fd5fc969f4c399055cdbb0dbd18271c34f2957c3eb2a833bce24c48ec6b19fb2c1a5a080a2d269516daa7f43658952764243a10a70272ba0067d841ce64e5e49691ce26897ed02f2770eebb83d19acbbf589a3c47413393f17eeea5d782dc9a28ac9e588a7ffe6b360fbab42af671e653c83576a4401da2745ee1b8998774a727ad437581292ab39c70f17990722247a73e6dce49939f0f6718c85e6555f98286eef0506cd18c796fb82f39df2ff2dc0d5fc1cdf2864d902174fda12701060e33d8ddd1f1d9b34b4fe9b1a49b3b14ba8693a295dd8937a75034e7cfd14f370cff4866775afce4f32459950b530612a3e2848417fc18bd57826974cadecfe8bace037a126167e99131840a4e78cd1dc03cfad13110540fadb7eaf47dc4466cd78debf02bdfaf0e0bf7096d75cd1d484534b39be3108fc953a61f5b13eccdc2d7c98e8897dbe36f4306d4ad2e1400eb5215c2b9d0aceb6ce2dff09e6aaec77f8ba9f6750f31b3530a32b37a6a151bed78ba623893e8147e1eb40e9677cb537f57ade6b94e2b859e9132bd3dcd98a70b506a5eb15e141a46a769f48acc97cfa9ffe23c7e59177faa144fad95fcf0f5e450c36de81e82f9e3b29b80a34663925f55d9b09b40942036ada6075c7a3e3d0c630d08c634bc7a137214f62cecefec99bf35223a81abe30a0ea4e18930cbf2e825fea4522d5ae666d2b69449a1a64147b5a21e48d1ebdb95c01abeba351b3a444c086f6b6201403be7594f5b884e3ced06045c93bae014ff5aaae4cf0237d221ed07a5886f7ed14e0c8607bbd3bd42d9b28c598c6dfb7d47e2632144339ab7e068e3cf48fa8a8b21eea06109800123a12b381269492ce67bb2b09b0e4b82d5e3a48e4f72b3b1e9e71fec8f0c66c53f070993146a32b11ea984f95bf2ccd0607ad38be7f760509e3faf090b0f0c328e8b91f238754accf4497e1858a00eae228b59488c68c59a4b03ab932e537d7fdd801d0d51b6629e816519b24644de3cd588a31e1f374f80b1c2bafc87bfe601b2e42410408e576de72daff3166fbd6f022440fda2e074153af261276d3fee86b5856f04fef4befee75fd69ae5ce28c1a91d550573ec4b68396bb745185fe13611487814e6416d3bb48b8bd10ae3e6b362f763a9a6f2714417cc5f9f92a4a0517edf11357e2ce36c63d462561b030ed9cfe6cc4700617886b8d4ca4be7ec22f38372ae7c6dd1aa52741c5372babf825d2ee3ee16095389ad3c9423adb518d291ffad61907e6b4252cfe5ee1959f4c9841d744bbd2f078ac28a724fa4547fef8a93384462047fc343bfe14673b639130d2de0a164bc19222639e7196ea6b34ed61dbe355fcd9baa78fd45465f1d8868896d463a7f35e59e870c90292848ce1021ac3d3689d75d52c52f42f5683a55589d0d134e72c1ae9261a48e87947dd2f78d08f2167d7bfbf7e3cf5f320ecd6a30d47b1648ccfd0d87b8d299eb673e2c31cb10fee715a0b4706b9ed711ce91829e1e32845580eb1afdd75f36a081fdf7c3d35d122c95d438ae644e16713118d370a33994ddb597ab87c9d3368b06afbcb950218588da9fe25d441c88ff79061cf75d37cf7b0de7cfd2ea9e6b65a2ce430dbf3a24e83ab9b433ae9c874f186cb740b4b3ecb51728edea23a0dc6be5d52db21c5dd00095499d03080a6cd570e8981aa77b0c2c03aafefa4e75ae91b78d364a36ae4918c3de053618a1ec97a47cf24624b9c23c74d2715d84600d21c56b745da79066e95ee968a6bd308199851b159e709c8fb91e8137adf104ce5c00673687e728af1586e81c6b96ab2296d0448c712a18624aa2e6319632f77ae260623aea0e548813aa736f9c091dfc4c31ac1c591743c41cf64ce045223e49d3a98e878450f266a4a60f3278e4f4ff29b6e1ab56c5f79e1fdf76584de956af3dee71075a3628a8a9ccba46aa6f29a9c160c4d88e526d768b0cc6db4a86bfd3ce07d8e75318a5bfe4615f450b97761a3c7086b4f660b6adde9f2d2af85b6aec26d1cd1d18bf93d51233440c5a4df8033286f8e40772032a170106c213bbdcc4b8bd5d0b8b9e1a197889d545416e6ac9114c671f93691a8c6f221757a262acc58a4ccd4f9445d22b62bae014c41d7a4e268bca34f86b2bec241856642b212f8025edf50aa031a8e0e1cd8e548b6de25b4202398a33a5d7da03c1901a32a57dc4914d9393529ee84db2083e80ba83884dd9fff8cac447549ef7498011e698a9371494ffbc3e05447a5df453afb5647533b21dfed714916440d9764491a42d638c93a789e9386fc81e0b9bcb7e4c1d3898bdfb48b1ebd54c617596ca320f8d0905010f9d0693af51549c3bb13746e96dc1925f9a770585acfb30cf7c5d1c5ace269c2a685a884382e333b2c7cb8f4661dc2d4fa53dc05254618aa9decbd62d848319e243a23428f79c04a6e354162044dc4dbeda5468c36d95275059b83fdfc9c07bef8f64cecd9e02c718e65af63ef9fbedf7040df4583287328ba8ca4874f9e633fba97c41564b2c717da5696c259e04f11e760fa21b3dd4e48cbc8892f10c7402df4873b0e1eef09dd1c6c622d48205790e4fe9b81c6114c284798c152a90ba033564567264be3dfdd0b236df172a32bc3faa9e2cda950d98df3bf190ca32d134294476ce4d3079c7c182b0285f400a6cd8240b1340c202b0e1cd51b133881af9103622b0406d600bf8f6664b1d895546bd1bf61de7737e5ad91c06697533416b10d72ec807fc41a13001f5321149f7dd8dd5cf208fe192b2aa0b05b4d5e5afcaae570f63e90afe2e44f0892affc755f3debac204a1af8298cb823deac60412d426a62d6d1e7351f676a5554fb5fa0630f29485c5857b6c91f433eeb6612b20ddab142ccd982d44ca7697f31840882c7d2cdfa0fe4470623d784fc91548fa46c24e1a019dbc24a65ec9d20df70dca1db069eeebdcdb6e5e12b5396938dfaa1c52365dd42f8a37c3dfa2a94da99f78b735dd6a6cb19e40e2565444dd580e974020b14a4acfd5bb76cb1723b", 0x2000, 0x0)
write$binfmt_aout(r7, &(0x7f0000001000)=ANY=[], 0xff2e)
ioctl$TIOCPKT(r7, 0x5420, &(0x7f0000000180)=0x81)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0xde2e, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r7, &(0x7f0000000080))
dup3(0xffffffffffffffff, r7, 0x0)
ioctl$TIOCSTI(r7, 0x540b, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
clock_settime(0x7ffffffff000, &(0x7f0000000040)={0x77359400})

3.178042782s ago: executing program 1 (id=2796):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f00000000c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r1, &(0x7f0000000100)=[{&(0x7f0000000000)=""/9, 0x2c}], 0x1, 0x2f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x64, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x0}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x64}}, 0x48080)
syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000004680)=ANY=[@ANYBLOB="61636c2c6e6f696e74722c6174696d655f7175616e74756d3d30303030303030303030303030303030303030372c6c6f63616c666c6f636b732c6c6f63616c616c6c6f633d30303030303030303030303030303030303030332c6c6f63616c666c6f636b732c696e74722c6865617274626561743d6e6f6e652c0024855616ead4c7dc9e9da093713b0e6a6e67e1af8e4f5d7cbff1185218b41bcefa2f4f41b8212051258a0a6168526c8eef9d759bbb36a4b49ff8042320899ca9b6e9fa68a0abe364e0e2d46408f18da37d557aa1ebb8aa29451a584f1980dc477bd97f6a0446b8957872e51c2adf98e1acff806babdc9d58bc06d6d0b19476862cebe64cafa5a069852602786f40bf6a1bf7594e171d16ced9409b168ef591c2f5b676a2eb18e8a3b91275fd4467aea2037bd9790e240137bc7c80cc99e9dd662a5f"], 0x1, 0x4430, &(0x7f0000000240)="$eJzs3c9PHNcdAPA3A67BtV1wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXNYLrG2ShbVgiXLwgdws5RQphygHK5Fy42RxyNX5E3LJ0TlbSg65RIpkhWh3Z2FndldsEAux8/kcGOb9Zr8zb98chhcnKg+W1nJLa7nCSq68cG/tQu7tcml9uRjiQ9K2/2OH1z/d6cV1ctTX3i/ZzctX/3vnQgifL375Ynt7eztU9Ye2xpp+/+7bRwvNx4Y4U6fabvvWDsobIYSzLeOq6gsh/P+zEKIQwqUkbTI5DoYQToV63p1H793NHdBonj4vXsy/nHu8NX5+dvPJVue/PQrho9Lv/nZ/+es/9o1/9ZcD6h4AAAAAAAAAAAAAAAAAgFfc9K2bt/8zOhaeRaF/M2p9X3c6OXZ6P3b7wPyh938sAAAAAAAAAAAAAAAAAAAA/Eztvv+fi860ef9/KjlOdKi//a/ej5Hemfn3zakro2PJ/u9RS/7fk6RvLvWF4Tb7vmf3f7+Uqd9+//fWfvarMb5Gv0MhikdS53E8MhLCJ8nG7+eiE3GpvFb5673y+srigQ3jlZWOf333/lR0kg39u43/ZKb93u///9uWq6l6fvfgLrHXWjr+fR3Lffpu1FX8L2fqHUb82b90/PtraYPNBSbqE0A1/u/37x3/qUz7vYr/6RBCLqqONZeaAaprmGp6p/UKaen4H6ulpabO5IPsdP9/n4n/lUz7RzX/b2S/iGgrHf9f1dIGUiV27//heO/7/2qm/aOIf3X8G77/u5KO//F6Yn+qSO2T7Hb+n86036v4346TcZ6OUlfAZlRP7/T/6khLx3+gJX/3+S/uav13LVP/sJ7/Gv02nv8a0/+fo/rzH+2l4z/YsVy39/9Mpl6v5/+J2vqP/UrH/0QtLb12Hqr97Db+s5n2exX/2qpkoBH/3fnkh+P19I+t/7qSjv+v64lxc4mN2s/a+i/ae/1/PdP+Uaz/quPfiHvb6+siHf+THctV4/9FF9//NzL1muLfurg4IKPW+vuWjv+pjuVq9//A3vGfy9Tr9f3/p142DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAKmEyOQyEaSp/H8chICJeT83PhRDRfWMzPl8oLb62FMJWk58KZ6H6pPF8o5ZdWyovFfKFUKi+EcCXJPxsGorVSuZJfLjy8utPWYPSgWFitzBcLlRDCdJL++3Cq0db8UmW58DCEcG0n7zdxefXhg8JKfnFp9Z+jo6OjYWZnDMNR8Z1KcaVS772eG8LsTt2hqGlwtezrO2M5Gb1ZXl9dKZRq6Tea6pTKC4VSU525JO+DMBxVVtdXFgqVYr5Uvt/o7yhNJMepmVv/u3VjrCX/blQ/Th7usAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4iZ6N/+PDEEJ//SwOIUw0fonalX/6vHgx/3Lu8db4+dnNJ1svOpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ed24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKA0EURiA34yF2nkMq2W3s11RRAtXBE+gx/AwehQv4R1SpEibIgSSWQibXdgmqb6veTA/M+/BPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//9kGHvg=")
r3 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000000)='./file0\x00', 0x14812, &(0x7f00000000c0)=ANY=[@ANYBLOB='iocharset=iso8859-%,utf8=1,shortname=lower,uni_xlate=1,shortname=win95,iocharset=cp775,uni_xlate=1,rodir,utf8=1,uni_xlate=0,tz=UTC,rodir,uni_xlate=0,utf8=0,codepage=1255,nonumtail=0,\x00'], 0x25, 0x2a1, &(0x7f0000002300)="$eJzs3T9rI0cUAPC3siwpSSEVqUIgC0mRythu08gEG0xUJahIUiQmtiFYImCDIX+I4iptmpT5BIFAuvsS19w3OLj24LpzYdhjpd2T7JNl67Ds+/P7NR7Pzpt5Mx5sXOzT9x/2D3bT2D/57WE0GklU2tGO0yRaUYnSH3FO+68AAF5np1kWT7KReeKSiGgsLi0AYIHm/vv//8JTAgAW7Kuvv/lio9PZ/DJNG7HV//O4m/9nn38dPd/Yjx+jF3uxGs04i8ieG7W3siwbVNNcKz7pD467eWT/u/vF/BuPI4bxa9GM1rDrfPx2Z3MtHZmIH+R5vFus387j16MZ709Zf7uzuT4lPrq1+PTjifxXohkPfoifohe7wyTG8b+vpenn2d9Pf/02Ty+PTwbH3fpw3Fi2dMs/GgAAAAAAAAAAAAAAAAAAAAAA3mArRe2cegzr9+RdRf2dpbP8m+VIS63z9XlG8Uk50YX6QIMs/inr66ymaZoVA8fx1figGtW72TUAAAAAAAAAAAAAAAAAAAC8Wo5+/uVgp9fbO7yRRlkNoHyt/2XnaU/0fBSzB9fHa1WK5oyZY6kck0TMTCPfxA0dy1WNdy7L+d//5p2wcfWY5VnnczON8nYd7CTTz7AeZU+jvCT3JsfU4ppr1S57lM11/WpTHzXn3nvtvWFjMGNMJLMS++zR6OSKnuTiLmrDU50avlw0JsIv3I257vOLvysS1ToAAAAAAAAAAAAAAAAAAGChxi/9Tnl4MjO0ktUXlhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Krx5//P0RgUwdcYXIvDozveIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG+BZwEAAP//w1FiAg==")
ioctl$FS_IOC_SETVERSION(r3, 0x40087602, &(0x7f0000004800)=0x8)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x4c02, &(0x7f0000000140))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.swap.events\x00', 0x275a, 0x0)
fstat(r5, &(0x7f0000000280))
r6 = fsmount(r5, 0x0, 0x71)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000004840)=<r7=>0x0)
fcntl$setownex(r6, 0xf, &(0x7f0000004880)={0x3b8b84e6c86c4f65, r7})
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16, @ANYRES8=0x0, @ANYRES64], 0xb, 0x0, &(0x7f0000000000))
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchmod(r8, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r8, &(0x7f00000047c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000000d1419002bbd7000fd71d11dcfe10a107aaf2383a51e05dbdf250800"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x80000)

3.036209005s ago: executing program 3 (id=2797):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'tunl0\x00', &(0x7f0000001380)={'ip_vti0\x00', r1, 0x8000, 0x780, 0x2548, 0x1, {{0x1b, 0x4, 0x1, 0x9, 0x6c, 0x65, 0x0, 0x3, 0x2f, 0x0, @remote, @remote, {[@timestamp_prespec={0x44, 0x14, 0x37, 0x3, 0x8, [{@multicast1, 0xb}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3}]}, @ra={0x94, 0x4}, @timestamp_addr={0x44, 0x1c, 0x16, 0x1, 0x2, [{@loopback, 0x1}, {@dev={0xac, 0x14, 0x14, 0x37}, 0x9}, {@empty, 0x8}]}, @end, @cipso={0x86, 0x20, 0x3, [{0x6, 0xc, "f1ba17cf6755c2bf1fd3"}, {0x7, 0xe, "81f173d16f73215d363518d9"}]}]}}}}})
syz_open_dev$sg(&(0x7f0000000140), 0x0, 0x8080)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', 0x4006, &(0x7f0000002440)=ANY=[], 0xff, 0xc0c, &(0x7f0000001500)="$eJzs3V9sHVdaAPDvjO3YSdHupduk3aVa3RapG7JssJ1t08or0VBjsWy2NXW8C5SH3sROuMS5vrKdblrBbnjqA0iYReKFRUJCiyoeVkZoH+BpkZB4tdC+IaSwLKUIId2HrfqCajRzz42vHacJdRznz+8nJd/cme/MnDlnMjN3zh0lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIX/rlU6Njab9rAQDcTS/PvDo67voPAA+VM77/AwAAAAAAAAAAAADAvS5FEe9Fim882UmvV5+7Rk43W5evzE5O7VzsYKpKDlT55Z+RsfETX3z2uZPP9+JHl7/TPh2vzJw5VX9p8VJ7aX55eX6uPttqnlucm7/tNey2/HbHqgaoX7p4ee78+eX6+PETWxZfqb07/MiR2sTJsdcO93JnJ6emZvpyBoc+9tZvcLM3PA5EEecjxcV33kuNiChi921xi2Nnrx2sduJYtROzk1PVjiw0G62VcuF0ryGKiFpfoRd7bXQX+mJX6hFXy+qXFT5W7t5Mu7HUOLswX59uLK00V5qLrenUrW2q0ot4PkW0I6IzfOPqhqKIb0aKt7/TSWcjYqDXDp+vXgy+dX2KPdjH2zAYEbWhiPXiPuize9hwFPG9SPHtb43GudyuVbM9E/HVMh6JuFzGaxGrZfxsRCoPkMci3t/heOL+MhhF/EGk+MlEJ831+r46r5z+Wv3LrfOLfbm988p9f324m+7xc9NIFNGozvid9PFvdgAAAAAAuPcU8ceR4qkfHk3t6B9TbLYu1M80zi50nwr3nv3Xc6mNjY2NWurG0Rync2znuJrjWo7rZYzNFdSKXD7H6RzbOa7muJbjeo6dHGsDuXyO0zm2c1zNcS3H9Rw7OdYGc/kcpwerml1t58+rOa7luJ5jZ3A/+gkAAAAAAAAAbu5gFPH1SPHML7xRvVcc1Xvpn5w4+erxX+1/Z/yJW6ynzD0eEWvF7b2TeyC/OjydplPap3eI6b7/93v5/b/f3+/KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+6qIIp6OFG98v5MiRUQ94vXoxmvD+107AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgThhJRbwfKf70KyPV5/Ui4jcj4sONDzci4tqHG3fafu8xAAAAAAAAADyAUhFvRoqnX+2kWkRcqb07/MiR2sTJsdcOD8RApDKlP/+VmTOn6i8tXmovzS8vz8/VZ1vNc4tz87e7uZHTzdblK7OTU3uyM7d0cI/rf3DkpcX2m0vNC7+9suPyQyOnzi6vLDXO7bw4DkYRUe+fc6yq8OzkVFXphWajVRWdTrdbYwAAAAAAAAAeBkOpiA8jxdt/9c71cefB7pj/4Pbc734posjTk3n8+fowdPW7gU9UvxvoTn9y4uSvjX+mf3rHIetj1YB6fXZyamqmb/bg0I2pI3m7o7vbZfqU/b8SKf7wz+vpqTxva/8PXM/97u9u9vfV7Su6SZ//P/p/S4/3+v+n++aV20ypiL+JFD/z60/EU1U9D8UNv5nIeV+JFL+x9mTOiwNl3tN5+aPV3yPnmwvzo2XulUjxD5e35j6Tcz+1mTt2u+16vyj7/+lI8d+/tXa9bXL/5x7Y7LX+/v/M9qNj9/2/47//R/vm1fJ2f/bO7DoRsfzmWxcbCwvzSw/jxMC9UQ0TJnaeiKv7t/X9PjNxN5TX/69Hir//k3+5fr+Tr/8/FdVt1eb93wff3Lz+T2xf0R5d/z/VN28i340MDUaMrFxqDz0eMbL85ltfaF5qXJi/MN86cfKF58ZHXxgbPTF0oHdztzm1fcs3fL95GJX9/zuR4ns/+uv4XJ639f5v5/v/Q9tXtEf9/1jfvENb7ld2vevk/v/fSPFPkz+Io3neR93/977/H8034dfvz/eo/w/3zau+430i4uf65h09HPHAfSkDAACAOyylIn6Qx1NHbzGe+o+R4q3/+vmcl46UeS/m5bXq75GXF1tfOLWwsHiusdI4uzBfn2k3zs2XZX8cKTp/+WQuW1Tjq73x5u4Y7+ZY7D9Hihd+pZfbHYvtPZt6bDN3rMw9Hin+6OWtub3nGIc3c8fL3H+NFGOv7Zx7ZDP3RJn7n5Higz+r93IPlblfyrmPb+YeP7e4MLcH3QIAAAAAALsylIp4LlL83YnB1Hu+fTu//7zhofce/f7v8b55c3fpfZVdNyoA3OPK6//R8qr+i39xfSx/6/V/8z2Z/uv/dv3/b8DNpj/O9b92Z3YTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KGToojFSPGNJzvp2nD5uWvkdLN1+crs5NTOxQ6mquRAlV/+GRkbP/HFZ587+XwvfnT5O+3T8crMmVP1lxYvtZfml5fn5+qzrea5xbn5217Dbstvd6xqgPqli5fnzp+PGD9+YsviK7V3hx85Ups4Ofba4V7u7OTU1ExfzuDQx976DXr9WmybfyCK+J9IcfGd99K/Deflu2yLWxw7e+1gFPG3EVHuxOzkVLUjC81Ga6VcON3XELW+Qi/22ugu9MWu1COultUvK3ys3L2ZdmOpcXZhvj7dWFpprjQXW9OpW9tUpRfxfIpoR0Rn+MbVDUURQ5Hi7e900o+GIwZ67fD5l2deHR2/SSVGNie3H1B3yWBE1IYi1ov7oM/uYcNRxLOR4tvfGo1/H+62a9Vsz0R8tYxHIi6X8VrEahk/G5HKA+SxiPd3OJ64vwxGEY9Gip9MdNKPh3PfV+eV01+rf7l1frEvt3deue+vD3fTPX5uGoki3qvO+J30H/49AwAAAAA8QIp4IlI89cOjqRofvD6m2GxdqJ9pnF3oPtbvPfuv51IbGxsbtdSNozlO59jOcTXHtRzXc+zkWCty+Rync2znuJrjWo7rOXZyrA3k8jlO59jOcTXHtRzXc+zkWBvM5XOczrGd42qOazmu59gZ3M/+AgAAAAAAANhZEUV8LlK88f1O2hjuDvC+Ht14zftAD7z/CwAA//9v9lF3")
socket(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$kcm(0x2, 0x1000000000000002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000b80)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ced4fbd44e24eb0d34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3a06d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796efea77aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece72f2090000f44a3210223fdae7ed04935c3c90941576aebc8619d73415cda2130f5011e4845505000001000000004f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c040035cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bf463261135e24d154114df1381b02a0dcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f884cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e1700000000000000000000000000000000000000000000000000000520500002952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9a33c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a62415f78000000005f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c81c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b40824095135861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac00000b0000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e5dd921a5eadd4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293d5c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e602c28ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f257aac5af18d8c6b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e29b10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe8e4cd14dc5c1eb98b63198f6f830745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b51c34a5384f2cf51180c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af243b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380ecf1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f558982d57c556ca1427b5960b79990565ca2a20996fcba472213744d3a156979651596afde2b0089f023fcfccd072bd6ea8445fc787390d71ec61d5b7b0f05f6931914bf49aa0d66eff294271a93e32f54f281068514a4cd2d0700a43df59e9924e4affdbd22405e675e9d7cdc10546571131831d4dc8c8363077a908d9ae4f27ff095f5b07667f93a3573d3fabfca58ee0a6b6a691102bb3c7be4dc5b816853275e7ae8c13ec341bad15353fad794b46c4fd73e1b4cc78de2156cb158870d5b8446dae9ba5f7f244e6cf8f6791671057347208a313ebbcb72b04706005670f2b0055e440d72c7c3316982c6ebe8675458cf6bb393b007f5cedb7bc411834600000000000000000000000000a20071b07d568a8150ed646b4978d0226d9651647a5999ae7c7c85322a215fcdb1adbad63499518fe0d10145d430422c78367dfa941f74b63f3884565ac89c673da2c2b1172be5f2cd1f3f453ebddd432bd24c73fa773b739e20fcec16a821230654a383ac1868495f67d942c772ca75e09073dbe9307ff5cac7c2c411149a4d989a8a019e068da218d4bc34e4102fd2f97397331e4cd70b4915582b635f07ca87f00dc929f902540f565c20add8675b79e005cf0277d954697317b907b77fa5d6b7feaebaf676a2a37de8aa70748fee4bc198ffd3e2de11eb0eff896fd94de0805ba6b1054a7b3e300d4581e9af62a1ecaee96d2819b3d192e5b9561eb622da25450f586be14017a1cf74f89a1dd18af004decfe266134c3d036ae7996931fe6008a73ed34c35f0da4ffee1fe63bc1af6ef1b4731d50b8ceb582a1e9c6e8d97f8290cc105754f592d16ccdb1df8636d7ca5e372cea97dd0f005cc7092b126dd46758917fb0d94b8483d403bd451429cc1660f0b5a529d8134dc2702f6d8e2f943d98fbe50a3ba653f13f98a00fcbf311f9758ade8e4eb87b4b9fb2d387f5d8c4bdcab2fff9ed8c9de961fd831a070381c8020352fea7c334b2959ddd956701a7ea415e224a81c9fa1ebbabe74f7743e09b6c8b72650b51d5c2000ef3679c039b3604374fc1af7ab354204afbd24f0e701bc08a98452ce2668617e85e0d876f5a8b6d9b777f1c384d8a9883e4262defb6b9aab8d5b76bc91ca50f87966797da2499ca0ac76707c0408a7b6d8708fe7714988babdc11f"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r2, 0x88, 0x67, &(0x7f00000002c0)=r3, 0x4)
sendmsg$inet(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x2, 0x4e1d, @multicast2=0xe0000001}, 0x10, &(0x7f0000000480)=[{&(0x7f00000000c0)='\x00D', 0x2}, {&(0x7f0000000300)="f8f1c5", 0x3}], 0x2, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xe}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x20}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x5, 0x0, 0x0, 0x0, 0x44, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
open(&(0x7f0000000040)='./bus\x00', 0x1e3143, 0x0)
r4 = open(&(0x7f00000000c0)='./bus\x00', 0xca942, 0x0)
ftruncate(r4, 0x8002007ffb)
r5 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2012024, 0x0)
pwritev2(r5, &(0x7f0000000500)=[{&(0x7f0000000e80)="d4", 0x1}], 0x1, 0x0, 0x0, 0x10)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}}, 0x0)
recvmmsg$unix(r6, &(0x7f0000002380)=[{{0x0, 0xffffffffffffff8f, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1004}], 0x1}}], 0x8, 0x0, 0x0)

1.769464751s ago: executing program 4 (id=2798):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000850000007d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x8f}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='page_pool_state_release\x00', r0}, 0x10)
set_mempolicy(0x4, &(0x7f00000004c0)=0x9, 0x3)
fcntl$getownex(r1, 0x10, &(0x7f0000000040)={0x0, <r2=>0x0})
ptrace$ARCH_SET_GS(0x1e, r2, &(0x7f00000003c0), 0x1001)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="a800000000010104000000000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c0002800500010000000000440010800800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000180)={0xaa, 0x5ac})
userfaultfd(0x800)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000400)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x5})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuset.memory_pressure_enabled\x00', 0x26e1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080005300000000faff0000940000000fad413e55"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(r5)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000004c0))
ioctl$SIOCSIFHWADDR(r5, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000001000000008500000076000000950771313bddc6c230b06a778970a74c0000da384f2be875919a7425540e4694dca8d9c8c78eadb000"/76], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r8, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

192.650853ms ago: executing program 2 (id=2799):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
fsetxattr$security_ima(r0, 0x0, &(0x7f000001f640)=ANY=[], 0x2, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000940))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

0s ago: executing program 4 (id=2800):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket(0x22, 0x2, 0x25)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./bus\x00', 0x0, &(0x7f0000000100), 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @private1}, 0x1c)
shutdown(0xffffffffffffffff, 0x1)
creat(0x0, 0x0)
mount(&(0x7f00000003c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x1a, 0x0, "ef359f413bb93852f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a4b78c660e677df701908b9aaa3f6a00400", "036c47c6780820d1cbf7895263bdbcef0100a197fce47ddfdd753abd9501ce721b6ae9b49600002a000000000000000000000000000018c900", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
pwritev2(r2, &(0x7f0000000000)=[{&(0x7f0000000140)='y', 0x1}], 0x1, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

_data cause=failed comm="syz.2.2359" name="file1" dev="loop2" ino=1048924 res=0 errno=0
[ 1603.825387][ T1585] mkiss: ax0: crc mode is auto.
[ 1603.895172][ T1600] loop0: detected capacity change from 0 to 64
[ 1603.977492][ T1598] FAULT_INJECTION: forcing a failure.
[ 1603.977492][ T1598] name failslab, interval 1, probability 0, space 0, times 0
[ 1603.992927][ T1598] CPU: 0 UID: 0 PID: 1598 Comm: syz.3.2364 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1604.005181][ T1598] Tainted: [W]=WARN
[ 1604.009170][ T1598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1604.019463][ T1598] Call Trace:
[ 1604.022940][ T1598]  <TASK>
[ 1604.026057][ T1598]  dump_stack_lvl+0x216/0x2d0
[ 1604.031045][ T1598]  dump_stack+0x1e/0x30
[ 1604.035489][ T1598]  should_fail_ex+0x748/0x7f0
[ 1604.040485][ T1598]  should_failslab+0x17f/0x210
[ 1604.045644][ T1598]  kmem_cache_alloc_node_noprof+0xeb/0xb80
[ 1604.051769][ T1598]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1604.058421][ T1598]  ? __alloc_skb+0x1e9/0x7b0
[ 1604.063297][ T1598]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1604.069391][ T1598]  __alloc_skb+0x1e9/0x7b0
[ 1604.074092][ T1598]  create_monitor_ctrl_close+0x11c/0xab0
[ 1604.080010][ T1598]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1604.085502][ T1598]  hci_sock_release+0x15f/0x7f0
[ 1604.090656][ T1598]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1604.096833][ T1598]  ? __pfx_hci_sock_release+0x10/0x10
[ 1604.102486][ T1598]  sock_close+0xd6/0x2d0
[ 1604.107041][ T1598]  ? __pfx_sock_close+0x10/0x10
[ 1604.112197][ T1598]  __fput+0x32c/0x1120
[ 1604.116545][ T1598]  ? __pfx_____fput+0x10/0x10
[ 1604.121504][ T1598]  ____fput+0x25/0x30
[ 1604.125758][ T1598]  task_work_run+0x268/0x310
[ 1604.130642][ T1598]  syscall_exit_to_user_mode+0xce/0x170
[ 1604.136487][ T1598]  do_syscall_64+0xda/0x1e0
[ 1604.141285][ T1598]  ? clear_bhb_loop+0x25/0x80
[ 1604.146246][ T1598]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1604.152473][ T1598] RIP: 0033:0x7f995417dff9
[ 1604.157132][ T1598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1604.177046][ T1598] RSP: 002b:00007f9954ead038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1604.185780][ T1598] RAX: 0000000000000000 RBX: 00007f9954335f80 RCX: 00007f995417dff9
[ 1604.194011][ T1598] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000003
[ 1604.202235][ T1598] RBP: 00007f9954ead090 R08: 0000000000000000 R09: 0000000000000000
[ 1604.210460][ T1598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1604.218682][ T1598] R13: 0000000000000000 R14: 00007f9954335f80 R15: 00007ffe12fb7738
[ 1604.226926][ T1598]  </TASK>
[ 1604.230215][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1604.288427][  T539] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1604.347405][ T1600] syz.0.2363: attempt to access beyond end of device
[ 1604.347405][ T1600] loop0: rw=34817, sector=39, nr_sectors = 26 limit=64
[ 1604.648485][ T4359] kworker/u8:27: attempt to access beyond end of device
[ 1604.648485][ T4359] loop0: rw=1, sector=65, nr_sectors = 33 limit=64
[ 1604.871017][ T1620] loop3: detected capacity change from 0 to 256
[ 1605.512955][T32241] EXT4-fs error: 182 callbacks suppressed
[ 1605.513102][T32241] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[ 1605.552185][T32241] EXT4-fs error (device loop4): ext4_empty_dir:3128: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[ 1605.578534][T32241] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[ 1605.653571][ T1620] FAT-fs (loop3): Directory bread(block 64) failed
[ 1605.660874][ T1620] FAT-fs (loop3): Directory bread(block 65) failed
[ 1605.667812][ T1620] FAT-fs (loop3): Directory bread(block 66) failed
[ 1605.674719][ T1620] FAT-fs (loop3): Directory bread(block 67) failed
[ 1605.681763][ T1620] FAT-fs (loop3): Directory bread(block 68) failed
[ 1605.688538][ T1620] FAT-fs (loop3): Directory bread(block 69) failed
[ 1605.699946][ T1620] FAT-fs (loop3): Directory bread(block 70) failed
[ 1605.708191][ T1620] FAT-fs (loop3): Directory bread(block 71) failed
[ 1605.715392][ T1620] FAT-fs (loop3): Directory bread(block 72) failed
[ 1605.716445][T32241] EXT4-fs error (device loop4): ext4_empty_dir:3128: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[ 1605.722167][ T1620] FAT-fs (loop3): Directory bread(block 73) failed
[ 1605.821269][T32241] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[ 1605.867191][T32241] EXT4-fs error (device loop4): ext4_empty_dir:3128: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[ 1605.937924][T32241] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[ 1606.048382][T32241] EXT4-fs error (device loop4): ext4_empty_dir:3128: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[ 1606.127772][ T1647] loop0: detected capacity change from 0 to 2048
[ 1606.202615][ T1647] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1606.242401][T32241] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 18: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=256, rec_len=1024, size=1024 fake=0
[ 1606.378510][T32241] EXT4-fs error (device loop4): ext4_empty_dir:3128: inode #11: block 18: comm syz-executor: bad entry in directory: inode out of bounds - offset=4096, inode=256, rec_len=1024, size=1024 fake=0
[ 1606.590238][ T1651] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2370'.
[ 1607.156389][ T1669] loop1: detected capacity change from 0 to 8
[ 1607.198321][   T60] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1607.252425][T32241] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1607.353204][   T60] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1607.582879][   T60] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1607.614004][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1607.698582][   T29] audit: type=1800 audit(1727607975.572:423): pid=1647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2369" name="bus" dev="loop0" ino=1318 res=0 errno=0
[ 1607.720680][   T60] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1607.850291][ T1683] Process accounting resumed
[ 1608.121334][   T60] bridge_slave_1: left allmulticast mode
[ 1608.127351][   T60] bridge_slave_1: left promiscuous mode
[ 1608.134201][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1608.791272][   T60] bridge_slave_0: left allmulticast mode
[ 1608.797285][   T60] bridge_slave_0: left promiscuous mode
[ 1608.803989][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1609.329220][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1609.366981][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1609.398683][   T60] bond0 (unregistering): Released all slaves
[ 1609.564769][ T1701] loop0: detected capacity change from 0 to 256
[ 1609.647618][ T1707] loop1: detected capacity change from 0 to 256
[ 1609.916296][ T5198] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1609.934538][ T5198] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1609.948387][ T5198] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1610.011189][ T1701] FAT-fs (loop0): Directory bread(block 64) failed
[ 1610.018013][ T1701] FAT-fs (loop0): Directory bread(block 65) failed
[ 1610.025231][ T1701] FAT-fs (loop0): Directory bread(block 66) failed
[ 1610.032154][ T1701] FAT-fs (loop0): Directory bread(block 67) failed
[ 1610.039045][ T1701] FAT-fs (loop0): Directory bread(block 68) failed
[ 1610.045980][ T1701] FAT-fs (loop0): Directory bread(block 69) failed
[ 1610.053089][ T1701] FAT-fs (loop0): Directory bread(block 70) failed
[ 1610.059965][ T1701] FAT-fs (loop0): Directory bread(block 71) failed
[ 1610.067058][ T1701] FAT-fs (loop0): Directory bread(block 72) failed
[ 1610.074089][ T1701] FAT-fs (loop0): Directory bread(block 73) failed
[ 1610.136255][ T1701] FAULT_INJECTION: forcing a failure.
[ 1610.136255][ T1701] name failslab, interval 1, probability 0, space 0, times 0
[ 1610.149371][ T1701] CPU: 1 UID: 0 PID: 1701 Comm: syz.0.2380 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1610.161521][ T1701] Tainted: [W]=WARN
[ 1610.165498][ T1701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1610.175853][ T1701] Call Trace:
[ 1610.179303][ T1701]  <TASK>
[ 1610.182404][ T1701]  dump_stack_lvl+0x216/0x2d0
[ 1610.187376][ T1701]  dump_stack+0x1e/0x30
[ 1610.191793][ T1701]  should_fail_ex+0x748/0x7f0
[ 1610.196752][ T1701]  should_failslab+0x17f/0x210
[ 1610.201798][ T1701]  __kmalloc_noprof+0x175/0xf30
[ 1610.206950][ T1701]  ? tomoyo_realpath_from_path+0x104/0xaa0
[ 1610.213033][ T1701]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1610.218488][ T1701]  tomoyo_realpath_from_path+0x104/0xaa0
[ 1610.224402][ T1701]  ? __srcu_read_lock+0x76/0xd0
[ 1610.229541][ T1701]  tomoyo_path_number_perm+0x1d9/0x8f0
[ 1610.235345][ T1701]  tomoyo_path_mknod+0x191/0x1e0
[ 1610.240548][ T1701]  security_path_mknod+0x20f/0x650
[ 1610.245921][ T1701]  path_openat+0x1b8e/0x6200
[ 1610.250829][ T1701]  do_filp_open+0x20e/0x590
[ 1610.255624][ T1701]  do_sys_openat2+0x1bf/0x2f0
[ 1610.260557][ T1701]  __x64_sys_openat+0x2a1/0x310
[ 1610.265672][ T1701]  x64_sys_call+0x120e/0x3ba0
[ 1610.270630][ T1701]  do_syscall_64+0xcd/0x1e0
[ 1610.275402][ T1701]  ? clear_bhb_loop+0x25/0x80
[ 1610.280336][ T1701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1610.286539][ T1701] RIP: 0033:0x7f5485d7dff9
[ 1610.291177][ T1701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1610.311076][ T1701] RSP: 002b:00007f5486abb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1610.319811][ T1701] RAX: ffffffffffffffda RBX: 00007f5485f35f80 RCX: 00007f5485d7dff9
[ 1610.328017][ T1701] RDX: 00000000000026e1 RSI: 0000000020000000 RDI: ffffffffffffff9c
[ 1610.336211][ T1701] RBP: 00007f5486abb090 R08: 0000000000000000 R09: 0000000000000000
[ 1610.344406][ T1701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1610.352598][ T1701] R13: 0000000000000000 R14: 00007f5485f35f80 R15: 00007ffc0a5affd8
[ 1610.360810][ T1701]  </TASK>
[ 1610.373086][ T1701] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1610.436811][ T1707] FAT-fs (loop1): Directory bread(block 64) failed
[ 1610.443959][ T1707] FAT-fs (loop1): Directory bread(block 65) failed
[ 1610.451133][ T1707] FAT-fs (loop1): Directory bread(block 66) failed
[ 1610.457948][ T1707] FAT-fs (loop1): Directory bread(block 67) failed
[ 1610.466873][ T1707] FAT-fs (loop1): Directory bread(block 68) failed
[ 1610.474216][ T1707] FAT-fs (loop1): Directory bread(block 69) failed
[ 1610.481291][ T1707] FAT-fs (loop1): Directory bread(block 70) failed
[ 1610.488218][ T1707] FAT-fs (loop1): Directory bread(block 71) failed
[ 1610.495329][ T1707] FAT-fs (loop1): Directory bread(block 72) failed
[ 1610.501882][ T5198] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1610.502165][ T1707] FAT-fs (loop1): Directory bread(block 73) failed
[ 1610.520109][ T5198] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1610.530042][ T5198] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1610.619853][ T1719] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2384'.
[ 1610.783227][ T1727] loop3: detected capacity change from 0 to 8
[ 1611.712929][   T60] hsr_slave_0: left promiscuous mode
[ 1611.727282][   T60] hsr_slave_1: left promiscuous mode
[ 1611.817637][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1611.826174][ T7089] kworker/u8:0: attempt to access beyond end of device
[ 1611.826174][ T7089] loop1: rw=1, sector=1224, nr_sectors = 4 limit=256
[ 1611.852584][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1611.933902][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1611.946773][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1611.950192][ T1768] loop2: detected capacity change from 0 to 512
[ 1611.993940][ T1768] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1612.081201][   T60] veth1_macvtap: left promiscuous mode
[ 1612.087039][   T60] veth0_macvtap: left promiscuous mode
[ 1612.093175][   T60] veth1_vlan: left promiscuous mode
[ 1612.098786][   T60] veth0_vlan: left promiscuous mode
[ 1612.487623][ T1779] loop1: detected capacity change from 0 to 4096
[ 1612.559584][ T1781] loop0: detected capacity change from 0 to 1024
[ 1612.598408][ T1768] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1612.612311][ T1768] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1612.716135][   T29] audit: type=1326 audit(1727607980.552:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1780 comm="syz.0.2392" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5485d7dff9 code=0x0
[ 1612.738078][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1612.750646][T26458] Bluetooth: hci3: command tx timeout
[ 1612.794149][ T1779] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1613.218334][   T60] team0 (unregistering): Port device team_slave_1 removed
[ 1613.249005][   T60] team0 (unregistering): Port device team_slave_0 removed
[ 1613.279999][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1613.526315][ T9107] hfsplus: b-tree write err: -5, ino 4
[ 1613.621451][ T1776] netlink: 108 bytes leftover after parsing attributes in process `syz.1.2391'.
[ 1613.908157][ T1798] nvme_fabrics: missing parameter 'transport=%s'
[ 1613.916055][ T1798] nvme_fabrics: missing parameter 'nqn=%s'
[ 1614.251894][ T1711] chnl_net:caif_netlink_parms(): no params data found
[ 1614.372134][ T1843] loop2: detected capacity change from 0 to 8
[ 1614.404054][  T539] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1614.774083][ T1911] loop0: detected capacity change from 0 to 24
[ 1614.782878][ T1909] EXT4-fs warning (device sda1): ext4_group_extend:1860: can't shrink FS - resize aborted
[ 1614.852748][ T1911] romfs: Unknown parameter 'cpuset.effective_mems'
[ 1614.878465][T26458] Bluetooth: hci3: command tx timeout
[ 1614.982187][ T1911] netlink: 'syz.0.2402': attribute type 9 has an invalid length.
[ 1615.149161][ T1927] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2397'.
[ 1615.196194][ T1711] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1615.207131][ T1711] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1615.223899][ T1711] bridge_slave_0: entered allmulticast mode
[ 1615.233329][ T1711] bridge_slave_0: entered promiscuous mode
[ 1615.283167][ T1711] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1615.291080][ T1711] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1615.298956][ T1711] bridge_slave_1: entered allmulticast mode
[ 1615.308824][ T1711] bridge_slave_1: entered promiscuous mode
[ 1615.591927][ T1711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1615.664450][ T1974] loop2: detected capacity change from 0 to 512
[ 1615.705533][ T1974] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1615.716357][ T1711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1615.906096][ T1711] team0: Port device team_slave_0 added
[ 1615.914199][ T1979] FAULT_INJECTION: forcing a failure.
[ 1615.914199][ T1979] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1615.928849][ T1979] CPU: 0 UID: 0 PID: 1979 Comm: syz.3.2405 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1615.940987][ T1979] Tainted: [W]=WARN
[ 1615.944971][ T1979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1615.955327][ T1979] Call Trace:
[ 1615.958771][ T1979]  <TASK>
[ 1615.961873][ T1979]  dump_stack_lvl+0x216/0x2d0
[ 1615.967012][ T1979]  dump_stack+0x1e/0x30
[ 1615.971554][ T1979]  should_fail_ex+0x748/0x7f0
[ 1615.976578][ T1979]  should_fail+0x2a/0x40
[ 1615.981109][ T1979]  should_fail_usercopy+0x2e/0x40
[ 1615.986454][ T1979]  _copy_to_user+0x33/0x110
[ 1615.991246][ T1979]  simple_read_from_buffer+0x199/0x340
[ 1615.996991][ T1979]  proc_fail_nth_read+0x1e5/0x2c0
[ 1616.002356][ T1979]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1616.008187][ T1979]  vfs_read+0x29b/0xf60
[ 1616.012612][ T1979]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1616.018060][ T1979]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1616.024703][ T1979]  ksys_read+0x24f/0x4c0
[ 1616.029318][ T1979]  __x64_sys_read+0x93/0xe0
[ 1616.034101][ T1979]  x64_sys_call+0x3055/0x3ba0
[ 1616.039086][ T1979]  do_syscall_64+0xcd/0x1e0
[ 1616.043884][ T1979]  ? clear_bhb_loop+0x25/0x80
[ 1616.048821][ T1979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1616.055020][ T1979] RIP: 0033:0x7f995417ca3c
[ 1616.059666][ T1979] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1616.079555][ T1979] RSP: 002b:00007f9954ead030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1616.088277][ T1979] RAX: ffffffffffffffda RBX: 00007f9954335f80 RCX: 00007f995417ca3c
[ 1616.096484][ T1979] RDX: 000000000000000f RSI: 00007f9954ead0a0 RDI: 0000000000000004
[ 1616.104686][ T1979] RBP: 00007f9954ead090 R08: 0000000000000000 R09: 0000000000000000
[ 1616.112881][ T1979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1616.121068][ T1979] R13: 0000000000000000 R14: 00007f9954335f80 R15: 00007ffe12fb7738
[ 1616.129283][ T1979]  </TASK>
[ 1616.132609][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1616.167807][ T1711] team0: Port device team_slave_1 added
[ 1616.245151][ T1974] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1616.259372][ T1974] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1616.418245][ T1711] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1616.425649][ T1711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1616.457602][ T1711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1616.477272][ T1711] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1616.484630][ T1711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1616.510712][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1616.520874][ T1711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1616.954941][T26458] Bluetooth: hci3: command tx timeout
[ 1617.224206][ T1711] hsr_slave_0: entered promiscuous mode
[ 1617.379539][ T1711] hsr_slave_1: entered promiscuous mode
[ 1617.443216][ T1711] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1617.451163][ T1711] Cannot create hsr debugfs directory
[ 1617.499286][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1617.870265][ T2090] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2412'.
[ 1617.897746][ T2089] loop1: detected capacity change from 0 to 8
[ 1618.610012][ T2042] loop0: detected capacity change from 0 to 32768
[ 1618.624394][ T2042] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2409 (2042)
[ 1618.681056][ T2042] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1618.691667][ T2042] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[ 1618.707427][ T2042] BTRFS info (device loop0): using free-space-tree
[ 1618.917980][ T2180] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1618.927263][ T2180] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1618.936505][ T2180] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1618.947758][ T2180] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1618.959374][ T2180] vxlan0: entered promiscuous mode
[ 1619.029696][T26458] Bluetooth: hci3: command tx timeout
[ 1619.173892][ T2042] loop0: detected capacity change from 32768 to 0
[ 1619.182592][ T2041] delete_channel: no stack
[ 1619.638897][ T1711] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1619.653198][ T4359] kworker/u8:27: attempt to access beyond end of device
[ 1619.653198][ T4359] loop0: rw=67112961, sector=10440, nr_sectors = 8 limit=0
[ 1619.667801][ T4359] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[ 1619.678361][ T4359] kworker/u8:27: attempt to access beyond end of device
[ 1619.678361][ T4359] loop0: rw=67112961, sector=10448, nr_sectors = 8 limit=0
[ 1619.692867][ T4359] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[ 1619.703555][ T4359] kworker/u8:27: attempt to access beyond end of device
[ 1619.703555][ T4359] loop0: rw=67112961, sector=13448, nr_sectors = 8 limit=0
[ 1619.717946][ T4359] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[ 1619.737463][T26421] BTRFS error (device loop0): failed to run delayed ref for logical 6885376 num_bytes 4096 type 176 action 1 ref_mod 1: -5
[ 1619.738180][ T1711] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1619.753176][T26421] BTRFS error (device loop0 state A): Transaction aborted (error -5)
[ 1619.768154][T26421] BTRFS: error (device loop0 state A) in btrfs_run_delayed_refs:2199: errno=-5 IO failure
[ 1619.779890][T26421] BTRFS info (device loop0 state EA): forced readonly
[ 1619.806456][T26421] BTRFS info (device loop0 state EA): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1619.848843][ T1711] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1619.884055][ T1711] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1620.118659][ T2232] loop2: detected capacity change from 0 to 512
[ 1620.156766][ T2232] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1620.250036][ T2209] Process accounting resumed
[ 1620.464379][ T1711] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1620.557022][ T1711] 8021q: adding VLAN 0 to HW filter on device team0
[ 1620.676738][ T1711] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1620.687589][ T1711] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1620.750607][ T2245] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2421'.
[ 1620.868445][ T3281] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1620.876246][ T3281] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1620.896672][ T3281] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1620.904587][ T3281] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1621.012835][ T2232] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1621.026264][ T2232] ext4 filesystem being mounted at /42/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1621.321153][ T2260] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2424'.
[ 1621.334777][ T2254] loop1: detected capacity change from 0 to 8
[ 1621.634493][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1621.824240][ T2264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1621.864067][ T2264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1622.104823][ T1711] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1623.532714][ T2294] netlink: 51 bytes leftover after parsing attributes in process `syz.1.2431'.
[ 1623.542798][ T2294] tipc: Started in network mode
[ 1623.548091][ T2294] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[ 1623.557015][ T2294] tipc: Enabled bearer <eth:vlan0>, priority 10
[ 1624.014468][ T2280] loop2: detected capacity change from 0 to 32768
[ 1624.054818][ T2280] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2427 (2280)
[ 1624.075973][ T2280] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1624.086653][ T2280] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[ 1624.096984][ T2280] BTRFS info (device loop2): using free-space-tree
[ 1624.216180][ T2309] loop1: detected capacity change from 0 to 512
[ 1624.239328][ T2309] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1624.270568][ T2316] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2435'.
[ 1624.561786][ T2309] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1624.575263][ T2309] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1624.598922][ T2330] loop0: detected capacity change from 0 to 8
[ 1624.672896][T27981] tipc: Node number set to 10005162
[ 1624.785752][ T2279] delete_channel: no stack
[ 1625.059070][ T1711] veth0_vlan: entered promiscuous mode
[ 1625.094787][ T1711] veth1_vlan: entered promiscuous mode
[ 1625.129085][T31458] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1625.260963][ T1711] veth0_macvtap: entered promiscuous mode
[ 1625.321061][ T1711] veth1_macvtap: entered promiscuous mode
[ 1625.370111][  T539] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1625.446755][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.458460][ T2347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1625.476023][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.486572][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.497390][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.511192][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.523204][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.533648][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.544404][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.554541][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.571112][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.583320][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.594132][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.604336][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1625.615145][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.630229][ T1711] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1625.631192][ T2347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1625.657867][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.673451][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.685085][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.695853][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.706324][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.719149][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.731909][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.744208][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.754423][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.769824][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.781880][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.793253][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.803525][ T1711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1625.814358][ T1711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1625.830356][ T1711] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1625.946427][ T1711] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1625.958082][ T1711] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1625.972826][ T1711] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1625.991775][ T1711] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1626.024168][ T2347] FAULT_INJECTION: forcing a failure.
[ 1626.024168][ T2347] name failslab, interval 1, probability 0, space 0, times 0
[ 1626.038671][ T2347] CPU: 1 UID: 0 PID: 2347 Comm: syz.3.2442 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1626.050835][ T2347] Tainted: [W]=WARN
[ 1626.054830][ T2347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1626.065122][ T2347] Call Trace:
[ 1626.068583][ T2347]  <TASK>
[ 1626.071706][ T2347]  dump_stack_lvl+0x216/0x2d0
[ 1626.076708][ T2347]  dump_stack+0x1e/0x30
[ 1626.081152][ T2347]  should_fail_ex+0x748/0x7f0
[ 1626.086139][ T2347]  should_failslab+0x17f/0x210
[ 1626.091191][ T2347]  __kmalloc_noprof+0x175/0xf30
[ 1626.096363][ T2347]  ? tomoyo_realpath_from_path+0x104/0xaa0
[ 1626.102487][ T2347]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1626.108032][ T2347]  tomoyo_realpath_from_path+0x104/0xaa0
[ 1626.113991][ T2347]  ? __srcu_read_lock+0x76/0xd0
[ 1626.119160][ T2347]  tomoyo_path_number_perm+0x1d9/0x8f0
[ 1626.124959][ T2347]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1626.130452][ T2347]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1626.135936][ T2347]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1626.142137][ T2347]  tomoyo_file_ioctl+0x3f/0x50
[ 1626.147162][ T2347]  security_file_ioctl+0x145/0x590
[ 1626.152595][ T2347]  __se_sys_ioctl+0xd3/0x450
[ 1626.157488][ T2347]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1626.163569][ T2347]  __x64_sys_ioctl+0x96/0xe0
[ 1626.168431][ T2347]  x64_sys_call+0x18bf/0x3ba0
[ 1626.173400][ T2347]  do_syscall_64+0xcd/0x1e0
[ 1626.178193][ T2347]  ? clear_bhb_loop+0x25/0x80
[ 1626.183130][ T2347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1626.189351][ T2347] RIP: 0033:0x7f995417dff9
[ 1626.193992][ T2347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1626.213874][ T2347] RSP: 002b:00007f9954ead038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1626.222575][ T2347] RAX: ffffffffffffffda RBX: 00007f9954335f80 RCX: 00007f995417dff9
[ 1626.230784][ T2347] RDX: 0000000020000080 RSI: 000000000000541c RDI: 0000000000000009
[ 1626.238977][ T2347] RBP: 00007f9954ead090 R08: 0000000000000000 R09: 0000000000000000
[ 1626.247174][ T2347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1626.255367][ T2347] R13: 0000000000000000 R14: 00007f9954335f80 R15: 00007ffe12fb7738
[ 1626.263723][ T2347]  </TASK>
[ 1626.311307][ T2347] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1627.871133][T27981] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1628.410284][ T2401] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2446'.
[ 1628.738556][ T2378] loop2: detected capacity change from 0 to 32768
[ 1628.764322][ T2378] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2440 (2378)
[ 1628.796526][ T2404] dlm: non-version read from control device 8224
[ 1628.891985][ T2378] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1628.903094][ T2378] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[ 1628.913374][ T2378] BTRFS info (device loop2): using free-space-tree
[ 1628.921939][T27981] usb 2-1: Using ep0 maxpacket: 8
[ 1628.926570][ T2406] loop3: detected capacity change from 0 to 8
[ 1629.083470][T27981] usb 2-1: device descriptor read/all, error -71
[ 1629.524900][ T2431] loop1: detected capacity change from 0 to 512
[ 1629.646569][ T2431] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1629.853019][ T2431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1629.871873][ T2431] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1630.313274][ T2378] loop2: detected capacity change from 32768 to 0
[ 1630.754101][  T539] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1630.849227][ T3281] kworker/u8:15: attempt to access beyond end of device
[ 1630.849227][ T3281] loop2: rw=67112961, sector=10456, nr_sectors = 8 limit=0
[ 1630.864068][ T3281] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[ 1630.875377][ T9107] kworker/u8:5: attempt to access beyond end of device
[ 1630.875377][ T9107] loop2: rw=67112961, sector=10464, nr_sectors = 8 limit=0
[ 1630.893948][ T9107] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[ 1630.912156][   T60] kworker/u8:4: attempt to access beyond end of device
[ 1630.912156][   T60] loop2: rw=67112961, sector=10472, nr_sectors = 8 limit=0
[ 1630.926642][   T60] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[ 1630.953484][ T4359] kworker/u8:27: attempt to access beyond end of device
[ 1630.953484][ T4359] loop2: rw=67112961, sector=13448, nr_sectors = 8 limit=0
[ 1630.968067][ T4359] BTRFS error (device loop2): bdev /dev/loop2 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[ 1630.978947][T31458] BTRFS error (device loop2 state A): Transaction aborted (error -5)
[ 1630.992084][T31458] BTRFS: error (device loop2 state A) in __btrfs_free_extent:3210: errno=-5 IO failure
[ 1631.003687][T31458] BTRFS info (device loop2 state EA): forced readonly
[ 1631.010955][T31458] BTRFS error (device loop2 state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5
[ 1631.025244][T31458] BTRFS: error (device loop2 state EA) in btrfs_run_delayed_refs:2199: errno=-5 IO failure
[ 1631.081808][ T2438] BTRFS: error (device loop2 state EAL) in free_log_tree:3269: errno=-5 IO failure
[ 1631.263761][T31458] BTRFS info (device loop2 state EAL): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1631.306723][ T2427] loop3: detected capacity change from 0 to 32768
[ 1631.320974][ T2427] BTRFS: device /dev/loop3 (7:3) using temp-fsid 6e8a6204-d0bc-4027-a4e1-7961d1ab5225
[ 1631.331280][ T2427] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2449 (2427)
[ 1631.373018][ T2427] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1631.384373][ T2427] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[ 1631.401187][ T2427] BTRFS info (device loop3): using free-space-tree
[ 1631.995779][ T2426] delete_channel: no stack
[ 1632.181995][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[ 1632.518182][T28238] BTRFS info (device loop3): last unmount of filesystem 6e8a6204-d0bc-4027-a4e1-7961d1ab5225
[ 1632.979510][ T2483] loop2: detected capacity change from 0 to 2048
[ 1633.566793][ T2486] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1634.524025][ T2490] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2455'.
[ 1634.931622][   T29] audit: type=1800 audit(1727608002.732:425): pid=2483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2451" name="bus" dev="loop2" ino=2097152 res=0 errno=0
[ 1634.969607][ T9079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1634.982201][ T9079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1635.175249][ T2498] NILFS (loop2): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[ 1635.187130][   T29] audit: type=1800 audit(1727608002.852:426): pid=2498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2451" name="file2" dev="loop2" ino=16 res=0 errno=0
[ 1635.219884][ T2498] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=16)
[ 1635.326805][ T2498] Remounting filesystem read-only
[ 1635.435935][ T9079] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1635.444346][ T9079] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1635.559708][ T2509] loop3: detected capacity change from 0 to 256
[ 1635.678481][T31458] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[ 1635.759427][ T2507] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2456'.
[ 1636.018464][ T2517] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2457'.
[ 1636.073713][ T2516] loop4: detected capacity change from 0 to 1024
[ 1636.150139][ T2519] loop0: detected capacity change from 0 to 8
[ 1636.403176][ T2523] loop2: detected capacity change from 0 to 1024
[ 1636.498106][ T2523] hfsplus: xattr searching failed
[ 1636.563116][ T2527] loop3: detected capacity change from 0 to 512
[ 1636.611747][ T2527] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1636.703726][ T2523] hfsplus: b-tree write err: -5, ino 3
[ 1636.762675][ T2527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1636.775980][ T2527] ext4 filesystem being mounted at /160/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1637.692616][T28238] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1638.379413][ T2553] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1638.411822][ T2553] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1638.575023][T27981] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[ 1638.762435][T27981] usb 5-1: Using ep0 maxpacket: 8
[ 1638.796477][ T2537] loop0: detected capacity change from 0 to 32768
[ 1638.810654][ T2537] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2462 (2537)
[ 1638.851182][ T2537] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1638.855896][T27981] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1638.863724][ T2537] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[ 1638.876930][T27981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1638.877076][T27981] usb 5-1: Product: syz
[ 1638.877185][T27981] usb 5-1: Manufacturer: syz
[ 1638.877300][T27981] usb 5-1: SerialNumber: syz
[ 1638.912753][ T2537] BTRFS info (device loop0): using free-space-tree
[ 1638.953267][T27981] usb 5-1: config 0 descriptor??
[ 1639.201149][T27981] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1639.418179][ T2536] delete_channel: no stack
[ 1639.562358][ T2589] usb usb8: check_ctrlrecip: process 2589 (syz.1.2470) requesting ep 01 but needs 81
[ 1639.572398][ T2589] usb usb8: usbfs: process 2589 (syz.1.2470) did not claim interface 0 before use
[ 1639.712569][   T29] audit: type=1326 audit(1727608007.562:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2588 comm="syz.1.2470" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1c1cb7dff9 code=0x20000000
[ 1639.812434][ T2591] loop2: detected capacity change from 0 to 8
[ 1639.951734][T26421] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1640.249342][ T2593] loop3: detected capacity change from 0 to 128
[ 1640.514198][ T2593] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1640.565928][ T2593] ext4 filesystem being mounted at /162/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1640.600298][T27981] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1640.736966][ T2593] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2473'.
[ 1641.115533][ T2601] loop2: detected capacity change from 0 to 4096
[ 1641.348627][T28238] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1641.763491][T27971] usb 5-1: USB disconnect, device number 54
[ 1642.097415][ T2623] loop4: detected capacity change from 0 to 128
[ 1642.182929][ T2619] loop3: detected capacity change from 0 to 1024
[ 1642.282394][ T2619] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1642.400989][T27971] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1642.907510][T27971] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1642.919645][T27971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1642.931490][T27971] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1642.940973][T27971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1643.093368][T27971] usb 5-1: config 0 descriptor??
[ 1643.467838][ T2623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1643.554536][ T2623] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1643.679949][ T2637] loop1: detected capacity change from 0 to 16
[ 1643.721749][T27971] ath6kl: Failed to submit usb control message: -71
[ 1643.728754][T27971] ath6kl: unable to send the bmi data to the device: -71
[ 1643.736161][T27971] ath6kl: Unable to send get target info: -71
[ 1643.777561][ T2637] erofs: (device loop1): mounted with root inode @ nid 36.
[ 1643.818587][T27971] ath6kl: Failed to init ath6kl core: -71
[ 1643.829745][T27971] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1643.881839][   T29] audit: type=1800 audit(1727608011.732:428): pid=2637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2478" name="file0" dev="loop1" ino=49 res=0 errno=0
[ 1643.952989][T27971] usb 5-1: USB disconnect, device number 55
[ 1644.072839][ T2630] loop2: detected capacity change from 0 to 4096
[ 1644.114969][ T2630] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[ 1644.461252][ T5198] Bluetooth: hci1: command 0x0406 tx timeout
[ 1644.829706][ T2654] loop3: detected capacity change from 0 to 1024
[ 1644.878469][ T2656] loop1: detected capacity change from 0 to 1024
[ 1645.001414][ T2654] EXT4-fs: Ignoring removed oldalloc option
[ 1645.009336][ T2656] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1645.097106][ T2654] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[ 1645.467597][ T2654] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1645.921123][ T2673] loop1: detected capacity change from 0 to 8
[ 1646.517009][ T2657] loop0: detected capacity change from 0 to 32768
[ 1646.544829][ T2657] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2481 (2657)
[ 1646.602876][ T2657] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1646.615376][ T2657] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[ 1646.625692][ T2657] BTRFS info (device loop0): using free-space-tree
[ 1646.842888][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1647.173265][T28238] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1647.478406][   T29] audit: type=1804 audit(1727608015.332:429): pid=2657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2481" name="/newroot/176/bus/bus" dev="loop0" ino=263 res=1 errno=0
[ 1647.612440][ T2653] delete_channel: no stack
[ 1647.636276][ T2712] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2490'.
[ 1648.173059][T26421] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1648.532176][T27971] usb 5-1: new low-speed USB device number 56 using dummy_hcd
[ 1649.555721][ T2710] loop1: detected capacity change from 0 to 32768
[ 1650.611240][ T2741] loop2: detected capacity change from 0 to 1024
[ 1650.677370][ T2741] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1651.515643][ T2757] loop1: detected capacity change from 0 to 8
[ 1653.493835][ T2756] loop2: detected capacity change from 0 to 32768
[ 1653.582584][ T2756] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2498 (2756)
[ 1654.494675][T27971] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1654.556902][ T2768] loop1: detected capacity change from 0 to 32768
[ 1654.567025][ T2768] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2501 (2768)
[ 1654.622221][ T2768] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1654.632911][ T2768] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[ 1654.651883][ T2768] BTRFS info (device loop1): using free-space-tree
[ 1654.680959][T27971] usb 5-1: Using ep0 maxpacket: 8
[ 1654.698926][T27971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1654.711020][T27971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1654.721447][T27971] usb 5-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[ 1654.730924][T27971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1654.758005][T27971] usb 5-1: config 0 descriptor??
[ 1655.177544][ T2763] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1655.281148][ T2763] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1655.391091][T27971] usbhid 5-1:0.0: can't add hid device: -71
[ 1655.397851][T27971] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1655.428180][T27971] usb 5-1: USB disconnect, device number 57
[ 1655.547418][   T29] audit: type=1804 audit(1727608023.402:430): pid=2802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2501" name="/newroot/43/bus/bus" dev="loop1" ino=263 res=1 errno=0
[ 1655.619713][ T2806] netlink: 'syz.2.2504': attribute type 3 has an invalid length.
[ 1655.743354][ T2767] delete_channel: no stack
[ 1655.882139][ T2808] FAULT_INJECTION: forcing a failure.
[ 1655.882139][ T2808] name failslab, interval 1, probability 0, space 0, times 0
[ 1655.895479][ T2808] CPU: 0 UID: 0 PID: 2808 Comm: syz.2.2505 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1655.907629][ T2808] Tainted: [W]=WARN
[ 1655.911629][ T2808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1655.921933][ T2808] Call Trace:
[ 1655.925415][ T2808]  <TASK>
[ 1655.928517][ T2808]  dump_stack_lvl+0x216/0x2d0
[ 1655.933575][ T2808]  dump_stack+0x1e/0x30
[ 1655.938021][ T2808]  should_fail_ex+0x748/0x7f0
[ 1655.942988][ T2808]  should_failslab+0x17f/0x210
[ 1655.948007][ T2808]  __kmalloc_noprof+0x175/0xf30
[ 1655.953148][ T2808]  ? fib6_info_alloc+0x4d/0x1b0
[ 1655.958294][ T2808]  ? __rcu_read_unlock+0x7b/0xe0
[ 1655.963520][ T2808]  fib6_info_alloc+0x4d/0x1b0
[ 1655.968458][ T2808]  ? ip6_route_info_create+0x7f0/0x2090
[ 1655.974311][ T2808]  ip6_route_info_create+0x848/0x2090
[ 1655.980016][ T2808]  ip6_route_add+0x48/0x370
[ 1655.984930][ T2808]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1655.991018][ T2808]  ipv6_route_ioctl+0x6a4/0x6f0
[ 1655.996207][ T2808]  inet6_ioctl+0x2cf/0x370
[ 1656.000914][ T2808]  ? __pfx_inet6_ioctl+0x10/0x10
[ 1656.006122][ T2808]  sock_do_ioctl+0xb7/0x540
[ 1656.010917][ T2808]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1656.016378][ T2808]  sock_ioctl+0x721/0xd70
[ 1656.020997][ T2808]  ? __pfx_sock_ioctl+0x10/0x10
[ 1656.026127][ T2808]  __se_sys_ioctl+0x25e/0x450
[ 1656.031092][ T2808]  __x64_sys_ioctl+0x96/0xe0
[ 1656.035956][ T2808]  x64_sys_call+0x18bf/0x3ba0
[ 1656.040919][ T2808]  do_syscall_64+0xcd/0x1e0
[ 1656.045695][ T2808]  ? clear_bhb_loop+0x25/0x80
[ 1656.050633][ T2808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1656.056853][ T2808] RIP: 0033:0x7fe21c57dff9
[ 1656.061491][ T2808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1656.081568][ T2808] RSP: 002b:00007fe21d337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1656.090373][ T2808] RAX: ffffffffffffffda RBX: 00007fe21c735f80 RCX: 00007fe21c57dff9
[ 1656.098578][ T2808] RDX: 0000000020000080 RSI: 000000000000890b RDI: 0000000000000005
[ 1656.107035][ T2808] RBP: 00007fe21d337090 R08: 0000000000000000 R09: 0000000000000000
[ 1656.115231][ T2808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1656.123467][ T2808] R13: 0000000000000000 R14: 00007fe21c735f80 R15: 00007ffe7e277268
[ 1656.131716][ T2808]  </TASK>
[ 1656.566492][  T539] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1659.124775][ T2837] loop0: detected capacity change from 0 to 32768
[ 1659.221637][ T2837] BTRFS: device /dev/loop0 (7:0) using temp-fsid 0c97dde1-b9c0-47b9-ba12-dcc981a0cea5
[ 1659.231778][ T2837] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2512 (2837)
[ 1659.317236][ T2837] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1659.327877][ T2837] BTRFS info (device loop0): using sha256 (sha256-generic) checksum algorithm
[ 1659.339196][ T2837] BTRFS info (device loop0): using free-space-tree
[ 1659.873222][ T2845] loop2: detected capacity change from 0 to 256
[ 1659.910739][ T2849] loop1: detected capacity change from 0 to 1024
[ 1659.930276][ T2849] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1660.393900][ T2837] BTRFS error (device loop0): open_ctree failed
[ 1660.407832][ T2845] FAULT_INJECTION: forcing a failure.
[ 1660.407832][ T2845] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.421231][ T2845] CPU: 1 UID: 0 PID: 2845 Comm: syz.2.2515 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1660.433643][ T2845] Tainted: [W]=WARN
[ 1660.437638][ T2845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1660.448020][ T2845] Call Trace:
[ 1660.451660][ T2845]  <TASK>
[ 1660.454773][ T2845]  dump_stack_lvl+0x216/0x2d0
[ 1660.459780][ T2845]  dump_stack+0x1e/0x30
[ 1660.464232][ T2845]  should_fail_ex+0x748/0x7f0
[ 1660.469226][ T2845]  should_failslab+0x17f/0x210
[ 1660.474267][ T2845]  kmem_cache_alloc_noprof+0xe2/0xb20
[ 1660.479948][ T2845]  ? filter_irq_stacks+0x164/0x1a0
[ 1660.485401][ T2845]  ? getname_flags+0x102/0xa30
[ 1660.490447][ T2845]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1660.496538][ T2845]  getname_flags+0x102/0xa30
[ 1660.501419][ T2845]  getname+0x30/0x40
[ 1660.505570][ T2845]  do_sys_openat2+0xc3/0x2f0
[ 1660.510431][ T2845]  __x64_sys_openat+0x2a1/0x310
[ 1660.515603][ T2845]  x64_sys_call+0x120e/0x3ba0
[ 1660.520626][ T2845]  do_syscall_64+0xcd/0x1e0
[ 1660.525445][ T2845]  ? clear_bhb_loop+0x25/0x80
[ 1660.530394][ T2845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1660.536634][ T2845] RIP: 0033:0x7fe21c57c990
[ 1660.541314][ T2845] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[ 1660.561409][ T2845] RSP: 002b:00007fe21d336b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1660.570148][ T2845] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe21c57c990
[ 1660.578364][ T2845] RDX: 0000000000000000 RSI: 00007fe21d336c10 RDI: 00000000ffffff9c
[ 1660.586587][ T2845] RBP: 00007fe21d336c10 R08: 0000000000000000 R09: 0000000000000000
[ 1660.594821][ T2845] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1660.603027][ T2845] R13: 0000000000000000 R14: 00007fe21c735f80 R15: 00007ffe7e277268
[ 1660.611275][ T2845]  </TASK>
[ 1662.359927][ T2866] loop3: detected capacity change from 0 to 32768
[ 1662.409631][ T2866] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2518 (2866)
[ 1662.457257][ T2866] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1662.471658][ T2866] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[ 1662.483547][ T2866] BTRFS info (device loop3): using free-space-tree
[ 1663.187644][ T2866] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[ 1663.188647][ T2866] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[ 1663.198688][ T2866] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[ 1663.209263][ T2866] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[ 1663.220232][ T2866] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1663.231112][ T2866] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1663.331171][ T2866] BTRFS error (device loop3): open_ctree failed
[ 1663.413093][ T2866] delete_channel: no stack
[ 1664.044728][ T2930] loop4: detected capacity change from 0 to 1024
[ 1664.161260][ T2930] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1665.631739][T27971] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[ 1665.930791][T27971] usb 3-1: Using ep0 maxpacket: 16
[ 1665.996510][T27971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1666.014415][T27971] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1666.027632][T27971] usb 3-1: New USB device found, idVendor=22d4, idProduct=1503, bcdDevice= 0.00
[ 1666.037302][T27971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1666.304988][T27971] usb 3-1: config 0 descriptor??
[ 1666.458601][ T2945] loop3: detected capacity change from 0 to 32768
[ 1666.472991][ T2945] BTRFS: device /dev/loop3 (7:3) using temp-fsid 607f8424-10f0-4b3d-9391-b2e4aad39663
[ 1666.483053][ T2945] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2530 (2945)
[ 1666.513132][ T2945] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1666.531691][ T2945] BTRFS info (device loop3): using sha256 (sha256-generic) checksum algorithm
[ 1666.543289][ T2945] BTRFS info (device loop3): using free-space-tree
[ 1666.765648][ T2981] loop0: detected capacity change from 0 to 1024
[ 1666.911451][T27971] glorious 0003:22D4:1503.000F: hidraw0: USB HID v0.00 Device [Glorious Model I] on usb-dummy_hcd.2-1/input0
[ 1666.954946][ T2981] hfsplus: request for non-existent node 3 in B*Tree
[ 1666.962923][ T2981] hfsplus: request for non-existent node 3 in B*Tree
[ 1667.244614][   T29] audit: type=1800 audit(1727608035.092:431): pid=2981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2539" name="file0" dev="loop0" ino=2 res=0 errno=0
[ 1667.582413][T28238] BTRFS info (device loop3): last unmount of filesystem 607f8424-10f0-4b3d-9391-b2e4aad39663
[ 1668.618193][   T25] usb 3-1: USB disconnect, device number 50
[ 1668.766421][ T2983] loop1: detected capacity change from 0 to 32768
[ 1668.792788][ T2983] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2540 (2983)
[ 1668.860293][ T2983] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1668.871663][ T2983] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[ 1668.889775][ T2983] BTRFS info (device loop1): using free-space-tree
[ 1669.234166][ T3038] loop0: detected capacity change from 0 to 1024
[ 1669.326434][ T3038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1669.498027][   T29] audit: type=1804 audit(1727608037.352:432): pid=2983 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2540" name="/newroot/50/bus/bus" dev="loop1" ino=263 res=1 errno=0
[ 1669.508658][ T2982] delete_channel: no stack
[ 1669.775679][ T3051] loop3: detected capacity change from 0 to 512
[ 1669.857867][ T3051] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1669.868527][ T3051] EXT4-fs: Ignoring removed nobh option
[ 1670.014086][ T3051] EXT4-fs: Mount option(s) incompatible with ext3
[ 1670.135892][  T539] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1671.685982][ T3047] loop2: detected capacity change from 0 to 32768
[ 1671.707425][ T3047] bcachefs (/dev/loop2): error validating superblock: Invalid superblock: member info area missing
[ 1671.719742][ T3047] bcachefs: bch2_fs_get_tree() error: invalid_sb_members_missing
[ 1672.230151][ T3047] team0: Device gre0 is of different type
[ 1672.413052][ T3057] loop0: detected capacity change from 0 to 32768
[ 1672.423339][ T3057] BTRFS: device /dev/loop0 (7:0) using temp-fsid b01b248f-4682-4019-b74f-de94e48d478b
[ 1672.433384][ T3057] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2550 (3057)
[ 1672.504552][ T3057] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1672.515316][ T3057] BTRFS info (device loop0): using sha256 (sha256-generic) checksum algorithm
[ 1672.516298][ T3067] loop4: detected capacity change from 0 to 128
[ 1672.526396][ T3057] BTRFS info (device loop0): using free-space-tree
[ 1672.726796][ T3071] loop3: detected capacity change from 0 to 47
[ 1673.080294][ T3077] loop2: detected capacity change from 0 to 512
[ 1673.093166][ T3077] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1673.219669][ T3088] tmpfs: Unknown parameter 'g†pino�G_hardli'
[ 1673.259240][   T29] audit: type=1800 audit(1727608041.122:433): pid=3067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2551" name="hfsplus" dev="loop4" ino=1048939 res=0 errno=0
[ 1673.360291][ T3057] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1673.388168][   T29] audit: type=1326 audit(1727608041.232:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3087 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995417dff9 code=0x7ffc0000
[ 1673.398493][ T3077] EXT4-fs (loop2): 1 truncate cleaned up
[ 1673.400063][ T3077] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1673.421654][   T29] audit: type=1326 audit(1727608041.232:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3087 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f995417dff9 code=0x7ffc0000
[ 1673.463339][   T29] audit: type=1326 audit(1727608041.232:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3087 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995417dff9 code=0x7ffc0000
[ 1673.491275][   T29] audit: type=1326 audit(1727608041.232:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3087 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f995417dff9 code=0x7ffc0000
[ 1673.516255][   T29] audit: type=1326 audit(1727608041.232:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3087 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995417dff9 code=0x7ffc0000
[ 1673.539269][   T29] audit: type=1326 audit(1727608041.242:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3087 comm="syz.3.2554" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f995417dff9 code=0x7ffc0000
[ 1673.611428][ T3057] BTRFS error (device loop0): open_ctree failed
[ 1673.772407][ T3077] pim6reg1: entered promiscuous mode
[ 1673.777964][ T3077] pim6reg1: entered allmulticast mode
[ 1674.191137][ T3077] tipc: Started in network mode
[ 1674.196446][ T3077] tipc: Node identity 962d0c9324b6, cluster identity 4711
[ 1674.213886][ T3077] tipc: Enabled bearer <eth:hsr0>, priority 10
[ 1674.807388][ T3122] loop3: detected capacity change from 0 to 16
[ 1674.865781][   T29] audit: type=1804 audit(1727608042.742:440): pid=3103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2553" name="/newroot/71/bus/bus" dev="loop2" ino=18 res=1 errno=0
[ 1674.888656][   T29] audit: type=1800 audit(1727608042.742:441): pid=3103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2553" name="bus" dev="loop2" ino=18 res=0 errno=0
[ 1674.908675][   T29] audit: type=1804 audit(1727608042.742:442): pid=3077 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2553" name="/newroot/71/bus/bus" dev="loop2" ino=18 res=1 errno=0
[ 1674.957767][ T3119] loop0: detected capacity change from 0 to 1024
[ 1675.081255][ T3119] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1675.288098][T27981] tipc: Node number set to 2996505747
[ 1675.598969][ T3124] loop4: detected capacity change from 0 to 512
[ 1675.660347][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1675.708613][ T3124] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1675.719441][ T3124] EXT4-fs: Ignoring removed nobh option
[ 1675.822204][ T3124] EXT4-fs: Mount option(s) incompatible with ext3
[ 1676.027228][ T3132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1676.081686][ T3132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1676.138642][ T3130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1676.233531][ T3130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1676.280011][ T3116] loop1: detected capacity change from 0 to 32768
[ 1676.335663][ T3116] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2559 (3116)
[ 1676.369473][ T3116] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1676.380203][ T3116] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[ 1676.390678][ T3116] BTRFS info (device loop1): using free-space-tree
[ 1676.532916][ T3148] netlink: 80 bytes leftover after parsing attributes in process `syz.2.2564'.
[ 1676.565193][ T3147] loop4: detected capacity change from 0 to 256
[ 1676.756060][T26458] Bluetooth: hci3: link tx timeout
[ 1676.767372][T26458] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1676.982452][ T3107] delete_channel: no stack
[ 1677.288796][  T539] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1677.555957][ T3185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1677.643234][ T3185] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1678.014291][T27981] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[ 1678.082525][ T3200] FAULT_INJECTION: forcing a failure.
[ 1678.082525][ T3200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1678.102270][ T3200] CPU: 0 UID: 0 PID: 3200 Comm: syz.0.2574 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1678.114480][ T3200] Tainted: [W]=WARN
[ 1678.118484][ T3200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1678.128791][ T3200] Call Trace:
[ 1678.132263][ T3200]  <TASK>
[ 1678.135402][ T3200]  dump_stack_lvl+0x216/0x2d0
[ 1678.140385][ T3200]  dump_stack+0x1e/0x30
[ 1678.144811][ T3200]  should_fail_ex+0x748/0x7f0
[ 1678.149813][ T3200]  should_fail+0x2a/0x40
[ 1678.154362][ T3200]  should_fail_usercopy+0x2e/0x40
[ 1678.159713][ T3200]  _copy_from_iter+0x1d8/0x2b40
[ 1678.164863][ T3200]  ? __module_address+0x4d/0x630
[ 1678.170092][ T3200]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1678.175660][ T3200]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1678.181320][ T3200]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1678.187410][ T3200]  ? tun_get_user+0x1148/0x6c60
[ 1678.192583][ T3200]  ? filter_irq_stacks+0x60/0x1a0
[ 1678.197965][ T3200]  copy_page_from_iter+0x3c8/0x7e0
[ 1678.203419][ T3200]  tun_get_user+0x1335/0x6c60
[ 1678.208431][ T3200]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1678.213908][ T3200]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1678.219380][ T3200]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1678.224492][ T3201] loop3: detected capacity change from 0 to 1024
[ 1678.225953][ T3200]  ? ref_tracker_alloc+0x3f0/0x7e0
[ 1678.237753][ T3200]  tun_chr_write_iter+0x3ac/0x5d0
[ 1678.243159][ T3200]  vfs_write+0xb28/0x1540
[ 1678.247796][ T3200]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1678.253677][ T3200]  ksys_write+0x24f/0x4c0
[ 1678.258315][ T3200]  __x64_sys_write+0x93/0xe0
[ 1678.263234][ T3200]  x64_sys_call+0x306a/0x3ba0
[ 1678.268239][ T3200]  do_syscall_64+0xcd/0x1e0
[ 1678.273040][ T3200]  ? clear_bhb_loop+0x25/0x80
[ 1678.277993][ T3200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1678.284249][ T3200] RIP: 0033:0x7f5485d7cadf
[ 1678.288918][ T3200] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[ 1678.308839][ T3200] RSP: 002b:00007f5486abb000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1678.317597][ T3200] RAX: ffffffffffffffda RBX: 00007f5485f35f80 RCX: 00007f5485d7cadf
[ 1678.325855][ T3200] RDX: 0000000000000138 RSI: 0000000020000000 RDI: 00000000000000c8
[ 1678.334199][ T3200] RBP: 00007f5486abb090 R08: 0000000000000000 R09: 0000000000000000
[ 1678.335322][ T3201] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1678.342318][ T3200] R10: 0000000000000138 R11: 0000000000000293 R12: 0000000000000001
[ 1678.342414][ T3200] R13: 0000000000000000 R14: 00007f5485f35f80 R15: 00007ffc0a5affd8
[ 1678.342528][ T3200]  </TASK>
[ 1678.445508][T27981] usb 3-1: too many configurations: 253, using maximum allowed: 8
[ 1678.474572][ T3204] loop4: detected capacity change from 0 to 512
[ 1678.619861][ T3204] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1678.631230][ T3204] EXT4-fs: Ignoring removed nobh option
[ 1678.681990][T27981] usb 3-1: string descriptor 0 read error: -71
[ 1678.688980][T27981] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1678.698653][T27981] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1678.751012][ T3204] EXT4-fs: Mount option(s) incompatible with ext3
[ 1678.791123][T26458] Bluetooth: hci3: command 0x0406 tx timeout
[ 1678.801790][T27981] usb 3-1: can't set config #1, error -71
[ 1678.819837][T27981] usb 3-1: USB disconnect, device number 51
[ 1678.971272][   T25] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1680.017960][ T3235] loop2: detected capacity change from 0 to 1024
[ 1680.083678][ T3235] EXT4-fs: Ignoring removed orlov option
[ 1680.089992][ T3235] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1680.129689][ T3237] loop3: detected capacity change from 0 to 256
[ 1680.162989][   T25] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1680.172605][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1680.185412][   T25] usb 2-1: config 0 descriptor??
[ 1680.207669][ T3235] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[ 1680.282957][ T3235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1681.313101][ T3229] loop4: detected capacity change from 0 to 32768
[ 1681.326863][ T3229] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2579 (3229)
[ 1681.333722][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1681.381280][ T3229] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1681.392384][ T3229] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[ 1681.402997][ T3229] BTRFS info (device loop4): using free-space-tree
[ 1681.722258][   T25] usb 2-1: Cannot set autoneg
[ 1681.727817][   T25] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1681.748615][   T25] usb 2-1: USB disconnect, device number 52
[ 1681.909959][ T3272] loop3: detected capacity change from 0 to 1024
[ 1681.930899][ T3272] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1682.049006][ T3286] loop0: detected capacity change from 0 to 512
[ 1682.091234][ T3286] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1682.101702][ T3286] EXT4-fs: Ignoring removed nobh option
[ 1682.115948][ T3286] EXT4-fs: Mount option(s) incompatible with ext3
[ 1682.311500][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1682.311581][   T29] audit: type=1804 audit(1727608050.182:445): pid=3229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2579" name="/newroot/29/bus/bus" dev="loop4" ino=263 res=1 errno=0
[ 1682.381220][ T3227] delete_channel: no stack
[ 1682.709264][ T3307] loop3: detected capacity change from 0 to 256
[ 1682.749009][ T3307] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1682.761546][ T3307] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1682.862716][ T1711] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1682.981516][ T3307] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[ 1683.072744][ T3307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1683.092184][ T3307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1683.869158][ T3329] loop4: detected capacity change from 0 to 65
[ 1683.896544][ T3329] BFS-fs: bfs_fill_super(): NOTE: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway
[ 1684.399081][ T3337] futex_wake_op: syz.0.2599 tries to shift op by -1; fix this program
[ 1685.137696][ T3346] loop2: detected capacity change from 0 to 512
[ 1685.146662][ T3346] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1685.153377][ T3343] loop3: detected capacity change from 0 to 1024
[ 1685.173221][ T3346] EXT4-fs: Ignoring removed nobh option
[ 1685.204106][ T3343] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1685.211354][ T3346] EXT4-fs: Mount option(s) incompatible with ext3
[ 1685.431983][T26458] Bluetooth: hci5: command 0x0406 tx timeout
[ 1686.108332][ T3362] FAULT_INJECTION: forcing a failure.
[ 1686.108332][ T3362] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1686.123462][ T3362] CPU: 0 UID: 0 PID: 3362 Comm: syz.4.2605 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1686.135626][ T3362] Tainted: [W]=WARN
[ 1686.139615][ T3362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1686.149927][ T3362] Call Trace:
[ 1686.153407][ T3362]  <TASK>
[ 1686.156528][ T3362]  dump_stack_lvl+0x216/0x2d0
[ 1686.161530][ T3362]  dump_stack+0x1e/0x30
[ 1686.165985][ T3362]  should_fail_ex+0x748/0x7f0
[ 1686.171006][ T3362]  should_fail+0x2a/0x40
[ 1686.175543][ T3362]  should_fail_usercopy+0x2e/0x40
[ 1686.180875][ T3362]  _copy_from_user+0x33/0x160
[ 1686.185852][ T3362]  __sys_bpf+0x2dc/0xd90
[ 1686.190416][ T3362]  ? ksys_write+0x416/0x4c0
[ 1686.195215][ T3362]  __x64_sys_bpf+0xa0/0xe0
[ 1686.199944][ T3362]  x64_sys_call+0x2cce/0x3ba0
[ 1686.204931][ T3362]  do_syscall_64+0xcd/0x1e0
[ 1686.209732][ T3362]  ? clear_bhb_loop+0x25/0x80
[ 1686.214680][ T3362]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.220905][ T3362] RIP: 0033:0x7fb3cad7dff9
[ 1686.225564][ T3362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1686.245478][ T3362] RSP: 002b:00007fb3cbb1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1686.254220][ T3362] RAX: ffffffffffffffda RBX: 00007fb3caf35f80 RCX: 00007fb3cad7dff9
[ 1686.262555][ T3362] RDX: 0000000000000020 RSI: 0000000020000080 RDI: 0000000000000001
[ 1686.270894][ T3362] RBP: 00007fb3cbb1d090 R08: 0000000000000000 R09: 0000000000000000
[ 1686.279136][ T3362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1686.287366][ T3362] R13: 0000000000000000 R14: 00007fb3caf35f80 R15: 00007ffe1d5f5748
[ 1686.295623][ T3362]  </TASK>
[ 1687.318651][ T3348] loop0: detected capacity change from 0 to 32768
[ 1687.329912][ T3348] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2602 (3348)
[ 1687.386390][ T3348] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1687.397311][ T3348] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[ 1687.415458][ T3348] BTRFS info (device loop0): using free-space-tree
[ 1687.506743][ T3369] dccp_invalid_packet: P.type (CLOSEREQ) not Data || [Data]Ack, while P.X == 0
[ 1687.957272][ T3385] loop3: detected capacity change from 0 to 512
[ 1687.969306][ T3385] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1688.181810][ T3385] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1688.211325][ T3348] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[ 1688.212394][ T3348] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[ 1688.268179][ T3385] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2611: bg 0: block 248: padding at end of block bitmap is not set
[ 1688.305856][ T3385] Quota error (device loop3): write_blk: dquota write failed
[ 1688.315317][ T3385] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1688.326910][ T3385] EXT4-fs error (device loop3): ext4_acquire_dquot:6879: comm syz.3.2611: Failed to acquire dquot type 1
[ 1688.364870][ T3385] EXT4-fs (loop3): 1 truncate cleaned up
[ 1688.379219][ T3385] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1688.392216][ T3348] BTRFS error (device loop0): open_ctree failed
[ 1688.479480][ T3348] delete_channel: no stack
[ 1688.806647][ T9107] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1688.818448][ T9107] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1689.014431][ T3385] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.2611: deleted inode referenced: 12
[ 1689.117965][ T9107] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1689.130810][ T9107] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1689.378722][ T9107] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1689.389617][ T9107] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1689.622329][ T9107] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1689.633257][ T9107] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1689.846917][T26458] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1689.893072][T26458] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1690.091224][T26458] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1690.104478][T26458] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1690.115915][T26458] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1690.125192][T26458] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1690.223740][ T9107] bridge_slave_1: left allmulticast mode
[ 1690.229657][ T9107] bridge_slave_1: left promiscuous mode
[ 1690.236457][ T9107] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1690.267173][ T9107] bridge_slave_0: left allmulticast mode
[ 1690.273960][ T9107] bridge_slave_0: left promiscuous mode
[ 1690.288645][ T9107] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1690.498773][ T3441] loop0: detected capacity change from 0 to 512
[ 1690.552403][ T3441] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1690.558277][ T3416] loop2: detected capacity change from 0 to 2048
[ 1690.564134][ T3441] EXT4-fs: Ignoring removed nobh option
[ 1690.633159][ T3441] EXT4-fs: Mount option(s) incompatible with ext3
[ 1690.635707][ T3416] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1690.765417][   T29] audit: type=1800 audit(1727608058.642:446): pid=3416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2617" name="bus" dev="loop2" ino=1318 res=0 errno=0
[ 1691.142211][ T9107] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1691.193027][T28238] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1691.365251][ T9107] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1691.425840][ T9107] bond0 (unregistering): Released all slaves
[ 1691.681245][ T9107] tipc: Disabling bearer <eth:vlan0>
[ 1691.742978][ T9107] tipc: Left network mode
[ 1692.079632][ T3416] Process accounting resumed
[ 1692.201549][ T3454] loop3: detected capacity change from 0 to 256
[ 1692.213644][ T3454] vfat: Unknown parameter 'nonum'
[ 1692.309736][T26458] Bluetooth: hci4: command tx timeout
[ 1693.028389][ T3497] loop2: detected capacity change from 0 to 512
[ 1693.052196][ T3497] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1693.111293][ T3497] EXT4-fs (loop2): 1 truncate cleaned up
[ 1693.112930][ T3497] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1693.605446][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[ 1693.730326][ T9107] hsr_slave_0: left promiscuous mode
[ 1693.852574][ T9107] hsr_slave_1: left promiscuous mode
[ 1693.942066][ T9107] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1693.987018][ T9107] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1694.016138][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1694.029844][ T9107] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1694.038415][ T9107] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1694.123785][ T9107] veth1_macvtap: left promiscuous mode
[ 1694.129561][ T9107] veth0_macvtap: left promiscuous mode
[ 1694.136235][ T9107] veth1_vlan: left promiscuous mode
[ 1694.142025][ T9107] veth0_vlan: left promiscuous mode
[ 1694.381807][T26458] Bluetooth: hci4: command tx timeout
[ 1694.408616][ T3554] loop4: detected capacity change from 0 to 2048
[ 1694.591889][ T3554] EXT4-fs: mb_optimize_scan should be set to 0 or 1.
[ 1695.040969][ T3565] loop2: detected capacity change from 0 to 1024
[ 1695.315758][ T3565] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1695.578205][ T3569] loop4: detected capacity change from 0 to 128
[ 1696.043034][ T9107] team0 (unregistering): Port device team_slave_1 removed
[ 1696.199423][ T9107] team0 (unregistering): Port device team_slave_0 removed
[ 1696.354914][ T3559] loop0: detected capacity change from 0 to 32768
[ 1696.412531][ T3559] (syz.0.2629,3559,1):ocfs2_verify_heartbeat:814 ERROR: Cannot heartbeat on a locally mounted device.
[ 1696.452003][ T3559] (syz.0.2629,3559,1):ocfs2_fill_super:1178 ERROR: status = -22
[ 1696.610233][T26458] Bluetooth: hci4: command tx timeout
[ 1697.368183][ T3418] chnl_net:caif_netlink_parms(): no params data found
[ 1697.465778][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1697.645223][ T3646] loop0: detected capacity change from 0 to 2048
[ 1697.872884][ T3652] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5
[ 1697.874506][ T3646] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1698.060216][ T3652] loop4: detected capacity change from 0 to 1024
[ 1698.102974][ T3652] EXT4-fs: Ignoring removed i_version option
[ 1698.131460][ T3652] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1698.202209][ T3662] loop2: detected capacity change from 0 to 512
[ 1698.222458][ T3652] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1698.282049][ T3662] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945729 > max in inode 13
[ 1698.292909][ T3662] EXT4-fs warning (device loop2): ext4_block_to_path:107: block 3279945730 > max in inode 13
[ 1698.331226][ T3662] EXT4-fs (loop2): 1 truncate cleaned up
[ 1698.338947][ T3662] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1698.554998][T26421] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1698.636318][ T3418] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1698.640560][T26458] Bluetooth: hci4: command tx timeout
[ 1698.644072][ T3418] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1698.657834][ T3418] bridge_slave_0: entered allmulticast mode
[ 1698.672763][ T3418] bridge_slave_0: entered promiscuous mode
[ 1698.701827][ T3418] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1698.709515][ T3418] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1698.719131][ T3418] bridge_slave_1: entered allmulticast mode
[ 1698.728481][ T3418] bridge_slave_1: entered promiscuous mode
[ 1698.989973][ T3418] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1699.052292][ T3418] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1699.123624][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1699.343145][ T3418] team0: Port device team_slave_0 added
[ 1699.366861][ T1711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1699.371195][ T3418] team0: Port device team_slave_1 added
[ 1699.558977][ T3418] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1699.566313][ T3418] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1699.597648][ T3418] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1699.739167][ T3418] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1699.746590][ T3418] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1699.773118][ T3418] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1700.063047][    T8] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1700.161790][ T3418] hsr_slave_0: entered promiscuous mode
[ 1700.205446][ T3418] hsr_slave_1: entered promiscuous mode
[ 1700.246065][ T3418] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1700.254117][ T3418] Cannot create hsr debugfs directory
[ 1700.265525][    T8] usb 5-1: Using ep0 maxpacket: 8
[ 1700.292411][    T8] usb 5-1: config 0 has an invalid interface descriptor of length 7, skipping
[ 1700.302271][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1700.316660][    T8] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1700.327444][    T8] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[ 1700.337128][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1700.406027][    T8] usb 5-1: config 0 descriptor??
[ 1701.105011][ T3729] loop0: detected capacity change from 0 to 4096
[ 1701.861305][ T3418] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1701.910989][ T3729] ntfs3: loop0: Failed to read $UpCase (-4).
[ 1701.921869][ T3418] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1701.974086][ T3418] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1702.032540][ T3418] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1703.019975][ T3912] loop3: detected capacity change from 0 to 4096
[ 1703.024406][ T3418] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1703.039371][ T3912] ntfs3: loop3: Primary boot: start of MFT 0x4 (0xff) is out of volume 0x1ff.
[ 1703.051031][   T25] usb 5-1: USB disconnect, device number 58
[ 1703.089402][ T3912] ntfs3: loop3: try to read out of volume at offset 0x1ffe00
[ 1703.218953][ T3418] 8021q: adding VLAN 0 to HW filter on device team0
[ 1703.377349][ T4359] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1703.385151][ T4359] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1703.465588][ T4359] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1703.473487][ T4359] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1704.183092][ T3941] loop4: detected capacity change from 0 to 512
[ 1704.257762][ T3941] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945729 > max in inode 13
[ 1704.268497][ T3941] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945730 > max in inode 13
[ 1704.377419][ T3931] loop0: detected capacity change from 0 to 4096
[ 1704.381284][ T3941] EXT4-fs (loop4): 1 truncate cleaned up
[ 1704.392496][ T3941] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1704.432856][ T3931] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[ 1704.761203][ T3931] ntfs3: loop0: ino=5, "/" attr_set_size
[ 1704.767356][ T3931] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[ 1704.904972][ T1711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1704.934654][ T3931] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1705.001458][ T3418] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1705.590740][ T3418] veth0_vlan: entered promiscuous mode
[ 1705.795552][ T3418] veth1_vlan: entered promiscuous mode
[ 1706.430734][ T3418] veth0_macvtap: entered promiscuous mode
[ 1706.553793][ T3418] veth1_macvtap: entered promiscuous mode
[ 1706.892599][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.903433][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.913627][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.924474][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.936880][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.947768][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.957929][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.975963][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.988037][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.998869][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.010121][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1707.022298][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.032587][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1707.043504][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.058937][ T3418] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1707.281673][ T3960] loop0: detected capacity change from 0 to 32768
[ 1707.342038][ T3968] loop4: detected capacity change from 0 to 2048
[ 1707.347946][ T3960] OCFS2: ERROR (device loop0): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #71: signature = IúÿDE01
[ 1707.364384][ T3960] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1707.380977][ T3960] OCFS2: File system is now read-only.
[ 1707.386656][ T3960] (syz.0.2650,3960,0):ocfs2_read_locked_inode:521 ERROR: status = -30
[ 1707.395516][ T3960] (syz.0.2650,3960,0):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[ 1707.405059][ T3960] (syz.0.2650,3960,0):ocfs2_init_global_system_inodes:461 ERROR: status = -30
[ 1707.414385][ T3960] (syz.0.2650,3960,0):ocfs2_init_global_system_inodes:463 ERROR: Unable to load system inode 4, possibly corrupt fs?
[ 1707.414583][ T3960] (syz.0.2650,3960,0):ocfs2_init_global_system_inodes:472 ERROR: status = -30
[ 1707.438478][ T3960] (syz.0.2650,3960,0):ocfs2_initialize_super:2250 ERROR: status = -30
[ 1707.447481][ T3960] (syz.0.2650,3960,0):ocfs2_fill_super:1178 ERROR: status = -30
[ 1707.468634][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.487231][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.502452][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.513517][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.524482][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.535306][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.545723][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.556838][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.567155][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.577999][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.595448][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.608298][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.618590][ T3418] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.629456][ T3418] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.647340][ T3418] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1707.860101][ T3418] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.869679][ T3418] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.878993][ T3418] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.893356][ T3418] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.897953][ T3973] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1708.131796][   T29] audit: type=1800 audit(1727608075.952:447): pid=3968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2652" name="bus" dev="loop4" ino=2097152 res=0 errno=0
[ 1708.229621][ T3968] NILFS (loop4): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[ 1708.240976][ T3968] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=16)
[ 1708.271422][   T29] audit: type=1800 audit(1727608076.062:448): pid=3968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2652" name="file2" dev="loop4" ino=16 res=0 errno=0
[ 1708.422880][ T3968] Remounting filesystem read-only
[ 1709.611233][ T1711] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[ 1709.924363][ T3975] loop2: detected capacity change from 0 to 32768
[ 1710.101678][ T3975] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 1710.504709][ T3992] loop4: detected capacity change from 0 to 512
[ 1710.674553][ T3992] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945729 > max in inode 13
[ 1710.685536][ T3992] EXT4-fs warning (device loop4): ext4_block_to_path:107: block 3279945730 > max in inode 13
[ 1710.764853][ T3998] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1710.842892][ T3992] EXT4-fs (loop4): 1 truncate cleaned up
[ 1710.850328][ T3992] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1711.552145][ T1711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1712.359723][ T4014] loop0: detected capacity change from 0 to 8
[ 1713.258554][ T4022] FAULT_INJECTION: forcing a failure.
[ 1713.258554][ T4022] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1713.272414][ T4022] CPU: 1 UID: 0 PID: 4022 Comm: syz.0.2663 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1713.284589][ T4022] Tainted: [W]=WARN
[ 1713.288580][ T4022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1713.298880][ T4022] Call Trace:
[ 1713.302354][ T4022]  <TASK>
[ 1713.305470][ T4022]  dump_stack_lvl+0x216/0x2d0
[ 1713.310459][ T4022]  dump_stack+0x1e/0x30
[ 1713.314901][ T4022]  should_fail_ex+0x748/0x7f0
[ 1713.319885][ T4022]  should_fail+0x2a/0x40
[ 1713.324420][ T4022]  should_fail_usercopy+0x2e/0x40
[ 1713.329749][ T4022]  _copy_to_user+0x33/0x110
[ 1713.334568][ T4022]  move_addr_to_user+0x28b/0x400
[ 1713.339825][ T4022]  do_accept+0x978/0xac0
[ 1713.344352][ T4022]  ? _raw_spin_unlock+0x30/0x50
[ 1713.349489][ T4022]  ? alloc_fd+0x932/0xb10
[ 1713.354154][ T4022]  __sys_accept4+0x1b2/0x380
[ 1713.359050][ T4022]  __x64_sys_accept+0x95/0xf0
[ 1713.364023][ T4022]  x64_sys_call+0x335e/0x3ba0
[ 1713.369035][ T4022]  do_syscall_64+0xcd/0x1e0
[ 1713.373847][ T4022]  ? clear_bhb_loop+0x25/0x80
[ 1713.378814][ T4022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1713.385043][ T4022] RIP: 0033:0x7f5485d7dff9
[ 1713.389704][ T4022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1713.409627][ T4022] RSP: 002b:00007f5486abb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 1713.418366][ T4022] RAX: ffffffffffffffda RBX: 00007f5485f35f80 RCX: 00007f5485d7dff9
[ 1713.426600][ T4022] RDX: 00000000200000c0 RSI: 0000000020000300 RDI: 0000000000000003
[ 1713.434822][ T4022] RBP: 00007f5486abb090 R08: 0000000000000000 R09: 0000000000000000
[ 1713.443041][ T4022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1713.451258][ T4022] R13: 0000000000000000 R14: 00007f5485f35f80 R15: 00007ffc0a5affd8
[ 1713.459517][ T4022]  </TASK>
[ 1715.182181][ T4031] loop0: detected capacity change from 0 to 128
[ 1716.040805][ T3975] syz.2.2653 (3975): drop_caches: 1
[ 1716.376449][T31458] ocfs2: Unmounting device (7,2) on (node local)
[ 1717.211078][ T4046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2668'.
[ 1717.553559][ T4046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2668'.
[ 1717.731923][ T4050] netlink: 'syz.4.2670': attribute type 6 has an invalid length.
[ 1718.173923][ T8084] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1718.182145][ T8084] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1718.246156][ T4058] loop0: detected capacity change from 0 to 512
[ 1718.284631][T29357] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1718.292971][T29357] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1718.390328][ T4058] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945729 > max in inode 13
[ 1718.403851][ T4058] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 3279945730 > max in inode 13
[ 1718.423321][ T4058] EXT4-fs (loop0): 1 truncate cleaned up
[ 1718.431247][ T4058] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1718.624856][ T4078] loop1: detected capacity change from 0 to 1024
[ 1718.669697][ T4078] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1718.731626][ T4076] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[ 1718.984819][ T4086] loop4: detected capacity change from 0 to 64
[ 1719.029605][T26421] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1719.075585][ T4082] loop2: detected capacity change from 0 to 2048
[ 1719.313173][ T4091] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1719.437885][   T29] audit: type=1800 audit(1727608087.312:449): pid=4082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2674" name="bus" dev="loop2" ino=2097152 res=0 errno=0
[ 1719.458773][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1719.475553][   T29] audit: type=1800 audit(1727608087.312:450): pid=4082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2674" name="file2" dev="loop2" ino=16 res=0 errno=0
[ 1719.482258][ T4082] NILFS (loop2): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 4)
[ 1719.508841][ T4082] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=16)
[ 1719.590790][ T4082] Remounting filesystem read-only
[ 1719.633867][ T4102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2680'.
[ 1719.646818][ T4102] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2680'.
[ 1720.234144][ T4111] loop0: detected capacity change from 0 to 128
[ 1720.275784][ T4111] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1720.298200][T31458] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[ 1720.651134][    T8] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1720.768884][   T25] usb 3-1: new full-speed USB device number 52 using dummy_hcd
[ 1720.863311][    T8] usb 2-1: Using ep0 maxpacket: 32
[ 1720.881011][ T4111] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[ 1720.951382][    T8] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1720.960227][    T8] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1720.969368][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1720.978788][    T8] usb 2-1: config 1 has no interface number 0
[ 1720.985260][    T8] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1721.000792][    T8] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1721.015529][    T8] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1721.025757][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1721.029882][   T25] usb 3-1: config 0 has an invalid interface number: 120 but max is 0
[ 1721.042784][   T25] usb 3-1: config 0 has no interface number 0
[ 1721.049129][   T25] usb 3-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10
[ 1721.060922][   T25] usb 3-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1721.136802][   T25] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice=55.58
[ 1721.147250][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1721.155704][   T25] usb 3-1: Product: syz
[ 1721.160175][   T25] usb 3-1: Manufacturer: syz
[ 1721.165215][   T25] usb 3-1: SerialNumber: syz
[ 1721.174494][   T25] usb 3-1: config 0 descriptor??
[ 1721.211619][   T29] audit: type=1400 audit(1727608089.032:451): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=381CD2A12F2F26 pid=4110 comm="syz.0.2684"
[ 1721.226366][   T25] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.120/input/input35
[ 1721.254236][    T8] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[ 1721.489367][    T8] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[ 1721.548409][ T4119] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1721.592726][ T4119] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1721.729261][ T4119] loop2: detected capacity change from 0 to 512
[ 1721.753890][ T4139] loop3: detected capacity change from 0 to 512
[ 1721.874526][ T4147] loop0: detected capacity change from 0 to 1024
[ 1721.930816][ T4119] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1721.944517][ T4119] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1722.001628][ T4139] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945729 > max in inode 13
[ 1722.012442][ T4139] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945730 > max in inode 13
[ 1722.060988][ T4139] EXT4-fs (loop3): 1 truncate cleaned up
[ 1722.068599][ T4139] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1722.143060][ T4147] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1722.353466][ T5253] usb 3-1: USB disconnect, device number 52
[ 1722.542300][    T8] snd_usb_pod 2-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[ 1722.726237][T28238] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1722.821812][ T4170] loop0: detected capacity change from 0 to 1024
[ 1723.288533][T31458] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1723.634669][   T25] usb 2-1: USB disconnect, device number 53
[ 1723.642331][   T25] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[ 1724.457804][ T4199] bridge0: port 3(syz_tun) entered blocking state
[ 1724.465126][ T4199] bridge0: port 3(syz_tun) entered disabled state
[ 1724.472713][ T4199] syz_tun: entered allmulticast mode
[ 1724.492942][ T4199] syz_tun: entered promiscuous mode
[ 1724.501217][ T4199] bridge0: port 3(syz_tun) entered blocking state
[ 1724.508429][ T4199] bridge0: port 3(syz_tun) entered forwarding state
[ 1725.122853][ T4216] loop4: detected capacity change from 0 to 256
[ 1725.231754][ T4216] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x72684843, utbl_chksum : 0xe619d30d)
[ 1725.371299][ T4221] loop1: detected capacity change from 0 to 1024
[ 1725.426199][   T29] audit: type=1800 audit(1727608093.252:452): pid=4216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2698" name="file1" dev="loop4" ino=1048948 res=0 errno=0
[ 1725.482304][ T4224] netlink: 'syz.3.2701': attribute type 11 has an invalid length.
[ 1725.773186][ T4221] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1725.805966][ T4227] loop0: detected capacity change from 0 to 256
[ 1725.993053][ T4230] smb3: Bad value for 'uid'
[ 1725.997826][ T4230] smb3: Bad value for 'uid'
[ 1726.045252][ T4230] loop3: detected capacity change from 0 to 256
[ 1726.174004][ T4230] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[ 1726.411401][ T4227] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1727.102347][ T4251] loop2: detected capacity change from 0 to 2048
[ 1727.187390][ T4255] loop3: detected capacity change from 0 to 256
[ 1727.222902][ T4255] exfat: Deprecated parameter 'utf8'
[ 1727.496655][ T4255] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[ 1727.802134][ T4268] netlink: 428 bytes leftover after parsing attributes in process `syz.0.2712'.
[ 1727.814236][ T4269] netlink: 'syz.1.2713': attribute type 1 has an invalid length.
[ 1727.824274][ T4269] netlink: 'syz.1.2713': attribute type 3 has an invalid length.
[ 1727.833120][ T4269] netlink: 216 bytes leftover after parsing attributes in process `syz.1.2713'.
[ 1727.843114][ T4269] NCSI netlink: No device for ifindex 813332851
[ 1727.938846][ T4270] loop1: detected capacity change from 0 to 512
[ 1727.974232][ T4270] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[ 1728.087659][ T4270] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.2713: corrupted in-inode xattr: e_value out of bounds
[ 1728.159115][ T4270] EXT4-fs (loop1): Remounting filesystem read-only
[ 1728.173050][ T4270] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1728.222088][ T4277] loop3: detected capacity change from 0 to 1024
[ 1728.280649][ T4277] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1728.930302][ T4291] loop2: detected capacity change from 0 to 256
[ 1728.947217][ T4292] loop4: detected capacity change from 0 to 1024
[ 1728.960311][ T3418] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1729.462036][   T25] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1729.568872][ T4314] loop3: detected capacity change from 0 to 512
[ 1729.589619][ T4314] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 not in group (block 5)!
[ 1729.604875][ T4314] EXT4-fs (loop3): group descriptors corrupted!
[ 1729.680752][   T25] usb 5-1: Using ep0 maxpacket: 32
[ 1729.712613][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1729.724326][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1729.734628][   T25] usb 5-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1729.744125][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1729.795121][   T25] usb 5-1: config 0 descriptor??
[ 1730.100801][ T4320] loop0: detected capacity change from 0 to 256
[ 1730.126767][ T4300] loop1: detected capacity change from 0 to 4096
[ 1730.244072][   T25] uclogic 0003:28BD:0094.0010: interface is invalid, ignoring
[ 1730.358294][ T4300] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[ 1730.591587][   T29] audit: type=1800 audit(1727608098.462:453): pid=4292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2720" name=CCBDF1B8553597FBA48B4762ABEE9344AC2CA398C4352DCB658D672ED45C35BEFBBE3155CCE8308DA653BDCB076D378F75C5C647EDD93A36F6A99FAEFDBDA4790DBB67C5F78A1B17E76F5C279A476FC7B9239DBFABB07E14D79B4EA7F154FFCACBD279AE6C4C57F48964D5F7C56BBFCECA5E98C5529F4EB9AA8DF176D558889F7B36D67A9EA3378B5FFC5991D8AD03 dev="loop4" ino=26 res=0 errno=0
[ 1730.730703][ T5253] usb 5-1: USB disconnect, device number 59
[ 1730.907336][ T4345] loop2: detected capacity change from 0 to 256
[ 1730.950264][ T4331] loop3: detected capacity change from 0 to 1024
[ 1730.974109][ T4331] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1730.999402][ T4351] netlink: 324 bytes leftover after parsing attributes in process `syz.1.2730'.
[ 1731.721667][ T4368] loop3: detected capacity change from 0 to 256
[ 1731.803735][ T4373] syz.0.2735: attempt to access beyond end of device
[ 1731.803735][ T4373] loop0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1731.817129][ T4373] MINIX-fs: unable to read superblock
[ 1732.228965][ T4368] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1732.461292][   T25] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[ 1732.611103][   T25] usb 3-1: device descriptor read/64, error -71
[ 1732.895888][   T25] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[ 1733.110973][   T25] usb 3-1: device descriptor read/64, error -71
[ 1733.118011][ T3096] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1733.222661][   T25] usb usb3-port1: attempt power cycle
[ 1733.315756][ T3096] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1733.327288][ T3096] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1733.342350][ T3096] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[ 1733.353404][ T3096] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1733.357303][ T4407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1733.378487][ T4407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1733.409981][ T3096] usb 2-1: config 0 descriptor??
[ 1733.443536][ T4407] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2744'.
[ 1733.523557][ T4407] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1733.539510][ T4407] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1733.667993][   T25] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[ 1733.684821][ T3096] usbhid 2-1:0.0: can't add hid device: -71
[ 1733.693524][ T3096] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1733.732178][ T3096] usb 2-1: USB disconnect, device number 54
[ 1733.747089][   T25] usb 3-1: device descriptor read/8, error -71
[ 1733.991182][   T25] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[ 1734.032769][   T25] usb 3-1: device descriptor read/8, error -71
[ 1734.141462][   T25] usb usb3-port1: unable to enumerate USB device
[ 1734.293930][ T4427] loop3: detected capacity change from 0 to 128
[ 1734.370772][ T4427] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1734.395992][ T4427] ext4 filesystem being mounted at /226/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1734.608156][T28238] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1735.588415][ T4441] loop4: detected capacity change from 0 to 512
[ 1735.676848][ T4441] EXT4-fs: Ignoring removed nobh option
[ 1735.773638][ T4441] fscrypt (loop4, inode 2): Error -61 getting encryption context
[ 1735.851507][ T4441] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[ 1735.893706][ T4448] loop3: detected capacity change from 0 to 256
[ 1735.932242][ T4441] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #13: comm syz.4.2751: casefold flag without casefold feature
[ 1736.008983][ T4449] netlink: 'syz.2.2753': attribute type 21 has an invalid length.
[ 1736.017335][ T4449] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1736.025697][ T4449] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1736.033168][ T4449] IPv6: NLM_F_CREATE should be set when creating new route
[ 1736.040674][ T4449] IPv6: NLM_F_CREATE should be set when creating new route
[ 1736.048147][ T4449] IPv6: NLM_F_CREATE should be set when creating new route
[ 1736.077723][ T4441] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.2751: couldn't read orphan inode 13 (err -117)
[ 1736.192056][ T4441] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1736.319073][ T4441] fscrypt (loop4, inode 2): Error -61 getting encryption context
[ 1736.749737][ T4438] loop1: detected capacity change from 0 to 32768
[ 1736.955417][ T4464] loop0: detected capacity change from 0 to 16
[ 1736.986786][ T4464] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1737.133527][ T1711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1739.749344][ T4498] loop3: detected capacity change from 0 to 32768
[ 1739.785494][ T4498] BTRFS: device /dev/loop3 (7:3) using temp-fsid 5191e119-7eee-4d50-802f-f95bc4afbe76
[ 1739.796640][ T4498] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2763 (4498)
[ 1739.923773][ T4498] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1739.935412][ T4498] BTRFS info (device loop3): using sha256 (sha256-generic) checksum algorithm
[ 1739.952565][ T4498] BTRFS info (device loop3): using free-space-tree
[ 1740.053862][ T4503] loop4: detected capacity change from 0 to 2048
[ 1740.238198][ T4503] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[ 1740.268778][ T4503] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[ 1740.280191][ T4503] UDF-fs: Scanning with blocksize 512 failed
[ 1740.294806][ T4493] loop2: detected capacity change from 0 to 64
[ 1740.401746][ T4503] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[ 1740.410016][ T4503] UDF-fs: Scanning with blocksize 1024 failed
[ 1740.506070][ T4503] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[ 1740.516160][ T4503] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[ 1740.524506][ T4503] UDF-fs: Scanning with blocksize 2048 failed
[ 1740.633397][ T4503] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[ 1740.682054][   T25] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1740.701634][ T4503] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[ 1740.711827][ T4503] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[ 1740.719708][ T4503] UDF-fs: Scanning with blocksize 4096 failed
[ 1740.726111][ T4503] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[ 1740.778366][   T29] audit: type=1800 audit(1727608108.602:454): pid=4498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2763" name="bus" dev="loop3" ino=263 res=0 errno=0
[ 1740.799710][   T29] audit: type=1800 audit(1727608108.602:455): pid=4498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2763" name="bus" dev="loop3" ino=263 res=0 errno=0
[ 1740.912357][ T4533] loop0: detected capacity change from 0 to 256
[ 1740.984045][   T25] usb 2-1: Using ep0 maxpacket: 16
[ 1741.027312][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1741.038829][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1741.049131][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1741.062608][   T25] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1741.078491][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1741.119658][   T25] usb 2-1: config 0 descriptor??
[ 1741.211114][ T4503] loop4: detected capacity change from 0 to 512
[ 1741.257227][ T4503] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[ 1741.279734][ T4540] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2769'.
[ 1741.298321][ T4503] EXT4-fs (loop4): invalid journal inode
[ 1741.305227][ T4503] EXT4-fs (loop4): can't get journal size
[ 1741.351379][ T4503] EXT4-fs (loop4): 1 truncate cleaned up
[ 1741.360285][ T4503] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1741.559292][T28238] BTRFS info (device loop3): last unmount of filesystem 5191e119-7eee-4d50-802f-f95bc4afbe76
[ 1741.736265][   T25] microsoft 0003:045E:07DA.0011: No inputs registered, leaving
[ 1741.770642][   T25] microsoft 0003:045E:07DA.0011: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1741.795039][   T25] microsoft 0003:045E:07DA.0011: no inputs found
[ 1741.804728][   T25] microsoft 0003:045E:07DA.0011: could not initialize ff, continuing anyway
[ 1741.954998][ T1711] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1742.390861][ T4577] loop0: detected capacity change from 0 to 16
[ 1742.531875][ T4577] cramfs: empty filesystem
[ 1742.642669][ T5253] usb 2-1: USB disconnect, device number 55
[ 1742.905249][ T4618] loop3: detected capacity change from 0 to 512
[ 1742.923657][ T4618] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1742.946665][ T4618] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #16: comm syz.3.2776: invalid indirect mapped block 83886080 (level 1)
[ 1742.964955][ T4618] EXT4-fs (loop3): 1 orphan inode deleted
[ 1742.971600][ T4618] EXT4-fs (loop3): 1 truncate cleaned up
[ 1742.979208][ T4618] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1742.992370][   T25] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 1743.080355][T28238] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1743.168712][   T25] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1743.180358][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1743.192595][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1743.202755][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1743.235489][   T25] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1743.245181][   T25] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1743.253685][   T25] usb 3-1: Manufacturer: syz
[ 1743.271300][   T25] usb 3-1: config 0 descriptor??
[ 1743.704094][   T25] appleir 0003:05AC:8243.0012: unknown main item tag 0x0
[ 1743.771138][   T25] appleir 0003:05AC:8243.0012: No inputs registered, leaving
[ 1743.869328][   T25] appleir 0003:05AC:8243.0012: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[ 1743.992472][   T25] usb 3-1: USB disconnect, device number 57
[ 1744.398235][ T4656] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1744.431649][ T4656] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1744.491827][ T4630] dccp_close: ABORT with 1 bytes unread
[ 1745.296437][ T4669] loop4: detected capacity change from 0 to 256
[ 1746.146053][ T4675] delete_channel: no stack
[ 1748.200235][ T4675] loop2: detected capacity change from 0 to 32768
[ 1748.272753][ T4675] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2785 (4675)
[ 1748.711074][ T4687] loop1: detected capacity change from 0 to 2048
[ 1748.732430][ T4675] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1748.743300][ T4675] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[ 1748.761969][ T4675] BTRFS info (device loop2): using free-space-tree
[ 1748.836764][ T4687] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1749.003353][   T29] audit: type=1800 audit(1727608116.882:456): pid=4687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2788" name="bus" dev="loop1" ino=1367 res=0 errno=0
[ 1749.412738][T31458] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1749.550926][ T4678] loop3: detected capacity change from 0 to 32768
[ 1749.579955][ T4678] BTRFS: device /dev/loop3 (7:3) using temp-fsid 1c4365e3-1674-4cba-ad78-e5087f00b082
[ 1749.590243][ T4678] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2787 (4678)
[ 1749.611075][ T4678] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[ 1749.627934][ T4678] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[ 1749.638190][ T4678] BTRFS info (device loop3): using free-space-tree
[ 1749.842871][ T4714] IPVS: set_ctl: invalid protocol: 115 100.1.1.0:20000
[ 1750.120938][ T5253] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1750.311196][ T5253] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[ 1750.325185][ T5253] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1750.336969][ T5253] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1750.350684][ T5253] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[ 1750.360008][ T5253] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1750.658295][ T4743] loop1: detected capacity change from 0 to 16
[ 1750.672267][ T5253] usb 5-1: config 0 descriptor??
[ 1750.686513][ T5253] usb-storage 5-1:0.0: USB Mass Storage device detected
[ 1750.807082][ T5253] usb-storage 5-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[ 1751.025999][ T5253] usb 5-1: USB disconnect, device number 60
[ 1751.216437][ T4678] BTRFS error (device loop3): open_ctree failed
[ 1751.273563][ T4678] delete_channel: no stack
[ 1752.263527][ T4740] loop2: detected capacity change from 0 to 32768
[ 1752.336921][ T4740] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2790 (4740)
[ 1752.622610][ T4740] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1752.633758][ T4740] BTRFS info (device loop2): using sha256 (sha256-generic) checksum algorithm
[ 1752.653676][ T4740] BTRFS info (device loop2): using free-space-tree
[ 1753.015056][ T4785] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2798'.
[ 1753.170723][   T29] audit: type=1800 audit(1727608120.952:457): pid=4740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2790" name="bus" dev="loop2" ino=263 res=0 errno=0
[ 1753.191787][   T29] audit: type=1800 audit(1727608120.952:458): pid=4740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2790" name="bus" dev="loop2" ino=263 res=0 errno=0
[ 1753.390228][ T4788] overlay: ./bus is not a directory
[ 1753.580265][ T4768] loop1: detected capacity change from 0 to 32768
[ 1753.814262][ T4768] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1754.052514][ T4768] loop1: detected capacity change from 32768 to 0
[ 1754.079822][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.079822][ T4792] loop1: rw=38913, sector=642, nr_sectors = 1 limit=0
[ 1754.093897][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.093897][ T4792] loop1: rw=38913, sector=643, nr_sectors = 1 limit=0
[ 1754.107859][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.107859][ T4792] loop1: rw=38913, sector=644, nr_sectors = 1 limit=0
[ 1754.121974][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.121974][ T4792] loop1: rw=38913, sector=645, nr_sectors = 1 limit=0
[ 1754.138660][T31458] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1754.160789][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.160789][ T4792] loop1: rw=38913, sector=646, nr_sectors = 1 limit=0
[ 1754.184192][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.184192][ T4792] loop1: rw=38913, sector=647, nr_sectors = 1 limit=0
[ 1754.210022][ T4792] Aborting journal on device loop1-75.
[ 1754.215878][ T4792] jbd2/loop1-75: attempt to access beyond end of device
[ 1754.215878][ T4792] loop1: rw=38913, sector=640, nr_sectors = 1 limit=0
[ 1754.230056][ T4792] Buffer I/O error on dev loop1, logical block 640, lost sync page write
[ 1754.240638][ T4792] JBD2: I/O error when updating journal superblock for loop1-75.
[ 1754.307832][ T4769] (syz.1.2796,4769,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[ 1754.334698][ T4768] =====================================================
[ 1754.346246][ T4768] BUG: KMSAN: uninit-value in from_kuid+0x41e/0x990
[ 1754.353289][ T4768]  from_kuid+0x41e/0x990
[ 1754.357799][ T4768]  ocfs2_setattr+0x254/0x3140
[ 1754.362889][ T4768]  notify_change+0x1a8e/0x1b80
[ 1754.367872][ T4768]  chmod_common+0x3b8/0x630
[ 1754.373612][ T4768]  __x64_sys_fchmod+0x1fb/0x320
[ 1754.383218][ T4768]  x64_sys_call+0x7a0/0x3ba0
[ 1754.388030][ T4768]  do_syscall_64+0xcd/0x1e0
[ 1754.394281][ T4768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1754.400730][ T4768] 
[ 1754.403200][ T4768] Local variable newattrs created at:
[ 1754.408750][ T4768]  chmod_common+0xac/0x630
[ 1754.413568][ T4768]  __x64_sys_fchmod+0x1fb/0x320
[ 1754.418642][ T4768] 
[ 1754.421207][ T4768] CPU: 0 UID: 0 PID: 4768 Comm: syz.1.2796 Tainted: G        W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1754.433480][ T4768] Tainted: [W]=WARN
[ 1754.437400][ T4768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1754.447804][ T4768] =====================================================
[ 1754.455082][ T4768] Disabling lock debugging due to kernel taint
[ 1754.461600][ T4768] Kernel panic - not syncing: kmsan.panic set ...
[ 1754.468163][ T4768] CPU: 0 UID: 0 PID: 4768 Comm: syz.1.2796 Tainted: G    B   W          6.11.0-syzkaller-11993-g3efc57369a0c #0
[ 1754.480392][ T4768] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1754.485534][ T4768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1754.495748][ T4768] Call Trace:
[ 1754.499152][ T4768]  <TASK>
[ 1754.502197][ T4768]  dump_stack_lvl+0x216/0x2d0
[ 1754.507087][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.513097][ T4768]  dump_stack+0x1e/0x30
[ 1754.517459][ T4768]  panic+0x4e2/0xcf0
[ 1754.521568][ T4768]  ? kmsan_get_metadata+0xf1/0x1c0
[ 1754.526880][ T4768]  kmsan_report+0x2c7/0x2d0
[ 1754.531623][ T4768]  ? kmsan_internal_poison_memory+0x7d/0x90
[ 1754.537753][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.543769][ T4768]  ? kmsan_internal_poison_memory+0x49/0x90
[ 1754.549916][ T4768]  ? kmsan_slab_free+0xd0/0x140
[ 1754.555009][ T4768]  ? __msan_warning+0x95/0x120
[ 1754.560011][ T4768]  ? from_kuid+0x41e/0x990
[ 1754.564644][ T4768]  ? ocfs2_setattr+0x254/0x3140
[ 1754.569703][ T4768]  ? notify_change+0x1a8e/0x1b80
[ 1754.574933][ T4768]  ? chmod_common+0x3b8/0x630
[ 1754.579848][ T4768]  ? __x64_sys_fchmod+0x1fb/0x320
[ 1754.585102][ T4768]  ? x64_sys_call+0x7a0/0x3ba0
[ 1754.590079][ T4768]  ? do_syscall_64+0xcd/0x1e0
[ 1754.594960][ T4768]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1754.601287][ T4768]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1754.606782][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.612782][ T4768]  ? kfree+0x1a7/0xdb0
[ 1754.617059][ T4768]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1754.622431][ T4768]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1754.628985][ T4768]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1754.634346][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.640333][ T4768]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1754.645689][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.651671][ T4768]  __msan_warning+0x95/0x120
[ 1754.656463][ T4768]  from_kuid+0x41e/0x990
[ 1754.660904][ T4768]  ocfs2_setattr+0x254/0x3140
[ 1754.665742][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.671752][ T4768]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1754.677205][ T4768]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1754.683180][ T4768]  ? __pfx_ocfs2_setattr+0x10/0x10
[ 1754.688478][ T4768]  ? __pfx_ocfs2_setattr+0x10/0x10
[ 1754.693763][ T4768]  notify_change+0x1a8e/0x1b80
[ 1754.698730][ T4768]  chmod_common+0x3b8/0x630
[ 1754.703466][ T4768]  __x64_sys_fchmod+0x1fb/0x320
[ 1754.708521][ T4768]  ? ksm_get_folio+0x730/0xd30
[ 1754.713464][ T4768]  x64_sys_call+0x7a0/0x3ba0
[ 1754.718251][ T4768]  do_syscall_64+0xcd/0x1e0
[ 1754.722943][ T4768]  ? clear_bhb_loop+0x25/0x80
[ 1754.727786][ T4768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1754.733911][ T4768] RIP: 0033:0x7fa27817dff9
[ 1754.738461][ T4768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1754.758264][ T4768] RSP: 002b:00007fa277bff038 EFLAGS: 00000246 ORIG_RAX: 000000000000005b
[ 1754.766864][ T4768] RAX: ffffffffffffffda RBX: 00007fa278335f80 RCX: 00007fa27817dff9
[ 1754.774992][ T4768] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a
[ 1754.783097][ T4768] RBP: 00007fa2781f0296 R08: 0000000000000000 R09: 0000000000000000
[ 1754.791217][ T4768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1754.799331][ T4768] R13: 0000000000000000 R14: 00007fa278335f80 R15: 00007fffd3cf9318
[ 1754.807473][ T4768]  </TASK>
[ 1754.810892][ T4768] Kernel Offset: disabled
[ 1754.815309][ T4768] Rebooting in 86400 seconds..